www.tri-cityherald.com Open in urlscan Pro
2.21.186.235 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.tri-cityherald.com/
Effective URL:
https://www.tri-cityherald.com/
Submission: On January 24 via manual (January 24th 2023, 6:01:29 pm UTC) from US — Scanned from DE

Summary HTTP 363 Redirects Links 34 Behaviour Indicators

Summary

This website contacted 85 IPs in 9 countries across 59 domains to perform 363 HTTP transactions. The main IP is 2.21.186.235, located in Vienna, Austria and belongs to AKAMAI-AS, US. The main domain is www.tri-cityherald.com. The Cisco Umbrella rank of the primary domain is 183314.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on October 16th 2022. Valid for: a year.

This is the only time www.tri-cityherald.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 41	2.21.186.235 2.21.186.235	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:400d:804::200a	15169 (GOOGLE) (GOOGLE)
2	52.216.50.225 52.216.50.225	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:400d:80a::2004	15169 (GOOGLE) (GOOGLE)
4	15.236.117.205 15.236.117.205	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
10	2600:9000:230... 2600:9000:2304:4e00:4:a557:4cc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 3	151.101.66.137 151.101.66.137	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
7	143.204.215.30 143.204.215.30	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
2	13.32.121.78 13.32.121.78	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:1a55	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	151.101.66.132 151.101.66.132	54113 (FASTLY) (FASTLY)
2	52.204.16.198 52.204.16.198	14618 (AMAZON-AES) (AMAZON-AES)
1	35.201.104.135 35.201.104.135	15169 (GOOGLE) (GOOGLE)
1 1	18.201.4.185 18.201.4.185	16509 (AMAZON-02) (AMAZON-02)
2	52.49.9.98 52.49.9.98	16509 (AMAZON-02) (AMAZON-02)
2 2	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
9 15	151.101.2.49 151.101.2.49	54113 (FASTLY) (FASTLY)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
4	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
6	151.101.130.27 151.101.130.27	54113 (FASTLY) (FASTLY)
1	13.225.85.39 13.225.85.39	16509 (AMAZON-02) (AMAZON-02)
1	34.120.253.250 34.120.253.250	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	143.204.215.23 143.204.215.23	16509 (AMAZON-02) (AMAZON-02)
1	23.2.233.205 23.2.233.205	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	107.178.250.234 107.178.250.234	15169 (GOOGLE) (GOOGLE)
1	2.18.234.163 2.18.234.163	16625 (AKAMAI-AS) (AKAMAI-AS)
1	52.217.130.200 52.217.130.200	16509 (AMAZON-02) (AMAZON-02)
6	166.108.36.240 166.108.36.240	6118 (MCCLATCHY...) (MCCLATCHY-CORP)
5	2a00:1450:400... 2a00:1450:400d:803::2006	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:80a::2002	15169 (GOOGLE) (GOOGLE)
6	34.98.72.95 34.98.72.95	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	54.155.18.159 54.155.18.159	16509 (AMAZON-02) (AMAZON-02)
5	54.88.76.203 54.88.76.203	14618 (AMAZON-AES) (AMAZON-AES)
3	34.224.131.223 34.224.131.223	14618 (AMAZON-AES) (AMAZON-AES)
2	2606:4700::68... 2606:4700::6812:116b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	65.9.66.66 65.9.66.66	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
3	13.32.28.197 13.32.28.197	16509 (AMAZON-02) (AMAZON-02)
37	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	13.32.27.70 13.32.27.70	16509 (AMAZON-02) (AMAZON-02)
2	143.204.215.96 143.204.215.96	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:206... 2600:9000:206f:a200:5:82fd:2500:21	16509 (AMAZON-02) (AMAZON-02)
1	99.86.3.236 99.86.3.236	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:249... 2600:9000:2490:a800:11:b309:9100:21	16509 (AMAZON-02) (AMAZON-02)
1	52.217.173.201 52.217.173.201	16509 (AMAZON-02) (AMAZON-02)
1	34.111.8.32 34.111.8.32	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	34.111.234.236 34.111.234.236	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:400d:804::2008	15169 (GOOGLE) (GOOGLE)
2	2600:9000:205... 2600:9000:2057:4200:8:8845:1500:93a1	16509 (AMAZON-02) (AMAZON-02)
4	44.209.218.223 44.209.218.223	14618 (AMAZON-AES) (AMAZON-AES)
1	18.202.203.7 18.202.203.7	16509 (AMAZON-02) (AMAZON-02)
2	2620:116:800d... 2620:116:800d:21:ef75:8280:f209:5ba1	16509 (AMAZON-02) (AMAZON-02)
2	99.86.4.69 99.86.4.69	16509 (AMAZON-02) (AMAZON-02)
2	18.66.112.6 18.66.112.6	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:400d:806::2001	15169 (GOOGLE) (GOOGLE)
3	2600:9000:206... 2600:9000:206f:5a00:12:1bf:30c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:219... 2600:9000:2190:e400:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	3.236.169.54 3.236.169.54	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:400d:803::200e	15169 (GOOGLE) (GOOGLE)
1 1	2600:1f18:730... 2600:1f18:730:b130:76f1:8db6:2c4f:d1ab	14618 (AMAZON-AES) (AMAZON-AES)
1	52.202.32.237 52.202.32.237	14618 (AMAZON-AES) (AMAZON-AES)
21	2a00:1450:400... 2a00:1450:4001:801::2001	15169 (GOOGLE) (GOOGLE)
3	52.24.111.54 52.24.111.54	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1	34.231.246.225 34.231.246.225	14618 (AMAZON-AES) (AMAZON-AES)
8	142.250.186.66 142.250.186.66	15169 (GOOGLE) (GOOGLE)
4	13.51.103.175 13.51.103.175	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
2	52.20.34.140 52.20.34.140	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:9000:249... 2600:9000:2490:f000:1c:112d:e1c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	65.9.66.104 65.9.66.104	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c06::9d	15169 (GOOGLE) (GOOGLE)
1	52.210.29.207 52.210.29.207	16509 (AMAZON-02) (AMAZON-02)
2 3	23.203.125.189 23.203.125.189	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	185.29.134.248 185.29.134.248	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
1	18.217.131.104 18.217.131.104	16509 (AMAZON-02) (AMAZON-02)
3	107.178.254.65 107.178.254.65	15169 (GOOGLE) (GOOGLE)
2	52.207.50.117 52.207.50.117	14618 (AMAZON-AES) (AMAZON-AES)
4	52.27.207.171 52.27.207.171	16509 (AMAZON-02) (AMAZON-02)
2	54.93.152.171 54.93.152.171	16509 (AMAZON-02) (AMAZON-02)
363	85

41 2.21.186.235 (Vienna, Austria) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-186-235.deploy.static.akamaitechnologies.com

www.tri-cityherald.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.kansascity.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.thenewstribune.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:804::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.216.50.225 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

mcclatchy-next-apps-prod.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
htldotbid.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:400d:80a::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 15.236.117.205 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-117-205.eu-west-3.compute.amazonaws.com

adobedc.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
edge.adobedc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2600:9000:2304:4e00:4:a557:4cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

s953.tri-cityherald.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.66.137 (United States) 1 redirects

ASN54113 (FASTLY, US)

cd.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cds.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 143.204.215.30 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-30.fra53.r.cloudfront.net

cf-images.us-east-1.prod.boltdns.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.32.121.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-121-78.fra60.r.cloudfront.net

htlbid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:1a55 (United States)

ASN13335 (CLOUDFLARENET, US)

geolocation.onetrust.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.66.132 (United States)

ASN54113 (FASTLY, US)

api.lab.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.204.16.198 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-16-198.compute-1.amazonaws.com

mcclatchy.blueconic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.201.104.135 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 135.104.201.35.bc.googleusercontent.com

vi.ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.201.4.185 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-201-4-185.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.49.9.98 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-9-98.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.162 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 151.101.2.49 (United States) 9 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
lasteventf-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.130.27 (United States)

ASN54113 (FASTLY, US)

edge.api.brightcove.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.85.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-85-39.fra2.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.253.250 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 250.253.120.34.bc.googleusercontent.com

tag.wknd.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.215.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-23.fra53.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.2.233.205 (Amsterdam, Netherlands)

ASN16625 (AKAMAI-AS, US)
PTR: a23-2-233-205.deploy.static.akamaitechnologies.com

www.everestjs.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.250.234 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 234.250.178.107.bc.googleusercontent.com

js.matheranalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.163 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-163.deploy.static.akamaitechnologies.com

s.ntv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.130.200 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 166.108.36.240 (United States)

ASN6118 (MCCLATCHY-CORP, US)
PTR: vnet846.ejoco.com

publicapi.misitemgr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:803::2006 (Ireland)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.98.72.95 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 95.72.98.34.bc.googleusercontent.com

assets.bounceexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.155.18.159 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-155-18-159.eu-west-1.compute.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.88.76.203 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-88-76-203.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.224.131.223 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-224-131-223.compute-1.amazonaws.com

www.i.matheranalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:116b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.confiant-integrations.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-66.fra56.r.cloudfront.net

launchpad-wrapper.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.28.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-28-197.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

37 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.27.70 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-70.fra56.r.cloudfront.net

launchpad.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 143.204.215.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-96.fra53.r.cloudfront.net

geo.privacymanager.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:a200:5:82fd:2500:21 (United States)

ASN16509 (AMAZON-02, US)

dyv1bugovvq1g.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.3.236 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-236.fra6.r.cloudfront.net

aax-dtb-cf.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2490:a800:11:b309:9100:21 (United States)

ASN16509 (AMAZON-02, US)

d15kdpgjg3unno.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.173.201 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

ams-pageview-public.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.111.8.32 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 32.8.111.34.bc.googleusercontent.com

api.bounceexchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.111.234.236 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 236.234.111.34.bc.googleusercontent.com

ml314.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:804::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2057:4200:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 44.209.218.223 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-209-218-223.compute-1.amazonaws.com

tags.srv.stackadapt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.202.203.7 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-202-203-7.eu-west-1.compute.amazonaws.com

secure-us.imrworldwide.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)

edge.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.4.69 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-69.fra6.r.cloudfront.net

tags.fullcontact.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.66.112.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-6.fra56.r.cloudfront.net

cdn.p-n.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:806::2001 (Ireland)

ASN15169 (GOOGLE, US)

972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:206f:5a00:12:1bf:30c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn-prod.securiti.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2190:e400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.236.169.54 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-236-169-54.compute-1.amazonaws.com

sqs.us-east-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:803::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:730:b130:76f1:8db6:2c4f:d1ab (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

rp.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.202.32.237 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-32-237.compute-1.amazonaws.com

rp4.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.24.111.54 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-24-111-54.us-west-2.compute.amazonaws.com

app.securiti.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.231.246.225 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-246-225.compute-1.amazonaws.com

idx.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 13.51.103.175 (Stockholm, Sweden)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-51-103-175.eu-north-1.compute.amazonaws.com

protected-by.clarium.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.20.34.140 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-34-140.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2490:f000:1c:112d:e1c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

sli.tri-cityherald.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-104.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.210.29.207 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-29-207.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.203.125.189 (Vienna, Austria) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-125-189.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.134.248 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.217.131.104 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-217-131-104.us-east-2.compute.amazonaws.com

he.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 107.178.254.65 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 65.254.178.107.bc.googleusercontent.com

pippio.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.207.50.117 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-50-117.compute-1.amazonaws.com

api.fullcontact.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.27.207.171 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-27-207-171.us-west-2.compute.amazonaws.com

api2.amplitude.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.93.152.171 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-93-152-171.eu-central-1.compute.amazonaws.com

k.p-n.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
63	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 108 972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 156	357 KB
48	tri-cityherald.com 1 redirects www.tri-cityherald.com — Cisco Umbrella Rank: 183314 s953.tri-cityherald.com — Cisco Umbrella Rank: 681333 sli.tri-cityherald.com — Cisco Umbrella Rank: 816093	2 MB
25	doubleclick.net 2 redirects cm.g.doubleclick.net — Cisco Umbrella Rank: 216 securepubads.g.doubleclick.net — Cisco Umbrella Rank: 190 pubads.g.doubleclick.net — Cisco Umbrella Rank: 418 googleads.g.doubleclick.net — Cisco Umbrella Rank: 33 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 321 stats.g.doubleclick.net — Cisco Umbrella Rank: 75	263 KB
16	everesttech.net 10 redirects cm.everesttech.net — Cisco Umbrella Rank: 974 sync-tm.everesttech.net — Cisco Umbrella Rank: 554 lasteventf-tm.everesttech.net — Cisco Umbrella Rank: 6880	4 KB
10	google.com www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 70	2 KB
7	liadm.com 1 redirects b-code.liadm.com — Cisco Umbrella Rank: 2563 rp.liadm.com — Cisco Umbrella Rank: 1491 rp4.liadm.com — Cisco Umbrella Rank: 7053 idx.liadm.com — Cisco Umbrella Rank: 2117 i.liadm.com — Cisco Umbrella Rank: 584	22 KB
7	bounceexchange.com assets.bounceexchange.com — Cisco Umbrella Rank: 1927 api.bounceexchange.com — Cisco Umbrella Rank: 2243	219 KB
7	boltdns.net cf-images.us-east-1.prod.boltdns.net — Cisco Umbrella Rank: 4973	1 MB
6	securiti.ai cdn-prod.securiti.ai — Cisco Umbrella Rank: 16264 app.securiti.ai — Cisco Umbrella Rank: 23852	109 KB
6	misitemgr.com publicapi.misitemgr.com — Cisco Umbrella Rank: 50883	52 KB
6	brightcove.com edge.api.brightcove.com — Cisco Umbrella Rank: 5154	22 KB
6	amplitude.com api.lab.amplitude.com — Cisco Umbrella Rank: 6395 api2.amplitude.com — Cisco Umbrella Rank: 1511	727 B
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 185	240 KB
5	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 1032	3 KB
5	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 280	176 KB
5	matheranalytics.com 1 redirects js.matheranalytics.com — Cisco Umbrella Rank: 9633 www.i.matheranalytics.com — Cisco Umbrella Rank: 9405	44 KB
5	gstatic.com fonts.gstatic.com www.gstatic.com	239 KB
5	amazonaws.com mcclatchy-next-apps-prod.s3.amazonaws.com htldotbid.s3.amazonaws.com — Cisco Umbrella Rank: 56391 s3.amazonaws.com ams-pageview-public.s3.amazonaws.com — Cisco Umbrella Rank: 16274 sqs.us-east-1.amazonaws.com — Cisco Umbrella Rank: 5169	415 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35 imasdk.googleapis.com — Cisco Umbrella Rank: 427	795 KB
4	clarium.io protected-by.clarium.io — Cisco Umbrella Rank: 1349	973 B
4	p-n.io cdn.p-n.io — Cisco Umbrella Rank: 4745 k.p-n.io — Cisco Umbrella Rank: 2824	52 KB
4	fullcontact.com tags.fullcontact.com — Cisco Umbrella Rank: 37693 api.fullcontact.com — Cisco Umbrella Rank: 38761	21 KB
4	stackadapt.com tags.srv.stackadapt.com — Cisco Umbrella Rank: 3162	7 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 293 aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 492	49 KB
4	privacymanager.io launchpad-wrapper.privacymanager.io — Cisco Umbrella Rank: 7308 launchpad.privacymanager.io — Cisco Umbrella Rank: 6265 geo.privacymanager.io — Cisco Umbrella Rank: 1686	11 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 114	738 B
3	pippio.com pippio.com — Cisco Umbrella Rank: 716	182 B
3	google.de adservice.google.de — Cisco Umbrella Rank: 8470 www.google.de — Cisco Umbrella Rank: 5983	1 KB
3	ml314.com vi.ml314.com — Cisco Umbrella Rank: 14732 ml314.com — Cisco Umbrella Rank: 1665	11 KB
3	adobedc.net edge.adobedc.net — Cisco Umbrella Rank: 7407	2 KB
3	thenewstribune.com www.thenewstribune.com — Cisco Umbrella Rank: 221832	191 KB
3	connatix.com 1 redirects cd.connatix.com — Cisco Umbrella Rank: 3117 cds.connatix.com — Cisco Umbrella Rank: 3134	272 KB
3	demdex.net adobedc.demdex.net — Cisco Umbrella Rank: 9697 dpm.demdex.net — Cisco Umbrella Rank: 201	4 KB
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 2060	1 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1039 bcp.crwdcntrl.net — Cisco Umbrella Rank: 904	10 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 22	20 KB
2	quantserve.com edge.quantserve.com — Cisco Umbrella Rank: 16061 pixel.quantserve.com — Cisco Umbrella Rank: 662	10 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 41	93 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 153	136 KB
2	cloudfront.net dyv1bugovvq1g.cloudfront.net d15kdpgjg3unno.cloudfront.net	23 KB
2	confiant-integrations.net cdn.confiant-integrations.net — Cisco Umbrella Rank: 1365	104 KB
2	scorecardresearch.com sb.scorecardresearch.com — Cisco Umbrella Rank: 158	2 KB
2	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 2591 p1.parsely.com — Cisco Umbrella Rank: 1960	24 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 646	1 KB
2	blueconic.net mcclatchy.blueconic.net — Cisco Umbrella Rank: 45162	2 KB
2	htlbid.com htlbid.com — Cisco Umbrella Rank: 13595	2 KB
1	lijit.com he.lijit.com — Cisco Umbrella Rank: 4389	61 B
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 301	265 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 453	675 B
1	bluekai.com stags.bluekai.com — Cisco Umbrella Rank: 516	227 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 870	1 KB
1	imrworldwide.com secure-us.imrworldwide.com — Cisco Umbrella Rank: 1982	597 B
1	ntv.io s.ntv.io — Cisco Umbrella Rank: 3101	149 KB
1	everestjs.net www.everestjs.net — Cisco Umbrella Rank: 6550	3 KB
1	wknd.ai tag.wknd.ai — Cisco Umbrella Rank: 4784	5 KB
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 420	273 B
1	onetrust.com geolocation.onetrust.com — Cisco Umbrella Rank: 619	244 B
1	kansascity.com www.kansascity.com — Cisco Umbrella Rank: 62724	765 KB
0	liveperson.net Failed lptag.liveperson.net Failed
363	59

	Domain	Requested by
37	pagead2.googlesyndication.com	www.tri-cityherald.com securepubads.g.doubleclick.net 972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
37	www.tri-cityherald.com	1 redirects www.tri-cityherald.com
21	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.tri-cityherald.com tpc.googlesyndication.com 972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com
14	sync-tm.everesttech.net	9 redirects www.tri-cityherald.com
10	s953.tri-cityherald.com	www.tri-cityherald.com s953.tri-cityherald.com
8	googleads4.g.doubleclick.net	www.tri-cityherald.com
8	www.google.com	www.tri-cityherald.com tpc.googlesyndication.com 972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com
7	cf-images.us-east-1.prod.boltdns.net	www.tri-cityherald.com
6	securepubads.g.doubleclick.net	htldotbid.s3.amazonaws.com securepubads.g.doubleclick.net www.tri-cityherald.com www.googletagservices.com
6	assets.bounceexchange.com	tag.wknd.ai assets.bounceexchange.com
6	publicapi.misitemgr.com	www.tri-cityherald.com
6	edge.api.brightcove.com	www.tri-cityherald.com
5	www.googletagservices.com	www.tri-cityherald.com 972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com
5	googleads.g.doubleclick.net	www.googletagmanager.com 972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com
5	972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com	securepubads.g.doubleclick.net cdn.confiant-integrations.net
5	jadserve.postrelease.com	s.ntv.io www.tri-cityherald.com
5	s0.2mdn.net	imasdk.googleapis.com 972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com www.tri-cityherald.com
4	api2.amplitude.com	www.tri-cityherald.com
4	protected-by.clarium.io	972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com
4	tags.srv.stackadapt.com	www.tri-cityherald.com tags.srv.stackadapt.com
4	www.facebook.com	www.tri-cityherald.com
4	imasdk.googleapis.com	www.tri-cityherald.com imasdk.googleapis.com
4	fonts.gstatic.com	fonts.googleapis.com
3	pippio.com	i.liadm.com
3	app.securiti.ai	cdn-prod.securiti.ai
3	cdn-prod.securiti.ai	www.tri-cityherald.com cdn-prod.securiti.ai
3	pubads.g.doubleclick.net	imasdk.googleapis.com
3	c.amazon-adsystem.com	htldotbid.s3.amazonaws.com c.amazon-adsystem.com
3	www.i.matheranalytics.com	www.tri-cityherald.com
3	edge.adobedc.net	www.tri-cityherald.com
3	www.thenewstribune.com	www.tri-cityherald.com
2	k.p-n.io	cdn.p-n.io
2	api.fullcontact.com	tags.fullcontact.com
2	e.dlx.addthis.com	2 redirects
2	i.liadm.com	b-code.liadm.com i.liadm.com
2	www.google.de
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	cdn.p-n.io	www.tri-cityherald.com cdn.p-n.io
2	tags.fullcontact.com	www.tri-cityherald.com tags.fullcontact.com
2	b-code.liadm.com	www.tri-cityherald.com b-code.liadm.com
2	www.googletagmanager.com	www.tri-cityherald.com
2	ml314.com	www.tri-cityherald.com ml314.com
2	connect.facebook.net	www.tri-cityherald.com connect.facebook.net
2	geo.privacymanager.io	launchpad.privacymanager.io
2	cdn.confiant-integrations.net	htldotbid.s3.amazonaws.com cdn.confiant-integrations.net
2	adservice.google.com	imasdk.googleapis.com securepubads.g.doubleclick.net
2	js.matheranalytics.com	1 redirects www.tri-cityherald.com
2	sb.scorecardresearch.com	www.tri-cityherald.com
2	sync.search.spotxchange.com	1 redirects www.tri-cityherald.com
2	cm.g.doubleclick.net	2 redirects
2	dpm.demdex.net	www.tri-cityherald.com
2	mcclatchy.blueconic.net	s953.tri-cityherald.com
2	api.lab.amplitude.com	www.tri-cityherald.com
2	htlbid.com	www.tri-cityherald.com
2	cds.connatix.com	www.tri-cityherald.com cd.connatix.com
1	he.lijit.com	i.liadm.com
1	match.adsrvr.org	i.liadm.com
1	sync.mathtag.com	1 redirects
1	stags.bluekai.com	i.liadm.com
1	bcp.crwdcntrl.net	tags.crwdcntrl.net
1	stats.g.doubleclick.net	www.google-analytics.com
1	tags.crwdcntrl.net	tags.fullcontact.com
1	sli.tri-cityherald.com
1	idx.liadm.com	tags.fullcontact.com
1	pixel.quantserve.com
1	rp4.liadm.com
1	rp.liadm.com	1 redirects
1	sqs.us-east-1.amazonaws.com	d15kdpgjg3unno.cloudfront.net
1	rules.quantcount.com	edge.quantserve.com
1	adservice.google.de	securepubads.g.doubleclick.net
1	edge.quantserve.com	www.tri-cityherald.com
1	secure-us.imrworldwide.com
1	api.bounceexchange.com	assets.bounceexchange.com
1	ams-pageview-public.s3.amazonaws.com
1	d15kdpgjg3unno.cloudfront.net	htldotbid.s3.amazonaws.com
1	aax-dtb-cf.amazon-adsystem.com	c.amazon-adsystem.com
1	dyv1bugovvq1g.cloudfront.net	htldotbid.s3.amazonaws.com
1	launchpad.privacymanager.io	launchpad-wrapper.privacymanager.io
1	launchpad-wrapper.privacymanager.io	htldotbid.s3.amazonaws.com
1	lasteventf-tm.everesttech.net	www.everestjs.net
1	p1.parsely.com	www.tri-cityherald.com
1	s3.amazonaws.com	www.tri-cityherald.com
1	htldotbid.s3.amazonaws.com	htlbid.com
1	s.ntv.io	www.tri-cityherald.com
1	www.everestjs.net	www.tri-cityherald.com
1	tag.wknd.ai	www.tri-cityherald.com
1	cdn.parsely.com	www.tri-cityherald.com
1	us-u.openx.net	www.tri-cityherald.com
1	cm.everesttech.net	1 redirects
1	vi.ml314.com	www.tri-cityherald.com
1	geolocation.onetrust.com	www.tri-cityherald.com
1	www.kansascity.com	www.tri-cityherald.com
1	www.gstatic.com	www.google.com
1	cd.connatix.com	1 redirects
1	adobedc.demdex.net	www.tri-cityherald.com
1	mcclatchy-next-apps-prod.s3.amazonaws.com	www.tri-cityherald.com
1	fonts.googleapis.com	www.tri-cityherald.com
0	lptag.liveperson.net Failed	www.tri-cityherald.com
363	98

This site contains links to these domains. Also see Links.

Domain
cookiesandyou.com
account.tri-cityherald.com
subscribe.tri-cityherald.com
www.legacy.com
myaccount.tri-cityherald.com
go.mcclatchy.com
t.news.tri-cityherald.com
www.facebook.com
twitter.com
www.instagram.com
www.youtube.com
www.tri-citiesbest.com
placement.memoriams.com
www.accesousa.com
classifieds.mcclatchy.com
jobs.tri-cityherald.com
tri-cityherald.com
www.mcclatchy.com
business.mcclatchy.com
placeclassifieds.mcclatchy.com
hiring.mcclatchy.com
www.winwithmcclatchy.com
privacy-central.securiti.ai

Subject Issuer	Validity	Valid
www.mcclatchydc.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-16` - `2023-10-17`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
*.s3.amazonaws.com Amazon	`2022-09-21` - `2023-08-26`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
adobedc.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2022-10-20` - `2023-11-20`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
l758.theolympian.com Amazon RSA 2048 M01	`2022-11-25` - `2023-12-25`	a year	crt.sh
*.prod.boltdns.net Amazon	`2022-10-19` - `2023-11-18`	a year	crt.sh
htlbid.com Amazon	`2022-10-21` - `2023-11-19`	a year	crt.sh
onetrust.com Cloudflare Inc ECC CA-3	`2022-12-13` - `2023-12-13`	a year	crt.sh
*.lab.amplitude.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-05-24` - `2023-06-25`	a year	crt.sh
edge.adobedc.net DigiCert TLS RSA SHA256 2020 CA1	`2022-10-19` - `2023-11-19`	a year	crt.sh
*.blueconic.net Amazon	`2022-09-22` - `2023-10-21`	a year	crt.sh
vi.ml314.com GTS CA 1D4	`2022-12-25` - `2023-03-25`	3 months	crt.sh
*.connatix.com Go Daddy Secure Certificate Authority - G2	`2022-08-22` - `2023-09-23`	a year	crt.sh
brightcove.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-06-08` - `2023-07-10`	a year	crt.sh
*.parsely.com Amazon	`2022-06-05` - `2023-07-04`	a year	crt.sh
tag.wknd.ai R3	`2023-01-24` - `2023-04-24`	3 months	crt.sh
*.scorecardresearch.com Amazon	`2022-12-30` - `2024-01-28`	a year	crt.sh
www.everestjs.net DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.ntv.io DigiCert TLS RSA SHA256 2020 CA1	`2022-10-24` - `2023-10-26`	a year	crt.sh
s3.amazonaws.com Amazon RSA 2048 M01	`2022-12-06` - `2023-12-05`	a year	crt.sh
*.misitemgr.com Entrust Certification Authority - L1K	`2022-08-16` - `2023-09-07`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
assets.bounceexchange.com GTS CA 1D4	`2022-11-29` - `2023-02-27`	3 months	crt.sh
*.everesttech.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-11-07` - `2023-12-09`	a year	crt.sh
*.postrelease.com Amazon	`2022-11-27` - `2023-12-25`	a year	crt.sh
www.i.matheranalytics.com Amazon	`2022-12-14` - `2024-01-13`	a year	crt.sh
*.confiant-integrations.net E1	`2022-11-24` - `2023-02-22`	3 months	crt.sh
*.privacymanager.io Amazon	`2022-08-26` - `2023-09-24`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon	`2022-06-15` - `2023-06-15`	a year	crt.sh
*.wunderkind.co R3	`2022-12-11` - `2023-03-11`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-11-03` - `2023-02-01`	3 months	crt.sh
ml314.com GTS CA 1D4	`2022-12-14` - `2023-03-14`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
*.liadm.com Amazon	`2023-01-01` - `2024-01-30`	a year	crt.sh
*.srv.stackadapt.com Amazon	`2022-10-09` - `2023-11-07`	a year	crt.sh
*.imrworldwide.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-03` - `2024-02-03`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
*.fullcontact.com Amazon	`2022-12-22` - `2024-01-19`	a year	crt.sh
pushlycdn.com Amazon	`2023-01-15` - `2024-02-13`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
app.securiti.ai Amazon	`2022-05-18` - `2023-06-16`	a year	crt.sh
quantserve.com R3	`2023-01-10` - `2023-04-10`	3 months	crt.sh
queue.amazonaws.com Amazon	`2022-08-19` - `2023-08-14`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
protected-by.clarium.io Amazon RSA 2048 M01	`2022-12-16` - `2024-01-14`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-01-02` - `2023-03-27`	3 months	crt.sh
sli.tri-cityherald.com Amazon	`2022-07-04` - `2023-08-02`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
he.lijit.com Amazon	`2022-05-15` - `2023-06-13`	a year	crt.sh
pippio.com GTS CA 1D4	`2023-01-17` - `2023-04-17`	3 months	crt.sh
*.amplitude.com COMODO RSA Domain Validation Secure Server CA	`2022-01-28` - `2023-02-28`	a year	crt.sh
*.p-n.io Amazon	`2022-12-24` - `2024-01-21`	a year	crt.sh

This page contains 36 frames:

Primary Page: https://www.tri-cityherald.com/
Frame ID: 0B163AB1338BEB6D4A1C827ACC71F7B1
Requests: 188 HTTP requests in this frame

Frame: https://cds.connatix.com/p/216392/connatix.player.dc.js?cid=
Frame ID: F15112D16CA0949EAD5A29373586DC77
Requests: 2 HTTP requests in this frame

Frame: blob://https://www.tri-cityherald.com/4a5e172e-add1-4f8e-b1be-a8da925feebb
Frame ID: 360804B5E390ACA148DBF53420E64853
Requests: 1 HTTP requests in this frame

Frame: blob://https://www.tri-cityherald.com/c76fed95-dda6-4961-9ca1-335fdf2e8f99
Frame ID: 81EFEFDDA9CDEDD662D91698B6CADCA7
Requests: 3 HTTP requests in this frame

Frame: blob://https://www.tri-cityherald.com/1d3e3e9a-c691-4f2c-b8d2-2547d872d6af
Frame ID: 645573E0960A1057D8424E96914F35D5
Requests: 3 HTTP requests in this frame

Frame: blob://https://www.tri-cityherald.com/6659c8c7-bca9-4a3e-aa37-f1dd7b07981c
Frame ID: 9F7FDD978D82366B880D0E19EC040AAF
Requests: 5 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.552.0_en.html
Frame ID: 1880CE0CA0BBFBB6DE268D80A5A15CB0
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.552.0_en.html
Frame ID: 53138AB58BE8973EEA98BCFCDB0E3096
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.552.0_en.html
Frame ID: 9B6E9FAE2B0FE92567D7EA154107E456
Requests: 14 HTTP requests in this frame

Frame: https://assets.bounceexchange.com/assets/bounce/local_storage_frame17.min.html
Frame ID: 6FBCA7D833886D94232D98801B10E9E8
Requests: 1 HTTP requests in this frame

Frame: blob://https://www.tri-cityherald.com/7f313d6c-7e04-408b-9d07-11757ff41e26
Frame ID: 19EB99679EBA5746D8601D25F84B391F
Requests: 6 HTTP requests in this frame

Frame: blob://https://www.tri-cityherald.com/c7dc7233-b12f-47da-8950-d3f169f31b36
Frame ID: E62A74248BFF5ACABC936FD3BEE30343
Requests: 3 HTTP requests in this frame

Frame: blob://https://www.tri-cityherald.com/bda6ee19-f409-4dbc-93c2-75156585fae9
Frame ID: DFB20CFD7297A6BC91E00D5F1D605D75
Requests: 5 HTTP requests in this frame

Frame: blob://https://www.tri-cityherald.com/ea8a4cd4-5f2a-44ba-8e3b-516465f34660
Frame ID: A87B564601BF0BA171C8AB77A415E17A
Requests: 5 HTTP requests in this frame

Frame: blob://https://www.tri-cityherald.com/30cb225d-3420-4936-9bd7-6d3027b057c3
Frame ID: ACC85495A1214BD4CB2A8FFA0A830E04
Requests: 5 HTTP requests in this frame

Frame: blob://https://www.tri-cityherald.com/a47ba747-53d7-4f85-bda8-3b976ad12150
Frame ID: BDBD6FDAFD48F58E0B0A475883B5F725
Requests: 2 HTTP requests in this frame

Frame: blob://https://www.tri-cityherald.com/1763fcaf-8a01-4ab5-a33f-4d859f1a46f6
Frame ID: E6992549C06F5F893337F201E309E306
Requests: 4 HTTP requests in this frame

Frame: blob://https://www.tri-cityherald.com/61ea9aff-363e-4f91-949b-8e82e613b460
Frame ID: 788FEE303B0DB1BD9213FCB559200A55
Requests: 7 HTTP requests in this frame

Frame: blob://https://www.tri-cityherald.com/80d816b6-efc7-4693-9d60-8715c5560e87
Frame ID: D8BD639D90791D843BD9BA021E4CF39D
Requests: 7 HTTP requests in this frame

Frame: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 0FAEEFAFA0C939BACDA07893342FDB90
Requests: 1 HTTP requests in this frame

Frame: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: B90F5A0617848A8125BD4ED10F7CCA90
Requests: 15 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss6LrxAxL_mw1p7lzvi2jx52WGwFEYuGTsSXxQjwzJIGvUAWetI7A2iaa2XzFWCCn-0YxW5vyIg4kRwUBFAGhvsp6oAoOYI7KOoaNu7CPTyHAuFV7F25gtR0zyoKLX85PWt85N8je-mHpaYrvhX2o2bW7GzsPOJ7QJ8ijGCSk-SvfttqcPJDn1w0vdkvl3hN53BCBc8e68LQnuCOS333f_1JEW1u0K0HUrMOQehaTIaJ24mJ17jJHxJTTJg0GQmHEc-uQpst7O2EHGsdqy2FgPdq1nI6HWvyXUZNSUKlbELUoBdrzbVIuOhMy_Oj1DcqucOIPcdN1VVXbYwDcpr9_ZevpnyPxeL0qxJN8dRpBdrm0FcNNwJAT1Tyw&sai=AMfl-YSQeItg7bwTR_iKZMwgGGqj8ICQyEDzsuybYRMNh3yK-30e047qOusjkdPgDqx66wtqcEGFhr63NBJ3d1Su8ONfLJ8RTGVYTuoh0uXnwBO1skteqVKdgSNrOf98OnyFcQ&sig=Cg0ArKJSzCuVkV_s9mbrEAE&uach_m=[UACH]&adurl=
Frame ID: 3F28D1D6A4F8C08407BEAEB9C40C953B
Requests: 7 HTTP requests in this frame

Frame: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: A05071C6A96293E8468464AE42A8970A
Requests: 14 HTTP requests in this frame

Frame: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: CEC574A168D36338D524A2AF0AD290E2
Requests: 14 HTTP requests in this frame

Frame: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F25551D14AE09DD7A3D2FF4C44CEF787
Requests: 14 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 66C6719E64AF1810D7F622C454BC1AC9
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 432FA992871061E8650BAA4627CBD7B0
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGOq3xd0BMAE&v=APEucNVSt7BGMRdofHWB3gDLT1Au4JhX1P7kcmN8-qtJuR0phCTZUe-FDHP1KDHmtAm0VAZZoJsdO13FP3QfWui543tQ2YKLAw
Frame ID: 05CF76B8AD94B2F8A46BAC37FBEC691D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGOzMxd0BMAE&v=APEucNXBlZtt2CukqHZkMuJ0HCVkdJz4BZrXkKw8ZaoIdBqSLGYMwnwpb5sVpei1kvo8VPSYJvUs7JjpnhTCmUyyqILXoSS2Wg
Frame ID: 2B7202AA878CDBBBD42D102CB36CB48F
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGOzMxd0BMAE&v=APEucNV_GS5o128pQ0ymT23W9EnMPnKf910pynBHACDsPJ27YuW5bsZXrDZReNMjA5nmPwyU9Pvg4Uw8AYrambCWYeOs_K2A6A
Frame ID: 08C7DB3BB1D5CCF3305D2D91CA029C45
Requests: 1 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/a-01ek?s=&cim=&ps=true&ls=true&duid=a54c2fa4f63f--01gqjf1z92kr429r80qz97ddw9&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Frame ID: D3E9CB159951AC1DA48351675BD2E371
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGOq3xd0BMAE&v=APEucNUr1DnKL-MpMjl_Xe10CPl1cInalcV5tJDeJQ-GZhvJNKUG4AnNGfiUBqc5Yg9_Sj1Tv2Mi2GbJRZ28OPyeyEhtw_8Dzw
Frame ID: B66472E60EF6AC8AFCCF03E47BFA123D
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4AC316D6FD64859F047E0763ACFCDC3C
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 348B5D1C6A495EC8A9CCA8EBFD38A7CC
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E08494AAA0477E5228E1DA98D4E2D97B
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4FB765D40520D806C37923EB58AB0402
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Tri-Cities WA Breaking News, Sports & Crime | Tri-City HeraldClose navigation panelVideo media

Page URL History Show full URLs

http://www.tri-cityherald.com/ HTTP 301
https://www.tri-cityherald.com/ Page URL

Detected technologies

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

363
Requests

81 %
HTTPS

35 %
IPv6

59
Domains

98
Subdomains

85
IPs

9
Countries

8275 kB
Transfer

17826 kB
Size

41
Cookies

34 Outgoing links

These are links going to different origins than the main page.

URL: https://cookiesandyou.com/
Title: Learn more

Search URL Search Domain Scan URL

URL: https://account.tri-cityherald.com/auth0
Title: LOG IN

Search URL Search Domain Scan URL

URL: https://subscribe.tri-cityherald.com/beinformed
Title: SUBSCRIBE

Search URL Search Domain Scan URL

URL: https://www.legacy.com/us/obituaries/tricityherald/browse
Title: Obituaries

Search URL Search Domain Scan URL

URL: https://myaccount.tri-cityherald.com/tri_tch/home#navlink=subnav
Title: Account Management

Search URL Search Domain Scan URL

URL: https://go.mcclatchy.com/media-capabilities-tri-city/p/1#navlink=subnav
Title: Media Kit

Search URL Search Domain Scan URL

URL: http://t.news.tri-cityherald.com/webApp/mccSignupPage?siteName=tri-cityherald#navlink=subnav
Title: Newsletters

Search URL Search Domain Scan URL

URL: https://www.facebook.com/TriCityHerald1
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/TriCityHerald
Title: Twitter

Search URL Search Domain Scan URL

URL: https://www.instagram.com/tricityherald
Title: Instagram

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/TheTriCityHerald/
Title: YouTube

Search URL Search Domain Scan URL

URL: https://www.tri-citiesbest.com/
Title: Tri-Cities Best

Search URL Search Domain Scan URL

URL: https://www.legacy.com/obituaries/tricityherald/#navlink=subnav
Title: View Obituaries

Search URL Search Domain Scan URL

URL: https://placement.memoriams.com/Tri-CityHerald/Obituary
Title: Place an Obituary

Search URL Search Domain Scan URL

URL: https://www.accesousa.com/
Title: Acceso USA

Search URL Search Domain Scan URL

URL: https://classifieds.mcclatchy.com/marketplace/tricity#navlink=subnav
Title: Public Notices

Search URL Search Domain Scan URL

URL: https://jobs.tri-cityherald.com/
Title: Jobs

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.tri-cityherald.com%2Fnews%2Flocal%2Farticle271532027.html

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fwww.tri-cityherald.com%2Fnews%2Flocal%2Farticle271532027.html&text=Kennewick%20Police%20investigating%20possible%20vehicle%20arson

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.tri-cityherald.com%2Fnews%2Flocal%2Farticle271401417.html

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fwww.tri-cityherald.com%2Fnews%2Flocal%2Farticle271401417.html&text=Mid-Columbia%20Meals%20on%20Wheels%20offering%20more%20to%20Tri-City%20seniors

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https%3A%2F%2Fwww.tri-cityherald.com%2Flatest-news%2Farticle258556713.html

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https%3A%2F%2Fwww.tri-cityherald.com%2Flatest-news%2Farticle258556713.html&text=Tips%20to%20avoid%20construction%20fraud%20and%20scams

Search URL Search Domain Scan URL

URL: https://tri-cityherald.com/mobile
Title: Tri-City Herald App

Search URL Search Domain Scan URL

URL: http://t.news.tri-cityherald.com/webApp/mccSignupPage?siteName=tri-cityherald
Title: View Newsletters

Search URL Search Domain Scan URL

URL: https://myaccount.tri-cityherald.com/tri_tch/home
Title: Vacation Hold

Search URL Search Domain Scan URL

URL: https://www.mcclatchy.com/our-impact/markets/tri-city-herald/#navlink=mi_footer
Title: About Us

Search URL Search Domain Scan URL

URL: http://t.news.tri-cityherald.com/webApp/mccSignupPage?siteName=tri-cityherald#navlink=mi_footer
Title: Newsletters

Search URL Search Domain Scan URL

URL: https://go.mcclatchy.com/media-capabilities-tri-city/p/1
Title: McClatchy Advertising

Search URL Search Domain Scan URL

URL: https://business.mcclatchy.com/tricities
Title: Place an Ad

Search URL Search Domain Scan URL

URL: https://placeclassifieds.mcclatchy.com/classifieds/tricity/index.html
Title: Place a Classified Ad

Search URL Search Domain Scan URL

URL: https://hiring.mcclatchy.com/recruitmentproducts
Title: Staffing Solutions

Search URL Search Domain Scan URL

URL: https://www.winwithmcclatchy.com/political-advocacy
Title: Political Advertising

Search URL Search Domain Scan URL

URL: https://privacy-central.securiti.ai/#/dsr-universal/0a979fab-900d-4113-aab0-e2bf786400ac
Title: Do Not Sell My Personal Information

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.tri-cityherald.com/ HTTP 301
https://www.tri-cityherald.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://cd.connatix.com/connatix.player.js?cid= HTTP 302
https://cds.connatix.com/p/216392/connatix.player.dc.js?cid=

Request Chain 74

https://cm.everesttech.net/cm/dd?d_uuid=06747444506445913633991903905931279226 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y9Ac6QAAAL984gNx

Request Chain 75

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MDY3NDc0NDQ1MDY0NDU5MTM2MzM5OTE5MDM5MDU5MzEyNzkyMjY= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MDY3NDc0NDQ1MDY0NDU5MTM2MzM5OTE5MDM5MDU5MzEyNzkyMjY=&google_tc= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEGeczPBSe7lpcW4GspaGfnM&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 76

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&_test=Y9Ac6QAB3Te3mwAF

Request Chain 77

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90&_test=Y9Ac6QAB3o4FRAAh

Request Chain 78

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y9Ac6QAB3pO3ugAF

Request Chain 79

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D&_test=Y9Ac6QAB3hC3ngAF

Request Chain 80

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=Y9Ac6QAABdmD0gBh HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y9Ac6QAABdmD0gBh&_test=Y9Ac6QAABdmD0gBh

Request Chain 81

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D&_test=Y9Ac6QAB3XK3vgAF

Request Chain 82

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y9Ac6QAABdmD0gBh&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y9Ac6QAABdmD0gBh&img=1&__user_check__=1&sync_id=1774ba1d-9c11-11ed-970f-1d66682b0106

Request Chain 84

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y9Ac6QAABdmD0gBh&t=2592000&o=0

Request Chain 103

https://js.matheranalytics.com/s/ma12095/74930803/all/ml.js?cb=1615 HTTP 301
https://js.matheranalytics.com/static/ltm/ma12095/all/10/ml.br.js

Request Chain 238

https://rp.liadm.com/j?dtstmp=1674583276986&aid=a-01ek&se=e30&duid=a54c2fa4f63f--01gqjf1z92kr429r80qz97ddw9&tna=v2.6.0&pu=https%3A%2F%2Fwww.tri-cityherald.com%2F&wpn=lc-bundle&c=PHRpdGxlPmxjcHg8L3RpdGxlPg HTTP 302
https://rp4.liadm.com/j?dtstmp=1674583276986&aid=a-01ek&se=e30&duid=a54c2fa4f63f--01gqjf1z92kr429r80qz97ddw9&tna=v2.6.0&pu=https%3A%2F%2Fwww.tri-cityherald.com%2F&wpn=lc-bundle&c=PHRpdGxlPmxjcHg8L3RpdGxlPg&i6=MjAwMToxYjYwOjEwMTA6MzoxMDExOjc3MDQ6MjVlODoyZDQ0&n3pc=true

Request Chain 338

https://e.dlx.addthis.com/e/a-3491/s-7601.xgi?ret=img&na_em=72bd732a01b84cb28a36776e660c6d3c HTTP 302
https://e.dlx.addthis.com/e/a-3491/s-7601.xgi?ret=img&na_em=72bd732a01b84cb28a36776e660c6d3c&rd=Y HTTP 302
https://stags.bluekai.com/site/1407?partner=1&uhint=na_id=2023012418012100014799850340&redir=https%3A%2F%2Fx.dlx.addthis.com%2Fe%2Fbk_sync.xgi%3Fna_exid%3D%24_BK_UUID

Request Chain 339

https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-01ek%2F0%2F586a08a693014c5fa2da8cd45f29f382%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&145655b9-cbe0-498e-bf15-0df6a2feb451 HTTP 302
https://i.liadm.com/s/e/a-01ek/0/586a08a693014c5fa2da8cd45f29f382?mpid=7156&muid=c95463d0-1cf0-4a00-8987-6b5b1d426b34

363 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.tri-cityherald.com/
Redirect Chain

http://www.tri-cityherald.com/
https://www.tri-cityherald.com/

179 KB
23 KB

204ms
98ms

Document
text/html

2.21.186.235
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tri-cityherald.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.186.235 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-186-235.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 9e759fb230c933e6bc04a5620a261a728e3fed6f8bfe43a10588182e66cc2fbe

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: false
access-control-allow-headers: *
access-control-allow-methods: GET,POST,OPTIONS
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=0, no-cache, no-store
content-encoding: gzip
content-length: 21703
content-type: text/html;charset=utf-8
date: Tue, 24 Jan 2023 18:01:11 GMT
etag: W/"2c9d8-kubbuwO8ePI8qiaQfGJ7xSCGvw0"
expires: Tue, 24 Jan 2023 18:01:11 GMT
last-modified: Tue, 24 Jan 2023 17:58:33 GMT
mi-api: WPS
mi-cache: HIT
mi-cache-age: 33
pragma: no-cache
server: MI
surrogate-control: varnish=ESI/2.1
vary: Accept-Encoding
x-akamai-transformed: 9 21511 0 pmb=mTOE,4
x-mi-in-market: 0
x-proxy-forwarding-type: BlackList
x-varnish: 890470658, 298124520 307036430

Redirect headers

Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Max-Age: 86400
Connection: keep-alive
Content-Length: 0
Date: Tue, 24 Jan 2023 18:01:10 GMT
Location: https://www.tri-cityherald.com/
Server: AkamaiGHost

GET
H2 200 tri-cityheraldcore.js Show response
www.tri-cityherald.com/noilosy-zb/ 362 KB
106 KB 127ms
124ms Script
application/javascript 2.21.186.235
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tri-cityherald.com/noilosy-zb/tri-cityheraldcore.js
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.186.235 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-186-235.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 07f99cd40031db3ac495f5780ca9a0c14e9add29cecac65854f49e6cd5c149af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:11 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 38
content-length: 107978
last-modified: Mon, 23 Jan 2023 18:09:31 GMT
server: MI
etag: W/"5a61f-5f2f24cf9ccc0"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 76088117 58788599
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=12
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 vendor.bundle-e8bf89b42a8198ff411c.js Show response
www.tri-cityherald.com/wps/build/webpack/ 99 KB
34 KB 144ms
141ms Script
application/javascript 2.21.186.235
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tri-cityherald.com/wps/build/webpack/vendor.bundle-e8bf89b42a8198ff411c.js
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.186.235 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-186-235.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 798b67bb2ea3243fac61fc7df7e5585a5adc40887e278bdf62598ca5d7629903

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:11 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 544635
content-length: 34371
last-modified: Tue, 03 Jan 2023 15:37:57 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"18ca4-18578483808"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 674465675, 648840013 320636600
content-type: application/javascript;charset=UTF-8
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=84362
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 mi-header.bundle-4f80a4c3226f5b19c12d.js Show response
www.tri-cityherald.com/wps/build/webpack/ 9 KB
3 KB 144ms
142ms Script
application/javascript 2.21.186.235
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tri-cityherald.com/wps/build/webpack/mi-header.bundle-4f80a4c3226f5b19c12d.js
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.186.235 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-186-235.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: d56179d996f7bb8ce94673c80d3ab5169ee72f353d964e07f29fac5a1178f336

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:11 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 543408
content-length: 3004
last-modified: Tue, 03 Jan 2023 15:37:57 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"22a1-18578483808"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 11342068, 610897876 193989935
content-type: application/javascript;charset=UTF-8
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=29474
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1 KB 158ms
57ms Stylesheet
text/css 2a00:1450:400d:804::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext

Requested by

Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a0107a6693b6ccde2883d4ad8f80a8a19a8278c5deb30f75f7dcd10292258e60

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Tue, 24 Jan 2023 18:01:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 24 Jan 2023 18:01:11 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 24 Jan 2023 18:01:11 GMT

GET
H2 200 mi-styles.bfb476295e5eae023cda.css
www.tri-cityherald.com/wps/build/webpack/css/ 206 KB
45 KB 142ms
140ms Stylesheet
text/css 2.21.186.235
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tri-cityherald.com/wps/build/webpack/css/mi-styles.bfb476295e5eae023cda.css
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.186.235 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-186-235.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 6b7f1c14024ec6e97850760f9393deda36dc2373eac7e3df6903862b7ef368a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:11 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 227
content-length: 45219
last-modified: Fri, 13 Jan 2023 20:07:24 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"339aa-185acbe8060"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 97619398, 1020463019 1016432246
content-type: text/css;charset=UTF-8
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=59657
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H/1.1 200
OK style.css
mcclatchy-next-apps-prod.s3.amazonaws.com/custom-css/all/ 2 KB
2 KB 432ms
176ms Stylesheet
text/css 52.216.50.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://mcclatchy-next-apps-prod.s3.amazonaws.com/custom-css/all/style.css
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.50.225 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: b902eb21a12bbcca749f44a0323eaf05029d9e3f215cda51325a814c35d97a52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 18:01:13 GMT
Last-Modified: Fri, 20 Jan 2023 18:47:17 GMT
Server: AmazonS3
x-amz-request-id: NF3BKNYYWCFWGMFD
ETag: "346a4980522883aa1faaa39b569e2531"
x-amz-server-side-encryption: AES256
Content-Type: text/css
Accept-Ranges: bytes
Content-Length: 1897
x-amz-id-2: I1lRXbzLzo5Y1rPdkyfaTgcSgKU9M+n8gsJHtBi4GBHfMJTCI2komLa7pGIFcmx8ncWOCq2vdeE=

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
967 B 182ms
89ms Script
text/javascript 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js

Requested by

Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

dbd08f2c4c52ca2c903bf94dd72aea0181ada5543ddbdab9c684291254432aca

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 554
x-xss-protection: 1; mode=block
expires: Tue, 24 Jan 2023 18:01:12 GMT

GET
H2 200 61c0bfe4 Show response
www.tri-cityherald.com/akam/13/ 26 KB
9 KB 266ms
265ms Script
application/javascript 2.21.186.235
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tri-cityherald.com/akam/13/61c0bfe4
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.186.235 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-186-235.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: b38fe55dfadcf94bbe6c3259dd1a31d5406897b5ce60166dab067f9d81a68a2f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 18:01:12 GMT
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 15:13:29 GMT
etag: "17019ca3348895957335ef4d4bef9969dc6cfe781a501ac44b114b343a6de42c"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
access-control-allow-headers: *
content-length: 8755
expires: Tue, 24 Jan 2023 18:01:12 GMT

GET
H2 200 mastheadPage.bundle-ba32b7bfe150aa72027f.js Show response
www.tri-cityherald.com/wps/build/webpack/ 131 KB
44 KB 210ms
208ms Script
application/javascript 2.21.186.235
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tri-cityherald.com/wps/build/webpack/mastheadPage.bundle-ba32b7bfe150aa72027f.js
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.186.235 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-186-235.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 1edb5ed37a0db504b42d9641eccf602ee2f265fe3474f9ace2d9c3319dbfd97e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:11 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 110
content-length: 44209
last-modified: Fri, 13 Jan 2023 20:07:11 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"20c44-185acbe4d98"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 100958954, 296846211 275756500
content-type: application/javascript;charset=UTF-8
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=59677
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 mi-footer.bundle-9e59a31b822d120051b7.js Show response
www.tri-cityherald.com/wps/build/webpack/ 8 KB
3 KB 42ms
40ms Script
application/javascript 2.21.186.235
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tri-cityherald.com/wps/build/webpack/mi-footer.bundle-9e59a31b822d120051b7.js
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.186.235 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-186-235.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 764df958623e81ae49b597536c4f788d01b6d7d5b6fa5933868a4fd691e379df

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:12 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 0
content-length: 2925
last-modified: Tue, 03 Jan 2023 15:37:57 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"2137-18578483808"
vary: Accept-Encoding
mi-cache: MISS
x-varnish: 1044854134, 606011882
content-type: application/javascript;charset=UTF-8
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=61719
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 videojs.bundle-26bbe163dc0ffee5eac7.js Show response
www.tri-cityherald.com/wps/build/webpack/ 575 KB
152 KB 43ms
41ms Script
application/javascript 2.21.186.235
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tri-cityherald.com/wps/build/webpack/videojs.bundle-26bbe163dc0ffee5eac7.js
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.186.235 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-186-235.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 48f08678e02e62a5a40fc22ecb0d4e4cf56a7128c65d8c61c3da35eeed607623

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:12 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 96
content-length: 154945
last-modified: Fri, 13 Jan 2023 20:07:58 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"8fd16-185acbf0530"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 540889758, 159745544 157650073
content-type: application/javascript;charset=UTF-8
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=244319
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 videoStory.bundle-e7e9c63f9edd65104079.js Show response
www.tri-cityherald.com/wps/build/webpack/ 268 KB
86 KB 73ms
72ms Script
application/javascript 2.21.186.235
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tri-cityherald.com/wps/build/webpack/videoStory.bundle-e7e9c63f9edd65104079.js
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.186.235 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-186-235.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 3d4035e709c3856b025a4783eaab5d50a5fd43d9f08bddbf99dc97f133d3f169

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:12 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 91235
content-length: 87657
last-modified: Fri, 13 Jan 2023 20:07:58 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"42e11-185acbf0530"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 541738154, 832682651 599438306
content-type: application/javascript;charset=UTF-8
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=325639
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 footer.bundle-1f06f5f8ac3bfe589066.js Show response
www.tri-cityherald.com/wps/build/webpack/ 10 KB
3 KB 189ms
188ms Script
application/javascript 2.21.186.235
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tri-cityherald.com/wps/build/webpack/footer.bundle-1f06f5f8ac3bfe589066.js
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.186.235 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-186-235.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 962633a9b2b7df607d091396cbe096cef615f8bd36ea627151254a5743c4e0c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:11 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 132535
content-length: 2570
last-modified: Fri, 13 Jan 2023 20:07:09 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"284c-185acbe45c8"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 574687499, 342032846 992971028
content-type: application/javascript;charset=UTF-8
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=433025
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
BLOB 200
OK 54a4ebee-9d0f-41f2-ada8-0476e227bdfa Show response
https://www.tri-cityherald.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tri-cityherald.com/54a4ebee-9d0f-41f2-ada8-0476e227bdfa
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/noilosy-zb/tri-cityheraldcore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4d0067e1e19953512a106142fc9e15629b9504cb6be3d0315f7b490936119aae

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK 46b45a3a-150a-45a8-aa3e-29b3b05ab770 Show response
https://www.tri-cityherald.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tri-cityherald.com/46b45a3a-150a-45a8-aa3e-29b3b05ab770
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/noilosy-zb/tri-cityheraldcore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 16665e70bbabbef07ee714f48a1716d3c4287106580092ef21742fb7020c6676

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

POST
H2 200 acquire Show response
adobedc.demdex.net/ee/v1/identity/ 3 KB
2 KB 455ms
173ms Fetch
application/json 15.236.117.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://adobedc.demdex.net/ee/v1/identity/acquire?configId=462177a8-1012-4e47-aee6-a4f6f3154a6b&requestId=ed3d5899-70cb-4b9e-9095-9c8c08155a10

Requested by

Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/noilosy-zb/tri-cityheraldcore.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.117.205 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-236-117-205.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

daf1fec44c37c631ce9568f4cee06d2663c2e7a284a350ea2bdeac739322fbba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tri-cityherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Tue, 24 Jan 2023 18:01:12 GMT
content-encoding: deflate
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-rate-limit-remaining: 599
x-adobe-edge: IRL1;6
x-xss-protection: 1; mode=block
x-request-id: ed3d5899-70cb-4b9e-9095-9c8c08155a10
server: jag
vary: Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.tri-cityherald.com
access-control-expose-headers: Retry-After, X-Adobe-Edge, X-Request-ID
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
x-konductor: 23.1.39-HOTFIXOTEL:80fc9cec

GET
H2 200 logo.svg
www.tri-cityherald.com/wps/build/images/tri-cityherald/ 7 KB
3 KB 214ms
213ms Image
image/svg+xml 2.21.186.235
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tri-cityherald.com/wps/build/images/tri-cityherald/logo.svg
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.186.235 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-186-235.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: afeb72a9000a98b2723bd8c035adadb59077931bf67f3afb40c37b7b0083ed1f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:12 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 480113
content-length: 3031
last-modified: Tue, 03 Jan 2023 15:37:58 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"1a15-18578483bf0"
mi-cache: HIT
vary: Accept-Encoding
x-varnish: 44222857, 122260830 97620141
content-type: image/svg+xml;charset=ISO-8859-1
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=69530
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 wxicons-blk-2.svg
www.tri-cityherald.com/wps/source/images/widgets/weather/wxicons-blk/ 2 KB
1 KB 112ms
111ms Image
image/svg+xml 2.21.186.235
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tri-cityherald.com/wps/source/images/widgets/weather/wxicons-blk/wxicons-blk-2.svg
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.186.235 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-186-235.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: fe8e8325cca37fc986268bab20aa134722a066dc93347d824b0f989b9a94e023

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:12 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 81363
content-length: 675
last-modified: Mon, 23 Jan 2023 18:07:17 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"6a4-185dfd02008"
mi-cache: HIT
vary: Accept-Encoding
x-varnish: 725287063, 599360248 87917437
content-type: image/svg+xml;charset=ISO-8859-1
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=604727
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2
fonts.gstatic.com/s/notosans/v27/ 12 KB
13 KB 77ms
25ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v27/o-0NIpQlx3QUlC5A4PNjXhFVZNyB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c1c30918a861cb6a985ab55d54ad7e861682354197f164cb3b7194f20eed67ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tri-cityherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 01:52:34 GMT
x-content-type-options: nosniff
age: 144518
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12684
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:28:04 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Jan 2024 01:52:34 GMT

GET
H2 200 o-0IIpQlx3QUlC5A4PNr5TRA.woff2
fonts.gstatic.com/s/notosans/v27/ 13 KB
13 KB 82ms
30ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notosans/v27/o-0IIpQlx3QUlC5A4PNr5TRA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tri-cityherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 22:04:53 GMT
x-content-type-options: nosniff
age: 417379
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12860
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:27:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 19 Jan 2024 22:04:53 GMT

GET
H2 200 ga6Law1J5X9T9RW6j9bNdOwzfReecQ.woff2
fonts.gstatic.com/s/notoserif/v21/ 27 KB
27 KB 106ms
54ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserif/v21/ga6Law1J5X9T9RW6j9bNdOwzfReecQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0a9ce1553fa74dad4d8cf55b7df7d012a3acdec01cd39d682fce0e5b52e99f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tri-cityherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 22:21:14 GMT
x-content-type-options: nosniff
age: 70798
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27456
x-xss-protection: 0
last-modified: Mon, 09 May 2022 20:10:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Jan 2024 22:21:14 GMT

GET
H2 200 ga6Iaw1J5X9T9RW6j9bNfFcWaA.woff2
fonts.gstatic.com/s/notoserif/v21/ 23 KB
24 KB 101ms
50ms Font
font/woff2 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/notoserif/v21/ga6Iaw1J5X9T9RW6j9bNfFcWaA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans:400,700|Noto+Serif:400,700&display=swap&subset=latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

25475d82cc976fb2c71b15b3e416c22bf636dd247bbb268d312e7c076ec5b6e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.tri-cityherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 16:53:01 GMT
x-content-type-options: nosniff
age: 4091
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23948
x-xss-protection: 0
last-modified: Mon, 09 May 2022 19:47:44 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Jan 2024 16:53:01 GMT

GET
H2 200 1--MAIN--Hanford%20plant%20construction
www.tri-cityherald.com/latest-news/w1e0le/picture215474180/alternates/LANDSCAPE_768/ 89 KB
89 KB 113ms
104ms Image
image/jpeg 2.21.186.235
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tri-cityherald.com/latest-news/w1e0le/picture215474180/alternates/LANDSCAPE_768/1--MAIN--Hanford%20plant%20construction
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.186.235 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-186-235.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 95e1b246cc90d4466cd86a73c0822606a31d50c76d9cba087bef3e4eeaf9f1f8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:12 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 491
content-length: 90675
last-modified: Tue, 24 Jan 2023 00:44:08 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "64f9ba154caf9a2152b3fe164e5a30f3"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 660702917 660080373
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=587324
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 KPD%20arson%20investigation%20.jpg
www.tri-cityherald.com/latest-news/pyh6c1/picture271537292/alternates/LANDSCAPE_768/ 25 KB
25 KB 64ms
55ms Image
image/jpeg 2.21.186.235
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tri-cityherald.com/latest-news/pyh6c1/picture271537292/alternates/LANDSCAPE_768/KPD%20arson%20investigation%20.jpg
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.186.235 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-186-235.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 1e222e08ed932bb3c623674d4dc19c6fef67ec37043939ad469bba0f579717d6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:12 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 0
content-length: 25619
last-modified: Tue, 24 Jan 2023 16:01:12 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "999ecc08fe0bb5f83c0d2500e63958e5"
mi-cache: MISS
access-control-max-age: 86400
x-varnish: 471237991, 202867246
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=597783
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 Screenshot%202023-01-23%20112419.png
www.tri-cityherald.com/latest-news/ov40w9/picture271528962/alternates/LANDSCAPE_768/ 809 KB
811 KB 61ms
53ms Image
image/png 2.21.186.235
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tri-cityherald.com/latest-news/ov40w9/picture271528962/alternates/LANDSCAPE_768/Screenshot%202023-01-23%20112419.png
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.186.235 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-186-235.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 9818f1a3d0803ee3d70113673b5aa48a309eca146387d6cb0391235571d92515

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:12 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 29
content-length: 828050
last-modified: Mon, 23 Jan 2023 19:26:48 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "59eab4aa5c3f7041afde460a3c9f483d"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 442105862 413207429
content-type: image/png
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=529361
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 1--MAIN--Bank%20Vault%20demolition
www.tri-cityherald.com/latest-news/qzbh7h/picture271442142/alternates/LANDSCAPE_768/ 79 KB
80 KB 73ms
66ms Image
image/jpeg 2.21.186.235
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tri-cityherald.com/latest-news/qzbh7h/picture271442142/alternates/LANDSCAPE_768/1--MAIN--Bank%20Vault%20demolition
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.186.235 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-186-235.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 111fde01bb389a112d04fbc97daba062ec3d22bff6b7f2c5c52c984869922abb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:12 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 26834
content-length: 80850
last-modified: Mon, 23 Jan 2023 20:30:13 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "4d60b5dcfd711d95ccfffabcafaf1751"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 622331971 421500173
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=555169
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 netdale.5328a32b694ea8311c25.js Show response
www.tri-cityherald.com/noilosy-zb/ 88 KB
25 KB 108ms
103ms Script
application/javascript 2.21.186.235
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tri-cityherald.com/noilosy-zb/netdale.5328a32b694ea8311c25.js
Requested by: Host: www.tri-cityherald.com
URL: blob:https://www.tri-cityherald.com/54a4ebee-9d0f-41f2-ada8-0476e227bdfa
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.186.235 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-186-235.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: bed31793e6a6753a6e9ffb9a93a57a7cd3a539ede3340039cc4bdf77c593360b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:12 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 5304
content-length: 24669
last-modified: Mon, 23 Jan 2023 18:09:25 GMT
server: MI
etag: W/"16136-5f2f24c9e3f40"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 381519306, 89882905 41945388
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=527438
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 script.js Show response
s953.tri-cityherald.com/ 132 KB
40 KB 286ms
38ms Script
text/javascript 2600:9000:2304:4e00:4:a557:4cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s953.tri-cityherald.com/script.js

Requested by

Host: www.tri-cityherald.com
URL: blob:https://www.tri-cityherald.com/46b45a3a-150a-45a8-aa3e-29b3b05ab770

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2304:4e00:4:a557:4cc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

- /

Resource Hash

943c86949eee24ae98134e6f35c38c124aaa52b2621bda54dcbd4fae292ffe52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 17:51:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 6183f44271d091c21804d467f8a4ce20.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: VIE50-P1
age: 587
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 40679
x-xss-protection: 1; mode=block
last-modified: Tue, 24 Jan 2023 17:51:24 GMT
server: -
etag: b8351e37c5c3fdc5268f5c7c5d97129c
content-type: text/javascript; charset=utf-8
cache-control: public, no-cache="Set-Cookie", max-age=600
x-robots-tag: noindex, nofollow
x-amz-cf-id: 9k3bzMySMVT1IlCK2Aq_qgRK-ATiCD7IchDAYMza2t7O3_ET1AKOuQ==
expires: Tue, 24 Jan 2023 18:01:25 GMT

GET
H2

200

connatix.player.dc.js Show response
cds.connatix.com/p/216392/ Frame F151
Redirect Chain

https://cd.connatix.com/connatix.player.js?cid=
https://cds.connatix.com/p/216392/connatix.player.dc.js?cid=

984 KB
225 KB

64ms
26ms

Script
application/javascript

151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/216392/connatix.player.dc.js?cid=
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/
Protocol: H2
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 0a7d0dc99585333e3e902b846fa852ff6a40a5bdaca8497b3cacfc9f9f6b3818

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:13 GMT
content-encoding: br
last-modified: Mon, 23 Jan 2023 12:19:58 GMT
age: 106671
etag: "2a64d8e8145adfc68e69e89db6968a07"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 229989

Redirect headers

location: https://cds.connatix.com/p/216392/connatix.player.dc.js?cid=
date: Tue, 24 Jan 2023 18:01:12 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
accept-ranges: bytes
content-length: 0
access-control-max-age: 86400

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/ 404 KB
163 KB 75ms
23ms Script
text/javascript 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Gg72x2_SHmxi8X0BLo33HMpr/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

11401b059365dd387ba607aa55ca532d326d764253ea85de141a4423cedfef27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tri-cityherald.com/
Origin: https://www.tri-cityherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 17:13:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2839
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 165715
x-xss-protection: 0
last-modified: Mon, 16 Jan 2023 01:02:16 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 24 Jan 2024 17:13:53 GMT

GET
H2 200 Meals%20on%20Wheels%20roast%20beef%20meal%202023.jpg
www.tri-cityherald.com/latest-news/i66mf9/picture271399767/alternates/LANDSCAPE_768/ 34 KB
34 KB 90ms
87ms Image
image/jpeg 2.21.186.235
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tri-cityherald.com/latest-news/i66mf9/picture271399767/alternates/LANDSCAPE_768/Meals%20on%20Wheels%20roast%20beef%20meal%202023.jpg
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.186.235 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-186-235.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 3ccdd01cbd5c46d4b5ce379c0e05f0b711c7bc36cdfa16bd4bf62d64693566de

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:12 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 59
content-length: 34483
last-modified: Fri, 20 Jan 2023 21:09:13 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "5fc678a787c6d5cc222949e4f5269d6a"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 617716193 632261460
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=561039
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 Properly%20packaged%20handgun.jpg
www.tri-cityherald.com/latest-news/2naah6/picture271443922/alternates/LANDSCAPE_768/ 52 KB
52 KB 88ms
84ms Image
image/jpeg 2.21.186.235
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tri-cityherald.com/latest-news/2naah6/picture271443922/alternates/LANDSCAPE_768/Properly%20packaged%20handgun.jpg
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.186.235 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-186-235.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 54053b785aa3692bedafa8405ca745fcdf76ee87e34edf28e2b95cd03bfe8ee0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:12 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 0
content-length: 53179
last-modified: Fri, 20 Jan 2023 21:10:33 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "e5589f3b8a7f230f911ca19d5152fb70"
mi-cache: MISS
access-control-max-age: 86400
x-varnish: 456188171, 1039336170
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=327588
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 Turbines%20Nine%20Canyon%20spin
www.tri-cityherald.com/latest-news/fnm9iz/picture250177940/alternates/LANDSCAPE_768/ 33 KB
34 KB 123ms
120ms Image
image/jpeg 2.21.186.235
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tri-cityherald.com/latest-news/fnm9iz/picture250177940/alternates/LANDSCAPE_768/Turbines%20Nine%20Canyon%20spin
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.186.235 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-186-235.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 12cdf4ac329e976c316808d6d46bb5847ea8a05a09a2c3a1ba3831d40807118c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:12 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 0
content-length: 33876
last-modified: Thu, 19 May 2022 18:48:48 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "c0115b4990809cf339174964959e9b2b"
mi-cache: MISS
access-control-max-age: 86400
x-varnish: 131172290, 152011073
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=260868
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 fontawesome-webfont.woff2
www.tri-cityherald.com/wps/source/sass/main/fonts/font-awesome/fonts/ 55 KB
56 KB 73ms
55ms Font
font/woff2 2.21.186.235
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tri-cityherald.com/wps/source/sass/main/fonts/font-awesome/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/wps/build/webpack/css/mi-styles.bfb476295e5eae023cda.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.186.235 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-186-235.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 41dd3e48dbef1ddbc59957d4e99ef7662c1702dd8b55d0900b02150f87af354a

Request headers

Referer: https://www.tri-cityherald.com/wps/build/webpack/css/mi-styles.bfb476295e5eae023cda.css
Origin: https://www.tri-cityherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:12 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 1928
content-length: 56780
last-modified: Mon, 23 Jan 2023 18:07:17 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: W/"ddcc-185dfd02008"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 294998684, 650849990 653201951
content-type: font/woff2;charset=ISO-8859-1
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=90
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 Basketball%20generic2%20Getty.jpg
www.tri-cityherald.com/latest-news/ba1ilz/picture257906903/alternates/LANDSCAPE_768/ 25 KB
26 KB 49ms
36ms Image
image/jpeg 2.21.186.235
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tri-cityherald.com/latest-news/ba1ilz/picture257906903/alternates/LANDSCAPE_768/Basketball%20generic2%20Getty.jpg
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.186.235 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-186-235.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 4a7423b782e91da2e6f4a76801e3b48c5e6a0e91bbc061e25bf36262ff8787ff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:12 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 3273
content-length: 26038
last-modified: Mon, 31 Jan 2022 23:39:56 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "911de24e29b38aba0236f2100d1a89cd"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 92409079 90474161
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=361105
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 ArkansasStudents.jpg
www.kansascity.com/latest-news/ecdqmp/picture271567702/alternates/LANDSCAPE_768/ 763 KB
765 KB 341ms
43ms Image
image/png 2.21.186.235
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kansascity.com/latest-news/ecdqmp/picture271567702/alternates/LANDSCAPE_768/ArkansasStudents.jpg
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.186.235 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-186-235.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 1ac0743ed94b9144a7d81d0087956383698d24c3a18a7301d93264466c6941d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:13 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 83
content-length: 781424
last-modified: Tue, 24 Jan 2023 13:08:37 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "803af1506248bb8fb0a855a213d5df3a"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 106661711, 380777823 389127033
content-type: image/png
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=591108
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H/1.1 200
OK image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/5615998027001/033b71e4-e3ff-4b1b-bca0-8010dc7d07cc/052bac40-3086-499c-bd98-ec581c645d37/1280x720/match/ 146 KB
146 KB 318ms
24ms Image
image/jpeg 143.204.215.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.us-east-1.prod.boltdns.net/v1/static/5615998027001/033b71e4-e3ff-4b1b-bca0-8010dc7d07cc/052bac40-3086-499c-bd98-ec581c645d37/1280x720/match/image.jpg
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-30.fra53.r.cloudfront.net
Software: / BC
Resource Hash: 28fd1abbe396c03b63e219a80bfa896f29550c848b317f388adeb7cfffdf69f6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 11:41:35 GMT
Via: 1.1 d16428714e022976873ccc980fdc1288.cloudfront.net (CloudFront)
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
X-Amz-Cf-Pop: FRA53-C1
X-Powered-From: gantry
X-Powered-By: BC
Age: 22777
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
X-Amz-Cf-Id: AMoSPCvT9mSzhNT7UGRdCug_y2EwqdIB6XFach3gG5a9GxfmkLvUkQ==
Expires: Wed, 24 Jan 2024 11:41:35 GMT

GET
H2 200 Seahawks49ersFootball.JPG
www.thenewstribune.com/latest-news/p497at/picture271204067/alternates/LANDSCAPE_768/ 68 KB
69 KB 189ms
37ms Image
image/jpeg 2.21.186.235
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewstribune.com/latest-news/p497at/picture271204067/alternates/LANDSCAPE_768/Seahawks49ersFootball.JPG
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.186.235 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-186-235.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 47a5614a17b02134c28dbd6efd4212a7eb700b1aa35308427889bde9821f9152

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:12 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 192
content-length: 69851
last-modified: Sun, 15 Jan 2023 01:22:45 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "f773ba40b0979519ce550a50dfc2e01e"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 714768425, 763789637 728536627
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=341954
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 230108%20cb%20seahawks%20vs.%20rams_01.JPG
www.thenewstribune.com/latest-news/4rvfs8/picture270932407/alternates/LANDSCAPE_768/ 72 KB
73 KB 467ms
316ms Image
image/jpeg 2.21.186.235
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewstribune.com/latest-news/4rvfs8/picture270932407/alternates/LANDSCAPE_768/230108%20cb%20seahawks%20vs.%20rams_01.JPG
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.186.235 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-186-235.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: feef76f5e9b3feefeece0e36b636d90d747298ed3b3512f6378c63dfa075756f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:13 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 56
content-length: 74029
last-modified: Mon, 09 Jan 2023 02:17:25 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "96ec30c87c962ebe249f29058df08f98"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 766706415, 90997471 87983473
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=439168
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 220101%20cb%20seahawks%20vs.%20jets_1087.jpg
www.thenewstribune.com/latest-news/hgl89p/picture270655997/alternates/LANDSCAPE_768/ 49 KB
49 KB 217ms
66ms Image
image/jpeg 2.21.186.235
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thenewstribune.com/latest-news/hgl89p/picture270655997/alternates/LANDSCAPE_768/220101%20cb%20seahawks%20vs.%20jets_1087.jpg
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.186.235 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-186-235.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 9fb5e4a319e43a892940aa80a3a19a1a3267b7822fc6897ca25cfd96cad17ec4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:12 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 264
content-length: 50130
last-modified: Mon, 02 Jan 2023 01:48:59 GMT
x-proxy-forwarding-type: BlackList
server: MI
etag: "88bcd2cb1d4ce8b0e37956cf715dadcd"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 613453217 616105504
content-type: image/jpeg
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=304461
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
DATA 200
OK truncated
/ 9 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 157 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
BLOB 200
OK a5abe667-cf75-4e48-a29c-08c0c5756ffa Show response
https://www.tri-cityherald.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tri-cityherald.com/a5abe667-cf75-4e48-a29c-08c0c5756ffa
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/noilosy-zb/tri-cityheraldcore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aad0de1ea5ec51195efd90589282fe5dfa46a187d8e66d673230d52cdc5fb6d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK 729095c4-d49f-4d4f-914a-70eca3415b91 Show response
https://www.tri-cityherald.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tri-cityherald.com/729095c4-d49f-4d4f-914a-70eca3415b91
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/noilosy-zb/tri-cityheraldcore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 34470969cbce5179579cfb4327c0a3d12daff4432220e58302ce34b7af63b73c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK ebe700b8-b780-48a2-b057-033875e66cf1 Show response
https://www.tri-cityherald.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tri-cityherald.com/ebe700b8-b780-48a2-b057-033875e66cf1
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/noilosy-zb/tri-cityheraldcore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 23329bbb9d89d82b2e312cb8e8d8ee3f5af69c4e6d21844ee258a7cf538dac0a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK 14b1cfff-0d1c-4270-997f-6a085194d131 Show response
https://www.tri-cityherald.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tri-cityherald.com/14b1cfff-0d1c-4270-997f-6a085194d131
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/noilosy-zb/tri-cityheraldcore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5bc1b63af6c01e01be5c53d47200f90667a90869980fe817bded5e984b368cd0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK a84c9489-e615-4af5-9049-ab3599411948 Show response
https://www.tri-cityherald.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tri-cityherald.com/a84c9489-e615-4af5-9049-ab3599411948
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/noilosy-zb/tri-cityheraldcore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8c5df54ffd454db37d8b014d2981d6d8d55e1362fcb3a78259a231addde91917

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 369 KB
124 KB 116ms
42ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/wps/build/webpack/videoStory.bundle-e7e9c63f9edd65104079.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341cac54e2233a3ea849713a87fce48e95ed8f3c8317c4d3bdcf0610da762e23

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125890
x-xss-protection: 0
expires: Tue, 24 Jan 2023 18:01:13 GMT

GET
BLOB 200
OK cabfc0ee-7b0d-4aec-9f52-84e9d017d907 Show response
https://www.tri-cityherald.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tri-cityherald.com/cabfc0ee-7b0d-4aec-9f52-84e9d017d907
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/noilosy-zb/tri-cityheraldcore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5fec21894f4774e4b1874d4153daf6a0dcbf68a34e8a784e6c7d063ac2c0871e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
H2 200 htlbid.css
htlbid.com/v3/tri-cityherald.com/ 3 KB
639 B 549ms
422ms Stylesheet
text/css 13.32.121.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://htlbid.com/v3/tri-cityherald.com/htlbid.css
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/noilosy-zb/netdale.5328a32b694ea8311c25.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-78.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2c2d839942cb9548ad7447ed4fe2bd45e0c84b4eef108fd5c6ec085b0e2405da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:14 GMT
content-encoding: br
via: 1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
last-modified: Thu, 12 Jan 2023 02:13:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
etag: W/"a49d79868f355680f4cf86ab4c2ff095"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: text/css
cache-control: max-age=600
x-amz-cf-id: MJWxnNwQg71RjDxbAllqnAAojx0_LT5PNKaQ4oowVh6ROT-sa7GX2A==

GET
H2 200 htlbid.js Show response
htlbid.com/v3/tri-cityherald.com/ 2 KB
1 KB 568ms
442ms Script
application/javascript 13.32.121.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://htlbid.com/v3/tri-cityherald.com/htlbid.js
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/noilosy-zb/netdale.5328a32b694ea8311c25.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.121.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-121-78.fra60.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2cabd0f8fbaee9fabee053e9b17c25b217c40a6061cc470dd6a8826f3ebc911a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:14 GMT
content-encoding: br
via: 1.1 5743d3ff81b625f69ad8b8e32fc9c412.cloudfront.net (CloudFront)
last-modified: Thu, 12 Jan 2023 02:13:10 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1
etag: W/"a8db62f7191b70207230326ce2bd7167"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=600
x-amz-cf-id: 05FgbM8xzca2PKDf5JH7AUQgrZ9H0wnSArd850i4siPlNp5CgtBtig==

GET
BLOB 200
OK 08ef15be-a430-4948-83f2-7ac9c3ba9c66 Show response
https://www.tri-cityherald.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tri-cityherald.com/08ef15be-a430-4948-83f2-7ac9c3ba9c66
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/noilosy-zb/tri-cityheraldcore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d8dc14168a92ecaeeb75d38c57b654690564848340ae09b72d6fbb2de03d75fa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
H2 200 video.11063f3ba2d47ef6ecb7.js Show response
www.tri-cityherald.com/noilosy-zb/ 16 KB
6 KB 85ms
61ms Script
application/javascript 2.21.186.235
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tri-cityherald.com/noilosy-zb/video.11063f3ba2d47ef6ecb7.js
Requested by: Host: www.tri-cityherald.com
URL: blob:https://www.tri-cityherald.com/a5abe667-cf75-4e48-a29c-08c0c5756ffa
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.186.235 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-186-235.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 10b97070812409880dac8ae6358935a5ae92c44a92b8c68741db81a6c9e2241f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:13 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 5180
content-length: 5269
last-modified: Mon, 23 Jan 2023 18:09:25 GMT
server: MI
etag: W/"3efe-5f2f24c9e3f40"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 79331574, 859275421 811237432
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=527386
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 performance.f68857eeb4b7c9824b8f.js Show response
www.tri-cityherald.com/noilosy-zb/ 8 KB
3 KB 56ms
44ms Script
application/javascript 2.21.186.235
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tri-cityherald.com/noilosy-zb/performance.f68857eeb4b7c9824b8f.js
Requested by: Host: www.tri-cityherald.com
URL: blob:https://www.tri-cityherald.com/729095c4-d49f-4d4f-914a-70eca3415b91
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.186.235 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-186-235.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: dd2c4b8829d43290d2d6f61b5c253b2b9edf5d715f61a3454a4123c00f5c477e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:13 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 5246
content-length: 2636
last-modified: Mon, 23 Jan 2023 18:09:25 GMT
server: MI
etag: W/"1e9e-5f2f24c9e3f40"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 56592920, 856785518 811368516
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=527372
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 quarantine.d8dd140cfa71427ccbcf.js Show response
www.tri-cityherald.com/noilosy-zb/ 27 KB
10 KB 90ms
79ms Script
application/javascript 2.21.186.235
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tri-cityherald.com/noilosy-zb/quarantine.d8dd140cfa71427ccbcf.js
Requested by: Host: www.tri-cityherald.com
URL: blob:https://www.tri-cityherald.com/ebe700b8-b780-48a2-b057-033875e66cf1
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.186.235 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-186-235.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: f8cedfeab9b33549e06bd1f53d3317e9f825f094299af11d86e4042d409c3d03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:13 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 5258
content-length: 9951
last-modified: Mon, 23 Jan 2023 18:09:25 GMT
server: MI
etag: W/"6b1b-5f2f24c9e3f40"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 852591356 808747058
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=527493
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 geofeed Show response
geolocation.onetrust.com/cookieconsentpub/v1/geo/location/ 68 B
244 B 126ms
52ms Script
text/javascript 2606:4700::6812:1a55
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location/geofeed

Requested by

Host: www.tri-cityherald.com
URL: blob:https://www.tri-cityherald.com/14b1cfff-0d1c-4270-997f-6a085194d131

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1a55 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ff8be4caae44452d25370811829bcf0de87a264bc6dab2b9c45ec89b57b7c8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
server: cloudflare
cf-ray: 78eaac531a5e2c75-FRA
vary: Accept-Encoding
content-type: text/javascript

GET
H2 200 parsely.b9e2e11a5aec1519ea40.js Show response
www.tri-cityherald.com/noilosy-zb/ 1 KB
998 B 46ms
40ms Script
application/javascript 2.21.186.235
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tri-cityherald.com/noilosy-zb/parsely.b9e2e11a5aec1519ea40.js
Requested by: Host: www.tri-cityherald.com
URL: blob:https://www.tri-cityherald.com/a84c9489-e615-4af5-9049-ab3599411948
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.186.235 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-186-235.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 87698ac6c6aa68eae00b463509df6e816683f54e09e94614c99d3cbaed51a267

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:13 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 5258
content-length: 615
last-modified: Mon, 23 Jan 2023 18:09:25 GMT
server: MI
etag: W/"4b9-5f2f24c9e3f40"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 53805286, 419792351 391675959
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=527495
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

OPTIONS
H2 200 vardata
api.lab.amplitude.com/sdk/ Frame 0
0 302ms
205ms Preflight 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,x-amp-exp-user
Access-Control-Request-Method: GET
Origin: https://www.tri-cityherald.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: authorization,x-amp-exp-user
access-control-allow-methods: GET,POST,HEAD
access-control-allow-origin: https://www.tri-cityherald.com
access-control-max-age: 1800
date: Tue, 24 Jan 2023 18:01:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Origin
x-amzn-trace-id: Root=1-63d01ce9-1227c57f35866f7255a8d5d1
x-cache: MISS
x-cache-hits: 0
x-content-type-options: nosniff
x-served-by: cache-hhn-etou8220094-HHN
x-timer: S1674583274.578124,VS0,VE181

GET
BLOB 200
OK 74c67cb6-9005-4890-94af-7a78eb08d9d9 Show response
https://www.tri-cityherald.com/ 234 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tri-cityherald.com/74c67cb6-9005-4890-94af-7a78eb08d9d9
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/noilosy-zb/tri-cityheraldcore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cb51bdce63555841035a5dd1191a7afdb137f00a9cdc9e0c05607adfd38d500a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Length: 234
Content-Type: [object object]

GET
BLOB 200
OK 0c9f2fb4-923b-4792-851b-80359e4eb562 Show response
https://www.tri-cityherald.com/ 311 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tri-cityherald.com/0c9f2fb4-923b-4792-851b-80359e4eb562
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/noilosy-zb/tri-cityheraldcore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0f83531397727f64ead4266d70a984dee950bfaff04d2d4dcb7cc737bab95916

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Length: 311
Content-Type: [object object]

GET
BLOB 200
OK bad027bc-a6fc-47ee-97f3-0b062749dd20 Show response
https://www.tri-cityherald.com/ 362 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tri-cityherald.com/bad027bc-a6fc-47ee-97f3-0b062749dd20
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/noilosy-zb/tri-cityheraldcore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d89fcffc0f013b852144e04aa7a737bb546d07b34e548d8a4921ab04df726082

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Length: 362
Content-Type: [object object]

GET
BLOB 200
OK 7a5dd81d-aa7d-4bc7-a727-d2aed6da2eb0 Show response
https://www.tri-cityherald.com/ 323 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tri-cityherald.com/7a5dd81d-aa7d-4bc7-a727-d2aed6da2eb0
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/noilosy-zb/tri-cityheraldcore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 949b0b9bf6768359f6f85d4b5c112de352e47a7f476f0f47c1574a1e26f3f8e7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Length: 323
Content-Type: [object object]

GET
BLOB 200
OK 20e995e1-fa95-4008-9dfa-746fd7f53ba3 Show response
https://www.tri-cityherald.com/ 313 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tri-cityherald.com/20e995e1-fa95-4008-9dfa-746fd7f53ba3
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/noilosy-zb/tri-cityheraldcore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 830cac2a8908afc16e114cd8393040e1cf11977a968af0c0dd052d592868ea16

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Length: 313
Content-Type: [object object]

GET
BLOB 200
OK 90028fc0-414a-4224-96dc-7bfc047b21a8 Show response
https://www.tri-cityherald.com/ 290 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tri-cityherald.com/90028fc0-414a-4224-96dc-7bfc047b21a8
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/noilosy-zb/tri-cityheraldcore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 60c67b61c036e739d02f7ede3743012003c6bf06788c9fba601b65983c0a0ab3

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Length: 290
Content-Type: [object object]

GET
BLOB 200
OK 073efe76-fd05-4ad7-8d6c-c41dbc4dee54 Show response
https://www.tri-cityherald.com/ 299 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tri-cityherald.com/073efe76-fd05-4ad7-8d6c-c41dbc4dee54
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/noilosy-zb/tri-cityheraldcore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a6a1024807e3504d93d0fc26e07281450105e97e36169a178243b9856dad356

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Length: 299
Content-Type: [object object]

GET
BLOB 200
OK 8941052e-7e29-4ce4-97fe-3045efe1027c Show response
https://www.tri-cityherald.com/ 359 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tri-cityherald.com/8941052e-7e29-4ce4-97fe-3045efe1027c
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/noilosy-zb/tri-cityheraldcore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 650587719d00d216eff81b7a8feade391863ace124e282d62018b1df5fd75f92

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Length: 359
Content-Type: [object object]

GET
BLOB 200
OK c2905328-f8ca-47e7-8f37-5e8e492e4f8c Show response
https://www.tri-cityherald.com/ 313 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tri-cityherald.com/c2905328-f8ca-47e7-8f37-5e8e492e4f8c
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/noilosy-zb/tri-cityheraldcore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: becd124e0894570d928778df3677413aa7c44cb86e63e4592ccb117d3f2a5b21

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Length: 313
Content-Type: [object object]

GET
BLOB 200
OK 19c713e9-4339-4a09-9978-86d46ea86da4 Show response
https://www.tri-cityherald.com/ 325 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tri-cityherald.com/19c713e9-4339-4a09-9978-86d46ea86da4
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/noilosy-zb/tri-cityheraldcore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 359ca6d9de759ae6cc10299b0952d454830da1b9f1109146dc4626685b898258

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Length: 325
Content-Type: [object object]

GET
H2 200 vardata Show response
api.lab.amplitude.com/sdk/ 2 B
153 B 278ms
255ms Fetch
application/json 151.101.66.132
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://api.lab.amplitude.com/sdk/vardata

Requested by

Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/noilosy-zb/tri-cityheraldcore.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.132 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tri-cityherald.com/
accept-language: de-DE,de;q=0.9
Authorization: Api-Key client-G6ik2oCuLtpn6c9TpIT8ZRXe4JHPDDn9
X-Amp-Exp-User: eyJsaWJyYXJ5IjoiZXhwZXJpbWVudC1qcy1jbGllbnQvMS43LjEiLCJkZXZpY2VfaWQiOiI1NWY0ZjU3Ny1iOGI1LTQ1NjMtYjVhMC05OTcwOWFlNDM3ZTMiLCJ1c2VyX3Byb3BlcnRpZXMiOnsiYnVzaW5lc3NfdW5pdCI6IlRDSCIsImNhbm9uaWNhbF91cmwiOiJodHRwczovL3d3dy50cmktY2l0eWhlcmFsZC5jb20vIiwiY21zX2lkIjoiSG9tZXBhZ2U6NzA5MyIsImNvbnRlbnRfc2VydmljZSI6IlByb2R1Y3Q6IEVzY2VuaWMiLCJmdWxsX3VybCI6Imh0dHBzOi8vd3d3LnRyaS1jaXR5aGVyYWxkLmNvbS8iLCJwYWdlX2xldmVsIjoiSG9tZSIsInBhZ2VfbmFtZSI6IkhvbWU6SG9tZXBhZ2UiLCJwYWdlX3BhdGgiOiIvIiwicHVibGljYXRpb25fbmFtZSI6IlRyaS1DaXR5IEhlcmFsZCIsInJlZmVycmluZ19ob3N0Ijoibm9fcmVmZXJyZXIiLCJzZWN0aW9uIjoiSG9tZXBhZ2UiLCJzZXJ2ZXIiOiJ3d3cudHJpLWNpdHloZXJhbGQuY29tIiwidGF4b25vbXkiOiJfSG9tZVBhZ2V8fHx8IiwidXJsIjoiaHR0cHM6Ly93d3cudHJpLWNpdHloZXJhbGQuY29tLyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTA5LjAuNTQxNC43NCBTYWZhcmkvNTM3LjM2In19
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-served-by: cache-hhn-etou8220094-HHN
date: Tue, 24 Jan 2023 18:01:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
age: 0
x-timer: S1674583274.827098,VS0,VE234
x-amzn-trace-id: Root=1-63d01ce9-4a3398ce29d70d8636dfff63
vary: Origin, Origin
x-cache: MISS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.tri-cityherald.com
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 2
x-cache-hits: 0

POST
H2 200 interact Show response
edge.adobedc.net/ee/v1/ 2 KB
1 KB 558ms
214ms Fetch
application/json 15.236.117.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://edge.adobedc.net/ee/v1/interact?configId=462177a8-1012-4e47-aee6-a4f6f3154a6b&requestId=dfc967b0-95e5-44e8-9d32-0c5cdb33bbab

Requested by

Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/noilosy-zb/tri-cityheraldcore.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.117.205 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-236-117-205.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

b7e88630df31a86b3b2f08009711557000dddade2c33e0482e4b314c5a44752a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tri-cityherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Tue, 24 Jan 2023 18:01:12 GMT
content-encoding: deflate
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-rate-limit-remaining: 599
x-adobe-edge: IRL1;6
x-xss-protection: 1; mode=block
x-request-id: dfc967b0-95e5-44e8-9d32-0c5cdb33bbab
server: jag
vary: Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.tri-cityherald.com
access-control-expose-headers: Retry-After, X-Adobe-Edge, X-Request-ID
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
x-konductor: 23.1.39-HOTFIXOTEL:80fc9cec

GET
H2 200 cs Show response
mcclatchy.blueconic.net/DG/DEFAULT/ 16 B
696 B 363ms
115ms Script
text/javascript 52.204.16.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://mcclatchy.blueconic.net/DG/DEFAULT/cs?&callback=bc_json510

Requested by

Host: s953.tri-cityherald.com
URL: https://s953.tri-cityherald.com/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.204.16.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-204-16-198.compute-1.amazonaws.com

Software

- /

Resource Hash

74a34854f0e59201f85c8aec6290e89eb484d223dc1ab185fc54424e50618daa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 18:01:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-permitted-cross-domain-policies: master-only
content-type: text/javascript; charset=utf-8
p3p: policyref="", CP="DSP"
cache-control: no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag: noindex, nofollow
content-length: 36
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 pixel_61c0bfe4 Show response
www.tri-cityherald.com/akam/13/ 0
784 B 63ms
63ms XHR
text/html 2.21.186.235
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tri-cityherald.com/akam/13/pixel_61c0bfe4
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/akam/13/61c0bfe4
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.186.235 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-186-235.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tri-cityherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 18:01:13 GMT
access-control-max-age: 86400
access-control-allow-methods: GET,POST,OPTIONS
content-type: text/html
access-control-allow-origin: *
cache-control: max-age=0, no-cache
access-control-allow-credentials: false
access-control-allow-headers: *
content-length: 0
expires: Tue, 24 Jan 2023 18:01:13 GMT

GET
H2 200 get Show response
vi.ml314.com/ 264 B
388 B 102ms
40ms Script
application/javascript 35.201.104.135
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://vi.ml314.com/get?eid=88280&tk=Sd8Lhw2fKivbawYXOa0sKaCgKxoI2fc6Kjw9Z4GOBSB2s3d&fp=

Requested by

Host: www.tri-cityherald.com
URL: blob:https://www.tri-cityherald.com/cabfc0ee-7b0d-4aec-9f52-84e9d017d907

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.104.135 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

135.104.201.35.bc.googleusercontent.com

Software

Google Frontend /

Resource Hash

9dffbd45ce48bf5e8eeb90b3d8567f8270f217c174de81fe3693d6dcdbaa1588

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=2592000
content-encoding: br
via: 1.1 google
date: Tue, 24 Jan 2023 18:01:13 GMT
server: Google Frontend
vary: Accept-Encoding
content-type: application/javascript
cache-control: private,max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 200 sponsored.bdbd37cbc26a06169b35.js Show response
www.tri-cityherald.com/noilosy-zb/ 1 KB
859 B 49ms
49ms Script
application/javascript 2.21.186.235
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tri-cityherald.com/noilosy-zb/sponsored.bdbd37cbc26a06169b35.js
Requested by: Host: www.tri-cityherald.com
URL: blob:https://www.tri-cityherald.com/08ef15be-a430-4948-83f2-7ac9c3ba9c66
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.186.235 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-186-235.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: d82c76f26595d47085438aebf8993c7e7713f30b969f4032ab3db9d9d2a58a41

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:13 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 5120
content-length: 486
last-modified: Mon, 23 Jan 2023 18:09:25 GMT
server: MI
etag: W/"433-5f2f24c9e3f40"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 67734316 54034780
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=527506
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=Y9Ac6QAAAL984gNx
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=06747444506445913633991903905931279226
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y9Ac6QAAAL984gNx

42 B
942 B

763ms
146ms

Image
image/gif

52.49.9.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y9Ac6QAAAL984gNx

Requested by

Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/

Protocol

HTTP/1.1

Server

52.49.9.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-9-98.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v045-01a6f2a00.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: GjrqHtTHTnU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y9Ac6QAAAL984gNx
Date: Tue, 24 Jan 2023 18:01:13 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEGeczPBSe7lpcW4GspaGfnM&google_cver=1
dpm.demdex.net/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MDY3NDc0NDQ1MDY0NDU5MTM2MzM5OTE5MDM5MDU5MzEyNzkyMjY=
https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm=&gdpr=0&gdpr_consent=&google_hm=MDY3NDc0NDQ1MDY0NDU5MTM2MzM5OTE5MDM5MDU5MzEyNzkyMjY=&google_tc=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEGeczPBSe7lpcW4GspaGfnM&google_cver=1?gdpr=0&gdpr_consent=

42 B
942 B

581ms
130ms

Image
image/gif

52.49.9.98
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEGeczPBSe7lpcW4GspaGfnM&google_cver=1?gdpr=0&gdpr_consent=

Requested by

Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/

Protocol

HTTP/1.1

Server

52.49.9.98 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-49-9-98.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v045-017f03edc.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: Lp/CkKtFTeA=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Tue, 24 Jan 2023 18:01:13 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEGeczPBSe7lpcW4GspaGfnM&google_cver=1?gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

5w3jqr4k
sync-tm.everesttech.net/ct/upi/pid/
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
https://sync-tm.everesttech.net/ct/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64E...

85 B
162 B

41ms
21ms

Image
image/png

151.101.2.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/ct/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&_test=Y9Ac6QAB3Te3mwAF
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/
Protocol: H2
Server: 151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-served-by: cache-hhn-etou8220050-HHN
pragma: no-cache
date: Tue, 24 Jan 2023 18:01:13 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
age: 2581
x-timer: S1674583274.827586,VS0,VE0
x-cache: HIT
content-type: image/png
cache-control: no-cache
accept-ranges: bytes
content-length: 85
x-cache-hits: 31251

Redirect headers

x-served-by: cache-hhn-etou8220050-HHN
pragma: no-cache
date: Tue, 24 Jan 2023 18:01:13 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1674583274.666343,VS0,VE90
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://sync-tm.everesttech.net/ct/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D&_test=Y9Ac6QAB3Te3mwAF
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2

200

btu4jd3a
sync-tm.everesttech.net/ct/upi/pid/
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90&_test=Y9Ac6QAB3o4FRAAh

85 B
142 B

45ms
26ms

Image
image/png

151.101.2.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90&_test=Y9Ac6QAB3o4FRAAh
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/
Protocol: H2
Server: 151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-served-by: cache-hhn-etou8220050-HHN
pragma: no-cache
date: Tue, 24 Jan 2023 18:01:13 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
age: 2581
x-timer: S1674583274.828270,VS0,VE0
x-cache: HIT
content-type: image/png
cache-control: no-cache
accept-ranges: bytes
content-length: 85
x-cache-hits: 31253

Redirect headers

x-served-by: cache-hhn-etou8220050-HHN
pragma: no-cache
date: Tue, 24 Jan 2023 18:01:13 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1674583274.665707,VS0,VE90
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90&_test=Y9Ac6QAB3o4FRAAh
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2

200

ZMAwryCI
sync-tm.everesttech.net/ct/upi/pid/
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y9Ac6QAB3pO3ugAF

85 B
149 B

48ms
29ms

Image
image/png

151.101.2.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y9Ac6QAB3pO3ugAF
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/
Protocol: H2
Server: 151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-served-by: cache-hhn-etou8220050-HHN
pragma: no-cache
date: Tue, 24 Jan 2023 18:01:13 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
age: 2581
x-timer: S1674583274.828904,VS0,VE0
x-cache: HIT
content-type: image/png
cache-control: no-cache
accept-ranges: bytes
content-length: 85
x-cache-hits: 31254

Redirect headers

x-served-by: cache-hhn-etou8220050-HHN
pragma: no-cache
date: Tue, 24 Jan 2023 18:01:13 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1674583274.667138,VS0,VE93
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://sync-tm.everesttech.net/ct/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&_test=Y9Ac6QAB3pO3ugAF
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2

200

UH6TUt9n
sync-tm.everesttech.net/ct/upi/pid/
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D&_test=Y9Ac6QAB3hC3ngAF

85 B
161 B

39ms
19ms

Image
image/png

151.101.2.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/ct/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D&_test=Y9Ac6QAB3hC3ngAF
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/
Protocol: H2
Server: 151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-served-by: cache-hhn-etou8220050-HHN
pragma: no-cache
date: Tue, 24 Jan 2023 18:01:13 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
age: 2581
x-timer: S1674583274.827573,VS0,VE0
x-cache: HIT
content-type: image/png
cache-control: no-cache
accept-ranges: bytes
content-length: 85
x-cache-hits: 31251

Redirect headers

x-served-by: cache-hhn-etou8220050-HHN
pragma: no-cache
date: Tue, 24 Jan 2023 18:01:13 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1674583274.667667,VS0,VE89
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://sync-tm.everesttech.net/ct/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D&_test=Y9Ac6QAB3hC3ngAF
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D&_test=Y9Ac6QAABdmD0gBh
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y9Ac6QAABdmD0gBh&_test=Y9Ac6QAABdmD0gBh

43 B
273 B

125ms
30ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y9Ac6QAABdmD0gBh&_test=Y9Ac6QAABdmD0gBh
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 18:01:13 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by: cache-hhn-etou8220050-HHN
pragma: no-cache
date: Tue, 24 Jan 2023 18:01:13 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1674583274.828770,VS0,VE0
x-cache: HIT
location: https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y9Ac6QAABdmD0gBh&_test=Y9Ac6QAABdmD0gBh
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

b9pj45k4
sync-tm.everesttech.net/ct/upi/pid/
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BU...

85 B
149 B

44ms
25ms

Image
image/png

151.101.2.49
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D&_test=Y9Ac6QAB3XK3vgAF
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/
Protocol: H2
Server: 151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Jetty(9.4.35.v20201120) /
Resource Hash: acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-served-by: cache-hhn-etou8220050-HHN
pragma: no-cache
date: Tue, 24 Jan 2023 18:01:13 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
age: 2581
x-timer: S1674583274.828295,VS0,VE0
x-cache: HIT
content-type: image/png
cache-control: no-cache
accept-ranges: bytes
content-length: 85
x-cache-hits: 31253

Redirect headers

x-served-by: cache-hhn-etou8220050-HHN
pragma: no-cache
date: Tue, 24 Jan 2023 18:01:13 GMT
via: 1.1 varnish
server: Jetty(9.4.35.v20201120)
x-timer: S1674583274.667432,VS0,VE92
x-cache: MISS
p3p: CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin: *
location: https://sync-tm.everesttech.net/ct/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D&_test=Y9Ac6QAB3XK3vgAF
cache-control: no-cache
accept-ranges: bytes
content-length: 0
x-cache-hits: 0

GET
H/1.1

200

partner
sync.search.spotxchange.com/
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y9Ac6QAABdmD0gBh&img=1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y9Ac6QAABdmD0gBh&img=1&__user_check__=1&sync_id=1774ba1d-9c11-11ed-970f-1d66682b0106

43 B
549 B

102ms
53ms

Image
image/gif

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y9Ac6QAABdmD0gBh&img=1&__user_check__=1&sync_id=1774ba1d-9c11-11ed-970f-1d66682b0106
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/
Protocol: HTTP/1.1
Server: 185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 18:01:14 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 113
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Tue, 24 Jan 2023 18:01:14 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: /partner?adv_id=6409&uid=Y9Ac6QAABdmD0gBh&img=1&__user_check__=1&sync_id=1774ba1d-9c11-11ed-970f-1d66682b0106
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 19
Connection: keep-alive
Content-Length: 0

GET
H2 200 hls.ab55e91cf2e7990a858b.js
cds.connatix.com/p/216392/ Frame F151 0
47 KB 23ms
23ms Other
application/javascript 151.101.66.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/216392/hls.ab55e91cf2e7990a858b.js
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js?cid=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:14 GMT
content-encoding: br
last-modified: Mon, 23 Jan 2023 12:19:58 GMT
age: 106676
etag: "9c52aeec94b8e17f4fb52a552635b8b4"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges: bytes
content-length: 48350

GET
H2

200

b.php
www.facebook.com/fr/
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y9Ac6QAABdmD0gBh&t=2592000&o=0

43 B
562 B

205ms
154ms

Image
image/gif

2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y9Ac6QAABdmD0gBh&t=2592000&o=0

Requested by

Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/

Protocol

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 10:01:13 PST
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
pragma: public
x-fb-debug: AUUF0iKTrrigBf6IoMzCtfPLsHjU1s8UniCWZnA2Xt+HQ6wLe5XXq352smKN8wTiNQw9Nui2Biz1tiXATwP2sQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: image/gif
origin-agent-cluster: ?0
cache-control: public, max-age=0
expires: Tue, 24 Jan 2023 10:01:13 PST

Redirect headers

x-served-by: cache-hhn-etou8220050-HHN
pragma: no-cache
date: Tue, 24 Jan 2023 18:01:13 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1674583274.827901,VS0,VE0
x-cache: HIT
location: https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y9Ac6QAABdmD0gBh&t=2592000&o=0
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 6319141331112 Show response
edge.api.brightcove.com/playback/v1/accounts/5615998027001/videos/ 6 KB
6 KB 32ms
24ms Fetch
application/json 151.101.130.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.api.brightcove.com/playback/v1/accounts/5615998027001/videos/6319141331112
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/wps/build/webpack/videoStory.bundle-e7e9c63f9edd65104079.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 81e36db89cec73c66c5b4419349a29e1a6f1819575293a9231d22d866d31abe8

Request headers

Accept: application/json;pk=BCpkADawqM3oAn6u6oEh0lUbIAxh5jUT4GXwJUNyZBLjK7gBQk4t1_bYmO61FA8FBiBTnD4poHVjSlkgYT3_UFbkA5o1wL-lYOBkoQeNnnqn8YDhmNkM-NBasczbCuvvvGy3yQADbjsRMzN2
Referer: https://www.tri-cityherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

bc-override-client-ip: 43.131.15.175
date: Tue, 24 Jan 2023 18:01:13 GMT
powered-from: eu-central-1c
bcov-request-id: d969fd95-d52a-4f3a-8b32-1f08d40117e1
via: 1.1 varnish
age: 3184
policy-key-accountid: 5615998027001
x-cache: HIT
powered-by: BC
content-length: 6330
x-served-by: cache-hhn-etou8220049-HHN
policy-key-raw: BCpkADawqM3oAn6u6oEh0lUbIAxh5jUT4GXwJUNyZBLjK7gBQk4t1_bYmO61FA8FBiBTnD4poHVjSlkgYT3_UFbkA5o1wL-lYOBkoQeNnnqn8YDhmNkM-NBasczbCuvvvGy3yQADbjsRMzN2
x-timer: S1674583274.846573,VS0,VE2
access-control-allow-methods: HEAD,GET,OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
cache-control: max-age=0, no-cache, no-store
account-status: APPROVED
accept-ranges: bytes
access-control-allow-headers: content-type,accept,accept-language,content-language,bcov-policy,soapaction
x-cache-hits: 1

GET
H2 200 6318931155112 Show response
edge.api.brightcove.com/playback/v1/accounts/5615998027001/videos/ 8 KB
8 KB 32ms
23ms Fetch
application/json 151.101.130.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.api.brightcove.com/playback/v1/accounts/5615998027001/videos/6318931155112
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/wps/build/webpack/videoStory.bundle-e7e9c63f9edd65104079.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: c2eca0fe6ecb3f1512b5449e55f7e00190fbf4360f0ac0d03ade69e96335662a

Request headers

Accept: application/json;pk=BCpkADawqM3oAn6u6oEh0lUbIAxh5jUT4GXwJUNyZBLjK7gBQk4t1_bYmO61FA8FBiBTnD4poHVjSlkgYT3_UFbkA5o1wL-lYOBkoQeNnnqn8YDhmNkM-NBasczbCuvvvGy3yQADbjsRMzN2
Referer: https://www.tri-cityherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

bc-override-client-ip: 80.255.7.108
date: Tue, 24 Jan 2023 18:01:13 GMT
powered-from: eu-central-1b
bcov-request-id: 3b38884e-a89e-4f0d-a45f-f9938b64bca1
via: 1.1 varnish
age: 63
policy-key-accountid: 5615998027001
x-cache: HIT
powered-by: BC
content-length: 7840
x-served-by: cache-hhn-etou8220049-HHN
policy-key-raw: BCpkADawqM3oAn6u6oEh0lUbIAxh5jUT4GXwJUNyZBLjK7gBQk4t1_bYmO61FA8FBiBTnD4poHVjSlkgYT3_UFbkA5o1wL-lYOBkoQeNnnqn8YDhmNkM-NBasczbCuvvvGy3yQADbjsRMzN2
x-timer: S1674583274.846564,VS0,VE1
access-control-allow-methods: HEAD,GET,OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
cache-control: max-age=0, no-cache, no-store
account-status: APPROVED
accept-ranges: bytes
access-control-allow-headers: content-type,accept,accept-language,content-language,bcov-policy,soapaction
x-cache-hits: 1

GET
H2 200 6298085467001 Show response
edge.api.brightcove.com/playback/v1/accounts/5615998027001/videos/ 7 KB
8 KB 41ms
34ms Fetch
application/json 151.101.130.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.api.brightcove.com/playback/v1/accounts/5615998027001/videos/6298085467001
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/wps/build/webpack/videoStory.bundle-e7e9c63f9edd65104079.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: fda4b2621803a750891ca048224b0680e6db5d7ecf02e1fd44251dba472ae455

Request headers

Accept: application/json;pk=BCpkADawqM3oAn6u6oEh0lUbIAxh5jUT4GXwJUNyZBLjK7gBQk4t1_bYmO61FA8FBiBTnD4poHVjSlkgYT3_UFbkA5o1wL-lYOBkoQeNnnqn8YDhmNkM-NBasczbCuvvvGy3yQADbjsRMzN2
Referer: https://www.tri-cityherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

bc-override-client-ip: 217.113.44.206
date: Tue, 24 Jan 2023 18:01:13 GMT
powered-from: eu-central-1b
bcov-request-id: 21d12573-c1cc-4bd9-af81-5b5967d59eb9
via: 1.1 varnish
age: 1553
policy-key-accountid: 5615998027001
x-cache: HIT
powered-by: BC
content-length: 7631
x-served-by: cache-hhn-etou8220049-HHN
policy-key-raw: BCpkADawqM3oAn6u6oEh0lUbIAxh5jUT4GXwJUNyZBLjK7gBQk4t1_bYmO61FA8FBiBTnD4poHVjSlkgYT3_UFbkA5o1wL-lYOBkoQeNnnqn8YDhmNkM-NBasczbCuvvvGy3yQADbjsRMzN2
x-timer: S1674583274.847435,VS0,VE12
access-control-allow-methods: HEAD,GET,OPTIONS
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
cache-control: max-age=0, no-cache, no-store
account-status: APPROVED
accept-ranges: bytes
access-control-allow-headers: content-type,accept,accept-language,content-language,bcov-policy,soapaction
x-cache-hits: 1

GET
BLOB 200
OK b69532d2-39fb-4059-b52b-1aded834afdd Show response
https://www.tri-cityherald.com/ 370 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tri-cityherald.com/b69532d2-39fb-4059-b52b-1aded834afdd
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/noilosy-zb/tri-cityheraldcore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 742445e50be5ada45d584852bd5a1cb6dc44f04fdfe89d4447f912679ad49416

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Length: 370
Content-Type: [object object]

OPTIONS
H2 200 6319141331112
edge.api.brightcove.com/playback/v1/accounts/5615998027001/videos/ Frame 0
0 124ms
13ms Preflight 151.101.130.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.api.brightcove.com/playback/v1/accounts/5615998027001/videos/6319141331112
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: accept
Access-Control-Request-Method: GET
Origin: https://www.tri-cityherald.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: content-type,accept,accept-language,content-language,bcov-policy,soapaction
access-control-allow-methods: HEAD,GET,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
access-control-max-age: 86400
cache-control: max-age=0, no-cache, no-store
content-length: 0
date: Tue, 24 Jan 2023 18:01:13 GMT
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-hhn-etou8220049-HHN
x-timer: S1674583274.811049,VS0,VE1

OPTIONS
H2 200 6318931155112
edge.api.brightcove.com/playback/v1/accounts/5615998027001/videos/ Frame 0
0 123ms
12ms Preflight 151.101.130.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.api.brightcove.com/playback/v1/accounts/5615998027001/videos/6318931155112
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: accept
Access-Control-Request-Method: GET
Origin: https://www.tri-cityherald.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: content-type,accept,accept-language,content-language,bcov-policy,soapaction
access-control-allow-methods: HEAD,GET,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
access-control-max-age: 86400
cache-control: max-age=0, no-cache, no-store
content-length: 0
date: Tue, 24 Jan 2023 18:01:13 GMT
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-hhn-etou8220049-HHN
x-timer: S1674583274.811646,VS0,VE0

OPTIONS
H2 200 6298085467001
edge.api.brightcove.com/playback/v1/accounts/5615998027001/videos/ Frame 0
0 125ms
14ms Preflight 151.101.130.27
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.api.brightcove.com/playback/v1/accounts/5615998027001/videos/6298085467001
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.130.27 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: accept
Access-Control-Request-Method: GET
Origin: https://www.tri-cityherald.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

accept-ranges: bytes
access-control-allow-headers: content-type,accept,accept-language,content-language,bcov-policy,soapaction
access-control-allow-methods: HEAD,GET,OPTIONS
access-control-allow-origin: *
access-control-expose-headers: cache-control,content-type,powered-by,powered-from,via,x-cache,x-cache-hits,x-served-by,x-timer,bcov-debug-cache-stats,bcov-instance,x-amz-cf-id,Policy-Key-Geo-Countries,Policy-Key-Geo-Exclude-Countries,Policy-Key-IP-Whitelist,Account-Status,Policy-Key-Raw,Policy-Key-Domains,Policy-Key-Require-Ad-Config,Policy-Key-AccountID,BCOV-Request-ID,BCOV-Error-Code,soapaction
access-control-max-age: 86400
cache-control: max-age=0, no-cache, no-store
content-length: 0
date: Tue, 24 Jan 2023 18:01:13 GMT
retry-after: 0
server: Varnish
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 0
x-served-by: cache-hhn-etou8220049-HHN
x-timer: S1674583274.812317,VS0,VE0

GET
BLOB 200
OK 608e7c48-2cb4-4abd-be30-991467c321bf Show response
https://www.tri-cityherald.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tri-cityherald.com/608e7c48-2cb4-4abd-be30-991467c321bf
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/noilosy-zb/tri-cityheraldcore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 70ff993f7f07c41018317c99475a4558bdf0d206ad78256458ffc9afacfb55b2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK 4a5e172e-add1-4f8e-b1be-a8da925feebb Show response
https://www.tri-cityherald.com/ Frame 3608 327 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tri-cityherald.com/4a5e172e-add1-4f8e-b1be-a8da925feebb
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3674ab176b8eb986478e2d0b2fecdb526a3628bff2dcc48d0ff44e0e5df7c6c9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Length: 327
Content-Type: text/javascript

GET
BLOB 200
OK c76fed95-dda6-4961-9ca1-335fdf2e8f99 Show response
https://www.tri-cityherald.com/ Frame 81EF 344 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tri-cityherald.com/c76fed95-dda6-4961-9ca1-335fdf2e8f99
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d2535815833746fe6683a50cac72e5025b099db7b21e6a5b3896e01973c91050

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Length: 344
Content-Type: text/javascript

GET
BLOB 200
OK 1d3e3e9a-c691-4f2c-b8d2-2547d872d6af Show response
https://www.tri-cityherald.com/ Frame 6455 642 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tri-cityherald.com/1d3e3e9a-c691-4f2c-b8d2-2547d872d6af
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 484c737138f2ef20c099de8ca0813a81f11619e642d724d5a93ccc2488bbb313

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Length: 642
Content-Type: text/javascript

GET
BLOB 200
OK 6659c8c7-bca9-4a3e-aa37-f1dd7b07981c Show response
https://www.tri-cityherald.com/ Frame 9F7F 433 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tri-cityherald.com/6659c8c7-bca9-4a3e-aa37-f1dd7b07981c
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ad52f02bedef8c1ef921e2a1564a783d5296fc5dddfd2b9fe262b4b923f8c9f9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Length: 433
Content-Type: text/javascript

GET
BLOB 200
OK 46035300-c37e-40dc-9382-83339543d095 Show response
https://www.tri-cityherald.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tri-cityherald.com/46035300-c37e-40dc-9382-83339543d095
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/noilosy-zb/tri-cityheraldcore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4e52bdc22178e28fa03fde3ba2cd4e4b447452b7371b9d41b3924805a74243f0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
H2 200 pdp.gif
www.tri-cityherald.com/noilosy-zb/ 42 B
384 B 509ms
496ms Image
image/gif 2.21.186.235
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tri-cityherald.com/noilosy-zb/pdp.gif?k=eyJpZCI6Im1pX2FzX3RjaF8wNjg1NjU5ODMwOTI4MjU4MjI4NDAxNTE3OTAwNzQyOTEwMjc5N18xXzBfMTY3NDU4MzI3MzQ1NyIsImRvbUludGVyYWN0aXZlIjoyMTIxLCJyZXF1ZXN0U3RhcnQiOjEwNjR9
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.186.235 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-186-235.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:14 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 82579
content-length: 42
last-modified: Mon, 23 Jan 2023 18:09:25 GMT
server: MI
etag: "2a-5f2f24c9e3f40"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 460424990 51544515
content-type: image/gif
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=604799
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 p.js Show response
cdn.parsely.com/keys/tri-cityherald.com/ 66 KB
23 KB 121ms
26ms Script
application/javascript 13.225.85.39
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/tri-cityherald.com/p.js
Requested by: Host: www.tri-cityherald.com
URL: blob:https://www.tri-cityherald.com/608e7c48-2cb4-4abd-be30-991467c321bf
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.85.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-85-39.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 620cdff4c9861a52e5560bd877b5598f2162b2d55e2d3e088d8d0ddc5613eefb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: public
date: Tue, 24 Jan 2023 05:48:21 GMT
content-encoding: gzip
via: 1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)
last-modified: Wed, 16 Feb 2022 18:59:58 GMT
server: nginx
x-amz-cf-pop: FRA2-C2
age: 43971
etag: W/"620d49ae-1070e"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400, public
x-amz-cf-id: 0j8xkPpfs1FY03VI-j-bR-bD5BEovAwcM1eFrrC1J8SuadNsfsafkQ==
expires: Wed, 25 Jan 2023 05:48:21 GMT

GET
H2 200 i.js Show response
tag.wknd.ai/3747/ 16 KB
5 KB 109ms
29ms Script
text/plain 34.120.253.250
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.wknd.ai/3747/i.js
Requested by: Host: www.tri-cityherald.com
URL: blob:https://www.tri-cityherald.com/4a5e172e-add1-4f8e-b1be-a8da925feebb
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.253.250 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 250.253.120.34.bc.googleusercontent.com
Software: istio-envoy /
Resource Hash: 99dc72a348c88c26717b3f513e64c50ac6eb062c87c37abebbcbf3330287b25f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 17:50:37 GMT
content-encoding: gzip
via: 1.1 google
age: 636
x-envoy-upstream-service-time: 1
x-region: us-central1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4907
server: istio-envoy
etag: ee45d62b5ff77c
vary: Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=60
timing-allow-origin: *
link: <https://assets.bounceexchange.com>; rel=dns-prefetch, <https://events.bouncex.net>; rel=dns-prefetch, <https://api.bounceexchange.com>; rel=preconnect

GET
H2 200 beacon.js Show response
sb.scorecardresearch.com/ Frame 81EF 4 KB
2 KB 123ms
23ms Script
application/javascript 143.204.215.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.tri-cityherald.com
URL: blob:https://www.tri-cityherald.com/c76fed95-dda6-4961-9ca1-335fdf2e8f99
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-23.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 00:57:45 GMT
content-encoding: gzip
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
last-modified: Tue, 28 Jun 2022 13:19:23 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 61418
x-amz-server-side-encryption: AES256
etag: W/"eaf85c1c6758e84acfe134efd70e9373"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400
x-amz-cf-id: yVqZgIoqqPoNyNkkI9m_Ag5NRAj6_2bKxXs4c3BrsATvxYY-qFPMFQ==

GET
H/1.1 200
OK last-event-tag-latest.min.js Show response
www.everestjs.net/static/le/ Frame 6455 7 KB
3 KB 148ms
31ms Script
application/javascript 23.2.233.205
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.everestjs.net/static/le/last-event-tag-latest.min.js
Requested by: Host: www.tri-cityherald.com
URL: blob:https://www.tri-cityherald.com/1d3e3e9a-c691-4f2c-b8d2-2547d872d6af
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.2.233.205 Amsterdam, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-2-233-205.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: abb45ae4b3a896ae99132c1786a9676218c119ea552d3fbb5ab6d40d9e05e43c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Unused62: 8096267
x-amz-version-id: null
Content-Encoding: gzip
Date: Tue, 24 Jan 2023 18:01:13 GMT
Last-Modified: Wed, 16 Jun 2021 15:18:41 GMT
Server: AmazonS3
x-amz-request-id: MRT0XCBYXFJXZJPY
ETag: "d5991c18a0042eb33f92c6b5b44ffe8d"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2663
x-amz-id-2: OjfPa1guS4RFW7nYxselKG01B+8F7QUGlO0tNqTVfeuCELiwed15/9jtpzdmvrhnuAoAgz9v2X0=

GET
H2

200

ml.br.js Show response
js.matheranalytics.com/static/ltm/ma12095/all/10/ Frame 9F7F
Redirect Chain

https://js.matheranalytics.com/s/ma12095/74930803/all/ml.js?cb=1615
https://js.matheranalytics.com/static/ltm/ma12095/all/10/ml.br.js

147 KB
43 KB

28ms
25ms

Script
application/x-javascript

107.178.250.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.matheranalytics.com/static/ltm/ma12095/all/10/ml.br.js
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/
Protocol: H2
Server: 107.178.250.234 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 234.250.178.107.bc.googleusercontent.com
Software: nginx /
Resource Hash: 292ca9e09a900cde3c17a06720d49db893fc24582958ff8ebad02b22b1a5cbcb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 14:04:05 GMT
content-encoding: br
via: 1.1 google
last-modified: Tue, 01 Nov 2022 21:50:54 GMT
server: nginx
age: 14229
etag: "df0f26567e618c28df8235fe9b93c4ef"
vary: Accept-Encoding
x-cache: HIT Sun, 18 Dec 2022 06:15:12 GMT
content-type: application/x-javascript
cache-control: public,max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43649

Redirect headers

date: Tue, 24 Jan 2023 18:01:13 GMT
via: 1.1 google
server: nginx
vary: Accept-Encoding
location: https://js.matheranalytics.com/static/ltm/ma12095/all/10/ml.br.js
cache-control: public, max-age=269200
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-served-by: 4-gc-europe-west6-8j340957

GET
H/1.1 200
OK load.js Show response
s.ntv.io/serve/ 536 KB
149 KB 197ms
43ms Script
application/x-javascript 2.18.234.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/serve/load.js
Requested by: Host: www.tri-cityherald.com
URL: blob:https://www.tri-cityherald.com/46035300-c37e-40dc-9382-83339543d095
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-163.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: c6a2acafca2240ed410b27b91023f58e3a9196bad947f6b0ddd2aebde99cb5c3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 18:01:14 GMT
Content-Encoding: gzip
x-amz-request-id: TGMP16EJ3Z64ED7V
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: u8fazsiG1ypl2oEWku4PA8iB5wnpjxvTWcc04NdP9+NJ5X0rFjhapjmgl+cbSVVC3XGJNAZBAlI=
Last-Modified: Fri, 13 Jan 2023 18:33:34 GMT
Server: AmazonS3
ETag: "7dba2af09ac73f5bb0d756e3d509d2dd"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK htlbid-gdpr.js Show response
htldotbid.s3.amazonaws.com/build/fc070c7d-1cf6-4529-b43b-16d5c62d3095/ 402 KB
403 KB 456ms
145ms Script
application/javascript 52.216.50.225
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://htldotbid.s3.amazonaws.com/build/fc070c7d-1cf6-4529-b43b-16d5c62d3095/htlbid-gdpr.js
Requested by: Host: htlbid.com
URL: https://htlbid.com/v3/tri-cityherald.com/htlbid.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.50.225 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3f85ddbc783a8d4d564df27e2d86478593b3d47f594e2f31a64c25f1b2be93a1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 18:01:15 GMT
Last-Modified: Thu, 12 Jan 2023 02:03:38 GMT
Server: AmazonS3
x-amz-request-id: CZYZGAWQNYN8RCBJ
ETag: "d55468f29d8d0fc803629a719dbab86e"
Content-Type: application/javascript
Cache-Control: max-age=600
Accept-Ranges: bytes
Content-Length: 412087
x-amz-id-2: TxVWiQ91cVhrxI50oxdzho8bjO7J2qqd/5Lwm40N4zcsYURhvjFVpLQ90FchcrgU9xGn3jUVDRA=

GET image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/5615998027001/8710955d-63ea-4e4d-9696-749c7fea728f/6e65e6a5-fb9a-4b8a-986f-04862586e222/1280x720/match/ 0
0

GET
H/1.1 200
OK play-button.png
s3.amazonaws.com/cdn.jukeboxu.com/brightcove/nextgen/buttons/ 9 KB
9 KB 389ms
127ms Image
image/png 52.217.130.200
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cdn.jukeboxu.com/brightcove/nextgen/buttons/play-button.png
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.130.200 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 45f08f27c7337d189e8c31e635b5d0a0781b273131135cd77ee8b6f12366e7a2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 18:01:15 GMT
x-amz-version-id: null
Last-Modified: Wed, 22 Apr 2015 01:47:56 GMT
Server: AmazonS3
x-amz-request-id: CZYRHD6924ZW2Q9Z
ETag: "182516d4ba61695d505ca0bd246f63fb"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 8810
x-amz-id-2: lON2/kbg0Eqj7dHlI/g5EfVCHbDbPBK6oeWlayXI5Zr86x98id02Sti/+R4sh1+O69gAxiqM55M=

GET image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/jit/5615998027001/cc2319a9-8866-4b1c-9853-032158afb156/main/1280x720/3s750ms/match/ 0
0

GET
H/1.1 200
OK image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/jit/5615998027001/cc2319a9-8866-4b1c-9853-032158afb156/main/1280x720/3s750ms/match/ 51 KB
52 KB 33ms
28ms Image
image/jpeg 143.204.215.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.us-east-1.prod.boltdns.net/v1/jit/5615998027001/cc2319a9-8866-4b1c-9853-032158afb156/main/1280x720/3s750ms/match/image.jpg
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-30.fra53.r.cloudfront.net
Software: / BC
Resource Hash: 9e3335764540ad89b36e27c0e0c5a4d1e164c0ffefdb88007e01f745fc4fe790

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 13:06:51 GMT
Via: 1.1 d16428714e022976873ccc980fdc1288.cloudfront.net (CloudFront)
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
X-Amz-Cf-Pop: FRA53-C1
X-Powered-From: gantry
X-Powered-By: BC
Age: 17663
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
X-Amz-Cf-Id: lrVZ4bBSp6vyN7Ip08m9IeKhdKole78FcI7DZ0vp2MWfNY3-JcWiDg==
Expires: Wed, 24 Jan 2024 13:06:51 GMT

GET
H/1.1 200
OK image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/5615998027001/8710955d-63ea-4e4d-9696-749c7fea728f/6e65e6a5-fb9a-4b8a-986f-04862586e222/1280x720/match/ 271 KB
272 KB 49ms
26ms Image
image/jpeg 143.204.215.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.us-east-1.prod.boltdns.net/v1/static/5615998027001/8710955d-63ea-4e4d-9696-749c7fea728f/6e65e6a5-fb9a-4b8a-986f-04862586e222/1280x720/match/image.jpg
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-30.fra53.r.cloudfront.net
Software: / BC
Resource Hash: 50f06d05bc1a135363bdc7494362f903295660bffa41985313fb84fc26e87e52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sun, 22 Jan 2023 13:04:18 GMT
Via: 1.1 d16428714e022976873ccc980fdc1288.cloudfront.net (CloudFront)
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
X-Amz-Cf-Pop: FRA53-C1
X-Powered-From: gantry
X-Powered-By: BC
Age: 190616
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
X-Amz-Cf-Id: gmb_RzHMa9V-e1q_YMMdD-hDfaZDIAowH31zbK34lPo8pLoBNCJqZg==
Expires: Mon, 22 Jan 2024 13:04:18 GMT

GET
H/1.1 200
OK image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/5615998027001/8710955d-63ea-4e4d-9696-749c7fea728f/6e65e6a5-fb9a-4b8a-986f-04862586e222/1280x720/match/ 271 KB
272 KB 73ms
23ms Image
image/jpeg 143.204.215.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.us-east-1.prod.boltdns.net/v1/static/5615998027001/8710955d-63ea-4e4d-9696-749c7fea728f/6e65e6a5-fb9a-4b8a-986f-04862586e222/1280x720/match/image.jpg
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-30.fra53.r.cloudfront.net
Software: / BC
Resource Hash: 50f06d05bc1a135363bdc7494362f903295660bffa41985313fb84fc26e87e52

Request headers

Referer: https://www.tri-cityherald.com/
Origin: https://www.tri-cityherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 05:13:59 GMT
Via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
X-Amz-Cf-Pop: FRA53-C1
X-Powered-From: gantry
X-Powered-By: BC
Age: 46035
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
X-Amz-Cf-Id: Bj8RR3LU5nlaNYuCy6u0JOWftIs-i9BDQD9gEDhUZJDAP9mac83BiA==
Expires: Wed, 24 Jan 2024 05:13:59 GMT

GET
H/1.1 200
OK image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/jit/5615998027001/cc2319a9-8866-4b1c-9853-032158afb156/main/1280x720/3s750ms/match/ 51 KB
52 KB 91ms
23ms Image
image/jpeg 143.204.215.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.us-east-1.prod.boltdns.net/v1/jit/5615998027001/cc2319a9-8866-4b1c-9853-032158afb156/main/1280x720/3s750ms/match/image.jpg
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-30.fra53.r.cloudfront.net
Software: / BC
Resource Hash: 5b7a1d6931cbf188c5d1b0cfce85ae12021555ac95ebe5be8c1e3400682bb0d3

Request headers

Referer: https://www.tri-cityherald.com/
Origin: https://www.tri-cityherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 13:06:51 GMT
Via: 1.1 6080b2713e502211e152f21f5c59c5a6.cloudfront.net (CloudFront)
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
X-Amz-Cf-Pop: FRA53-C1
X-Powered-From: gantry
X-Powered-By: BC
Age: 17663
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
X-Amz-Cf-Id: e_1UBz6AfiTwdL5s1Zc6syGPFk4mI7uw57jcrI-K8_96JeSWP02Wxw==
Expires: Wed, 24 Jan 2024 13:06:51 GMT

GET
H/1.1 200
OK 6318931155112 Show response
publicapi.misitemgr.com/webapi-public/v2/publications/tri-cityherald/related/ 16 KB
16 KB 241ms
241ms Fetch
application/json 166.108.36.240
MCCLATCHY-CORP

General

Check archive.org

Show headers Download Go to

Full URL: https://publicapi.misitemgr.com/webapi-public/v2/publications/tri-cityherald/related/6318931155112
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/wps/build/webpack/videoStory.bundle-e7e9c63f9edd65104079.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 166.108.36.240 , United States, ASN6118 (MCCLATCHY-CORP, US),
Reverse DNS: vnet846.ejoco.com
Software: /
Resource Hash: 8ac1013b3476b49ba5c8757300938355559722d7b008901cf63fd398572e60a9

Request headers

Referer: https://www.tri-cityherald.com/
X-Forwarded-Host: www.tri-cityherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 18:01:15 GMT
Mi-Api: true
Vary: X-Forwarded-Host
Transfer-Encoding: chunked
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://www.tri-cityherald.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true

OPTIONS
H/1.1 200
OK 6318931155112
publicapi.misitemgr.com/webapi-public/v2/publications/tri-cityherald/related/ Frame 0
0 2063ms
135ms Preflight 166.108.36.240
MCCLATCHY-CORP

General

Check archive.org

Show headers Download Go to

Full URL: https://publicapi.misitemgr.com/webapi-public/v2/publications/tri-cityherald/related/6318931155112
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 166.108.36.240 , United States, ASN6118 (MCCLATCHY-CORP, US),
Reverse DNS: vnet846.ejoco.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-forwarded-host
Access-Control-Request-Method: GET
Origin: https://www.tri-cityherald.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Access-Control-Allow-Headers: X-Forwarded-Host
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: https://www.tri-cityherald.com
Access-Control-Max-Age: 86400
Cache-Control: no-cache
Content-Length: 0
Date: Tue, 24 Jan 2023 18:01:16 GMT
Vary: X-Forwarded-Host

OPTIONS
H/1.1 200
OK 6319141331112
publicapi.misitemgr.com/webapi-public/v2/publications/tri-cityherald/related/ Frame 0
0 2013ms
132ms Preflight 166.108.36.240
MCCLATCHY-CORP

General

Check archive.org

Show headers Download Go to

Full URL: https://publicapi.misitemgr.com/webapi-public/v2/publications/tri-cityherald/related/6319141331112
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 166.108.36.240 , United States, ASN6118 (MCCLATCHY-CORP, US),
Reverse DNS: vnet846.ejoco.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-forwarded-host
Access-Control-Request-Method: GET
Origin: https://www.tri-cityherald.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Access-Control-Allow-Headers: X-Forwarded-Host
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: https://www.tri-cityherald.com
Access-Control-Max-Age: 86400
Cache-Control: no-cache
Content-Length: 0
Date: Tue, 24 Jan 2023 18:01:15 GMT
Vary: X-Forwarded-Host

GET
H/1.1 200
OK 6319141331112 Show response
publicapi.misitemgr.com/webapi-public/v2/publications/tri-cityherald/related/ 18 KB
18 KB 245ms
242ms Fetch
application/json 166.108.36.240
MCCLATCHY-CORP

General

Check archive.org

Show headers Download Go to

Full URL: https://publicapi.misitemgr.com/webapi-public/v2/publications/tri-cityherald/related/6319141331112
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/wps/build/webpack/videoStory.bundle-e7e9c63f9edd65104079.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 166.108.36.240 , United States, ASN6118 (MCCLATCHY-CORP, US),
Reverse DNS: vnet846.ejoco.com
Software: /
Resource Hash: a14d957276e4c62ee1b1c3f6aa50ffb00e8432ce5888c5d19089b80a8bc271f3

Request headers

Referer: https://www.tri-cityherald.com/
X-Forwarded-Host: www.tri-cityherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 18:01:16 GMT
Mi-Api: true
Vary: X-Forwarded-Host
Transfer-Encoding: chunked
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://www.tri-cityherald.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true

GET
BLOB 200
OK d2e460a9-0f3c-4143-88a2-7e895ba5e5a3
https://www.tri-cityherald.com/ 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tri-cityherald.com/d2e460a9-0f3c-4143-88a2-7e895ba5e5a3
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d38236a3fa83635118b6b177bda2330ce7e5ce09a3e50d9f4a6933b2923c5af8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Length: 5543
Content-Type: application/javascript

GET
BLOB 200
OK 4e0218b5-4255-4050-ac7e-04283645a5d9
https://www.tri-cityherald.com/ 79 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tri-cityherald.com/4e0218b5-4255-4050-ac7e-04283645a5d9
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6942aa2d9cb977a25b9e503f731dd38210f0d0337b8b6783c5f9321924275261

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Length: 80442
Content-Type: application/javascript

GET
H2 200 bridge3.552.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 1880 703 KB
224 KB 27ms
20ms Document
text/html 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.552.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aeb8b6e67c3c02f20a0c010763e30fdb3e684144e5b93e508dfca1c3f0985187

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tri-cityherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 455113
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 228701
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Thu, 19 Jan 2023 11:36:01 GMT
expires: Fri, 19 Jan 2024 11:36:01 GMT
last-modified: Wed, 18 Jan 2023 17:45:22 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 251ms
102ms Script
text/javascript 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 24 Jan 2023 18:01:14 GMT

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 201ms
58ms Script
application/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.tri-cityherald.com

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
BLOB 200
OK 00b36f6b-7a97-4f0f-95bc-e42c2a338063
https://www.tri-cityherald.com/ 79 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tri-cityherald.com/00b36f6b-7a97-4f0f-95bc-e42c2a338063
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6942aa2d9cb977a25b9e503f731dd38210f0d0337b8b6783c5f9321924275261

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Length: 80442
Content-Type: application/javascript

GET
BLOB 200
OK f4cbd9e4-7645-40fc-ac18-0a5a60a4eb9a
https://www.tri-cityherald.com/ 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tri-cityherald.com/f4cbd9e4-7645-40fc-ac18-0a5a60a4eb9a
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d38236a3fa83635118b6b177bda2330ce7e5ce09a3e50d9f4a6933b2923c5af8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Length: 5543
Content-Type: application/javascript

GET
BLOB 200
OK 1f941d82-d678-412d-8bfc-77da3ad04dfa
https://www.tri-cityherald.com/ 79 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tri-cityherald.com/1f941d82-d678-412d-8bfc-77da3ad04dfa
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6942aa2d9cb977a25b9e503f731dd38210f0d0337b8b6783c5f9321924275261

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Length: 80442
Content-Type: application/javascript

GET
BLOB 200
OK c378aa90-396c-4751-b674-834bb329ad7e
https://www.tri-cityherald.com/ 79 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tri-cityherald.com/c378aa90-396c-4751-b674-834bb329ad7e
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6942aa2d9cb977a25b9e503f731dd38210f0d0337b8b6783c5f9321924275261

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Length: 80442
Content-Type: application/javascript

GET image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/5615998027001/60f3fcaf-e2f7-4722-8a80-2557f1af4019/bff8b7d0-2d44-48de-8dc2-e36e2dd4b52d/1280x720/match/ 0
0

GET
H/1.1 200
OK image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/5615998027001/60f3fcaf-e2f7-4722-8a80-2557f1af4019/bff8b7d0-2d44-48de-8dc2-e36e2dd4b52d/1280x720/match/ 317 KB
318 KB 44ms
36ms Image
image/jpeg 143.204.215.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.us-east-1.prod.boltdns.net/v1/static/5615998027001/60f3fcaf-e2f7-4722-8a80-2557f1af4019/bff8b7d0-2d44-48de-8dc2-e36e2dd4b52d/1280x720/match/image.jpg
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-30.fra53.r.cloudfront.net
Software: / BC
Resource Hash: 44b8303ce68f79cce6720b79e60c9ebbd51c58f40e40dbf6b3bc71a01ea371c8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sat, 21 Jan 2023 01:36:10 GMT
Via: 1.1 d16428714e022976873ccc980fdc1288.cloudfront.net (CloudFront)
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
X-Amz-Cf-Pop: FRA53-C1
X-Powered-From: gantry
X-Powered-By: BC
Age: 318304
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
X-Amz-Cf-Id: 4VtmBD-fXWGU1FWYBMx_rWu7bHHtoG5dMknASBafLqjuynjsz8EC6A==
Expires: Sun, 21 Jan 2024 01:36:10 GMT

GET
H/1.1 200
OK image.jpg
cf-images.us-east-1.prod.boltdns.net/v1/static/5615998027001/60f3fcaf-e2f7-4722-8a80-2557f1af4019/bff8b7d0-2d44-48de-8dc2-e36e2dd4b52d/1280x720/match/ 317 KB
318 KB 94ms
23ms Image
image/jpeg 143.204.215.30
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cf-images.us-east-1.prod.boltdns.net/v1/static/5615998027001/60f3fcaf-e2f7-4722-8a80-2557f1af4019/bff8b7d0-2d44-48de-8dc2-e36e2dd4b52d/1280x720/match/image.jpg
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.30 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-30.fra53.r.cloudfront.net
Software: / BC
Resource Hash: 44b8303ce68f79cce6720b79e60c9ebbd51c58f40e40dbf6b3bc71a01ea371c8

Request headers

Referer: https://www.tri-cityherald.com/
Origin: https://www.tri-cityherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Sat, 21 Jan 2023 01:36:10 GMT
Via: 1.1 4809763494a078a525dc1a2dff5ddf6c.cloudfront.net (CloudFront)
Last-Modified: Fri, 01 Jan 2016 00:00:00 GMT
X-Amz-Cf-Pop: FRA53-C1
X-Powered-From: gantry
X-Powered-By: BC
Age: 318304
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=31536000
Connection: keep-alive
X-Amz-Cf-Id: TP0Nt9B0E8tpoqRvlUHCOQRxKe5gEEXCrwNgMhE0SCGb90K_WhfUgA==
Expires: Sun, 21 Jan 2024 01:36:10 GMT

GET
H3 200 bridge3.552.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 5313 703 KB
223 KB 47ms
20ms Document
text/html 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.552.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aeb8b6e67c3c02f20a0c010763e30fdb3e684144e5b93e508dfca1c3f0985187

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tri-cityherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 455113
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 228701
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Thu, 19 Jan 2023 11:36:01 GMT
expires: Fri, 19 Jan 2024 11:36:01 GMT
last-modified: Wed, 18 Jan 2023 17:45:22 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H2 200 509 Show response
s953.tri-cityherald.com/DG/DEFAULT/rest/rpc/ 15 KB
5 KB 498ms
468ms XHR
application/json 2600:9000:2304:4e00:4:a557:4cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s953.tri-cityherald.com/DG/DEFAULT/rest/rpc/509?referer=https%3A%2F%2Fwww.tri-cityherald.com%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2023-01-24T18%3A01%3A14%2B00%3A00&ts=1674583274206

Requested by

Host: s953.tri-cityherald.com
URL: https://s953.tri-cityherald.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2304:4e00:4:a557:4cc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

- /

Resource Hash

ba7a432873593e5d79a785cce76f84c3af129d9347320e4f62063c202f2ae138

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tri-cityherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 24 Jan 2023 18:01:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 6183f44271d091c21804d467f8a4ce20.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: VIE50-P1
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 3507
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.tri-cityherald.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: RnTjG16x-HwZArVpEVGpCp-V86p_qGKmghdioUJioUaqw--mHSVYrw==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 6298085467001 Show response
publicapi.misitemgr.com/webapi-public/v2/publications/tri-cityherald/related/ 17 KB
17 KB 268ms
268ms Fetch
application/json 166.108.36.240
MCCLATCHY-CORP

General

Check archive.org

Show headers Download Go to

Full URL: https://publicapi.misitemgr.com/webapi-public/v2/publications/tri-cityherald/related/6298085467001
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/wps/build/webpack/videoStory.bundle-e7e9c63f9edd65104079.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 166.108.36.240 , United States, ASN6118 (MCCLATCHY-CORP, US),
Reverse DNS: vnet846.ejoco.com
Software: /
Resource Hash: 8f601d546607100a49775a3e45c56a9c53f2761fa1721b5b986c07c2e2a46a5d

Request headers

Referer: https://www.tri-cityherald.com/
X-Forwarded-Host: www.tri-cityherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 18:01:15 GMT
Mi-Api: true
Vary: X-Forwarded-Host
Transfer-Encoding: chunked
Content-Type: application/json;charset=UTF-8
Access-Control-Allow-Origin: https://www.tri-cityherald.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true

OPTIONS
H/1.1 200
OK 6298085467001
publicapi.misitemgr.com/webapi-public/v2/publications/tri-cityherald/related/ Frame 0
0 1790ms
135ms Preflight 166.108.36.240
MCCLATCHY-CORP

General

Check archive.org

Show headers Download Go to

Full URL: https://publicapi.misitemgr.com/webapi-public/v2/publications/tri-cityherald/related/6298085467001
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 166.108.36.240 , United States, ASN6118 (MCCLATCHY-CORP, US),
Reverse DNS: vnet846.ejoco.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: x-forwarded-host
Access-Control-Request-Method: GET
Origin: https://www.tri-cityherald.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Access-Control-Allow-Headers: X-Forwarded-Host
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: https://www.tri-cityherald.com
Access-Control-Max-Age: 86400
Cache-Control: no-cache
Content-Length: 0
Date: Tue, 24 Jan 2023 18:01:15 GMT
Vary: X-Forwarded-Host

GET
H2 200 main_078b5050025427da445c185cbaf38e87.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 382 KB
74 KB 136ms
22ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main_078b5050025427da445c185cbaf38e87.br.js
Requested by: Host: tag.wknd.ai
URL: https://tag.wknd.ai/3747/i.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: c0b61e87cb6ee339087d1a9fca8f2a485a8f77f6ad607993ab34dfafe88083aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:58:09 GMT
content-encoding: br
age: 97385
x-guploader-uploadid: ADPycdsQvTZc3qTdCBztwTjH_yM0-IcgDstHvf109wOBkRH3J5QqsHMI_ppDKHWY9An00Dz6iKawoFE0UKZYny4hiWDI_Te8_yC5
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 75477
last-modified: Mon, 23 Jan 2023 14:57:59 GMT
server: UploadServer
etag: "1c88483692499e0b10b408b1d0e03bd6"
x-goog-generation: 1674485879358855
x-goog-hash: crc32c=kIVlNA==, md5=HIhINpJJngsQtAix0OA71g==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 75477
accept-ranges: bytes
content-type: text/javascript
expires: Tue, 23 Jan 2024 14:58:09 GMT

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
258 B 241ms
51ms Image
image/gif 54.155.18.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1674583274362&plid=11371019&idsite=tri-cityherald.com&url=https%3A%2F%2Fwww.tri-cityherald.com%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22subscriber%22%3Afalse%7D&sid=1&surl=https%3A%2F%2Fwww.tri-cityherald.com%2F&sref=&sts=1674583274355&slts=0&title=Tri-Cities+WA+Breaking+News%2C+Sports+%26+Crime+%7C+Tri-City+Herald&date=Tue+Jan+24+2023+18%3A01%3A14+GMT%2B0000+(GMT)&action=pageview&pvid=61332496&u=pid%3Dcf4b2bc401b9911a34db9174062c3027
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.155.18.159 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-155-18-159.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 18:01:14 GMT
Cache-Control: no-cache
Last-Modified: Tuesday, 24-Jan-2023 18:01:14 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 204 b
sb.scorecardresearch.com/ Frame 81EF 0
191 B 28ms
28ms Image
text/plain 143.204.215.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b?c1=2&c2=6035363&cs_it=b3&cv=3.8.0.210223&ns__t=1674583274365&ns_c=UTF-8&ns_if=1&c7=https%3A%2F%2Fwww.tri-cityherald.com%2F&c8=Tri-Cities%20WA%20Breaking%20News%2C%20Sports%20%26%20Crime%20%7C%20Tri-City%20Herald&c9=https%3A%2F%2Fwww.tri-cityherald.com%2F
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.23 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-23.fra53.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:14 GMT
via: 1.1 b16802a1e349d80b7688070778305ae2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA53-C1
x-amz-cf-id: rUiaBGZFzumvksEvjZyLD8ISnaOanPBwfH7MjH-_jYyWqGVp8nH64A==
x-cache: Miss from cloudfront

GET
H2 200 / Show response
lasteventf-tm.everesttech.net/ Frame 6455 0
149 B 73ms
23ms XHR
text/plain 151.101.2.49
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://lasteventf-tm.everesttech.net/?_les_imsOrgId=3B6E35F15A82BBB00A495D91@AdobeOrg&_les_sdid=B6D3B54C8509443D-9E243BEF8E8FE9EB&_les_last_search_click=&_les_rsid=mccltallmcclatchy&_les_mid=06856598309282582284015179007429102797&_les_url=https%3A%2F%2Fwww.tri-cityherald.com%2F
Requested by: Host: www.everestjs.net
URL: https://www.everestjs.net/static/le/last-event-tag-latest.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Varnish /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-cache-hits: 0
date: Tue, 24 Jan 2023 18:01:14 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1674583274.425729,VS0,VE0
x-cache: MISS
content-type: text/plain
access-control-allow-origin: https://www.tri-cityherald.com
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 0
retry-after: 0
x-served-by: cache-hhn-etou8220050-HHN

POST
H2 200 interact Show response
edge.adobedc.net/ee/v1/ 587 B
417 B 302ms
274ms Fetch
application/json 15.236.117.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://edge.adobedc.net/ee/v1/interact?configId=462177a8-1012-4e47-aee6-a4f6f3154a6b&requestId=cf763c81-9509-4204-add9-28ba796efabf

Requested by

Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/noilosy-zb/tri-cityheraldcore.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.117.205 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-236-117-205.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

bb093a956863dcadc681ac2c80d93b73ed30c83cd246c6f30cff3af9c73f48e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tri-cityherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Tue, 24 Jan 2023 18:01:14 GMT
content-encoding: deflate
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-rate-limit-remaining: 599
x-adobe-edge: IRL1;6
x-xss-protection: 1; mode=block
x-request-id: cf763c81-9509-4204-add9-28ba796efabf
server: jag
vary: Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.tri-cityherald.com
access-control-expose-headers: Retry-After, X-Adobe-Edge, X-Request-ID
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
x-konductor: 23.1.39-HOTFIXOTEL:80fc9cec

POST
H2 200 interact Show response
edge.adobedc.net/ee/v1/ 522 B
403 B 289ms
262ms Fetch
application/json 15.236.117.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://edge.adobedc.net/ee/v1/interact?configId=462177a8-1012-4e47-aee6-a4f6f3154a6b&requestId=0b1d9229-65e2-4bc2-a238-16e0daac7bc5

Requested by

Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/noilosy-zb/tri-cityheraldcore.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.117.205 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-236-117-205.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

7062b06e6a15d9086fc982bdc80adaf4a620352798a29c3fbebea02a1a03960b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tri-cityherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain; charset=UTF-8

Response headers

date: Tue, 24 Jan 2023 18:01:14 GMT
content-encoding: deflate
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-rate-limit-remaining: 599
x-adobe-edge: IRL1;6
x-xss-protection: 1; mode=block
x-request-id: 0b1d9229-65e2-4bc2-a238-16e0daac7bc5
server: jag
vary: Origin
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.tri-cityherald.com
access-control-expose-headers: Retry-After, X-Adobe-Edge, X-Request-ID
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
x-konductor: 23.1.39-HOTFIXOTEL:80fc9cec

GET
BLOB 200
OK 4b7ea6c0-5dd6-466a-ba94-27d416a53146
https://www.tri-cityherald.com/ 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tri-cityherald.com/4b7ea6c0-5dd6-466a-ba94-27d416a53146
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d38236a3fa83635118b6b177bda2330ce7e5ce09a3e50d9f4a6933b2923c5af8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Length: 5543
Content-Type: application/javascript

GET
BLOB 200
OK f88bfc86-bae9-4d43-9537-d547467ec9b2
https://www.tri-cityherald.com/ 79 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tri-cityherald.com/f88bfc86-bae9-4d43-9537-d547467ec9b2
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6942aa2d9cb977a25b9e503f731dd38210f0d0337b8b6783c5f9321924275261

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Length: 80442
Content-Type: application/javascript

GET
BLOB 200
OK 4cc0b0e2-d475-4fff-9746-d93caa6159dc
https://www.tri-cityherald.com/ 79 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tri-cityherald.com/4cc0b0e2-d475-4fff-9746-d93caa6159dc
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6942aa2d9cb977a25b9e503f731dd38210f0d0337b8b6783c5f9321924275261

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Length: 80442
Content-Type: application/javascript

GET
H2 200 t Show response
jadserve.postrelease.com/ 1 KB
1 KB 383ms
124ms Script
text/javascript 54.88.76.203
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.tri-cityherald.com%2F&ntv_mvi
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.88.76.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-88-76-203.compute-1.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: 12765462420db56f855f3ea8bfcdd2e41f4ff0d3d4b397f34e9eb79f28aa3172

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 18:01:14 GMT
content-encoding: gzip
server: nginx/1.12.2
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 719
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H3 200 bridge3.552.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 9B6E 703 KB
223 KB 86ms
75ms Document
text/html 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.552.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aeb8b6e67c3c02f20a0c010763e30fdb3e684144e5b93e508dfca1c3f0985187

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tri-cityherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 455113
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 228701
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy: cross-origin
date: Thu, 19 Jan 2023 11:36:01 GMT
expires: Fri, 19 Jan 2024 11:36:01 GMT
last-modified: Wed, 18 Jan 2023 17:45:22 GMT
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ Frame 9F7F 43 B
245 B 672ms
115ms Image
image/gif 34.224.131.223
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=pv&page=ml&hier=_HomePage&ptype=homepage&pubname=Tri-City%20Herald&sec=Homepage&tv=js-3.0.160&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=10&tvcfg=all&tid=239e5100-5db3-46be-90bf-b13f832800ce&pid=94b9779c-438e-4670-bbaa-c79810ca3ef5&dtm=1674583274699&qnm=_matherq&visible=1&tabid=34bb6c7c-b55d-4bb2-95d8-96d2c9ed38b7&refr=https%3A%2F%2Fwww.tri-cityherald.com%2F&url=https%3A%2F%2Fwww.tri-cityherald.com%2F&vrefr=https%3A%2F%2Fwww.tri-cityherald.com%2F&vp=0x0&ds=0x0&tofa=1674583275&vid=1&lvidt=1674583275&duid=c3198a4c-259e-4a1f-af03-9ab47bc41973&fp=1279215348&cid=ma12095&mrk=74930803&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTY3NDU4MzI3MDU4NiIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIzMS4ybWIiLCJoZWFwVCI6IjM3LjNtYiIsImZzdFBhaW50IjoiMTkzNCIsImZldGNoUyI6Ijk1OSIsImRvbWFpblMiOiI5NTkiLCJkb21haW5FIjoiOTY0IiwiY29ublMiOiI5NjQiLCJjb25uRSI6IjEwNjIiLCJzc2xTIjoiOTk0IiwicmVxdVMiOiIxMDY0IiwicmVzcFMiOiIxMTYzIiwicmVzcEUiOiIxMTcyIiwiZG9tTG9hZCI6IjExNjciLCJkb21JbnRlciI6IjIxMjAiLCJkb21Mb2FkUyI6IjIyNzAiLCJkb21Mb2FkRSI6IjI0ODcifX0
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.224.131.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-224-131-223.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date: Tue, 24 Jan 2023 18:01:15 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 d8cf36068224138c20368ac2fb7b41ad Show response
s953.tri-cityherald.com/plugin/plugin/ 43 KB
11 KB 35ms
35ms Script
text/javascript 2600:9000:2304:4e00:4:a557:4cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s953.tri-cityherald.com/plugin/plugin/d8cf36068224138c20368ac2fb7b41ad

Requested by

Host: s953.tri-cityherald.com
URL: https://s953.tri-cityherald.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2304:4e00:4:a557:4cc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

- /

Resource Hash

443ea90e810ffee25d145c79c559053ccd324d49ebac3bf75a276fe5be019a6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 17:35:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 6183f44271d091c21804d467f8a4ce20.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: VIE50-P1
age: 1518
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 10762
x-xss-protection: 1; mode=block
last-modified: Mon, 23 Jan 2023 17:35:56 GMT
server: -
etag: d8cf36068224138c20368ac2fb7b41ad
content-type: text/javascript; charset=utf-8
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag: noindex, nofollow
x-amz-cf-id: 34pj0YfLMZKkXjd-WqC6_BMxSJivVSXcK_xG_VjLM2iHvytuAPiMZA==
expires: Wed, 24 Jan 2024 17:35:56 GMT

GET
BLOB 200
OK 8c81aed0-7e6e-486b-beb1-437b9a2ebcc6 Show response
https://www.tri-cityherald.com/ 394 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tri-cityherald.com/8c81aed0-7e6e-486b-beb1-437b9a2ebcc6
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/noilosy-zb/tri-cityheraldcore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 05e470e14af2a774d5a01cc8a34f5446abd655ad4172a0ff55d6dc38ab66c53a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Length: 394
Content-Type: [object object]

GET
H2 200 config.js Show response
cdn.confiant-integrations.net/awMxVZLpNW6K6EG6WC5S8oR_a68/gpt_and_prebid/ 166 KB
37 KB 240ms
171ms Script
text/javascript 2606:4700::6812:116b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/awMxVZLpNW6K6EG6WC5S8oR_a68/gpt_and_prebid/config.js
Requested by: Host: htldotbid.s3.amazonaws.com
URL: https://htldotbid.s3.amazonaws.com/build/fc070c7d-1cf6-4529-b43b-16d5c62d3095/htlbid-gdpr.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:116b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff9162cf5ac6d80acf12216be212ed691a1fe9e8242585668c0fa329b68d2fe3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:15 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Tue, 24 Jan 2023 17:49:07 GMT
server: cloudflare
x-amz-request-id: 3D1BFEGKYSKDJD5V
etag: W/"079f68229ad2983df859c866c5401239"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900, stale-while-revalidate=3600
cf-ray: 78eaac5dfc752bc0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: ubgAzg04T5VRhN/0tsY5nE7z2NCE0TkcNDTfWEMMAsu7PJi+mPd+Mc5GE1IvXs5ZhLspuTiOCVI=

GET
H2 200 launchpad-liveramp.js Show response
launchpad-wrapper.privacymanager.io/11d88664-2cc9-41ec-b61a-fc789bcde449/ 4 KB
2 KB 84ms
21ms Script
text/javascript 65.9.66.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://launchpad-wrapper.privacymanager.io/11d88664-2cc9-41ec-b61a-fc789bcde449/launchpad-liveramp.js
Requested by: Host: htldotbid.s3.amazonaws.com
URL: https://htldotbid.s3.amazonaws.com/build/fc070c7d-1cf6-4529-b43b-16d5c62d3095/htlbid-gdpr.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.66 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-66.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e209665ef10fbcc77c20dd867a90137fb6b9bc60c329902c4965a54d2e0991e2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: 47QRCxTQt2e9qy4D96IcAsdRmh05c1m5
content-encoding: gzip
via: 1.1 cae542650fb32c773cc494fc6e7e71e6.cloudfront.net (CloudFront)
date: Tue, 24 Jan 2023 06:18:40 GMT
x-amz-cf-pop: FRA56-C1
age: 43720
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-disposition: attachment; filename="launchpad-liveramp.js"
last-modified: Tue, 15 Nov 2022 16:44:12 GMT
server: AmazonS3
etag: W/"73a56538e9ed017baf947221f1265765"
vary: Accept-Encoding
content-type: text/javascript
x-amz-cf-id: uj85eqnD6DIBpdvbK3V_MibczHOeBBIgJ2Xw5fbyzxH1xguGfS-uQA==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 81 KB
28 KB 126ms
55ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: htldotbid.s3.amazonaws.com
URL: https://htldotbid.s3.amazonaws.com/build/fc070c7d-1cf6-4529-b43b-16d5c62d3095/htlbid-gdpr.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7bf1737363890f1829c6613d823d6ba755cf268596e6d6d35d1ea07b4c72f27e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27809
x-xss-protection: 0
server: sffe
etag: "1461 / 182 of 1000 / last-modified: 1674562265"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 24 Jan 2023 18:01:15 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 179 KB
45 KB 84ms
25ms Script
application/javascript 13.32.28.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: htldotbid.s3.amazonaws.com
URL: https://htldotbid.s3.amazonaws.com/build/fc070c7d-1cf6-4529-b43b-16d5c62d3095/htlbid-gdpr.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-28-197.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a1a74eef6e94e2e8414e313d3dac9c34b11fccf52909e9eb833ce2cf70ced650

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 17:43:00 GMT
content-encoding: gzip
via: 1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront), 1.1 b25bc331cb2e5e7e25d9488f5ecdc940.cloudfront.net (CloudFront)
last-modified: Thu, 19 Jan 2023 20:39:27 GMT
server: AmazonS3
x-amz-cf-pop: FRA60-P1, FRA56-C2
age: 1096
x-amz-server-side-encryption: AES256
etag: W/"09722bdf068e1f62e3d9a9e39a8dde87"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: VvPAw52DoeTC2yH0W5oHWYyRe-znUrqXYrTyf5k3FD7j_Pdbvi0WNA==

GET
H2 200 inbox_6424cb18bd68fadd3f1395637e663bb8.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 73 KB
19 KB 32ms
29ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/inbox_6424cb18bd68fadd3f1395637e663bb8.br.js
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main_078b5050025427da445c185cbaf38e87.br.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 78d566d84342550fc2075fb4016094a423cb9b717d481ee34fc634c079ceff0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 10 Jan 2023 17:18:41 GMT
content-encoding: br
age: 1212154
x-guploader-uploadid: ADPycduUQx3AuHaPu7n_HhcRD34Nfb7PEk4c-B1ZbUVgz4GcTtZSX64M-LPexuoiIlZl-6b-SUX598D-VGzp52_G9d-SAn1Z7Yzu
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19183
last-modified: Tue, 10 Jan 2023 17:18:34 GMT
server: UploadServer
etag: "28a270a5e8e0b25e86a05cb43a8e0359"
x-goog-generation: 1673371113979807
x-goog-hash: crc32c=FvXyjQ==, md5=KKJwpejgsl6GoFy0Oo4DWQ==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 19183
accept-ranges: bytes
content-type: text/javascript
expires: Wed, 10 Jan 2024 17:18:41 GMT

GET
H2 200 onsite_4d0277aa0c520578d117528df8e902db.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 162 KB
35 KB 37ms
35ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/onsite_4d0277aa0c520578d117528df8e902db.br.js
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main_078b5050025427da445c185cbaf38e87.br.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: e1816c058d2ab84b1cb1962de47772e47d5182b58309e43ddab5b5aebbde3f82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:58:13 GMT
content-encoding: br
age: 97382
x-guploader-uploadid: ADPycdte9YrIm9acm4Vy3-pwY4t3KaNx_tXJkiIYM85jv2S10_grKB5NF9KH1nDmFJF1FHR2VybErwdF0fcRRJZAGj7-EqVht36U
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35105
last-modified: Mon, 23 Jan 2023 14:58:02 GMT
server: UploadServer
etag: "6449ad73754f9d4f33188189003b9ec1"
x-goog-generation: 1674485882728981
x-goog-hash: crc32c=n6iWdA==, md5=ZEmtc3VPnU8zGIGJADuewQ==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 35105
accept-ranges: bytes
content-type: text/javascript
expires: Tue, 23 Jan 2024 14:58:13 GMT

GET
H2 200 ads_b7e32744b86fbe4b0f8dda236286fc67.br.js Show response
assets.bounceexchange.com/assets/smart-tag/versioned/ 383 KB
71 KB 63ms
61ms Script
text/javascript 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/ads_b7e32744b86fbe4b0f8dda236286fc67.br.js
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main_078b5050025427da445c185cbaf38e87.br.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 306918a1799397fbdb4eb6b7e6d7f0bd08ac794582e53c2e84f0a96e07faedf5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 14:58:05 GMT
content-encoding: br
age: 97390
x-guploader-uploadid: ADPycdtrbOx_R5__PmIYeVibFyrdc35d2YkdvEdvbZRJ2okVXCDplk2GP_aFN3cQbU7kVTaPQPmUtiTKd9Se9PqOVpFz1p6X-YdA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 72641
last-modified: Mon, 23 Jan 2023 14:57:52 GMT
server: UploadServer
etag: "0fe6762f09c353827cb4fae78efa0077"
x-goog-generation: 1674485872359484
x-goog-hash: crc32c=OqZklg==, md5=D+Z2LwnDU4J8tPrnjvoAdw==
access-control-allow-origin: *
access-control-expose-headers: etag, Content-Type
cache-control: public,max-age=31536000
x-goog-stored-content-length: 72641
accept-ranges: bytes
content-type: text/javascript
expires: Tue, 23 Jan 2024 14:58:05 GMT

GET
H3 200 f2d57955d1a7dec16ffb51175d7a6a9a.br.json Show response
assets.bounceexchange.com/assets/gam/7675/ 73 KB
18 KB 114ms
36ms Fetch
text/plain 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/gam/7675/f2d57955d1a7dec16ffb51175d7a6a9a.br.json
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main_078b5050025427da445c185cbaf38e87.br.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 5d29807d19d4f4a82e07149787abd0ad571145e5cc44f613533ee43d888598fb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 14:02:49 GMT
content-encoding: br
age: 14306
x-guploader-uploadid: ADPycdtjNtSO6gOd4kWEaZ5kZ8ypbmfRzeMnm7-oCy9FY2ncwjZrqc-lqADLFH4UlZDmovAg-VFtHEegCRUb5PT5ETR2ajXMStgq
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: br
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18679
last-modified: Tue, 24 Jan 2023 14:01:44 GMT
server: UploadServer
etag: "8c0a26328c50f8d5b556a90ff87824dd"
x-goog-generation: 1674568904700907
x-goog-hash: crc32c=rLgerQ==, md5=jAomMoxQ+NW1VqkP+Hgk3Q==
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace, etag
cache-control: public,max-age=31536000
x-goog-stored-content-length: 18679
accept-ranges: bytes
content-type: text/plain; charset=UTF-8
expires: Wed, 24 Jan 2024 14:02:49 GMT

GET
DATA 200
OK truncated
/ Frame 9B6E 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 pdp.gif
www.tri-cityherald.com/noilosy-zb/ 42 B
384 B 302ms
274ms Image
image/gif 2.21.186.235
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tri-cityherald.com/noilosy-zb/pdp.gif?z=eyJpZCI6Im1pX2FzX3RjaF8wNjg1NjU5ODMwOTI4MjU4MjI4NDAxNTE3OTAwNzQyOTEwMjc5N18xXzBfMTY3NDU4MzI3MzQ1NyIsInBsYXllcnMiOlsidmlkZW8tZ2FsbGVyeSIsInZpZGVvLWdhbGxlcnkiLCJ2aWRlby1nYWxsZXJ5Il19
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.186.235 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-186-235.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:15 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 82580
content-length: 42
last-modified: Mon, 23 Jan 2023 18:09:25 GMT
server: MI
etag: "2a-5f2f24c9e3f40"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 450397445 51544515
content-type: image/gif
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=604800
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9B6E 0
442 B 179ms
123ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?aot=ib&tte=f&lid=158&sdkv=h.3.552.0&id=ima_html5&c=3217682291682065&domain=www.tri-cityherald.com

Requested by

Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 18:01:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9B6E 0
56 B 151ms
125ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?mode=1&lid=41&sdkv=h.3.552.0&id=ima_html5&c=3217682291682065&domain=www.tri-cityherald.com

Requested by

Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 18:01:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9B6E 0
56 B 153ms
128ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?native=f&gdpr=f&tcStrValid=f&lid=165&sdkv=h.3.552.0&e=44748969%2C44750824%2C44765701%2C44777648&id=ima_html5&c=3217682291682065&domain=www.tri-cityherald.com

Requested by

Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 18:01:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9B6E 0
56 B 152ms
127ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?delay=0&vpaidadapter=f&request_type=xfp&ctv=0&lid=6&sdkv=h.3.552.0&e=44748969%2C44750824%2C44765701%2C44777648&id=ima_html5&c=3217682291682065&domain=www.tri-cityherald.com

Requested by

Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 18:01:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9B6E 0
56 B 153ms
128ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?step=sendingMessage&logid=0.8116435094836758&time=1674583275380&lid=43&sdkv=h.3.552.0&e=44748969%2C44750824%2C44765701%2C44777648&id=ima_html5&c=3217682291682065&domain=www.tri-cityherald.com

Requested by

Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 18:01:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 03a06fc7d739ae4e0d1f99cb81057790 Show response
s953.tri-cityherald.com/plugin/library/ 126 KB
41 KB 37ms
36ms Script
text/javascript 2600:9000:2304:4e00:4:a557:4cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s953.tri-cityherald.com/plugin/library/03a06fc7d739ae4e0d1f99cb81057790

Requested by

Host: s953.tri-cityherald.com
URL: https://s953.tri-cityherald.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2304:4e00:4:a557:4cc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

- /

Resource Hash

0ba7d8effc7309dce7b36d4f0f0ae486edbc0b0a88030a8dc1831767b0031ed1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 17:35:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 6183f44271d091c21804d467f8a4ce20.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: VIE50-P1
age: 1519
x-cache: Hit from cloudfront
p3p: policyref="", CP="DSP"
content-length: 41754
x-xss-protection: 1; mode=block
last-modified: Mon, 23 Jan 2023 17:35:56 GMT
server: -
etag: 03a06fc7d739ae4e0d1f99cb81057790
content-type: text/javascript; charset=utf-8
cache-control: public, no-cache="Set-Cookie", max-age=31536000
x-robots-tag: noindex, nofollow
x-amz-cf-id: -GK2p9q862DsovxmDlpFsKF092-b0nqvie118xqWAaYqP9MF_T39RA==
expires: Wed, 24 Jan 2024 17:35:56 GMT

POST
H2 200 LB-Zone-3 Show response
s953.tri-cityherald.com/DG/DEFAULT/rest/rpc/509/ 1 KB
1 KB 453ms
452ms XHR
application/json 2600:9000:2304:4e00:4:a557:4cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://s953.tri-cityherald.com/DG/DEFAULT/rest/rpc/509/LB-Zone-3?referer=https%3A%2F%2Fwww.tri-cityherald.com%2F&bcsessionid=&bctempid=410f72d4-89c7-4156-8f1a-faba2c506f62&overruleReferrer=&time=2023-01-24T18%3A01%3A15%2B00%3A00&ts=1674583275415

Requested by

Host: s953.tri-cityherald.com
URL: https://s953.tri-cityherald.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2304:4e00:4:a557:4cc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

- /

Resource Hash

7ae7c69875eee557f7b1a30b09286ebb8a3206be86a0c7aaebb90b36f9c5c510

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tri-cityherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 24 Jan 2023 18:01:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 6183f44271d091c21804d467f8a4ce20.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: VIE50-P1
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 524
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.tri-cityherald.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: U3rDUQpQa98jjV-BS3gR8NlF7_mHchsZkVzGbxqw8cRRlKPOn2uWeg==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 1880 3 KB
1 KB 165ms
69ms XHR
text/xml 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?ad_type=video&client=ca-video-pub-3446305859157241&env=vp&gdfp_req=1&unviewed_position_start=1&output=xml_vast4&sz=400x300&url=https%3A%2F%2Fwww.tri-cityherald.com%2F&correlator=1848211492359730&adsafe=high&videoad_start_delay=0&max_ad_duration=30000&sdmax=120000&vpa=click&vpmute=0&adtest=false&ciu_szs=300x250&iu=%2F7675%2FTCY.site_tri-cityherald%2F_HomePage&hl=en&cmsid=2476005&description_url=https%3A%2F%2Fwww.tri-cityherald.com%2Fnews%2Flocal%2Farticle271401417.html&vid_t=Mid-Columbia%20Meals%20on%20Wheels%20offering%20more%20to%20Tri-City%20seniors&vid=6318931155112&cust_params=sec_sect%3D32887%26topic%3D%26vpa%3D0%26vpmute%3D0&sdkv=h.3.552.0&osd=2&frm=0&vis=1&sdr=1&afvsz=200x200%2C250x250&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=p&ctv=0&mpt=videojs-ima&mpv=2.0.0&sdki=445&ptt=20&adk=1222550575&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.552.0&media_url=blob%3Ahttps%253a%2F%2Fwww.tri-cityherald.com%2F04455f48-4402-4851-93f3-e43505c98e41&sid=C8D9E093-148B-4429-BF9E-CBEC302FD3FA&nel=0&eid=44748969%2C44750824%2C44765701%2C44777648&dlt=1674583271753&idt=3076&dt=1674583275424&cookie_enabled=1&scor=3355907564143143&ged=ve4_td3_tt0_pd3_la3000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.552.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3c17de4dcab73444b22380cca2773bc8fb69e2b424f1e3b469e922d6bb3ad84b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 957
x-xss-protection: 0
google-lineitem-id: 0
pragma: no-cache
server: cafe
google-creative-id: 0
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 5313 3 KB
2 KB 151ms
68ms XHR
text/xml 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?ad_type=video&client=ca-video-pub-3446305859157241&env=vp&gdfp_req=1&unviewed_position_start=1&output=xml_vast4&sz=400x300&url=https%3A%2F%2Fwww.tri-cityherald.com%2F&correlator=2824069698711811&adsafe=high&videoad_start_delay=0&max_ad_duration=30000&sdmax=120000&vpa=click&vpmute=0&adtest=false&ciu_szs=300x250&iu=%2F7675%2FTCY.site_tri-cityherald%2F_HomePage&hl=en&cmsid=2476005&description_url=https%3A%2F%2Fwww.tri-cityherald.com%2Fnews%2Flocal%2Farticle271532027.html&vid_t=Kennewick%20Police%20investigating%20possible%20vehicle%20arson&vid=6319141331112&cust_params=sec_sect%3D32887%26topic%3D%26vpa%3D0%26vpmute%3D0&sdkv=h.3.552.0&osd=2&frm=0&vis=1&sdr=1&afvsz=200x200%2C250x250%2C300x250%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&mpt=videojs-ima&mpv=2.0.0&sdki=445&ptt=20&adk=2838059398&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.552.0&media_url=blob%3Ahttps%253a%2F%2Fwww.tri-cityherald.com%2F0f79e246-f0a6-4d19-a20e-acc5adc4feac&sid=C8D9E093-148B-4429-BF9E-CBEC302FD3FA&nel=0&eid=44748969%2C44750824%2C44765701%2C44777648&dlt=1674583271753&idt=3161&dt=1674583275439&cookie_enabled=1&scor=2096234891298662&ged=ve4_td3_tt0_pd3_la3000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.552.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9598d17007ef46d7b9f8ecf056e06747eaa45f9df2704c59bfb0eaf82361d076

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 976
x-xss-protection: 0
google-lineitem-id: 0
pragma: no-cache
server: cafe
google-creative-id: 0
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
426 B 121ms
119ms Image
image/gif 54.88.76.203
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=8849832&ntv_pl=1092963
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.88.76.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-88-76-203.compute-1.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 18:01:15 GMT
server: nginx/1.12.2
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
426 B 122ms
121ms Image
image/gif 54.88.76.203
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=2ddfe000-2cb8-4966-9079-b0a4857513b8&ntv_fl=pe8H033pZb_ldOWvRW2JyCPfoxknPFgzeljpSIcuUlzA_4zY4gqR2bT0QipdpN8DQ-gvKR6DjndzXgyhy5HbbWFZzRDrGsNmh6UXuAkwVAciGwYkEdaqjA-TjXFiuUWmsiWPVjHd_6-TCncSeFxjDWJx8YWwZyFdsVFuiHk05JKQMUoTMOmkAYJBQ-P3yiWi&ntv_ht=6hzQYwA&ntv_at=303,302&ntv_a=AAAAAAAAAAY60QA&ord=1674583275454&ntv_it
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.88.76.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-88-76-203.compute-1.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 18:01:15 GMT
server: nginx/1.12.2
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 gdprConsent
jadserve.postrelease.com/ 43 B
426 B 121ms
120ms Image
image/gif 54.88.76.203
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/gdprConsent?ntv_pl=1092963&ntv_gdpr_consent=&ntv_it
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.88.76.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-88-76-203.compute-1.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 18:01:15 GMT
server: nginx/1.12.2
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9B6E 0
56 B 140ms
135ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?step=receivedResponse&time=1674583275530&timeout=f&logid=0.8116435094836758&timediff=150&lid=43&sdkv=h.3.552.0&e=44748969%2C44750824%2C44765701%2C44777648&id=ima_html5&c=3217682291682065&domain=www.tri-cityherald.com

Requested by

Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 18:01:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9B6E 0
56 B 138ms
133ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?rt=xfp&lid=17&sdkv=h.3.552.0&e=44748969%2C44750824%2C44765701%2C44777648&id=ima_html5&c=3217682291682065&domain=www.tri-cityherald.com

Requested by

Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 18:01:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9B6E 0
56 B 135ms
135ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?contentLocation=flat&lid=160&sdkv=h.3.552.0&e=44748969%2C44750824%2C44765701%2C44777648&id=ima_html5&c=3217682291682065&domain=www.tri-cityherald.com

Requested by

Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 18:01:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pubads.g.doubleclick.net/gampad/ Frame 9B6E 3 KB
1 KB 66ms
65ms XHR
text/xml 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pubads.g.doubleclick.net/gampad/ads?ad_type=video&client=ca-video-pub-3446305859157241&env=vp&gdfp_req=1&unviewed_position_start=1&output=xml_vast4&sz=400x300&url=https%3A%2F%2Fwww.tri-cityherald.com%2F&correlator=2908521571940056&adsafe=high&videoad_start_delay=0&max_ad_duration=30000&sdmax=120000&vpa=click&vpmute=0&adtest=false&ciu_szs=300x250&iu=%2F7675%2FTCY.site_tri-cityherald%2F_HomePage&hl=en&cmsid=2476005&description_url=https%3A%2F%2Fwww.tri-cityherald.com%2Flatest-news%2Farticle258556713.html&vid_t=Tips%20to%20avoid%20construction%20fraud%20and%20scams&vid=6298085467001&cust_params=sec_sect%3D7095%2C32887%26topic%3D%26vpa%3D0%26vpmute%3D0&sdkv=h.3.552.0&osd=2&frm=0&vis=1&sdr=1&afvsz=200x200%2C250x250&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=p&ctv=0&mpt=videojs-ima&mpv=2.0.0&sdki=445&ptt=20&adk=1011994663&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.552.0&media_url=blob%3Ahttps%253a%2F%2Fwww.tri-cityherald.com%2Fb2ac8418-ab69-450e-91bf-c9230f1789d0&sid=C8D9E093-148B-4429-BF9E-CBEC302FD3FA&nel=0&eid=44748969%2C44750824%2C44765701%2C44777648&dt=1674583275535&cookie_enabled=1&scor=941541060125587&ged=ve4_td3_tt0_pd3_la3000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.552.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8a8ab93e684363cca3ff93141a00b9a09dc95e42f7429b1a095a9f1c3ee0dfc1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:15 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 955
x-xss-protection: 0
google-lineitem-id: 0
pragma: no-cache
server: cafe
google-creative-id: 0
content-type: text/xml; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 launchpad.bundle.js Show response
launchpad.privacymanager.io/1/ 25 KB
8 KB 84ms
21ms Script
application/x-javascript 13.32.27.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://launchpad.privacymanager.io/1/launchpad.bundle.js
Requested by: Host: launchpad-wrapper.privacymanager.io
URL: https://launchpad-wrapper.privacymanager.io/11d88664-2cc9-41ec-b61a-fc789bcde449/launchpad-liveramp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.27.70 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-27-70.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e3b9d318b3157ccbfc3bb00e82a446613294f9a592c01537662386bd848882b7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: IBczV1acfLsLLKzHm11PkizTXPxE9_cH
content-encoding: br
via: 1.1 e6959f77d21557f69683da8f0cd5578a.cloudfront.net (CloudFront)
date: Tue, 24 Jan 2023 17:15:48 GMT
x-amz-cf-pop: FRA56-C2
age: 2728
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/LaunchPadLibraryBuild-prod:f09170b2-5416-4e55-be91-38e5eec207ec
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: a78f2a5a4864424e54348ce47b156abb
last-modified: Thu, 10 Mar 2022 13:10:48 GMT
server: AmazonS3
etag: W/"3e312624cdc2445a38a716f92dc3c0cd"
vary: Accept-Encoding
content-type: application/x-javascript
x-amz-meta-codebuild-content-sha256: e4ad213b137401d20a50fe1692169cc5f8b39867b6fe39afed7e307e1b9c967e
cache-control: must-revalidate,public,max-age=3600
x-amz-cf-id: qU0e8K7AWQAYZfniRyktuIi8wzi6GmvnH5h8rg0NRGYX-S07DINFpw==

GET
H2 200 pubads_impl_2023011901.js Show response
securepubads.g.doubleclick.net/gpt/ 385 KB
130 KB 22ms
19ms Script
text/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071839

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

506232725b472834278e60634b4137a0358256051a6fb7f6f03582964e756de9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 17:08:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3192
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 133253
x-xss-protection: 0
last-modified: Thu, 19 Jan 2023 09:34:48 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 24 Jan 2024 17:08:03 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 291 B
165 B 102ms
57ms XHR
application/json 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.tri-cityherald.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ad8416d71fc033c5f99a818ca197a8bbdb7b58557c88bd57950b2858100da0cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:15 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 140
x-xss-protection: 0
expires: Tue, 24 Jan 2023 18:01:15 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 98ms
23ms XHR
application/javascript 13.32.28.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-28-197.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: 1R3b4YI9dI20q9Y7Gq1DHxVUnq3Fp2gn
content-encoding: gzip
via: 1.1 a7631312afe99e40229aa0da70662112.cloudfront.net (CloudFront)
date: Tue, 24 Jan 2023 18:01:15 GMT
x-amz-cf-pop: FRA56-C2
age: 39059
x-cache: Hit from cloudfront
last-modified: Fri, 23 Dec 2022 01:05:48 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: FP76smZFOY4mELeI9xmhS-HFva8muTooJj-pXs2yhVrd2_itofKDZg==

GET
H2 200 wrap.js Show response
cdn.confiant-integrations.net/gptprebidnative/202212211045/ 216 KB
68 KB 53ms
51ms Script
application/javascript 2606:4700::6812:116b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/gptprebidnative/202212211045/wrap.js
Requested by: Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/awMxVZLpNW6K6EG6WC5S8oR_a68/gpt_and_prebid/config.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:116b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b59e31aeaca17f052e5e16fa1713cb48d45997454c26ae2876302420b77751c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:15 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 21 Dec 2022 15:47:15 GMT
server: cloudflare
x-amz-request-id: 0FFB18QNAARP6GSD
age: 1037721
etag: W/"fa407ba001f2ac06196124f41d523471"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 78eaac60cad52bc0-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: DW2dGSr5+LiEQqc+1WKQPOfVXNujKuX8uqkd/xboOZb5ctxwFbudPVObP6wNBnc0m1iDqmh1cug=

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9B6E 0
20 B 126ms
122ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?vmap=f&lid=115&sdkv=h.3.552.0&e=44748969%2C44750824%2C44765701%2C44777648&id=ima_html5&c=3217682291682065&domain=www.tri-cityherald.com

Requested by

Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 18:01:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 local_storage_frame17.min.html Show response
assets.bounceexchange.com/assets/bounce/ Frame 6FBC 2 KB
1 KB 34ms
33ms Document
text/html 34.98.72.95
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.bounceexchange.com/assets/bounce/local_storage_frame17.min.html
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main_078b5050025427da445c185cbaf38e87.br.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.72.95 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 95.72.98.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: f4fc114373da7e63fade04d84f7f1cfb5b31632246f33b10f3b7b275b85e6dd6

Request headers

Referer: https://www.tri-cityherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
access-control-expose-headers: etag Content-Type
age: 207732
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public,max-age=31536000
content-encoding: gzip
content-length: 1073
content-type: text/html; charset=UTF-8
date: Sun, 22 Jan 2023 08:19:03 GMT
etag: "f846f8378c0246c3d5a75b83251d4ac1"
expires: Mon, 22 Jan 2024 08:19:03 GMT
last-modified: Thu, 19 Jan 2023 20:29:08 GMT
server: UploadServer
vary: Accept-Encoding
x-goog-generation: 1674160148642582
x-goog-hash: crc32c=rQG9sA== md5=+Eb4N4wCRsPVp1uDJR1KwQ==
x-goog-metageneration: 1
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 1073
x-guploader-uploadid: ADPycdv19GXdCyMFVmglQgWuRgG-sW2HVcN-OFGNJJyxIY7GExeagVuskEbE6fWbkygvIXUgrkylBOC2cjhFCuB7KftfrLpnpeT_

GET
H2 200 / Show response
geo.privacymanager.io/ 30 B
593 B 31ms
20ms Fetch
application/json 143.204.215.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: launchpad.privacymanager.io
URL: https://launchpad.privacymanager.io/1/launchpad.bundle.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-96.fra53.r.cloudfront.net
Software: /
Resource Hash: 27bc0cb7e7e10d7caf0982f160c1860cb1957c710ee64ad3a21af29ec4a1edfa

Request headers

Accept: application/json
Referer: https://www.tri-cityherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 24 Jan 2023 01:58:00 GMT
via: 1.1 eaedf92fd05c53aa96f20b6322b473e6.cloudfront.net (CloudFront), 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P3, FRA53-C1
age: 57795
x-amzn-requestid: 097571bc-18cb-4d0c-8091-1a2fbc3aecde
x-amzn-trace-id: Root=1-63cf3b28-3490b0a24291b74f5a4df231;Sampled=0
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-cache: Hit from cloudfront
x-amz-apigw-id: fOYuXGQtDoEF1MQ=
content-length: 30
x-amz-cf-id: 4uY8G6ERe8C8fV5mp56alLeqrLv6scWfoy_DbwTiyhzv_FZMPWa74w==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

OPTIONS
H2 200 /
geo.privacymanager.io/ Frame 0
0 144ms
76ms Preflight
application/json 143.204.215.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-96.fra53.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.tri-cityherald.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: *
content-length: 0
content-type: application/json
date: Tue, 24 Jan 2023 18:01:15 GMT
via: 1.1 86ef89199388021c33b079c598103b12.cloudfront.net (CloudFront), 1.1 f2db75b601dc30df73b1beb29596a374.cloudfront.net (CloudFront)
x-amz-apigw-id: fQl05FUVjoEFQ4g=
x-amz-cf-id: c43DQbBp7chJQJYFO_B6a5xnOmH1LMdAt_mOAEHrGN1eypqdsIZL7w==
x-amz-cf-pop: FRA53-C1 FRA53-C1
x-amzn-requestid: 32883567-8265-4770-8391-e7155241edd1
x-cache: Miss from cloudfront

POST
H2 200 509 Show response
s953.tri-cityherald.com/DG/DEFAULT/rest/rpc/ 856 B
2 KB 449ms
447ms XHR
application/json 2600:9000:2304:4e00:4:a557:4cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: s953.tri-cityherald.com
URL: https://s953.tri-cityherald.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2304:4e00:4:a557:4cc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

- /

Resource Hash

103b5d3101581404a3b431cbe53e4fcce7669301bd9affe349abf9fa2d050631

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tri-cityherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 24 Jan 2023 18:01:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 6183f44271d091c21804d467f8a4ce20.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: VIE50-P1
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 557
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.tri-cityherald.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: rTe4GtqdrT-v0NRCXheo7zd7x0FAWth1HicmLYlgDyDKQMANskeq7A==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 509 Show response
s953.tri-cityherald.com/DG/DEFAULT/rest/rpc/ 383 B
1 KB 448ms
447ms XHR
application/json 2600:9000:2304:4e00:4:a557:4cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: s953.tri-cityherald.com
URL: https://s953.tri-cityherald.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2304:4e00:4:a557:4cc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

- /

Resource Hash

7b93ad48cdcb0da7023b89a96fbc596a58527722f2ded9714f3ab55be5b82e41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tri-cityherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 24 Jan 2023 18:01:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 6183f44271d091c21804d467f8a4ce20.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: VIE50-P1
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 182
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.tri-cityherald.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: XcMCtgviORas_fX6ABy7_qlyLR0hbGLIcq5aWWHgZYtiiGqE18FgiQ==
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 200 509 Show response
s953.tri-cityherald.com/DG/DEFAULT/rest/rpc/ 192 B
1 KB 446ms
445ms XHR
application/json 2600:9000:2304:4e00:4:a557:4cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: s953.tri-cityherald.com
URL: https://s953.tri-cityherald.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2304:4e00:4:a557:4cc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

- /

Resource Hash

7330c1fc5a616a82cd0df3d6a6ec5733dfca3111a4d199d2ffb2ab2445a8f42f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tri-cityherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 24 Jan 2023 18:01:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 6183f44271d091c21804d467f8a4ce20.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: VIE50-P1
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 172
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.tri-cityherald.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: GagdrG6N1uhf82YwuRGmVyhLKIT4Isx7xS4yapivzmYhVNZ8YNexdQ==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
BLOB 200
OK b48713cd-32e5-4109-ac36-afe67937317d Show response
https://www.tri-cityherald.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tri-cityherald.com/b48713cd-32e5-4109-ac36-afe67937317d
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/noilosy-zb/tri-cityheraldcore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5f2aa04129904f9458ac2458baa9b4072b77a5083919474a3a80c84d1896af63

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK d8809fc9-64ee-4a15-9f1c-d314da204a03 Show response
https://www.tri-cityherald.com/ 270 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tri-cityherald.com/d8809fc9-64ee-4a15-9f1c-d314da204a03
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/noilosy-zb/tri-cityheraldcore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 766c7ef0126a38a86dee0e014065c827eee26de3584facf3b4b8feca9d6473fa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Length: 270
Content-Type: text/javascript

GET
BLOB 200
OK 9cfe5ff7-ffa0-4cd2-80d5-98fc39e926f3 Show response
https://www.tri-cityherald.com/ 268 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tri-cityherald.com/9cfe5ff7-ffa0-4cd2-80d5-98fc39e926f3
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/noilosy-zb/tri-cityheraldcore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8dd021745855be5cb9135c9331ac33c35e7951481253c44836431a55161303fa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Length: 268
Content-Type: text/javascript

GET
BLOB 200
OK 220f6e91-e48d-428f-baa0-06e41031ddce Show response
https://www.tri-cityherald.com/ 354 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tri-cityherald.com/220f6e91-e48d-428f-baa0-06e41031ddce
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/noilosy-zb/tri-cityheraldcore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c644c8c8df3a1e76a1a1b3d14995990ebe679314dbd0b7cea2f37fa0fa2bbcc0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Length: 354
Content-Type: [object object]

GET
BLOB 200
OK 0cfcd407-c060-4b19-a53d-168e23b0a6f6 Show response
https://www.tri-cityherald.com/ 370 B
0 Script
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tri-cityherald.com/0cfcd407-c060-4b19-a53d-168e23b0a6f6
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/noilosy-zb/tri-cityheraldcore.js
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bf6e1240adbfd769edcd48944929c17b7079ab797ffb0c1eecd552afda5e3cd9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Length: 370
Content-Type: [object object]

GET
H2 200 .js Show response
dyv1bugovvq1g.cloudfront.net/11/www.tri-cityherald.com/ 3 KB
1 KB 132ms
24ms XHR
application/json 2600:9000:206f:a200:5:82fd:2500:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dyv1bugovvq1g.cloudfront.net/11/www.tri-cityherald.com/.js
Requested by: Host: htldotbid.s3.amazonaws.com
URL: https://htldotbid.s3.amazonaws.com/build/fc070c7d-1cf6-4529-b43b-16d5c62d3095/htlbid-gdpr.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:a200:5:82fd:2500:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 258e9ddedcb8876304c2a6b9c7cb5757eed2609cf3de53f52d161ccf6c5321ac

Request headers

Referer: https://www.tri-cityherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 24 Jan 2023 18:00:12 GMT
content-encoding: gzip
via: 1.1 43c19aee1cbb38bf37ea4d5265ba1f54.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 65
x-cache: Hit from cloudfront
content-length: 556
last-modified: Tue, 24 Jan 2023 17:59:51 GMT
server: AmazonS3
etag: "8b989b12f4ee6ce7630b1be68977dcce"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.tri-cityherald.com
cache-control: max-age=300
access-control-allow-credentials: true
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
accept-ranges: bytes
x-amz-cf-id: s_9zqzbmPvyh7MfOKW4E14JwHbMD3wTpn0n7Hz5Tflg-74-TZ0XYsw==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 131 B
494 B 27ms
26ms XHR
application/json 13.32.28.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.tri-cityherald.com&pubid=10f892c4-b76d-4f37-b1fd-0ae5d74780b5
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-28-197.fra56.r.cloudfront.net
Software: Server /
Resource Hash: e7e696f3b5ef25c97cde87bfbe910d446dc98e85192c814c4c3a540d1ac857ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 13:53:49 GMT
via: 1.1 b25bc331cb2e5e7e25d9488f5ecdc940.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C2
age: 14847
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.tri-cityherald.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 131
x-amz-cf-id: 5w8fWa-yaGbEVf3zEpgvbbksdcbYX4zqIIeownij0LxD9xOknE5UYA==

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 23 B
468 B 181ms
61ms XHR
text/javascript 99.86.3.236
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.tri-cityherald.com%2F&pid=MGO0uthRiJTrx&cb=0&ws=1600x1200&v=23.112.1442&t=2000&slots=%5B%7B%22sd%22%3A%22htlad-2-gpt%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F7675%2FTCY.site_tri-cityherald%2F_HomePage%22%7D%2C%7B%22sd%22%3A%22htlad-3-gpt%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F7675%2FTCY.site_tri-cityherald%2F_HomePage%22%7D%2C%7B%22sd%22%3A%22htlad-4-gpt%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F7675%2FTCY.site_tri-cityherald%2F_HomePage%22%7D%2C%7B%22sd%22%3A%22htlad-5-gpt%22%2C%22s%22%3A%5B%22300x600%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F7675%2FTCY.site_tri-cityherald%2F_HomePage%22%7D%2C%7B%22sd%22%3A%22htlad-12-gpt%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F7675%2FTCY.site_tri-cityherald%2F_HomePage%22%7D%5D&pubid=10f892c4-b76d-4f37-b1fd-0ae5d74780b5&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.3.236 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-3-236.fra6.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:16 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 c1fb60e38be5022a78e4b52bedded7c2.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA6-C1
x-amz-rid: 1Z5DFTHT6MY6PXXCXSB9
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.tri-cityherald.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: wGslb773QzyjivLykJUnNAKMmXtkwmuUYxdQ9P_Dn1yn-QpLGbke3w==

GET
H2 200 cs Show response
mcclatchy.blueconic.net/DG/DEFAULT/ 66 B
857 B 115ms
115ms Script
text/javascript 52.204.16.198
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://mcclatchy.blueconic.net/DG/DEFAULT/cs?bcsessionid=410f72d4-89c7-4156-8f1a-faba2c506f62&&callback=bc_json511

Requested by

Host: s953.tri-cityherald.com
URL: https://s953.tri-cityherald.com/script.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.204.16.198 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-204-16-198.compute-1.amazonaws.com

Software

- /

Resource Hash

7aa8d9d4c4a60dd68d72fed2e64e646cdd7d616f3a690c3f10b6282fa854148c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 18:01:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: -
x-permitted-cross-domain-policies: master-only
content-type: text/javascript; charset=utf-8
p3p: policyref="", CP="DSP"
cache-control: no-cache, no-store, no-transform, must-revalidate, private
x-robots-tag: noindex, nofollow
content-length: 86
x-xss-protection: 1; mode=block
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
BLOB 200
OK 7f313d6c-7e04-408b-9d07-11757ff41e26 Show response
https://www.tri-cityherald.com/ Frame 19EB 580 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tri-cityherald.com/7f313d6c-7e04-408b-9d07-11757ff41e26
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dc23f0b941f100ab048b7ad426f8f0a3baa64f0214128f35c215eec65d79eb44

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Length: 580
Content-Type: text/javascript

GET
BLOB 200
OK c7dc7233-b12f-47da-8950-d3f169f31b36 Show response
https://www.tri-cityherald.com/ Frame E62A 342 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tri-cityherald.com/c7dc7233-b12f-47da-8950-d3f169f31b36
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d47249325e2cf8c47798453b562d441244db94c476fe36555035c2da8790cbaa

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Length: 342
Content-Type: text/javascript

GET
BLOB 200
OK bda6ee19-f409-4dbc-93c2-75156585fae9 Show response
https://www.tri-cityherald.com/ Frame DFB2 426 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tri-cityherald.com/bda6ee19-f409-4dbc-93c2-75156585fae9
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a8f221f028cab6d2619c4c624a1be0044cdea534580268ef8e26eced08d61f27

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Length: 426
Content-Type: text/javascript

GET
BLOB 200
OK ea8a4cd4-5f2a-44ba-8e3b-516465f34660 Show response
https://www.tri-cityherald.com/ Frame A87B 263 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tri-cityherald.com/ea8a4cd4-5f2a-44ba-8e3b-516465f34660
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 02fba049759f060ce2ec53acb2440541ae6e99f0f338df9e369044f219de9f16

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Length: 263
Content-Type: text/javascript

GET
BLOB 200
OK 30cb225d-3420-4936-9bd7-6d3027b057c3 Show response
https://www.tri-cityherald.com/ Frame ACC8 577 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tri-cityherald.com/30cb225d-3420-4936-9bd7-6d3027b057c3
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a4e78e492e2cb5bba49246d91ae417ffc26edba507b5ef6bf7f7156bb9b73381

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Length: 577
Content-Type: text/javascript

GET
BLOB 200
OK a47ba747-53d7-4f85-bda8-3b976ad12150 Show response
https://www.tri-cityherald.com/ Frame BDBD 388 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tri-cityherald.com/a47ba747-53d7-4f85-bda8-3b976ad12150
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 38c6a2d5b4a654ad9062ea9e6ba8632e6396ebeaa2943020a0897b9f7e038519

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Length: 388
Content-Type: text/javascript

GET
BLOB 200
OK 1763fcaf-8a01-4ab5-a33f-4d859f1a46f6 Show response
https://www.tri-cityherald.com/ Frame E699 342 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tri-cityherald.com/1763fcaf-8a01-4ab5-a33f-4d859f1a46f6
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d48d68a08b3ccfe7a0bf7bae8810bdc434b79c882bf4d4aa6951d43c25b70570

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Length: 342
Content-Type: text/javascript

GET
BLOB 200
OK 61ea9aff-363e-4f91-949b-8e82e613b460 Show response
https://www.tri-cityherald.com/ Frame 788F 1 KB
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tri-cityherald.com/61ea9aff-363e-4f91-949b-8e82e613b460
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f1f8842f267b4ba14eba13922dbd36c50978e5b328534476639fe1548e742007

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Length: 1280
Content-Type: text/javascript

GET
BLOB 200
OK 80d816b6-efc7-4693-9d60-8715c5560e87 Show response
https://www.tri-cityherald.com/ Frame D8BD 590 B
0 Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.tri-cityherald.com/80d816b6-efc7-4693-9d60-8715c5560e87
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fbf5a809affc2436edaeec5bf7b723d8feaf4f9e7cbd8ba5f7f0f1e237b17f27

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Length: 590
Content-Type: text/javascript

GET
H2 200 oPS.js Show response
d15kdpgjg3unno.cloudfront.net/ 104 KB
22 KB 162ms
14ms Script
application/javascript 2600:9000:2490:a800:11:b309:9100:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=11
Requested by: Host: htldotbid.s3.amazonaws.com
URL: https://htldotbid.s3.amazonaws.com/build/fc070c7d-1cf6-4529-b43b-16d5c62d3095/htlbid-gdpr.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:a800:11:b309:9100:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f8a79e266d9f0a5982f3b2cfd1b044546e52716331afa03dc052bf86beab6ad3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 18:49:19 GMT
content-encoding: gzip
via: 1.1 57eb57a4c7d431365ab5b2e18c495bf4.cloudfront.net (CloudFront)
x-amz-version-id: jen6nEVaQmsTtjzmyXnfIk6vaJqltMuA
last-modified: Fri, 20 Jan 2023 20:19:09 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P6
age: 83518
etag: W/"668a43bb14b17915ed4669615f72121a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=84600
x-amz-cf-id: _Pp-5pDNNJvevdYOslc1GHKMzpi24c_YKKj8DeLYyEF0o0xBkR5cJw==

GET
H/1.1 200
OK 1x1-pixel.png
ams-pageview-public.s3.amazonaws.com/ 68 B
448 B 654ms
109ms Image
image/png 52.217.173.201
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ams-pageview-public.s3.amazonaws.com/1x1-pixel.png?id=4599eb3fb783
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.173.201 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 18:01:17 GMT
Last-Modified: Mon, 26 Oct 2020 16:52:19 GMT
Server: AmazonS3
x-amz-request-id: ZW6VDCGN910XZA50
ETag: "91e42db1c66c0b276abf6234dc50b2eb"
Content-Type: image/png
Cache-Control: no-store
Accept-Ranges: bytes
Content-Length: 68
x-amz-id-2: nj0SoKmsky+wOr/NtVSIttLPElI30gnyVIm5mqo07clwFs+CueBd4QyMG7Ngsi5uDXA0Ej0zvxU=

GET
H2 200 init1.js Show response
api.bounceexchange.com/bounce/ 36 B
342 B 197ms
61ms Script
text/html 34.111.8.32
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://api.bounceexchange.com/bounce/init1.js?wklzs=1024&wklz=C4ewVgigvAZgrgOwMbAJYgQMhQZygRgDYB2AFgFYAOAZgCZjDrTbNgAvEKABkwHcBTAEY5UwfgH1UAEyjUyxTACd+OEABs4aDAUJcuAD3y09S-jH6LliqNgCGatagQBzcXEVqoAC2DAADjgApNQAgoG0AGLhEbyxAHTAiqgAtEiiAJ5eFvZScUggALbRmABuqCLA4vkgANao-FCBxABC4bRqfm3BYbS0Pv5BtOSh4eSRo5GxvAlJqRlZijl5hRNRveEAwm2KXSPr68QAItggtfWNLW0lu2GXvThwggWiYlLiBSCKCE7ONzD2OH4mza-BKFnEahAzmc-DeTj+AKBtC290ez18sPEGAqSNo3X+akBwN6fls0nED2ESCSggsCMJSJRtEp6NeVU+GFsZUUcEGeNCBKJyLaCDgBQpj3EpJh4jK-F4fO6XGJtD8SRKtiQ6XZZxU4k1SH4fle9KJRyaxw1ihwAG1pRJgOk-PwALreQr8Uq2a02spSfggWXlVCCNSuqCJOCeq2271oJBh8QIWwFcOC6Pe2OKeOJpC2MTOT7pN3pr0+wEodAIKr5-iFxTF2CIsu2lkvTEfL4-EvNmM2yHQzFOHsMls20HggcwuEIEeAseCTU1GCoBzif1+SHpVMIYBusdtjFvbGiNO9zM2uOoBMSGr8dK8T5SHBzjM+3ngwHOHfAF9N0d9qS5KUjg1IhhYr5joWUKJn4IB+HAfhBiIoZngBF6Hmy+SKJy3K8pBfZTkO1bSPwu6oCusIEReMDKBIV43tRPpIF4OGpuIgg4QqEERjyb6to8oE0hI9pMbaoripSUq2DKcoKm6PCAeqmratUdR6gaRqvGJdoyRILG2C4mKfOIyi0SoWRSAR-owDaEkSoI0myfU8ncKUNl2spWo6upOD6kghrGlR-7zmp9TiKAgZqN6MIhZ6gh+G5-D+FANoAEQMWGaUADRpXmBZFjlaXOPYYYNkVXgekVgLeixaUupgxp4JVqYnAUm6oIZhriDA0XODYJReLYUBAA
Requested by: Host: assets.bounceexchange.com
URL: https://assets.bounceexchange.com/assets/smart-tag/versioned/main_078b5050025427da445c185cbaf38e87.br.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.8.32 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 32.8.111.34.bc.googleusercontent.com
Software: /
Resource Hash: fe3fcb884394be745dbd11141b6d780028a4d86106b6292d7502db096f582218

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

p3p: CP="NOI ADM DEV PSAi COM NAV OUR OTRo STP IND DEM"
date: Tue, 24 Jan 2023 18:01:16 GMT
content-encoding: gzip
x-envoy-upstream-service-time: 21
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type: text/html; charset=UTF-8

GET
H2 200 push.539ae12af57cc080f3d0.js Show response
www.tri-cityherald.com/noilosy-zb/ 2 KB
1 KB 93ms
45ms Script
application/javascript 2.21.186.235
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tri-cityherald.com/noilosy-zb/push.539ae12af57cc080f3d0.js
Requested by: Host: www.tri-cityherald.com
URL: blob:https://www.tri-cityherald.com/b48713cd-32e5-4109-ac36-afe67937317d
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.186.235 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-186-235.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: c7aea7c22a8be795f2387dd80341ffcbc21da955eae9408c2e6bb7173ebe0767

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:16 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 5946
content-length: 678
last-modified: Mon, 23 Jan 2023 18:09:25 GMT
server: MI
etag: W/"64d-5f2f24c9e3f40"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 405868340 388301172
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=528266
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 chatbot.bd4ace90597d518586ac.js Show response
www.tri-cityherald.com/noilosy-zb/ 2 KB
1 KB 94ms
47ms Script
application/javascript 2.21.186.235
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tri-cityherald.com/noilosy-zb/chatbot.bd4ace90597d518586ac.js
Requested by: Host: www.tri-cityherald.com
URL: blob:https://www.tri-cityherald.com/d8809fc9-64ee-4a15-9f1c-d314da204a03
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.186.235 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-186-235.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: 425d571d543d93623dd684230a513a8ea6c0f72377b6c29c6f203f241ba00217

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:16 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 77668
content-length: 1007
last-modified: Mon, 23 Jan 2023 18:09:25 GMT
server: MI
etag: W/"909-5f2f24c9e3f40"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 778338332 392364190
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=599949
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 pageLoad.88d27192771d464bb752.js Show response
www.tri-cityherald.com/noilosy-zb/ 131 KB
42 KB 96ms
50ms Script
application/javascript 2.21.186.235
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tri-cityherald.com/noilosy-zb/pageLoad.88d27192771d464bb752.js
Requested by: Host: www.tri-cityherald.com
URL: blob:https://www.tri-cityherald.com/9cfe5ff7-ffa0-4cd2-80d5-98fc39e926f3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.186.235 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-186-235.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: b3db5ede07a80b2d5092c7bc68a870aa9eb0c0a328a3ca3b86a2c643da069cb6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:16 GMT
content-encoding: gzip
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 5958
content-length: 42057
last-modified: Mon, 23 Jan 2023 18:09:25 GMT
server: MI
etag: W/"20aea-5f2f24c9e3f40"
vary: Accept-Encoding
mi-cache: HIT
x-varnish: 789972787, 139657229 82313398
content-type: application/javascript
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=528254
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-max-age: 86400
access-control-allow-headers: *

GET
H2 200 pdp.gif
www.tri-cityherald.com/noilosy-zb/ 42 B
383 B 219ms
174ms Image
image/gif 2.21.186.235
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tri-cityherald.com/noilosy-zb/pdp.gif?a=eyJpZCI6Im1pX2FzX3RjaF8wNjg1NjU5ODMwOTI4MjU4MjI4NDAxNTE3OTAwNzQyOTEwMjc5N18xXzBfMTY3NDU4MzI3MzQ1NyIsIm5vdyI6MTY3NDU4MzI3NTk2NywibnMiOnRydWV9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.186.235 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-186-235.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:16 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 82581
content-length: 42
last-modified: Mon, 23 Jan 2023 18:09:25 GMT
server: MI
etag: "2a-5f2f24c9e3f40"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 460784297 51544515
content-type: image/gif
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=604792
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 pdp.gif
www.tri-cityherald.com/noilosy-zb/ 42 B
392 B 490ms
447ms Image
image/gif 2.21.186.235
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tri-cityherald.com/noilosy-zb/pdp.gif?k=eyJpZCI6Im1pX2FzX3RjaF8wNjg1NjU5ODMwOTI4MjU4MjI4NDAxNTE3OTAwNzQyOTEwMjc5N18xXzBfMTY3NDU4MzI3MzQ1NyIsImdwdFJlcXVlc3RlZCI6NDUyMywibG9hZEV2ZW50U3RhcnQiOjUzNzF9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.21.186.235 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-21-186-235.deploy.static.akamaitechnologies.com
Software: MI /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:16 GMT
x-mi-in-market: 0
surrogate-control: varnish=ESI/2.1
mi-cache-age: 82582
content-length: 42
last-modified: Mon, 23 Jan 2023 18:09:25 GMT
server: MI
etag: "2a-5f2f24c9e3f40"
mi-cache: HIT
access-control-max-age: 86400
x-varnish: 51544514, 825884890 384369561
content-type: image/gif
access-control-allow-methods: GET,POST,OPTIONS
cache-control: max-age=604742
access-control-allow-credentials: false
access-control-allow-origin: *
access-control-allow-headers: *

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ Frame 19EB 106 KB
28 KB 116ms
13ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.tri-cityherald.com
URL: blob:https://www.tri-cityherald.com/7f313d6c-7e04-408b-9d07-11757ff41e26

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ef8f067f829af7c95936a36f38e54c98ab090f937f5557e4c78829ed8fcf5ffd

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 24 Jan 2023 18:01:16 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27859
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 2Rsvh+IFKXGH+Ta1FGGOVvtlVxhhExvQa1hmLhz0PKX+C8EDJ/ae3yEEkB8oZnIs26dBb35RsyL3eeJ8S54CUg==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 tag.aspx Show response
ml314.com/ Frame E62A 31 KB
11 KB 125ms
23ms Script
application/javascript 34.111.234.236
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/tag.aspx?240
Requested by: Host: www.tri-cityherald.com
URL: blob:https://www.tri-cityherald.com/c7dc7233-b12f-47da-8950-d3f169f31b36
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 27d7b573de36acef9ddbf975de05251f5219d2e4b8424288aae62aa57d5a6396

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 17:57:47 GMT
content-encoding: br
age: 209
x-guploader-uploadid: ADPycdscB_6Z991DF9a7VQ0Eu1FdrgE8x_fxJLMaDy7PYnbokqD49T1AJ2hXMwehZOCVOEho9Oa5Z8bwiFbrw1XebgG0FZcl2RYr
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 10473
last-modified: Tue, 09 Aug 2022 21:49:07 GMT
server: UploadServer
etag: W/"fe36d3317b1b052708eb2260e253aa63"
vary: Accept-Encoding
x-goog-generation: 1660081747697868
x-goog-hash: crc32c=BjH7bw==, md5=/jbTMXsbBScI6yJg4lOqYw==
content-type: application/javascript
cache-id: FRA-fa985ced
cache-control: public,max-age=3600
x-cache-hit: hit
x-goog-stored-content-length: 32025
accept-ranges: none

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame DFB2 129 KB
50 KB 224ms
71ms Script
application/javascript 2a00:1450:400d:804::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-848620132

Requested by

Host: www.tri-cityherald.com
URL: blob:https://www.tri-cityherald.com/bda6ee19-f409-4dbc-93c2-75156585fae9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f6f2d3824ff8dac18dbffc75bf0b7963f21b0b6be3ffddf2c0927da29f03a9ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 50862
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 24 Jan 2023 18:01:16 GMT

GET
H2 200 a-01ek Show response
b-code.liadm.com/ Frame A87B 34 KB
12 KB 132ms
30ms Script
application/javascript 2600:9000:2057:4200:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-01ek
Requested by: Host: www.tri-cityherald.com
URL: blob:https://www.tri-cityherald.com/ea8a4cd4-5f2a-44ba-8e3b-516465f34660
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:4200:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 558c0c8be629970314afa707fe5ad72ef367bf1084864643ea28969a39bb0871

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 01:31:42 GMT
content-encoding: gzip
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 59374
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: "public, max-age=86400"
x-amz-cf-id: ARxZkxXGk4VdD20ojwxeI2RD6To7NGbOB7hhk7cCj0V8wHPK9nxiDQ==

GET
H/1.1 200
OK events.js Show response
tags.srv.stackadapt.com/ Frame ACC8 17 KB
6 KB 670ms
114ms Script
text/javascript 44.209.218.223
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/events.js
Requested by: Host: www.tri-cityherald.com
URL: blob:https://www.tri-cityherald.com/30cb225d-3420-4936-9bd7-6d3027b057c3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.209.218.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-209-218-223.compute-1.amazonaws.com
Software: /
Resource Hash: 26f1e7ef75fb5e9acecc7d04286aa2b3ce4b5343ab71e2bcec471eb3a561b7bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 24 Jan 2023 18:01:16 GMT
Cache-Control: max-age=5
Content-Encoding: gzip
Connection: keep-alive
Content-Length: 5382
Content-Type: text/javascript

POST
H2 200 509 Show response
s953.tri-cityherald.com/DG/DEFAULT/rest/rpc/ 927 B
2 KB 467ms
452ms XHR
application/json 2600:9000:2304:4e00:4:a557:4cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: s953.tri-cityherald.com
URL: https://s953.tri-cityherald.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2304:4e00:4:a557:4cc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

- /

Resource Hash

5a8f5ce3746d4cfb65c3fa8c0b5c76a9d83784397135aa7c9fe205e4bb303875

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tri-cityherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 24 Jan 2023 18:01:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 6183f44271d091c21804d467f8a4ce20.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: VIE50-P1
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 596
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.tri-cityherald.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: GcoITPEo2g2C0tCVGoPoB7uJzt4muN6wsrn2a-DRr0GAZX53GC6qmA==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 m
secure-us.imrworldwide.com/cgi-bin/ Frame BDBD 44 B
597 B 470ms
50ms Image
image/gif 18.202.203.7
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure-us.imrworldwide.com/cgi-bin/m?ci=us-203838h&cg=0&cc=1&si=https%3A//www.tri-cityherald.com/&rp=&ts=compact&rnd=1674583276385
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.202.203.7 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-202-203-7.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 18:01:16 GMT
server: nginx
accept-ch: Sec-CH-Save-Data, Sec-CH-DPR, Sec-CH-Width, Sec-CH-Viewport-Width, Sec-CH-Viewport-Height, Sec-CH-Device-Memory, Sec-CH-RTT, Sec-CH-Downlink, Sec-CH-ECT, Sec-CH-Prefers-Color-Scheme, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version
access-control-allow-methods: POST, OPTIONS
p3p: P3P policyref="http://secure-us.imrworldwide.com/w3c/p3p.xml", CP="NOI DSP COR NID PSA ADM OUR IND UNI NAV COM"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
cross-origin-resource-policy: cross-origin
content-length: 44
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H2 200 quant.js Show response
edge.quantserve.com/ Frame E699 25 KB
10 KB 169ms
25ms Script
application/javascript 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://edge.quantserve.com/quant.js
Requested by: Host: www.tri-cityherald.com
URL: blob:https://www.tri-cityherald.com/1763fcaf-8a01-4ab5-a33f-4d859f1a46f6
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: f7da44c9657d7a2dbd9d127c5d9834ab4d9599445f264f90e2b922e61bdc9ff9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:16 GMT
content-encoding: gzip
etag: "OVi4z6W4qM+KoQEZlRgh5w=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Tue, 31 Jan 2023 18:01:16 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ Frame 788F 110 KB
43 KB 69ms
59ms Script
application/javascript 2a00:1450:400d:804::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-48281581-1

Requested by

Host: www.tri-cityherald.com
URL: blob:https://www.tri-cityherald.com/61ea9aff-363e-4f91-949b-8e82e613b460

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

b5536b3c6a843edf27899c1969b5878162dc6909f93e5e34e3110128ea24ee88

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:16 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 44061
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Tue, 24 Jan 2023 18:01:16 GMT

GET
H/1.1 200
OK fullcontact.js Show response
tags.fullcontact.com/anon/ Frame D8BD 35 KB
12 KB 373ms
24ms Script
application/javascript 99.86.4.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.fullcontact.com/anon/fullcontact.js
Requested by: Host: www.tri-cityherald.com
URL: blob:https://www.tri-cityherald.com/80d816b6-efc7-4693-9d60-8715c5560e87
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-69.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 987d5da0ab9202a9c0f62852a6939b618a0c3eb38db24e4d1afb947bbcd98bc7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 03:10:33 GMT
Content-Encoding: gzip
Via: 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
Last-Modified: Wed, 02 Nov 2022 20:34:05 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA6-C1
Age: 53456
x-amz-server-side-encryption: AES256
ETag: W/"ed70c713adb9b703a7bd3db8cae895d5"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: P_2MnqJl3g3ppIuk2lULrrTO2XUwCNkb6U_5tjGbbthu-1u8UJbRKg==

GET
H2 200 pushly-sdk.min.js Show response
cdn.p-n.io/ 220 KB
50 KB 402ms
47ms Script
application/javascript 18.66.112.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=nH0P14xdqrGzY1zOSuQwt72a30oPDpqvzKAs
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/noilosy-zb/push.539ae12af57cc080f3d0.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-6.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: a1f4cf701c34333d57d1eefb0b64c67f5d1d7b60975ec43f01270cdcd6e0d71f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 17:50:36 GMT
content-encoding: gzip
via: 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
last-modified: Tue, 24 Jan 2023 07:10:16 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 641
etag: W/"c9e94103038afc5b10987db9e097ce90"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=900
x-amz-cf-id: qPXPl_qSm2cToDCDV1yFaYPmfYpc8tG1aI8a_biqd4AjP97CMK5_qQ==

GET tag.js
lptag.liveperson.net/tag/ 0
0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 405ms
31ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.tri-cityherald.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071839

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 78ms
57ms Script
application/javascript 2a00:1450:400d:80a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.tri-cityherald.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071839

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 373 KB
98 KB 660ms
659ms XHR
text/plain 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1795392521007194&correlator=1457777702586139&eid=31071523%2C31071839%2C31071602&output=ldjh&gdfp_req=1&vrg=2023011901&ptt=17&impl=fifs&iu_parts=7675%2CTCY.site_tri-cityherald%2C_HomePage&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=1x1%2C970x250%7C970x90%7C728x90%2C300x600%7C300x250%2C300x600%7C300x250%2C300x600%7C300x250%2C970x90%7C728x90&ifi=1&adks=2733185718%2C2511834013%2C2007399601%2C2008231112%2C2004959300%2C612434278&sfv=1-0-40&ists=32&prev_scp=htl_refresh%3D1%26htl_slot_gpid%3Dweb-overlay%26slot%3Doverlay%7Catf%3Dy%26htl_refresh%3D1%26htl_slot_gpid%3Dweb-top-banner%26pkg%3Da%26slot%3Dtop-banner%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%7Catf%3Dy%26htl_refresh%3D1%26htl_slot_gpid%3Dweb-flex%26slot%3Dflex-1%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%7Catf%3Dy%26htl_refresh%3D1%26htl_slot_gpid%3Dweb-flex%26pkg%3Db%26slot%3Dflex-2%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%7Catf%3Dn%26htl_refresh%3D1%26htl_slot_gpid%3Dweb-flex%26pkg%3Dc%26slot%3Dflex-3%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0%7Catf%3Dn%26htl_refresh%3D1%26htl_slot_gpid%3Dweb-fixed-bottom%26slot%3Dfixed-bottom%26amznbid%3D2%26amznp%3D2%26amznsz%3D0x0&eri=1&cust_params=is_testing%3Dno%26cob%3Dy%26id%3D%26pl%3Dhomepage%26ref%3D%26sect%3Decefrontpage%26sids%3D%26sub%3Dn%26top%3D%26vl%3D0%26htlbidid%3D15498&sc=1&cookie_enabled=1&abxe=1&dt=1674583276531&lmt=1674583113&dlt=1674583271753&idt=4180&adxs=-12245933%2C315%2C-12245933%2C255%2C1045%2C315&adys=-12245933%2C140%2C-12245933%2C1270%2C2991%2C7896&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C0%7C-1%7C1%7C2%7C3&ucis=1%7C2%7C3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.tri-cityherald.com%2F&frm=20&vis=1&psz=0x0%7C970x0%7C0x0%7C350x0%7C300x0%7C1600x0&msz=0x0%7C970x0%7C0x0%7C350x0%7C300x0%7C1600x0&fws=128%2C0%2C128%2C0%2C0%2C0&ohw=0%2C0%2C0%2C0%2C0%2C0&ga_vid=1676420829.1674583277&ga_sid=1674583277&ga_hid=486791218&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071839

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a3d561016ccd3a810f1d3395781ede59a06b27fcbab8668e0d06da2abab0eafa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:17 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100762
x-xss-protection: 0
google-lineitem-id: -2,-1,6130104397,-1,-1,-1
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-1,138417301741,-1,-1,-1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.tri-cityherald.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 120ms
70ms XHR
application/json 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2023011901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071839

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8cca5c9194ac528c91ac290ebe549996626a072f7029d9a9176ff8704ff49808

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11103
x-xss-protection: 0

GET
H2 200 container.html Show response
972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 0FAE 6 KB
3 KB 264ms
67ms Document
text/html 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071839

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tri-cityherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 24 Jan 2023 18:01:17 GMT
expires: Wed, 24 Jan 2024 18:01:17 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
426 B 114ms
114ms Image
image/gif 54.88.76.203
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_at=304&ntv_ui=2ddfe000-2cb8-4966-9079-b0a4857513b8&ntv_a=AAAAAAAAAAY60QA&ntv_ht=6hzQYwA&ntv_fl=pe8H033pZb_ldOWvRW2JyCPfoxknPFgzeljpSIcuUlzA_4zY4gqR2bT0QipdpN8DQ-gvKR6DjndzXgyhy5HbbWFZzRDrGsNmh6UXuAkwVAciGwYkEdaqjA-TjXFiuUWmsiWPVjHd_6-TCncSeFxjDWJx8YWwZyFdsVFuiHk05JKQMUoTMOmkAYJBQ-P3yiWi&ord=-109551083&ntv_ift=0&ntv_it
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.88.76.203 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-88-76-203.compute-1.amazonaws.com
Software: nginx/1.12.2 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 18:01:16 GMT
server: nginx/1.12.2
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 cookie-consent.css
cdn-prod.securiti.ai/consent/ 42 KB
8 KB 293ms
25ms Stylesheet
text/css 2600:9000:206f:5a00:12:1bf:30c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-prod.securiti.ai/consent/cookie-consent.css

Requested by

Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/noilosy-zb/pageLoad.88d27192771d464bb752.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:5a00:12:1bf:30c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

b08259e3c3f7b18a6f81fdd52d97198d7df94634144aaced415bfb1061883bcc

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: 0SaPfidEaOrnyiftYjgXNTUE9SyoELUR
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'none'
content-encoding: gzip
date: Tue, 24 Jan 2023 17:15:52 GMT
via: 1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 2735
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Mon, 23 Jan 2023 21:14:41 GMT
server: AmazonS3
etag: W/"6eb6240bdbb6ec0b0f639550350aa72e"
x-frame-options: DENY
vary: Accept-Encoding
content-type: text/css
x-amz-cf-id: eSn--2f3OYfVr2nFRhyAhegzVkFVsekiFd98ue92Mc5SuCmfuYgzGg==

GET
H2 200 cookie-consent-sdk.js Show response
cdn-prod.securiti.ai/consent/ 201 KB
51 KB 293ms
27ms Script
application/javascript 2600:9000:206f:5a00:12:1bf:30c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-prod.securiti.ai/consent/cookie-consent-sdk.js

Requested by

Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/noilosy-zb/pageLoad.88d27192771d464bb752.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:5a00:12:1bf:30c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a9196e994e4b8c341c24bd4c2f7e132d060b9191fb3f628641c5f0fd10e6736d

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

x-amz-version-id: Nhhu2fYt2Succ5552vMdDy.wAyXcTL0F
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'none'
content-encoding: gzip
date: Tue, 24 Jan 2023 17:26:29 GMT
via: 1.1 2fc0d20914c32e5cd76477ed042298d0.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 2089
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Mon, 23 Jan 2023 21:14:38 GMT
server: AmazonS3
etag: W/"8c920377d1b230a4ea5e4bfd362274c2"
x-frame-options: DENY
vary: Accept-Encoding
content-type: application/javascript
x-amz-cf-id: HnZY4HM8SBJgUhkNRUS7rBrHqiwoTMcTTcrWUCLs357h1AWsU73qoQ==

GET
H2 200 utsync.ashx Show response
ml314.com/ Frame E62A 62 B
309 B 54ms
53ms Script
application/javascript 34.111.234.236
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://ml314.com/utsync.ashx?pub=&adv=&et=0&eid=88280&ct=js&pi=&fp=&clid=&if=1&ps=&cl=&mlt=&data=&&cp=https%3A%2F%2Fwww.tri-cityherald.com%2F&pv=1674583276629_yh2gash2h&bl=en-us&cb=1580532&return=&ht=&d=&dc=&si=1674583276629_yh2gash2h&cid=&s=1600x1200&rp=https%3A%2F%2Fwww.tri-cityherald.com%2F&v=2.5.2.2
Requested by: Host: ml314.com
URL: https://ml314.com/tag.aspx?240
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.234.236 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 236.234.111.34.bc.googleusercontent.com
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 18:01:16 GMT
via: 1.1 google
server: Microsoft-IIS/10.0
x-aspnet-version: 4.0.30319
x-powered-by: ASP.NET
content-type: application/javascript; charset=utf-8
p3p: CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
cache-control: no-cache, no-store, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 62
expires: 0

GET
H2 200 sync-container.js Show response
b-code.liadm.com/ Frame A87B 6 KB
6 KB 64ms
27ms Script
application/javascript 2600:9000:2057:4200:8:8845:1500:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/sync-container.js
Requested by: Host: b-code.liadm.com
URL: https://b-code.liadm.com/a-01ek
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2057:4200:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 19:30:46 GMT
x-amz-version-id: WIo1DFPCLgnYZuB8yv1dFIDWe1bYBj2G
via: 1.1 35c75b7f0ca8c787d67c8ebd22bc7fc2.cloudfront.net (CloudFront)
last-modified: Tue, 10 May 2022 11:48:07 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 2500231
etag: "ae5e94de938b0387eda6df8f20da811a"
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=2592000
accept-ranges: bytes
content-length: 5904
x-amz-cf-id: CdPlkoHZ8Qce0ZB2MgX3k3l7RMiPavZvb5a3tcAvi4iAZkWb7c2Vng==

GET
H2 200 rules-p-50B2Fi6bBqYto.js Show response
rules.quantcount.com/ Frame E699 1 KB
1 KB 107ms
29ms Script
application/javascript 2600:9000:2190:e400:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-50B2Fi6bBqYto.js
Requested by: Host: edge.quantserve.com
URL: https://edge.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2190:e400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 75d9d212e2811afea51e1b0d425566c5b3f2be843066b5a8f91f9df7c328cda6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 17:02:59 GMT
content-encoding: gzip
via: 1.1 871dedfc10f4428aa2412b6f788b791a.cloudfront.net (CloudFront)
x-amz-cf-pop: ZRH50-C1
age: 3592
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Thu, 13 Oct 2022 22:15:13 GMT
server: AmazonS3
etag: W/"52f4ba3839d01c1dbb310f6ef96bde89"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: SmrwSXo1UXOZAKfy7RMIcxgsgmJ0joNzgAH9BaqADcB-vI_nLIamGQ==

GET
H2 200 1081709588515684 Show response
connect.facebook.net/signals/config/ Frame 19EB 378 KB
108 KB 28ms
23ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1081709588515684?v=2.9.94&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

56ab345f28a0a51d54cbf735d3660f1ad65b4256905ab324024806fbadbc821f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 24 Jan 2023 18:01:16 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 110560
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: izqcmbj3vfd6e1KRxD4PFzP2oQeP9ZcYKv6TQUMn/27QC3z++UxiKRP2P4qDp89ztiHqBNDv8L9XbzwIhQw+0w==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H/1.1 200
OK Test_oPS_Script_Loads Show response
sqs.us-east-1.amazonaws.com/397719490216/ 378 B
658 B 566ms
120ms XHR
text/xml 3.236.169.54
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://sqs.us-east-1.amazonaws.com/397719490216/Test_oPS_Script_Loads?Action=SendMessage&MessageBody=cid%3D11%26bt%3Dnull
Requested by: Host: d15kdpgjg3unno.cloudfront.net
URL: https://d15kdpgjg3unno.cloudfront.net/oPS.js?cid=11
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.236.169.54 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-236-169-54.compute-1.amazonaws.com
Software: /
Resource Hash: 6e4ece576a3bea8a4e44782cef4e683c0d01e4d52d0f2d968512334330bd8272

Request headers

Referer: https://www.tri-cityherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: x-amzn-RequestId,x-amzn-ErrorType,x-amzn-ErrorMessage,Date
Date: Tue, 24 Jan 2023 18:01:17 GMT
x-amzn-RequestId: 35a02f8a-e399-5f61-8a54-73c0fcb4527f
Content-Length: 378
Content-Type: text/xml

POST
H2 200 509 Show response
s953.tri-cityherald.com/DG/DEFAULT/rest/rpc/ 192 B
1 KB 446ms
446ms XHR
application/json 2600:9000:2304:4e00:4:a557:4cc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: s953.tri-cityherald.com
URL: https://s953.tri-cityherald.com/script.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2304:4e00:4:a557:4cc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

- /

Resource Hash

b9219efcd84de252676ddb9ef28a50a946cd36e221f770b1dcdfa97d29959902

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tri-cityherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 24 Jan 2023 18:01:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
via: 1.1 6183f44271d091c21804d467f8a4ce20.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: master-only
x-amz-cf-pop: VIE50-P1
x-cache: Miss from cloudfront
p3p: policyref="", CP="DSP"
content-length: 172
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
accept-ch: sec-ch-ua-platform-version
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.tri-cityherald.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
x-amz-cf-id: iqJ1LOxQMnHz8hUe_xyzZyqJNUY4ZGpLlgezbbnTuksH1_baXC-BCg==
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 788F 49 KB
20 KB 408ms
34ms Script
text/javascript 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-48281581-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 24 Jan 2023 16:21:44 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 5973
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Tue, 24 Jan 2023 18:21:44 GMT

GET
H2

200

j Show response
rp4.liadm.com/ Frame A87B
Redirect Chain

https://rp.liadm.com/j?dtstmp=1674583276986&aid=a-01ek&se=e30&duid=a54c2fa4f63f--01gqjf1z92kr429r80qz97ddw9&tna=v2.6.0&pu=https%3A%2F%2Fwww.tri-cityherald.com%2F&wpn=lc-bundle&c=PHRpdGxlPmxjcHg8L3R...
https://rp4.liadm.com/j?dtstmp=1674583276986&aid=a-01ek&se=e30&duid=a54c2fa4f63f--01gqjf1z92kr429r80qz97ddw9&tna=v2.6.0&pu=https%3A%2F%2Fwww.tri-cityherald.com%2F&wpn=lc-bundle&c=PHRpdGxlPmxjcHg8L3...

51 B
590 B

406ms
112ms

XHR
application/json

52.202.32.237
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://rp4.liadm.com/j?dtstmp=1674583276986&aid=a-01ek&se=e30&duid=a54c2fa4f63f--01gqjf1z92kr429r80qz97ddw9&tna=v2.6.0&pu=https%3A%2F%2Fwww.tri-cityherald.com%2F&wpn=lc-bundle&c=PHRpdGxlPmxjcHg8L3RpdGxlPg&i6=MjAwMToxYjYwOjEwMTA6MzoxMDExOjc3MDQ6MjVlODoyZDQ0&n3pc=true

Protocol

Server

52.202.32.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-202-32-237.compute-1.amazonaws.com

Software

Resource Hash

dcb9c6c2f2d50ffc5f84ae143318921c0fb4bebc99f3970bd3565422b9c19390

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:18 GMT
x-pixel-event-id: b4ee2dcb-ce8e-4cfc-b548-91cd775c30e9
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
strict-transport-security: max-age=31536000; includeSubDomains
x-frame-options: DENY
vary: Origin
content-type: application/json
request-time: 0
access-control-allow-origin: null
access-control-allow-credentials: true
trace-id: e6b0a554f62418b4
content-length: 51
x-xss-protection: 1; mode=block

Redirect headers

date: Tue, 24 Jan 2023 18:01:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-frame-options: DENY
vary: Origin
location: https://rp4.liadm.com/j?dtstmp=1674583276986&aid=a-01ek&se=e30&duid=a54c2fa4f63f--01gqjf1z92kr429r80qz97ddw9&tna=v2.6.0&pu=https%3A%2F%2Fwww.tri-cityherald.com%2F&wpn=lc-bundle&c=PHRpdGxlPmxjcHg8L3RpdGxlPg&i6=MjAwMToxYjYwOjEwMTA6MzoxMDExOjc3MDQ6MjVlODoyZDQ0&n3pc=true
access-control-allow-origin: https://www.tri-cityherald.com
request-time: 0
access-control-allow-credentials: true
trace-id: b3c3c814d506d115
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 388ms
48ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2023011901.js?cb=31071839

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 24 Jan 2023 18:01:17 GMT

GET
H/1.1 200
OK fc-li.js Show response
tags.fullcontact.com/anon/ Frame D8BD 17 KB
7 KB 75ms
38ms Script
application/javascript 99.86.4.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.fullcontact.com/anon/fc-li.js
Requested by: Host: tags.fullcontact.com
URL: https://tags.fullcontact.com/anon/fullcontact.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.69 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-69.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d1798f00809f57a10e52dd47948ceabfb7a5d6166ee026f06c885ec67076d4ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 01:59:21 GMT
Content-Encoding: gzip
Via: 1.1 e0bc02299b03254b2a35b8c930f005c6.cloudfront.net (CloudFront)
Last-Modified: Wed, 02 Nov 2022 20:34:06 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA6-C1
Age: 57728
x-amz-server-side-encryption: AES256
ETag: W/"d8ccf84ad80ea623b93d63e307d96a7e"
Transfer-Encoding: chunked
Vary: Accept-Encoding
Content-Type: application/javascript
X-Cache: Hit from cloudfront
Connection: keep-alive
X-Amz-Cf-Id: Elhh6ua1nK2j_FzP8pEay8t7EnrmtAVzGO-lgvl8So6cvAYllMvFmQ==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/848620132/ Frame DFB2 2 KB
990 B 76ms
68ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/848620132/?random=1674583277012&cv=11&fst=1674583277012&bg=ffffff&guid=ON&async=1&gtm=2oa1n0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=1&url=https%3A%2F%2Fwww.tri-cityherald.com%2F&ref=https%3A%2F%2Fwww.tri-cityherald.com%2F&tiba=ggaw&auid=55840521.1674583277&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-848620132

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

010afe0616bb28d0363457e61f299429fd9458d2765ba2ea65663b4c131e3342

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 18:01:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 874
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ Frame 19EB 0
127 B 20ms
19ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1081709588515684&ev=PageView&dl=https%3A%2F%2Fwww.tri-cityherald.com%2F&rl=https%3A%2F%2Fwww.tri-cityherald.com%2F&if=true&ts=1674583277352&sw=1600&sh=1200&v=2.9.94&r=stable&ec=0&o=30&fbp=fb.1.1674583277350.1683736224&it=1674583276918&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 24 Jan 2023 18:01:17 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/tr/ Frame 19EB 0
31 B 21ms
21ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1081709588515684&ev=ViewContent&dl=https%3A%2F%2Fwww.tri-cityherald.com%2F&rl=https%3A%2F%2Fwww.tri-cityherald.com%2F&if=true&ts=1674583277355&sw=1600&sh=1200&v=2.9.94&r=stable&ec=1&o=30&fbp=fb.1.1674583277350.1683736224&it=1674583276918&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 24 Jan 2023 18:01:17 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 en.json Show response
cdn-prod.securiti.ai/consent/cookie_banner/0451dd58-47bb-4a6e-9e6f-7fbe4070b019/ef6d9a5d-8e8d-4b42-93dc-31d0900245c4/ 170 KB
48 KB 75ms
26ms XHR
application/json 2600:9000:206f:5a00:12:1bf:30c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-prod.securiti.ai/consent/cookie_banner/0451dd58-47bb-4a6e-9e6f-7fbe4070b019/ef6d9a5d-8e8d-4b42-93dc-31d0900245c4/en.json

Requested by

Host: cdn-prod.securiti.ai
URL: https://cdn-prod.securiti.ai/consent/cookie-consent-sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206f:5a00:12:1bf:30c0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

97a6b6328f6681e2c688de1576108091a2827b4a2f4b0ed4cb1502519b2ee72a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 02:37:35 GMT
x-amz-version-id: Vfaud.IZw_tw7HP6JaIaT2v_Cg99yF19
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self' 'unsafe-inline'; style-src 'self' 'unsafe-inline'; object-src 'none'
via: 1.1 d947c3ab534102b2c9a7f0a4541d2ed8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 55423
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 18 Jan 2023 20:27:32 GMT
server: AmazonS3
etag: W/"366fb12b6a1d131ed85cc681013f257b"
access-control-max-age: 0
access-control-allow-methods: GET, HEAD
content-type: application/json
access-control-allow-origin: *
cache-control: public,max-age=86400
x-frame-options: DENY
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: H9id6eerMAQ3SROA9hdWknwEKHbeThWe9AmWawpZqPpDqfj-Fh_73A==

GET
H2 200 location Show response
app.securiti.ai/core/v1/utils/geo/ 774 B
1 KB 1281ms
188ms XHR
application/json 52.24.111.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.securiti.ai/core/v1/utils/geo/location

Requested by

Host: cdn-prod.securiti.ai
URL: https://cdn-prod.securiti.ai/consent/cookie-consent-sdk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.24.111.54 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-24-111-54.us-west-2.compute.amazonaws.com

Software

Resource Hash

4a58062fc0a9323457fe44f5a08d2cad980d96dbca76bf56bca210787c72c514

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline';
Strict-Transport-Security	max-age=315360000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:18 GMT
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline';
x-content-type-options: nosniff
strict-transport-security: max-age=315360000
x-frame-options: DENY
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.tri-cityherald.com
access-control-allow-credentials: true
content-length: 774
x-xss-protection: 1; mode=block

GET
H2 200 pixel;r=387021251;labels=TCH;rf=0;a=p-50B2Fi6bBqYto;url=https%3A%2F%2Fwww.tri-cityherald.com%2F;ref=https%3A%2F%2Fwww.tri-cityherald.com%2F;uht=2;fpan=1;fpa=P0-1612375809-1674583276868;pbc=;ns=1;ce...
pixel.quantserve.com/ Frame E699 35 B
371 B 27ms
24ms Image
image/gif 2620:116:800d:21:ef75:8280:f209:5ba1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=387021251;labels=TCH;rf=0;a=p-50B2Fi6bBqYto;url=https%3A%2F%2Fwww.tri-cityherald.com%2F;ref=https%3A%2F%2Fwww.tri-cityherald.com%2F;uht=2;fpan=1;fpa=P0-1612375809-1674583276868;pbc=;ns=1;ce=1;qjs=1;qv=8508733c-20230116145555;cm=;gdpr=0;d=tri-cityherald.com;dst=0;et=1674583277384;tzo=0;ogl=;ses=d62ef673-56d8-4800-a421-9f77366d97e2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 18:01:17 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 container.html Show response
972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame B90F 6 KB
3 KB 37ms
34ms Document
text/html 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202212211045/wrap.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tri-cityherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 24 Jan 2023 18:01:17 GMT
expires: Wed, 24 Jan 2024 18:01:17 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3F28 0
0 60ms
59ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss6LrxAxL_mw1p7lzvi2jx52WGwFEYuGTsSXxQjwzJIGvUAWetI7A2iaa2XzFWCCn-0YxW5vyIg4kRwUBFAGhvsp6oAoOYI7KOoaNu7CPTyHAuFV7F25gtR0zyoKLX85PWt85N8je-mHpaYrvhX2o2bW7GzsPOJ7QJ8ijGCSk-SvfttqcPJDn1w0vdkvl3hN53BCBc8e68LQnuCOS333f_1JEW1u0K0HUrMOQehaTIaJ24mJ17jJHxJTTJg0GQmHEc-uQpst7O2EHGsdqy2FgPdq1nI6HWvyXUZNSUKlbELUoBdrzbVIuOhMy_Oj1DcqucOIPcdN1VVXbYwDcpr9_ZevpnyPxeL0qxJN8dRpBdrm0FcNNwJAT1Tyw&sai=AMfl-YSQeItg7bwTR_iKZMwgGGqj8ICQyEDzsuybYRMNh3yK-30e047qOusjkdPgDqx66wtqcEGFhr63NBJ3d1Su8ONfLJ8RTGVYTuoh0uXnwBO1skteqVKdgSNrOf98OnyFcQ&sig=Cg0ArKJSzCuVkV_s9mbrEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230119/r20110914/ Frame 3F28 22 KB
9 KB 24ms
20ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230119/r20110914/abg_lite_fy2021.js

Requested by

Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c97dcb70d635092868646d0fe67b38a04796f5343dad81c23945bb31d477a763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 17:29:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1908
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8872
x-xss-protection: 0
server: cafe
etag: 4731094640903799552
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Feb 2023 17:29:29 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230119/r20110914/client/ Frame 3F28 3 KB
1 KB 27ms
24ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230119/r20110914/client/window_focus_fy2021.js

Requested by

Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 16:49:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4311
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Feb 2023 16:49:26 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 3F28 0
0 66ms
64ms Image
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQOVv7Ipdq53nVlarIuAoyu7q0JXdBh4C1bCEzAOQf5N7EUijLyRKymHtYMgPxRQvXJNkKu
Requested by: Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3F28 156 KB
48 KB 980ms
37ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b11a5a999e3e3045fc364bfe9c81bad4fa5934331c65dc2decb4d59a08ada84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48884
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1674478187548999"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 24 Jan 2023 18:01:18 GMT

GET
H2 200 6763197607920578843
tpc.googlesyndication.com/simgad/ Frame 3F28 59 KB
59 KB 27ms
27ms Image
image/jpeg 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/6763197607920578843

Requested by

Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

32074a16c8436817aa6ae745e28aae8b24a5f98d7b298b0183ba5fb636b405ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 14:09:43 GMT
x-content-type-options: nosniff
age: 445894
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60392
x-xss-protection: 0
last-modified: Thu, 15 Dec 2022 18:47:10 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Fri, 19 Jan 2024 14:09:43 GMT

GET
H3 200 container.html Show response
972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame A050 6 KB
3 KB 102ms
35ms Document
text/html 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202212211045/wrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tri-cityherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 24 Jan 2023 18:01:17 GMT
expires: Wed, 24 Jan 2024 18:01:17 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame CEC5 6 KB
3 KB 94ms
37ms Document
text/html 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202212211045/wrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tri-cityherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 24 Jan 2023 18:01:17 GMT
expires: Wed, 24 Jan 2024 18:01:17 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 container.html Show response
972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F255 6 KB
3 KB 98ms
41ms Document
text/html 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202212211045/wrap.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tri-cityherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 24 Jan 2023 18:01:17 GMT
expires: Wed, 24 Jan 2024 18:01:17 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H/1.1 200
OK sa.css
tags.srv.stackadapt.com/ Frame ACC8 65 B
292 B 114ms
112ms Stylesheet
text/css 44.209.218.223
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.css
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.209.218.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-209-218-223.compute-1.amazonaws.com
Software: /
Resource Hash: 2d9fb5c7fe4d61eec18550561f4b352bbef0e77ab90456ec51c90eb54072ba32

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 24 Jan 2023 18:01:18 GMT
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Connection: keep-alive
Content-Length: 65
Content-Type: text/css

GET
H/1.1 200
OK sa.jpeg Show response
tags.srv.stackadapt.com/ Frame ACC8 0
881 B 453ms
113ms Fetch
image/jpeg 44.209.218.223
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/sa.jpeg
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.209.218.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-209-218-223.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 24 Jan 2023 18:01:18 GMT
Cache-Control: only-if-cached, no-transform, private, max-age=7776000
Connection: keep-alive
Content-Length: 651
Content-Type: image/jpeg

GET
H2 200 any Show response
idx.liadm.com/idex/unknown/ Frame D8BD 54 B
437 B 368ms
116ms XHR
application/json 34.231.246.225
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://idx.liadm.com/idex/unknown/any?duid=5fb552a76ef3--01gqjf20wwrsy00pmt4x3hc394

Requested by

Host: tags.fullcontact.com
URL: https://tags.fullcontact.com/anon/fullcontact.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.231.246.225 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-231-246-225.compute-1.amazonaws.com

Software

Resource Hash

cff2fddd0382a2f4113ce84ee9e019eb1e60da60f02cd1dbc968d93f9142e17c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:18 GMT
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
request-time: 3
content-type: application/json
access-control-allow-origin: https://www.tri-cityherald.com
access-control-allow-credentials: true
trace-id: 0eb7a138055fa88c
content-length: 54
expires: Wed, 25 Jan 2023 18:01:18 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 66C6 13 KB
5 KB 32ms
30ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tri-cityherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 767
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 24 Jan 2023 17:48:31 GMT
expires: Wed, 24 Jan 2024 17:48:31 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 432F 783 B
534 B 83ms
82ms Document
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

bf27a71dc58d016883e1da33d7aa4905e7e2d846a1bc9ede1b3d7ec8dc0ed173

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-tyv2xXlVcnAiPDlSw73SWw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tri-cityherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 512
content-security-policy: script-src 'report-sample' 'nonce-tyv2xXlVcnAiPDlSw73SWw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 24 Jan 2023 18:01:18 GMT
expires: Tue, 24 Jan 2023 18:01:18 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 05CF 0
74 B 59ms
58ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGOq3xd0BMAE&v=APEucNVSt7BGMRdofHWB3gDLT1Au4JhX1P7kcmN8-qtJuR0phCTZUe-FDHP1KDHmtAm0VAZZoJsdO13FP3QfWui543tQ2YKLAw

Requested by

Host: 972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com
URL: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 24 Jan 2023 18:01:18 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20230119/r20110914/ Frame B90F 22 KB
9 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230119/r20110914/abg_lite_fy2021.js

Requested by

Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c97dcb70d635092868646d0fe67b38a04796f5343dad81c23945bb31d477a763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 21:42:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73121
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8872
x-xss-protection: 0
server: cafe
etag: 4731094640903799552
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Feb 2023 21:42:37 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20230119/r20110914/elements/html/ Frame B90F 6 KB
2 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230119/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0f9a96a8b15dfa0bd82a9b0c4f7d31927c96784bb62af0a94fbaa78cde5e2fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 21:42:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73121
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2477
x-xss-protection: 0
server: cafe
etag: 8436122973860808490
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Feb 2023 21:42:37 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame B90F 0
0 159ms
66ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvAuKxJzTHLYXFfUz_zlpehwyitLMQrSgmtiXDg_scAX0xUH4Qrim8XBhg55GSlo5JbGAxj8DUBKZauFVMcIqlypgqkrrbB5xiXlX_XZnnMrov9MzWD6myhGZVNP6IfXKnp7DH9-quxPoTmrdnZqoq2WiaJwnZqgf6Mmy0dzwMIMQ0trcUiziwdffJyvGYiaBUGj81gMImEtIv1Qmtz743CKfpI8dgF9Jz-wYm20krqxarMuqqs4QROnm7UmscDHjb1vSQA_EUgQwflB5MvucLC0U_sDdMbzXkOHerMjtlZ-su-OC7k5890XSghTA8GUWve9cPmJiT4mgirljh1xnd0GG3mne1AEHARcFzAqvtz_SOqQ54rGjLl7bhOgacP56D2D3siqdxVVXAOkpILVJgZKRs_FAsAoLx0M3h0sdy8rThypoW_G0d6f-86WRx3JNPN0aIJWYBMLyDCDCMc9rDien6vHHUiwzpE4jx_wgrjRoFHm6LM5RCLD3t0bFLrUYw93uHGPbkvUYp5oK16D5-IeoqM3WFTQ3uAjOcU7xebL7kYQuxsRjbwnwX3qGgnecyEoUp81Jd3ziYbXPAfCpT6IK5bbqzuP-7ZoLkG0h98OCBMbATPdqemAnrc2y2BZ9_Ek4ZTHM3GqIuYmf5d-ZWfUWTpGosUVOFwm5Krltu0Af7FaEaJTlOsUseFypcBvsh5xfbA2Ku8F5zRGdytmMLVnHd77aoD_UuA5z52_6fOCISTpiTidwZI2qvrk2AqvaS0S_29NYfwN7TPvKqp_UtwL3I61QW4KnnqAppeveX0iOMw9m8y5TyqFKR8x-siLmWz8km2lUA7lm5EHZJ5Tg1eYUQhVCYHOpfSaiceckda079_wtI0-5SgbAScVVXeOOqBU-EupR38LqO2jFaAdEL5cGKT4C0_ztu8-FqVOS-uuU2JRndGXapLeauMkOKaK-qRkApvZgdgQPOjlFmen1JxOE9odXH3LvptZ7Mgc0QMEgUweGDylfLBlV2xOueRAGuanCal477uCeR5MBma-Plv0WWVZsl5wkhBy1vRyqJ8PqH5AaaeyPHQVF2MtNaujktWBPkLormb3Xh5cWQTrKjQlDltdWl6FLEwT9xUPFjgMVGdCG74b82_UAOulj-TQDL12m8fQzI8UxhaYyOae03chO-ceNQbMHF_hFjRHkkFT-_5Q3jQpyguvwCQhDPqpKgksYBIsDnl-xpr2XynHG0aojh04luV0ftZzMffSM-r1HH8K4Ft6CpdZDiQrTYXJc8EytXvmlTk5f239MI0Vrw9Gp8jP9Ul8csJMh3lm3nwWilap4g&sai=AMfl-YQ5UpkeoZqYGBBI0gvaF-RskMlrxJbd5047luXVwJe0017trHnnGX9ZoDA7X_1Qeul5HBgVCx8BIXkQV9O7EIaRM3zKAYo2CKrYmdHiKXmuJezKqTZw4DEReN60E_aNoRn4RlhB30dVNZ5x4LhQ4FpmpAbjgi_eBvM8c7zmP5LckYrYZ0J374JjsuBp6lwhh1hPBxMdEIO2jBFVuW6CiFocIT4m9N8Z2z9XpkxIJ2tY9oWyYB9gOLu7_r03TIrsG8k2AV3ujiZ_O1DA_SBE3GnfIqZa5OAXK_9avDJgFQsJvQxifsV-Xzuqi0AQdbQ3xKDUwhcILTi5FwJSYmmyBLf5DKg9fMDtWqwAxaCrTdRwwY520LGDMYHJoQDmXFR-qjVBb4jEOmz2RzG7I_-g6qYd6w&sig=Cg0ArKJSzCrdXGqHeihpEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230119.38096&arae=0&ftch=1&adurl=

Requested by

Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 24 Jan 2023 18:01:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 24 Jan 2023 18:01:19 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame B90F 41 KB
15 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 19:04:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82610
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Jan 2024 19:04:28 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame B90F 42 B
63 B 123ms
122ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-DSLfZ7iPZ3G5pJvqs68VcBFi2RxMsSKM9YNuK-IR2OonKSHxxFVsk3TzEMQHeEH1Hjau5lht-MLmdVqAFL4qgRRHegze2QFrxUX-0WAHGx3AZp42M

Requested by

Host: 972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com
URL: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 18:01:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230119/r20110914/client/ Frame B90F 3 KB
1 KB 25ms
22ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230119/r20110914/client/window_focus_fy2021.js

Requested by

Host: 972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com
URL: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 16:49:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4312
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Feb 2023 16:49:26 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230119/r20110914/client/ Frame B90F 18 KB
7 KB 27ms
24ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230119/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com
URL: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

62a20e257b8a5aa8cf9cddebb9b2d2c6a5d26f0458561846d94f56eca032a952

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7619
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7520
x-xss-protection: 0
server: cafe
etag: 14267389461115588627
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Feb 2023 15:54:19 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame B90F 0
0 70ms
66ms Image
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRfQr204R6pJn2yY5ASDWk91xinxvprx4N4rGKUaAI-ACzVKYDjvFzWspPjyqxVEbgFun5E
Requested by: Host: 972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com
URL: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B90F 156 KB
48 KB 42ms
39ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com
URL: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b11a5a999e3e3045fc364bfe9c81bad4fa5934331c65dc2decb4d59a08ada84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48884
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1674478187548999"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 24 Jan 2023 18:01:18 GMT

GET
H2 200 pixel
protected-by.clarium.io/ Frame B90F 68 B
244 B 212ms
42ms Image
image/png 13.51.103.175
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_YXdNeFZaTHBOVzZLNkVHNldDNVM4b1JfYTY4LzIzMDUzMzY3NjY6OTcweDkw&v=5&s=v31gnif2177&id=eyJkZnAiOnsiYWQiOjE3MjA0NTc0LCJjIjpudWxsLCJsIjowLCJvIjoyMzA1MzM2NzY2LCJBIjoiLzc2NzUvVENZLnNpdGVfdHJpLWNpdHloZXJhbGQvX0hvbWVQYWdlIiwieSI6NzY2MjUsImNvIjowLCJzIjoiaHRsYWQtMi1ncHQifSwidHBfY3JpZCI6bnVsbH0%3D&sb=undefined&cb=5256568&h=www.tri-cityherald.com&d=eyJ3aCI6IllYZE5lRlphVEhCT1Z6WkxOa1ZITmxkRE5WTTRiMUpmWVRZNEx6SXpNRFV6TXpZM05qWTZPVGN3ZURrdyIsIndkIjp7Im8iOjIzMDUzMzY3NjYsInciOiI5NzAiLCJoIjoiOTAifSwid3IiOjJ9
Requested by: Host: 972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com
URL: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.51.103.175 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-51-103-175.eu-north-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Tue, 24 Jan 2023 18:01:19 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
server: nginx/1.18.0 (Ubuntu)
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 15321063655062056204
s0.2mdn.net/simgad/ Frame B90F 30 KB
30 KB 40ms
37ms Image
image/png 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/15321063655062056204?sqp=-oaymwENCMoHEFogAUhkUAFYAQ&rs=AOga4qlnKXnCaEa-pz8C0qnXwq6-am9eFA

Requested by

Host: 972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com
URL: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61ac33de6e80b49ce05cb7b6805670f547ab2445579b6b0c1c8ca433e6d48c42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 19:40:11 GMT
x-content-type-options: nosniff
age: 426067
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30857
x-xss-protection: 0
last-modified: Fri, 30 Dec 2022 14:20:47 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 19 Jan 2024 19:40:11 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ Frame 788F 4 B
214 B 57ms
51ms XHR
text/plain 2a00:1450:400d:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=600978500&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tri-cityherald.com%2F&dr=&dp=%2F&dh=tri-cityherald.com&ul=en-us&de=UTF-8&dt=Home%3AHomepage&sd=24-bit&sr=1600x1200&vp=&je=0&_u=YEBAAUABAAAAACgDIC~&jid=427416275&gjid=44040816&cid=1452632116.1674583279&tid=UA-48281581-1&_gid=1464327996.1674583279&_r=1&_slc=1&gtm=2ou1n0&cg1=Tri-City%20Herald&cg2=Homepage&cd1=TCH&cd2=Tri-City%20Herald&cd3=Home&cd4=_HomePage%7C%7C%7C%7C&cd6=Homepage&cd7=Product%3A%20Escenic&cd14=&cd15=&cd16=loggedin%3Ano&z=290086500

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:803::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tri-cityherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 18:01:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tri-cityherald.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/848620132/ Frame DFB2 42 B
64 B 61ms
58ms Image
image/gif 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/848620132/?random=1674583277012&cv=11&fst=1674583200000&bg=ffffff&guid=ON&async=1&gtm=2oa1n0&u_w=1600&u_h=1200&frm=1&url=https%3A%2F%2Fwww.tri-cityherald.com%2F&ref=https%3A%2F%2Fwww.tri-cityherald.com%2F&tiba=ggaw&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2747933547&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 18:01:19 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/848620132/ Frame DFB2 42 B
455 B 88ms
33ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/848620132/?random=1674583277012&cv=11&fst=1674583200000&bg=ffffff&guid=ON&async=1&gtm=2oa1n0&u_w=1600&u_h=1200&frm=1&url=https%3A%2F%2Fwww.tri-cityherald.com%2F&ref=https%3A%2F%2Fwww.tri-cityherald.com%2F&tiba=ggaw&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=2747933547&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 18:01:19 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 2B72 0
16 B 58ms
57ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGOzMxd0BMAE&v=APEucNXBlZtt2CukqHZkMuJ0HCVkdJz4BZrXkKw8ZaoIdBqSLGYMwnwpb5sVpei1kvo8VPSYJvUs7JjpnhTCmUyyqILXoSS2Wg

Requested by

Host: 972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com
URL: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 24 Jan 2023 18:01:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20230119/r20110914/ Frame A050 22 KB
9 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230119/r20110914/abg_lite_fy2021.js

Requested by

Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c97dcb70d635092868646d0fe67b38a04796f5343dad81c23945bb31d477a763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 21:42:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73122
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8872
x-xss-protection: 0
server: cafe
etag: 4731094640903799552
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Feb 2023 21:42:37 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20230119/r20110914/elements/html/ Frame A050 6 KB
2 KB 32ms
31ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230119/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0f9a96a8b15dfa0bd82a9b0c4f7d31927c96784bb62af0a94fbaa78cde5e2fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 21:42:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73122
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2477
x-xss-protection: 0
server: cafe
etag: 8436122973860808490
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Feb 2023 21:42:37 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame A050 0
0 66ms
64ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuWr9lCaPxlkhdD7AKHrtFzQheP1cqLEo01xTNuE2XLzJsiwxyafnaj-8Lmv_V4SoR8yf0g7uNTMbSvLhbE8KTu9wHT33zJ1_rl1qVcwU2FJdGWG7Mlg11iod1tGga08GPrHWXSG-uph0ZJEvv3N6pOphiDrV6tYkoyMDRzHj5K2mYYe04cf83szNocpru_jRRTXwPbto1LLS5OOR2veHo5f5kv9A3GvuTLcs9hRS7vc5t0dkhEaajnJdEjPphtrvu3B3_rv4ekvF_-fobQhRRKosjr4gN0YN6wXhi9McpreTzU0ETR70wqsc-fFY4dzzbJjZh-ulF1KsVe4g70LhEEaTx83_JwHeBYs8tPm7eBuoJVOQNtBsk3a9MS1x1XkiHl_W5cUkQa7ieRSuqrezJcEhpi9Q6PpsW_hlX_9vnfRtLEb5R_hXOsIm4TEqlEocmQ59OFtUJX3sF2cYzT1El6QQqJZp8J2tFK-b0lBwilm8VLONfxQh78E3ebcplpLH7gWN_8LERqF678bHARlSdpTI0xV4cc9-0y0sMnHQe7gmBOItg495nSu9y85lFrzxrrGrjewQj11V_OSLcmCJd_s8194r_ZQzn_RZFJGD5wkolbJJoSMstGu3dSFQvjogqcU-7AT6G9InmX3JyEXjDzGZqb2Aq8wzQqAfZaSkGarWMMMLgcc9G8fyYb2mMEh8bBh-EKi9__dQbc2i0lmFkNZkAdIaNcOEOhfhzLj4u34700lsI4IHxDvgLTFGGIsKD5_Cme1I7MqceTGYaqBbLAExA-t0qB2451_QdYOQIb-uw-GMMlBc2zq21HpvYawujVE_4xuqWhZdjbFwmXMudUnfWQHwkNg1FUYIekQfQMGARgsRn04Ud4gSoVJNj_e9mxz8vyjQj7ixF0lLM9EGZ6NYqqNiH7ycjmjUSCWKQTXoM0TO8jvKKm_jlL4-I2vigC0VCWYTE3DubGf4hEEFNm1JjiDp5SVQJu7eN6AySFpoFuy9nyP9Y_pRIxkbFmkgKLePyc7Pr-DUosZjiFE-VoaFLNqhDrHAoMqjwR3lyrZmxsAt7PvUdYTz8i7YwtctFZy5gPUPKLuHZlVYXQbvh5js1Fo_wduI1l1K6La-4M0EfAuJLAbUEXF-m-homX5zayBvOeJOr9Ij3sSXKtMn6BkVKl7Blv61QIWrw0K5RIcTMoYlMfXVoO2fI3vaOwxeHpMSZcEygq1oQsWwmnvduIbVm_yBNHIHI6lEX6XZQAHLf6mI5ysPdU13DSHp1KwLwxKq3AZMJmlBILoYCnvxgfcaUKZeQC6uuJLLrmxPoSqJgJiIKo66RC&sai=AMfl-YR0UdNqoKHWzcSupvbnDMyQ9v9c330F8Jsd7ZlEslnIcEdAoXRPm_kJ-m0h1OBAvYIa7yPEkCmyThJetMtV8_5mlpZ9nEK--zWNuOlHZG95dFm42SDw8XMOEfo7wsgYVefB46Tti2ZCujeSO602ktn2i2wrGJmSUaG1n6-tC51Hryh88labU2RG8IIEOsvbXPFA0MAcwVAKf7QqMT-huHCGE30BZYEeCoQyOt-aPyPf5a_WnepW7-xvCrx8erDy8crAHfqxe_c7GX11R3eR6CluCrwlUWqyqr2nNwzDn8GpsvdnDIWlG3_rls9qkXOLeTW4il9fodEfyF9Kr0YZipr5acoFubjsbjgHPIPdZV4qZ-TS_6g31zj1ykuGwkNjjMxmYIr1F_SUbL3XEARJuJjoaQ&sig=Cg0ArKJSzAv0p7Zck4V0EAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20230119.66762&arae=0&ftch=1&adurl=

Requested by

Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 24 Jan 2023 18:01:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 24 Jan 2023 18:01:19 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame A050 41 KB
15 KB 28ms
27ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 19:04:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82611
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Jan 2024 19:04:28 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A050 42 B
63 B 121ms
120ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-C27IVsrsC2IKsrkIcNNP677j1I_1WzE_ODOSQ6vM2Iwe5Kn6pL_CprjmRe200q9TFS0YDANgI7zMclnrQYT9Sm_PUrN580JrtdITT3xo5N6rWZbLY

Requested by

Host: 972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com
URL: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 18:01:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230119/r20110914/client/ Frame A050 3 KB
1 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230119/r20110914/client/window_focus_fy2021.js

Requested by

Host: 972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com
URL: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 16:49:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4313
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Feb 2023 16:49:26 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230119/r20110914/client/ Frame A050 18 KB
7 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230119/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com
URL: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

62a20e257b8a5aa8cf9cddebb9b2d2c6a5d26f0458561846d94f56eca032a952

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7620
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7520
x-xss-protection: 0
server: cafe
etag: 14267389461115588627
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Feb 2023 15:54:19 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame A050 0
0 56ms
55ms Image
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQFcmcDuK5gpO-MLJBCsZyrKdkjA3QGxtyK3AEs83n5AKyPXEGwalFDfhUUuvhYNj2zhTtR
Requested by: Host: 972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com
URL: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A050 156 KB
48 KB 112ms
110ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com
URL: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b11a5a999e3e3045fc364bfe9c81bad4fa5934331c65dc2decb4d59a08ada84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48884
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1674478187548999"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 24 Jan 2023 18:01:19 GMT

GET
H2 200 pixel
protected-by.clarium.io/ Frame A050 68 B
243 B 317ms
315ms Image
image/png 13.51.103.175
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_YXdNeFZaTHBOVzZLNkVHNldDNVM4b1JfYTY4LzIzMDUzMzY3NjY6MzAweDYwMA==&v=5&s=v31gnif21hj&id=eyJkZnAiOnsiYWQiOjE3MjA0NTc0LCJjIjpudWxsLCJsIjowLCJvIjoyMzA1MzM2NzY2LCJBIjoiLzc2NzUvVENZLnNpdGVfdHJpLWNpdHloZXJhbGQvX0hvbWVQYWdlIiwieSI6NzY2MjUsImNvIjowLCJzIjoiaHRsYWQtNC1ncHQifSwidHBfY3JpZCI6bnVsbH0%3D&sb=undefined&cb=9036466&h=www.tri-cityherald.com&d=eyJ3aCI6IllYZE5lRlphVEhCT1Z6WkxOa1ZITmxkRE5WTTRiMUpmWVRZNEx6SXpNRFV6TXpZM05qWTZNekF3ZURZd01BPT0iLCJ3ZCI6eyJvIjoyMzA1MzM2NzY2LCJ3IjoiMzAwIiwiaCI6IjYwMCJ9LCJ3ciI6Mn0=
Requested by: Host: 972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com
URL: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.51.103.175 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-51-103-175.eu-north-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Tue, 24 Jan 2023 18:01:19 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
server: nginx/1.18.0 (Ubuntu)
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H3 200 5616082569980367240
s0.2mdn.net/simgad/ Frame A050 49 KB
49 KB 37ms
35ms Image
image/png 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/5616082569980367240?sqp=-oaymwEOCKwCENgEIAFIZFABWAE&rs=AOga4qnbhVw4n2uCayHZFnU3lgKIaNWjfA

Requested by

Host: 972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com
URL: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5668441749de5241c390d0d6893686bb5630a913045b360c7f1350ece80742a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 09:28:07 GMT
x-content-type-options: nosniff
age: 117192
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50268
x-xss-protection: 0
last-modified: Fri, 30 Dec 2022 14:16:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 23 Jan 2024 09:28:07 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3F28 0
0 64ms
64ms Fetch
image/gif 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss30ZCd29x4v9jqzwmd4ONrBk-EBPxD-GKBLzNSOZYIy0wzmedkSpX5Aa3arWCzcLdCs1kB9ulQUCR2e30zLRyp7whrn0-rg5sYnsijHgEmWQziYJU6rvrEvkfqVw_3Db4Hg3ox0nc152gpEJsNOvNk01CMAvvdWGbNqEOXCrg1LQlEuoIdRupLCr9HqtiZ2Vlru7Z_GUwIW0I9e8Ws2lqSIpienRxW0HJmb1rfPjktbHyNTOgTtA51-yr33gGePQKP0bY0Oe3yRgq2lwnB1dfzf8ltR05HAwJWCIWwTjkMLIWQTvJ-Y_AYBVAcJfSFtmlfXLdSrax_cm2Eem2qtE4GqoDs_Wst-oT_Em9U8Q&sai=AMfl-YQ9Q5uIStjXJe0FyvRrsEn8iUYJ9C7OlspPFMsB9DHfGdgiFFXHfHwSnAS4e77F3mhNLBI_9ZUeQ0_vgu7td79doZXziRT-0W1tzqpbY6i4UogenK64HL2UwhOdwRqmEw&sig=Cg0ArKJSzDYnHYA1QbFDEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 24 Jan 2023 18:01:19 GMT

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ Frame 9F7F 43 B
245 B 112ms
112ms Image
image/gif 34.224.131.223
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjoiNjEzMDEwNDM5NyIsImVidXkiOiIzMDk0MDQ3MzU4IiwiZWFkdiI6IjQ5OTI1NzQyMTciLCJlY2lkIjoiMTM4NDE3MzAxNzQxIiwiZWVudiI6ImoiLCJlcGlkIjoiMTUxMTcxNzQiLCJlc2lkIjoiMTUxMTcwNTQifQ&tv=js-3.0.160&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=10&tvcfg=all&tid=d6933e99-819d-45fd-8a60-9763ee6d66e7&pid=94b9779c-438e-4670-bbaa-c79810ca3ef5&dtm=1674583279353&qnm=_matherq&visible=1&tabid=34bb6c7c-b55d-4bb2-95d8-96d2c9ed38b7&refr=https%3A%2F%2Fwww.tri-cityherald.com%2F&url=https%3A%2F%2Fwww.tri-cityherald.com%2F&vrefr=https%3A%2F%2Fwww.tri-cityherald.com%2F&vp=0x0&ds=0x0&tofa=1674583275&vid=1&lvidt=1674583275&duid=c3198a4c-259e-4a1f-af03-9ab47bc41973&fp=1279215348&cid=ma12095&mrk=74930803
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.224.131.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-224-131-223.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date: Tue, 24 Jan 2023 18:01:19 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 08C7 0
16 B 59ms
58ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGOzMxd0BMAE&v=APEucNV_GS5o128pQ0ymT23W9EnMPnKf910pynBHACDsPJ27YuW5bsZXrDZReNMjA5nmPwyU9Pvg4Uw8AYrambCWYeOs_K2A6A

Requested by

Host: 972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com
URL: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 24 Jan 2023 18:01:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 5616082569980367240
s0.2mdn.net/simgad/ Frame CEC5 49 KB
49 KB 37ms
36ms Image
image/png 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/5616082569980367240?sqp=-oaymwEOCKwCENgEIAFIZFABWAE&rs=AOga4qnbhVw4n2uCayHZFnU3lgKIaNWjfA

Requested by

Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5668441749de5241c390d0d6893686bb5630a913045b360c7f1350ece80742a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 09:28:07 GMT
x-content-type-options: nosniff
age: 117192
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50268
x-xss-protection: 0
last-modified: Fri, 30 Dec 2022 14:16:38 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 23 Jan 2024 09:28:07 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20230119/r20110914/ Frame CEC5 22 KB
9 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230119/r20110914/abg_lite_fy2021.js

Requested by

Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c97dcb70d635092868646d0fe67b38a04796f5343dad81c23945bb31d477a763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 21:42:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73122
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8872
x-xss-protection: 0
server: cafe
etag: 4731094640903799552
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Feb 2023 21:42:37 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20230119/r20110914/elements/html/ Frame CEC5 6 KB
2 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230119/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0f9a96a8b15dfa0bd82a9b0c4f7d31927c96784bb62af0a94fbaa78cde5e2fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 21:42:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73122
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2477
x-xss-protection: 0
server: cafe
etag: 8436122973860808490
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Feb 2023 21:42:37 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame CEC5 0
0 70ms
69ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvtSkhYDiaieXS4UjROaS45bTaeM-4uDxTK53D7oE6on_o2cYabdrlnhqREbrrLjofi2fMswH9pqonbtRw_aRALkj4FbgNsN5zTvlHua79P1hHBkRjybK6A0R4nWWL6PLA-7rJ2BTcx7RyzRK1cxh9a4lrT3RRmKsn1lqpqw5c-CaJ2rtAsk28PGyk7ZbveGzofHNSb6AX3yjoRSN4CMz2Ab-UMFnxU3wHWzbFqu1iGvJ_SvbF_Oe9Gzrr_VgPfEin8D5wt0BasWf2lTtrdFPVfYBhv8hJNuq6mXrhDhm_07yCT-8fq5xsQYKY6qhLz-MNmExsRs412SpvkwJa-c0ShZo9s8uzFszqGaQvdK_EHCcNf5GUaeSlqKHkbaHq-BVrzKzZsg13zEHAeYwQZ2XUmoiBqyRO3dy0EgbHNPujkeXg21VKDldd6eaBKL-H5CPtJoQqrTmLt67wz2kFBVj3hFTtOU2gINPglVgoTgqHxT06-YwEemp4a9HfF5w7bODZtas2rVkztBfmJXsQAXfhxFHQPSdqneRQ1pVxCobVzHPKBxBmSDShlBJyvd9B6HNT1gMEINrnIGZ-cQThphfMYAbAgC6ebJ77lN1qgfB2FtJjb7CyiRcB6UmBlfLE6RcqLd6i7yo_GV6EIoJ2rK5PPBmUknuWjRbKknyT40OKnZwlAdh-1mQ1pmCl0e3GaJLcKbz4FxYPSXs7fFuGkKrAJjy5wPuR8hBIbhkpCzoXS8JIW3EDUnwTEHUJvaBZ6ouLqy3y3rq9H_36rCZWbjNts0N_kGoHunn7f4o4lHHPsVw23wsU9xcKn0iTLES6dwiju2zUC1ZFHS0h-BVxIiHFllzuyk2AVECqQh2re6NqgQE_Jyuwo9L8wCJiuL5JLcXf-oqPXuU-zoM18GmaAeJWGh5eYYpkPzjzIW47uU8ci0uEW8RorvI0L3pX1kszGBYJuC9rCPuRiwwuG_GJ7xu0lnx9udLV6CzXYcPXqfp6fZKuOW71tSmFE9Q5cyfatL0oLvp20JrHTOyIu-sGw_uE1UDisZ0JMrhcvefrpo5hi7pEsH6K8cgl1zdByflfNL9aRnYsDxNcYFo8IiPpRtHVLMrMYnBnDO6D2cXT6cdzsbKmkpfCkToecUj20bKsdQSCSyCxRZhJEgNBPcXS257S-thVhwUAS2zBcpIZgJRJT4HaUoHE5yuMUumO4v_cazRfMH4-Xak1bEtDIKB8KpDMGuq4xeLm4E_fmQhXxqzW3W4BucMM8qvHAgn6hqaAk2qnBxG8Wmk6I13CPlLIHsFJ_tlOXqrgSnHQvKHT5ZbgAby2sf5lOGG_c&sai=AMfl-YTc-vPMbdlD6AltO9oi9W2Gvisq-A6BW-sa-Zv-4LX1AyX-r5xEeo_V5VMsOr8ISiW5M2fCMBkYcgOirsCsbPEAyqCSL2DmHmBobW-yKeM4O2jO85joeW9k69gMfDkKlrORcgTZeyFYwpNTtNuTzE8C84EIjMjdMONhpD-KYUosyoVISkm7mwUQBUgpQOxYgIMcqbPmOt4Rwk48a1l3jpUWl-U1AEJJzksxc8cO1nO_i2OSWDGlgloNpmUWg4Ea7Ce1XCuniJPjZ1ih3GSuRwqk1XrB1O6mEZucVx1iSYqLqFJh_fteeaQgRScF4EKFRWwsUHwx7pTR_Mbymzd0Os_Kzngjn15hZr9W9GlfD_cRfy_KXCMvEKReWjEfqI-D7bE85tvf0jc8Cly--c5iEywKIg&sig=Cg0ArKJSzPiZHHAPelBzEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20230119.57432&arae=0&ftch=1&adurl=

Requested by

Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 24 Jan 2023 18:01:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 24 Jan 2023 18:01:19 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame CEC5 41 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 19:04:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82611
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Jan 2024 19:04:28 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame CEC5 42 B
63 B 121ms
120ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-BNDIqyE4Ysgn3B3BaG-BzqmPqEAEekoQ51qP9fUOtK1Ul__eaxswgQzTvG4GmQjaRe_616oTdYcWl_pKEuTBQPbF6q2YUzPF0k21H5ahyRvVcnGAk

Requested by

Host: 972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com
URL: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 18:01:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230119/r20110914/client/ Frame CEC5 3 KB
1 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230119/r20110914/client/window_focus_fy2021.js

Requested by

Host: 972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com
URL: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 16:49:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4313
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Feb 2023 16:49:26 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230119/r20110914/client/ Frame CEC5 18 KB
7 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230119/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com
URL: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

62a20e257b8a5aa8cf9cddebb9b2d2c6a5d26f0458561846d94f56eca032a952

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7620
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7520
x-xss-protection: 0
server: cafe
etag: 14267389461115588627
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Feb 2023 15:54:19 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame CEC5 0
0 70ms
70ms Image
text/html 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRinuY56rxXn8P1sO1OvyRKSFSutHI4V24WXvw-pJ1iLmMsU4Adxcd6lOAG4x_H-tZEUM0r
Requested by: Host: 972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com
URL: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CEC5 156 KB
48 KB 52ms
51ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com
URL: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b11a5a999e3e3045fc364bfe9c81bad4fa5934331c65dc2decb4d59a08ada84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48884
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1674478187548999"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 24 Jan 2023 18:01:19 GMT

GET
H2 200 pixel
protected-by.clarium.io/ Frame CEC5 68 B
243 B 42ms
41ms Image
image/png 13.51.103.175
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_YXdNeFZaTHBOVzZLNkVHNldDNVM4b1JfYTY4LzIzMDUzMzY3NjY6MzAweDYwMA==&v=5&s=v31gnif21s1&id=eyJkZnAiOnsiYWQiOjE3MjA0NTc0LCJjIjpudWxsLCJsIjowLCJvIjoyMzA1MzM2NzY2LCJBIjoiLzc2NzUvVENZLnNpdGVfdHJpLWNpdHloZXJhbGQvX0hvbWVQYWdlIiwieSI6NzY2MjUsImNvIjowLCJzIjoiaHRsYWQtNS1ncHQifSwidHBfY3JpZCI6bnVsbH0%3D&sb=undefined&cb=3741695&h=www.tri-cityherald.com&d=eyJ3aCI6IllYZE5lRlphVEhCT1Z6WkxOa1ZITmxkRE5WTTRiMUpmWVRZNEx6SXpNRFV6TXpZM05qWTZNekF3ZURZd01BPT0iLCJ3ZCI6eyJvIjoyMzA1MzM2NzY2LCJ3IjoiMzAwIiwiaCI6IjYwMCJ9LCJ3ciI6Mn0=
Requested by: Host: 972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com
URL: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.51.103.175 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-51-103-175.eu-north-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Tue, 24 Jan 2023 18:01:19 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
server: nginx/1.18.0 (Ubuntu)
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 singleupload Show response
app.securiti.ai/privaci/v1/consent/cookie/ 67 B
406 B 216ms
215ms XHR
application/json 52.24.111.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.securiti.ai/privaci/v1/consent/cookie/singleupload

Requested by

Host: cdn-prod.securiti.ai
URL: https://cdn-prod.securiti.ai/consent/cookie-consent-sdk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.24.111.54 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-24-111-54.us-west-2.compute.amazonaws.com

Software

Resource Hash

f1e25328be62ee5aca4777d33ecfbaf64a502f80dac2008bd7197e236cac8dc7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline';
Strict-Transport-Security	max-age=315360000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tri-cityherald.com/
X-Auth-Token: 5160ce8c-a3c9-480a-92f5-5c9fb5212db1
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-type: application/json

Response headers

date: Tue, 24 Jan 2023 18:01:19 GMT
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline';
x-content-type-options: nosniff
strict-transport-security: max-age=315360000
x-frame-options: DENY
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.tri-cityherald.com
access-control-allow-credentials: true
content-length: 67
x-xss-protection: 1; mode=block

OPTIONS
H2 200 singleupload
app.securiti.ai/privaci/v1/consent/cookie/ Frame 0
0 190ms
188ms Preflight 52.24.111.54
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.securiti.ai/privaci/v1/consent/cookie/singleupload

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.24.111.54 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-24-111-54.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline';
Strict-Transport-Security	max-age=315360000
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-auth-token
Access-Control-Request-Method: POST
Origin: https://www.tri-cityherald.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Origin,content-type,x-request-id,x-correlation-id,X-Xsrftoken,X-Auth-Token,X-User-Auth-Token,X-Tenant-Id,X-CMP-UUID,x-xsrf-token,X-DSP-USERID,X-CMP-DOMAIN-ID,X-CMP-FORM-ID,isotype,X-CMP-PrefCenter-Id,X-ORG-ID
access-control-allow-origin: https://www.tri-cityherald.com
access-control-request-method: POST
content-length: 0
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline';
date: Tue, 24 Jan 2023 18:01:19 GMT
strict-transport-security: max-age=315360000
x-content-type-options: nosniff
x-frame-options: DENY
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK a-01ek Show response
i.liadm.com/s/c/ Frame D3E9 2 KB
1 KB 656ms
116ms Document
text/html 52.20.34.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://i.liadm.com/s/c/a-01ek?s=&cim=&ps=true&ls=true&duid=a54c2fa4f63f--01gqjf1z92kr429r80qz97ddw9&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&

Requested by

Host: b-code.liadm.com
URL: https://b-code.liadm.com/sync-container.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.20.34.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-20-34-140.compute-1.amazonaws.com

Software

Resource Hash

15699b5c06672804532803e383673b1de9f2215346aa0b8e74fb7d2931206487

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.tri-cityherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private, no-cache, max-age=0
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 816
Content-Type: text/html; charset=UTF-8
Date: Tue, 24 Jan 2023 18:01:20 GMT
ETag: 1.61803398874
Request-Time: 3
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding

GET
H2 200 baker
sli.tri-cityherald.com/ Frame A87B 0
314 B 565ms
20ms Image
image/gif 2600:9000:2490:f000:1c:112d:e1c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sli.tri-cityherald.com/baker?dtstmp=1674583279715
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:f000:1c:112d:e1c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: CloudFront /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:20 GMT
via: 1.1 a2eae5bb517678c9d6b43a2731b4462e.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA56-P6
x-cache: FunctionGeneratedResponse from cloudfront
content-type: image/gif
content-length: 0
x-amz-cf-id: _4CF_HAoLsmw6CXnk-Y7kZYRzXhJCiLTPgTl3AAn8dqOtDhmRdYLbQ==

GET
H2 200 sync.min.js Show response
tags.crwdcntrl.net/lt/c/16115/ Frame D8BD 32 KB
10 KB 89ms
22ms Script
text/javascript 65.9.66.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/lt/c/16115/sync.min.js
Requested by: Host: tags.fullcontact.com
URL: https://tags.fullcontact.com/anon/fullcontact.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-104.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b39fcc81af925088d9201d7407567ec7fb48371565cf25d63fef1f6be0273345

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 01:22:47 GMT
content-encoding: gzip
via: 1.1 d947c3ab534102b2c9a7f0a4541d2ed8.cloudfront.net (CloudFront)
last-modified: Thu, 05 Jan 2023 19:57:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 59914
x-amz-server-side-encryption: AES256
etag: W/"38486b591030ceff8ecf0a75688b4a92"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age: 86400
x-amz-cf-id: 5-Tc2-GDYlVro8-gsOcZWlF631yGWr2kfqWqRCe9Vojkc-xgmXyFHg==

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame B664 0
16 B 58ms
57ms Document
text/html 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CKvU5fQCEMaIsIIEGOq3xd0BMAE&v=APEucNUr1DnKL-MpMjl_Xe10CPl1cInalcV5tJDeJQ-GZhvJNKUG4AnNGfiUBqc5Yg9_Sj1Tv2Mi2GbJRZ28OPyeyEhtw_8Dzw

Requested by

Host: 972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com
URL: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Tue, 24 Jan 2023 18:01:19 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 15321063655062056204
s0.2mdn.net/simgad/ Frame F255 30 KB
30 KB 36ms
35ms Image
image/png 2a00:1450:400d:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/simgad/15321063655062056204?sqp=-oaymwENCMoHEFogAUhkUAFYAQ&rs=AOga4qlnKXnCaEa-pz8C0qnXwq6-am9eFA

Requested by

Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:803::2006 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61ac33de6e80b49ce05cb7b6805670f547ab2445579b6b0c1c8ca433e6d48c42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Thu, 19 Jan 2023 19:40:11 GMT
x-content-type-options: nosniff
age: 426068
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 30857
x-xss-protection: 0
last-modified: Fri, 30 Dec 2022 14:20:47 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 19 Jan 2024 19:40:11 GMT

GET
H3 200 abg_lite_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20230119/r20110914/ Frame F255 22 KB
9 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230119/r20110914/abg_lite_fy2021.js

Requested by

Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c97dcb70d635092868646d0fe67b38a04796f5343dad81c23945bb31d477a763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 21:42:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73122
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8872
x-xss-protection: 0
server: cafe
etag: 4731094640903799552
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Feb 2023 21:42:37 GMT

GET
H3 200 omrhp_fy2021.js Show response
pagead2.googlesyndication.com/pagead/js/r20230119/r20110914/elements/html/ Frame F255 6 KB
2 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230119/r20110914/elements/html/omrhp_fy2021.js

Requested by

Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c0f9a96a8b15dfa0bd82a9b0c4f7d31927c96784bb62af0a94fbaa78cde5e2fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 21:42:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 73123
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2477
x-xss-protection: 0
server: cafe
etag: 8436122973860808490
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 06 Feb 2023 21:42:37 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame F255 0
0 67ms
67ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss7TMAp2jsR6PXKp8qysriixnb7oRWFTMZ6t5koJMQAw3EeTfmdIuhCe8zmj18NdGTXHuj2eB9wQwZmkEfES3JFKKrH-8tc1zVlwNwppT3qGI7Y89lZLwR-JDsjY3O6Pa-mfLxVTYFa2eB8cfXORvFaxXHBkJ0i37GJ-LzEO3YegVlu8eWrw0VEF5wKBnqcZAe_UYhC0bJi0jfOeWClw2ikcEVR0KJEd-xceLbtOIUYRR2UO1aol1P6MV9D7gqeqXdjySDPyBNHHz94hQ0vtwG8_AdqxZ2ZBjfTeT3g0KJUDRY4p9_3glmm7xQ5Js3WD0v1tFIMm7bO0U1yXqHTpbMqvxofo-XFk1tW3l3NqE9KCUc2r0YPLBSA2Qq4cYO9keop6RFB3BnV6NqJw20haXCJmHpvxDoPMP1UzKOC5imZC5odCf8qSkkF-rHVPUP1OAEUycXUecQAgXZOtTJAaBopZg6nQPX96jqoXO_yQFf48Xpfv-D5rcnb3Z9V-dh6p5qF8tRpxQucIaKmeijYb-GYos7bDxKgg8Y8f_BQqwlUoghyPU1GR76BviqUYzDMSQBufwNEI0ECVCnmi--cr6J0MU-wPfuTT39uPHCUsfgVyVEQBrMO_9qlTQNaOLCTxmOfM6vnY3C6bQZ7jFxKyUARog3yS9q78sd7T8DjV43A-QbuPUgHNQRH037kJXRwK-gVtUKo9ettXfB3Lx2btAP-rl-f_PX7ZDLwNrHWOaVj_yvtbvUyuDWzTc8xPKXCpIGnV8NKi-ChZ-ybc7Uy7PY0Cd8qDAQBr9ZeyD5UmN2Lh1hn9FtMo26yzkwRk6UiKl1vSVvoggp2Lh2hu81Pbx_pTa87UnYCDUsLDqQXDOSqmcdybu_rKBaoQogP1qFtSCwEiKJmNxutNaaE1qyfBBrpBLlEdo3vWBKBHKAHLhczqYazNX8LJ2g0DuYX0WgtQaYHIRAHXPQ_knDozwpUcmIUm3u8BisilAZi5HOfqHF1HLxCv9C-zdR5ILJdwtS5ziomm6UR7qxfF-lp80Lc2oePVnDsUE1oOr62upll8x4lxXavTqp6VnN7ohYdNA14ol3BVt2U7qhsLp_gVasz6ZOEyQ5lmZb9dePbZ0Y_4kClPhODHElD3Z2bj0ZBRMmqNVW9edzmerc2BSrINzvl9kj9SiBAwVq-eZOSz0yimObBV-IhignQOgeUlA7JNSWex4jzSsyN7sriJSqCliaEuyNidIdgs5L6UjDAt-f5IHvhRdBylswLuhhQUW2APFVeBsxSak0M8RVsMDbviFGAwrOUi4ToXRaXTSx7dXIeNurcB-g&sai=AMfl-YTW1bw6__c-5MhaV-LYEr5G_i6M7DtCqUIXN3_P6quU_b-7-vbccSoAOJ0hgagseDON9hTQegbob5E2MSHuldxlqJR6g7nVqBp9pBgzscr1aUxe5FnWOrERS0RBAkmxtKAtZsVzLNSVg3Q8vrBTFtk0CBWwt-cW85eVMOyah5ANAjUnNfy9c_uhtaI_0fX9oGKBlZSQbvmu5-2vZ_VI2-0H3hNvdw3YgGjQzAnWTnaLBEK4Z-u8k6_isAspZTEbapTzf9IV5w68GIjLr26Fu6VlKl6HVCGExAzYLcKvdSJ2nXCzLzJr3ppF60j9eYZHfPSzF62B4TNwCXabiwonIhzEW8yKh7JvaWCya0RCHnlDaO4ocqZpyNWMcOxiWR2GkuD7ChkHxeL9Ws1ZkJ_byscD7g&sig=Cg0ArKJSzO1Lqiu-rPwOEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20230119.55443&arae=0&ftch=1&adurl=

Requested by

Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Tue, 24 Jan 2023 18:01:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 24 Jan 2023 18:01:20 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame F255 41 KB
15 KB 108ms
107ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Mon, 23 Jan 2023 19:04:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82612
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 23 Jan 2024 19:04:28 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame F255 42 B
63 B 182ms
181ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Bx0Uy8jWmpcUVKhLgwRbJMkgUc6XB1T_s-x7aCzTJAkuFm6B9tv90jyRYU6t0XxquYzkX8y5UlxLUCbhg7EE6v-5qbGZNNteCQLuU2AC0XhC1VI70

Requested by

Host: 972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com
URL: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 18:01:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230119/r20110914/client/ Frame F255 3 KB
1 KB 86ms
84ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230119/r20110914/client/window_focus_fy2021.js

Requested by

Host: 972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com
URL: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 16:49:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 4314
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Feb 2023 16:49:26 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230119/r20110914/client/ Frame F255 18 KB
7 KB 90ms
87ms Script
text/javascript 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230119/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com
URL: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

62a20e257b8a5aa8cf9cddebb9b2d2c6a5d26f0458561846d94f56eca032a952

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:54:19 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7621
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7520
x-xss-protection: 0
server: cafe
etag: 14267389461115588627
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Tue, 07 Feb 2023 15:54:19 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F255 156 KB
48 KB 96ms
94ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com
URL: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b11a5a999e3e3045fc364bfe9c81bad4fa5934331c65dc2decb4d59a08ada84

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48884
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1674478187548999"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 24 Jan 2023 18:01:20 GMT

GET
H2 200 pixel
protected-by.clarium.io/ Frame F255 68 B
243 B 43ms
42ms Image
image/png 13.51.103.175
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://protected-by.clarium.io/pixel?tag=wt_YXdNeFZaTHBOVzZLNkVHNldDNVM4b1JfYTY4LzIzMDUzMzY3NjY6OTcweDkw&v=5&s=v31gnif2292&id=eyJkZnAiOnsiYWQiOjE3MjA0NTc0LCJjIjpudWxsLCJsIjowLCJvIjoyMzA1MzM2NzY2LCJBIjoiLzc2NzUvVENZLnNpdGVfdHJpLWNpdHloZXJhbGQvX0hvbWVQYWdlIiwieSI6NzY2MjUsImNvIjowLCJzIjoiaHRsYWQtMTItZ3B0In0sInRwX2NyaWQiOm51bGx9&sb=undefined&cb=2006947&h=www.tri-cityherald.com&d=eyJ3aCI6IllYZE5lRlphVEhCT1Z6WkxOa1ZITmxkRE5WTTRiMUpmWVRZNEx6SXpNRFV6TXpZM05qWTZPVGN3ZURrdyIsIndkIjp7Im8iOjIzMDUzMzY3NjYsInciOiI5NzAiLCJoIjoiOTAifSwid3IiOjJ9
Requested by: Host: 972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com
URL: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.51.103.175 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-13-51-103-175.eu-north-1.compute.amazonaws.com
Software: nginx/1.18.0 (Ubuntu) /
Resource Hash: 69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type: image/png
pragma: no-cache
date: Tue, 24 Jan 2023 18:01:20 GMT
cache-control: no-store, no-cache, must-revalidate, max-age=0
server: nginx/1.18.0 (Ubuntu)
expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ Frame 788F 4 B
447 B 213ms
29ms XHR
text/plain 2a00:1450:400c:c06::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-48281581-1&cid=1452632116.1674583279&jid=427416275&gjid=44040816&_gid=1464327996.1674583279&_u=YEBAAUAAAAAAACgDIC~&z=272666391

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tri-cityherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 24 Jan 2023 18:01:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tri-cityherald.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ Frame 19EB 0
18 B 22ms
22ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1081709588515684&ev=Microdata&dl=https%3A%2F%2Fwww.tri-cityherald.com%2F&rl=https%3A%2F%2Fwww.tri-cityherald.com%2F&if=true&ts=1674583280134&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22fbp%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.94&r=stable&ec=2&o=30&fbp=fb.1.1674583277350.1683736224&it=1674583276918&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 24 Jan 2023 18:01:20 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H/1.1 200
OK saq_pxl Show response
tags.srv.stackadapt.com/ Frame ACC8 191 B
502 B 119ms
118ms XHR
text/plain 44.209.218.223
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.srv.stackadapt.com/saq_pxl?uid=XDbR9bgzYgamKCe5q8YQuw,%20hXFHelqg_0qGLqDaoIkgLQ&is_js=true&landing_url=https%3A%2F%2Fwww.tri-cityherald.com%2F&t=sapx&tip=cW0CWMs1_PhsRlUyJ80b_8_ffm3XFk8yfxQ4XS6sqYs&host=https://www.tri-cityherald.com&sa-user-id-v2=s%253A-ck5SuIWT2NShszDgBP_x9ly14Q.NkJIqeU%252BwVv1E0mY3gK3P4NhoCnweRS9uliSL38EY4U&sa-user-id=s%253A0-f9c9394a-e216-4f63-5286-ccc38013ffc7.MzdM5WbeYzEjIMWn5X1lAzEiSudeR5R7dYiELMyjeqE
Requested by: Host: tags.srv.stackadapt.com
URL: https://tags.srv.stackadapt.com/events.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.209.218.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-209-218-223.compute-1.amazonaws.com
Software: /
Resource Hash: 9159f42fdc7769c186145cc4690f563a2a6c9d63cc7af3343d912c03a5054792

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 18:01:20 GMT
Access-Control-Allow-Methods: GET
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: https://www.tri-cityherald.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: *
Content-Length: 191

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame B90F 0
0 61ms
61ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvAuKxJzTHLYXFfUz_zlpehwyitLMQrSgmtiXDg_scAX0xUH4Qrim8XBhg55GSlo5JbGAxj8DUBKZauFVMcIqlypgqkrrbB5xiXlX_XZnnMrov9MzWD6myhGZVNP6IfXKnp7DH9-quxPoTmrdnZqoq2WiaJwnZqgf6Mmy0dzwMIMQ0trcUiziwdffJyvGYiaBUGj81gMImEtIv1Qmtz743CKfpI8dgF9Jz-wYm20krqxarMuqqs4QROnm7UmscDHjb1vSQA_EUgQwflB5MvucLC0U_sDdMbzXkOHerMjtlZ-su-OC7k5890XSghTA8GUWve9cPmJiT4mgirljh1xnd0GG3mne1AEHARcFzAqvtz_SOqQ54rGjLl7bhOgacP56D2D3siqdxVVXAOkpILVJgZKRs_FAsAoLx0M3h0sdy8rThypoW_G0d6f-86WRx3JNPN0aIJWYBMLyDCDCMc9rDien6vHHUiwzpE4jx_wgrjRoFHm6LM5RCLD3t0bFLrUYw93uHGPbkvUYp5oK16D5-IeoqM3WFTQ3uAjOcU7xebL7kYQuxsRjbwnwX3qGgnecyEoUp81Jd3ziYbXPAfCpT6IK5bbqzuP-7ZoLkG0h98OCBMbATPdqemAnrc2y2BZ9_Ek4ZTHM3GqIuYmf5d-ZWfUWTpGosUVOFwm5Krltu0Af7FaEaJTlOsUseFypcBvsh5xfbA2Ku8F5zRGdytmMLVnHd77aoD_UuA5z52_6fOCISTpiTidwZI2qvrk2AqvaS0S_29NYfwN7TPvKqp_UtwL3I61QW4KnnqAppeveX0iOMw9m8y5TyqFKR8x-siLmWz8km2lUA7lm5EHZJ5Tg1eYUQhVCYHOpfSaiceckda079_wtI0-5SgbAScVVXeOOqBU-EupR38LqO2jFaAdEL5cGKT4C0_ztu8-FqVOS-uuU2JRndGXapLeauMkOKaK-qRkApvZgdgQPOjlFmen1JxOE9odXH3LvptZ7Mgc0QMEgUweGDylfLBlV2xOueRAGuanCal477uCeR5MBma-Plv0WWVZsl5wkhBy1vRyqJ8PqH5AaaeyPHQVF2MtNaujktWBPkLormb3Xh5cWQTrKjQlDltdWl6FLEwT9xUPFjgMVGdCG74b82_UAOulj-TQDL12m8fQzI8UxhaYyOae03chO-ceNQbMHF_hFjRHkkFT-_5Q3jQpyguvwCQhDPqpKgksYBIsDnl-xpr2XynHG0aojh04luV0ftZzMffSM-r1HH8K4Ft6CpdZDiQrTYXJc8EytXvmlTk5f239MI0Vrw9Gp8jP9Ul8csJMh3lm3nwWilap4g&sai=AMfl-YQ5UpkeoZqYGBBI0gvaF-RskMlrxJbd5047luXVwJe0017trHnnGX9ZoDA7X_1Qeul5HBgVCx8BIXkQV9O7EIaRM3zKAYo2CKrYmdHiKXmuJezKqTZw4DEReN60E_aNoRn4RlhB30dVNZ5x4LhQ4FpmpAbjgi_eBvM8c7zmP5LckYrYZ0J374JjsuBp6lwhh1hPBxMdEIO2jBFVuW6CiFocIT4m9N8Z2z9XpkxIJ2tY9oWyYB9gOLu7_r03TIrsG8k2AV3ujiZ_O1DA_SBE3GnfIqZa5OAXK_9avDJgFQsJvQxifsV-Xzuqi0AQdbQ3xKDUwhcILTi5FwJSYmmyBLf5DKg9fMDtWqwAxaCrTdRwwY520LGDMYHJoQDmXFR-qjVBb4jEOmz2RzG7I_-g6qYd6w&sig=Cg0ArKJSzCrdXGqHeihpEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1286&vt=11&dtpt=1285&dett=2&cstd=0&cisv=r20230119.38096&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 24 Jan 2023 18:01:20 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame A050 0
0 59ms
58ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuWr9lCaPxlkhdD7AKHrtFzQheP1cqLEo01xTNuE2XLzJsiwxyafnaj-8Lmv_V4SoR8yf0g7uNTMbSvLhbE8KTu9wHT33zJ1_rl1qVcwU2FJdGWG7Mlg11iod1tGga08GPrHWXSG-uph0ZJEvv3N6pOphiDrV6tYkoyMDRzHj5K2mYYe04cf83szNocpru_jRRTXwPbto1LLS5OOR2veHo5f5kv9A3GvuTLcs9hRS7vc5t0dkhEaajnJdEjPphtrvu3B3_rv4ekvF_-fobQhRRKosjr4gN0YN6wXhi9McpreTzU0ETR70wqsc-fFY4dzzbJjZh-ulF1KsVe4g70LhEEaTx83_JwHeBYs8tPm7eBuoJVOQNtBsk3a9MS1x1XkiHl_W5cUkQa7ieRSuqrezJcEhpi9Q6PpsW_hlX_9vnfRtLEb5R_hXOsIm4TEqlEocmQ59OFtUJX3sF2cYzT1El6QQqJZp8J2tFK-b0lBwilm8VLONfxQh78E3ebcplpLH7gWN_8LERqF678bHARlSdpTI0xV4cc9-0y0sMnHQe7gmBOItg495nSu9y85lFrzxrrGrjewQj11V_OSLcmCJd_s8194r_ZQzn_RZFJGD5wkolbJJoSMstGu3dSFQvjogqcU-7AT6G9InmX3JyEXjDzGZqb2Aq8wzQqAfZaSkGarWMMMLgcc9G8fyYb2mMEh8bBh-EKi9__dQbc2i0lmFkNZkAdIaNcOEOhfhzLj4u34700lsI4IHxDvgLTFGGIsKD5_Cme1I7MqceTGYaqBbLAExA-t0qB2451_QdYOQIb-uw-GMMlBc2zq21HpvYawujVE_4xuqWhZdjbFwmXMudUnfWQHwkNg1FUYIekQfQMGARgsRn04Ud4gSoVJNj_e9mxz8vyjQj7ixF0lLM9EGZ6NYqqNiH7ycjmjUSCWKQTXoM0TO8jvKKm_jlL4-I2vigC0VCWYTE3DubGf4hEEFNm1JjiDp5SVQJu7eN6AySFpoFuy9nyP9Y_pRIxkbFmkgKLePyc7Pr-DUosZjiFE-VoaFLNqhDrHAoMqjwR3lyrZmxsAt7PvUdYTz8i7YwtctFZy5gPUPKLuHZlVYXQbvh5js1Fo_wduI1l1K6La-4M0EfAuJLAbUEXF-m-homX5zayBvOeJOr9Ij3sSXKtMn6BkVKl7Blv61QIWrw0K5RIcTMoYlMfXVoO2fI3vaOwxeHpMSZcEygq1oQsWwmnvduIbVm_yBNHIHI6lEX6XZQAHLf6mI5ysPdU13DSHp1KwLwxKq3AZMJmlBILoYCnvxgfcaUKZeQC6uuJLLrmxPoSqJgJiIKo66RC&sai=AMfl-YR0UdNqoKHWzcSupvbnDMyQ9v9c330F8Jsd7ZlEslnIcEdAoXRPm_kJ-m0h1OBAvYIa7yPEkCmyThJetMtV8_5mlpZ9nEK--zWNuOlHZG95dFm42SDw8XMOEfo7wsgYVefB46Tti2ZCujeSO602ktn2i2wrGJmSUaG1n6-tC51Hryh88labU2RG8IIEOsvbXPFA0MAcwVAKf7QqMT-huHCGE30BZYEeCoQyOt-aPyPf5a_WnepW7-xvCrx8erDy8crAHfqxe_c7GX11R3eR6CluCrwlUWqyqr2nNwzDn8GpsvdnDIWlG3_rls9qkXOLeTW4il9fodEfyF9Kr0YZipr5acoFubjsbjgHPIPdZV4qZ-TS_6g31zj1ykuGwkNjjMxmYIr1F_SUbL3XEARJuJjoaQ&sig=Cg0ArKJSzAv0p7Zck4V0EAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=969&vt=11&dtpt=967&dett=2&cstd=0&cisv=r20230119.66762&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 24 Jan 2023 18:01:20 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame CEC5 0
0 60ms
59ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvtSkhYDiaieXS4UjROaS45bTaeM-4uDxTK53D7oE6on_o2cYabdrlnhqREbrrLjofi2fMswH9pqonbtRw_aRALkj4FbgNsN5zTvlHua79P1hHBkRjybK6A0R4nWWL6PLA-7rJ2BTcx7RyzRK1cxh9a4lrT3RRmKsn1lqpqw5c-CaJ2rtAsk28PGyk7ZbveGzofHNSb6AX3yjoRSN4CMz2Ab-UMFnxU3wHWzbFqu1iGvJ_SvbF_Oe9Gzrr_VgPfEin8D5wt0BasWf2lTtrdFPVfYBhv8hJNuq6mXrhDhm_07yCT-8fq5xsQYKY6qhLz-MNmExsRs412SpvkwJa-c0ShZo9s8uzFszqGaQvdK_EHCcNf5GUaeSlqKHkbaHq-BVrzKzZsg13zEHAeYwQZ2XUmoiBqyRO3dy0EgbHNPujkeXg21VKDldd6eaBKL-H5CPtJoQqrTmLt67wz2kFBVj3hFTtOU2gINPglVgoTgqHxT06-YwEemp4a9HfF5w7bODZtas2rVkztBfmJXsQAXfhxFHQPSdqneRQ1pVxCobVzHPKBxBmSDShlBJyvd9B6HNT1gMEINrnIGZ-cQThphfMYAbAgC6ebJ77lN1qgfB2FtJjb7CyiRcB6UmBlfLE6RcqLd6i7yo_GV6EIoJ2rK5PPBmUknuWjRbKknyT40OKnZwlAdh-1mQ1pmCl0e3GaJLcKbz4FxYPSXs7fFuGkKrAJjy5wPuR8hBIbhkpCzoXS8JIW3EDUnwTEHUJvaBZ6ouLqy3y3rq9H_36rCZWbjNts0N_kGoHunn7f4o4lHHPsVw23wsU9xcKn0iTLES6dwiju2zUC1ZFHS0h-BVxIiHFllzuyk2AVECqQh2re6NqgQE_Jyuwo9L8wCJiuL5JLcXf-oqPXuU-zoM18GmaAeJWGh5eYYpkPzjzIW47uU8ci0uEW8RorvI0L3pX1kszGBYJuC9rCPuRiwwuG_GJ7xu0lnx9udLV6CzXYcPXqfp6fZKuOW71tSmFE9Q5cyfatL0oLvp20JrHTOyIu-sGw_uE1UDisZ0JMrhcvefrpo5hi7pEsH6K8cgl1zdByflfNL9aRnYsDxNcYFo8IiPpRtHVLMrMYnBnDO6D2cXT6cdzsbKmkpfCkToecUj20bKsdQSCSyCxRZhJEgNBPcXS257S-thVhwUAS2zBcpIZgJRJT4HaUoHE5yuMUumO4v_cazRfMH4-Xak1bEtDIKB8KpDMGuq4xeLm4E_fmQhXxqzW3W4BucMM8qvHAgn6hqaAk2qnBxG8Wmk6I13CPlLIHsFJ_tlOXqrgSnHQvKHT5ZbgAby2sf5lOGG_c&sai=AMfl-YTc-vPMbdlD6AltO9oi9W2Gvisq-A6BW-sa-Zv-4LX1AyX-r5xEeo_V5VMsOr8ISiW5M2fCMBkYcgOirsCsbPEAyqCSL2DmHmBobW-yKeM4O2jO85joeW9k69gMfDkKlrORcgTZeyFYwpNTtNuTzE8C84EIjMjdMONhpD-KYUosyoVISkm7mwUQBUgpQOxYgIMcqbPmOt4Rwk48a1l3jpUWl-U1AEJJzksxc8cO1nO_i2OSWDGlgloNpmUWg4Ea7Ce1XCuniJPjZ1ih3GSuRwqk1XrB1O6mEZucVx1iSYqLqFJh_fteeaQgRScF4EKFRWwsUHwx7pTR_Mbymzd0Os_Kzngjn15hZr9W9GlfD_cRfy_KXCMvEKReWjEfqI-D7bE85tvf0jc8Cly--c5iEywKIg&sig=Cg0ArKJSzPiZHHAPelBzEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=645&vt=11&dtpt=644&dett=2&cstd=0&cisv=r20230119.57432&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 24 Jan 2023 18:01:20 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame F255 0
0 59ms
58ms Fetch
image/gif 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjss7TMAp2jsR6PXKp8qysriixnb7oRWFTMZ6t5koJMQAw3EeTfmdIuhCe8zmj18NdGTXHuj2eB9wQwZmkEfES3JFKKrH-8tc1zVlwNwppT3qGI7Y89lZLwR-JDsjY3O6Pa-mfLxVTYFa2eB8cfXORvFaxXHBkJ0i37GJ-LzEO3YegVlu8eWrw0VEF5wKBnqcZAe_UYhC0bJi0jfOeWClw2ikcEVR0KJEd-xceLbtOIUYRR2UO1aol1P6MV9D7gqeqXdjySDPyBNHHz94hQ0vtwG8_AdqxZ2ZBjfTeT3g0KJUDRY4p9_3glmm7xQ5Js3WD0v1tFIMm7bO0U1yXqHTpbMqvxofo-XFk1tW3l3NqE9KCUc2r0YPLBSA2Qq4cYO9keop6RFB3BnV6NqJw20haXCJmHpvxDoPMP1UzKOC5imZC5odCf8qSkkF-rHVPUP1OAEUycXUecQAgXZOtTJAaBopZg6nQPX96jqoXO_yQFf48Xpfv-D5rcnb3Z9V-dh6p5qF8tRpxQucIaKmeijYb-GYos7bDxKgg8Y8f_BQqwlUoghyPU1GR76BviqUYzDMSQBufwNEI0ECVCnmi--cr6J0MU-wPfuTT39uPHCUsfgVyVEQBrMO_9qlTQNaOLCTxmOfM6vnY3C6bQZ7jFxKyUARog3yS9q78sd7T8DjV43A-QbuPUgHNQRH037kJXRwK-gVtUKo9ettXfB3Lx2btAP-rl-f_PX7ZDLwNrHWOaVj_yvtbvUyuDWzTc8xPKXCpIGnV8NKi-ChZ-ybc7Uy7PY0Cd8qDAQBr9ZeyD5UmN2Lh1hn9FtMo26yzkwRk6UiKl1vSVvoggp2Lh2hu81Pbx_pTa87UnYCDUsLDqQXDOSqmcdybu_rKBaoQogP1qFtSCwEiKJmNxutNaaE1qyfBBrpBLlEdo3vWBKBHKAHLhczqYazNX8LJ2g0DuYX0WgtQaYHIRAHXPQ_knDozwpUcmIUm3u8BisilAZi5HOfqHF1HLxCv9C-zdR5ILJdwtS5ziomm6UR7qxfF-lp80Lc2oePVnDsUE1oOr62upll8x4lxXavTqp6VnN7ohYdNA14ol3BVt2U7qhsLp_gVasz6ZOEyQ5lmZb9dePbZ0Y_4kClPhODHElD3Z2bj0ZBRMmqNVW9edzmerc2BSrINzvl9kj9SiBAwVq-eZOSz0yimObBV-IhignQOgeUlA7JNSWex4jzSsyN7sriJSqCliaEuyNidIdgs5L6UjDAt-f5IHvhRdBylswLuhhQUW2APFVeBsxSak0M8RVsMDbviFGAwrOUi4ToXRaXTSx7dXIeNurcB-g&sai=AMfl-YTW1bw6__c-5MhaV-LYEr5G_i6M7DtCqUIXN3_P6quU_b-7-vbccSoAOJ0hgagseDON9hTQegbob5E2MSHuldxlqJR6g7nVqBp9pBgzscr1aUxe5FnWOrERS0RBAkmxtKAtZsVzLNSVg3Q8vrBTFtk0CBWwt-cW85eVMOyah5ANAjUnNfy9c_uhtaI_0fX9oGKBlZSQbvmu5-2vZ_VI2-0H3hNvdw3YgGjQzAnWTnaLBEK4Z-u8k6_isAspZTEbapTzf9IV5w68GIjLr26Fu6VlKl6HVCGExAzYLcKvdSJ2nXCzLzJr3ppF60j9eYZHfPSzF62B4TNwCXabiwonIhzEW8yKh7JvaWCya0RCHnlDaO4ocqZpyNWMcOxiWR2GkuD7ChkHxeL9Ws1ZkJ_byscD7g&sig=Cg0ArKJSzO1Lqiu-rPwOEAE&uach_m=[UACH]&pr=missingexchangepricemacro&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=259&vt=11&dtpt=257&dett=2&cstd=0&cisv=r20230119.55443&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&arae=0&ftch=1&adurl=

Requested by

Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:20 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Tue, 24 Jan 2023 18:01:20 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9B6E 0
20 B 121ms
120ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?cslots=0&dispcorr=1&streamcorr=1&isgptpresent=1&loc=https%3A%2F%2Fwww.tri-cityherald.com%2F&ref=https%3A%2F%2Fwww.tri-cityherald.com%2F&gcasclass=1&vpaidadapter=f&ifstate=0&lid=70&sdkv=h.3.552.0&e=44748969%2C44750824%2C44765701%2C44777648&id=ima_html5&c=3217682291682065&domain=www.tri-cityherald.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 18:01:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 9B6E 0
20 B 122ms
121ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?csrvinit=1&lid=151&sdkv=h.3.552.0&e=44748969%2C44750824%2C44765701%2C44777648&id=ima_html5&c=3217682291682065&domain=www.tri-cityherald.com

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 18:01:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 432F 0
0 122ms
121ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2023011901&jk=1795392521007194&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

POST
H2 200 map Show response
bcp.crwdcntrl.net/6/ Frame D8BD 60 B
339 B 171ms
50ms XHR
application/json 52.210.29.207
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/6/map
Requested by: Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16115/sync.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.29.207 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-29-207.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 625e7145cf1a0554ce35074ba62a893a2bb87e1b7eb8b37e531bbc7adff78bd2

Request headers

Referer: https://www.tri-cityherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 18:01:20 GMT
server: Jetty(9.4.38.v20210224)
content-type: application/json;charset=utf-8
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: https://www.tri-cityherald.com
cache-control: no-cache
x-server: 10.45.6.54
access-control-allow-credentials: true
content-length: 60
expires: 0

GET
H3 200 ga-audiences
www.google.com/ads/ Frame 788F 42 B
63 B 70ms
69ms Image
image/gif 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-48281581-1&cid=1452632116.1674583279&jid=427416275&_u=YEBAAUAAAAAAACgDIC~&z=1923939008

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 18:01:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ Frame 788F 42 B
107 B 59ms
58ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-48281581-1&cid=1452632116.1674583279&jid=427416275&_u=YEBAAUAAAAAAACgDIC~&z=1923939008

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 18:01:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame B90F 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e904f28338dc2253c81f57d4c35a9f5f4dee036b4001212791acac11a2b326bf

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame A050 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04ec30339b36e1341d00b5ba0629388f44dec2c81948d3ab8847ab72827a3963

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pushly-sdk.min.css
cdn.p-n.io/ 27 KB
2 KB 34ms
32ms Stylesheet
text/css 18.66.112.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.p-n.io/pushly-sdk.min.css?domain_key=nH0P14xdqrGzY1zOSuQwt72a30oPDpqvzKAs
Requested by: Host: cdn.p-n.io
URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=nH0P14xdqrGzY1zOSuQwt72a30oPDpqvzKAs
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.6 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-6.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5df2498d566a9c0c42fef5906f0818a35cfc4ce1cac95e1e0eed4265c838eb10

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 03:07:04 GMT
content-encoding: gzip
via: 1.1 fd080e20137c93d47ed43a67821248f0.cloudfront.net (CloudFront)
last-modified: Wed, 05 Oct 2022 20:36:44 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 53656
etag: W/"5324d6c6926b312f68532f29a3bb2aec"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=86400
x-amz-cf-id: 4esoryQRMEr-1Iq-2OQRAcbHljJIWOzuY1M7UxrtjzIjvADM0uRXGA==

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 4AC3 22 KB
8 KB 22ms
21ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 82612
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 23 Jan 2023 19:04:28 GMT
expires: Tue, 23 Jan 2024 19:04:28 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 348B 22 KB
8 KB 29ms
23ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 82612
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 23 Jan 2023 19:04:28 GMT
expires: Tue, 23 Jan 2024 19:04:28 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js Show response
pagead2.googlesyndication.com/bg/ Frame 66C6 36 KB
16 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b14e828cf0e3d31af68db645e32ec8c04a113529f475d9d04bc9d1bafc67c626

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 11:18:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24184
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16096
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 24 Jan 2024 11:18:16 GMT

GET
H2

200

1407
stags.bluekai.com/site/ Frame D3E9
Redirect Chain

https://e.dlx.addthis.com/e/a-3491/s-7601.xgi?ret=img&na_em=72bd732a01b84cb28a36776e660c6d3c
https://e.dlx.addthis.com/e/a-3491/s-7601.xgi?ret=img&na_em=72bd732a01b84cb28a36776e660c6d3c&rd=Y
https://stags.bluekai.com/site/1407?partner=1&uhint=na_id=2023012418012100014799850340&redir=https%3A%2F%2Fx.dlx.addthis.com%2Fe%2Fbk_sync.xgi%3Fna_exid%3D%24_BK_UUID

62 B
227 B

267ms
209ms

Image
image/gif

23.203.125.189
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/1407?partner=1&uhint=na_id=2023012418012100014799850340&redir=https%3A%2F%2Fx.dlx.addthis.com%2Fe%2Fbk_sync.xgi%3Fna_exid%3D%24_BK_UUID
Requested by: Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-01ek?s=&cim=&ps=true&ls=true&duid=a54c2fa4f63f--01gqjf1z92kr429r80qz97ddw9&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol: H2
Server: 23.203.125.189 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-203-125-189.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Tue, 24 Jan 2023 18:01:21 GMT
content-length: 62
content-type: image/gif

Redirect headers

location: https://stags.bluekai.com/site/1407?partner=1&uhint=na_id=2023012418012100014799850340&redir=https%3A%2F%2Fx.dlx.addthis.com%2Fe%2Fbk_sync.xgi%3Fna_exid%3D%24_BK_UUID
pragma: no-cache
date: Tue, 24 Jan 2023 18:01:21 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Tue, 24 Jan 2023 18:01:21 GMT

GET
H/1.1

200
OK

586a08a693014c5fa2da8cd45f29f382
i.liadm.com/s/e/a-01ek/0/ Frame D3E9
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2Fa-01ek%2F0%2F586a08a693014c5fa2da8cd45f29f382%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&145655b9-cbe0-498e-bf15-0df...
https://i.liadm.com/s/e/a-01ek/0/586a08a693014c5fa2da8cd45f29f382?mpid=7156&muid=c95463d0-1cf0-4a00-8987-6b5b1d426b34

43 B
274 B

114ms
113ms

Image
image/gif

52.20.34.140
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/e/a-01ek/0/586a08a693014c5fa2da8cd45f29f382?mpid=7156&muid=c95463d0-1cf0-4a00-8987-6b5b1d426b34

Requested by

Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-01ek?s=&cim=&ps=true&ls=true&duid=a54c2fa4f63f--01gqjf1z92kr429r80qz97ddw9&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&

Protocol

HTTP/1.1

Server

52.20.34.140 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-20-34-140.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Date: Tue, 24 Jan 2023 18:01:20 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

Redirect headers

Date: Tue, 24 Jan 2023 18:01:20 GMT
Server: MT3 357 2feb0b5 master cdg-pixel-x33 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://i.liadm.com/s/e/a-01ek/0/586a08a693014c5fa2da8cd45f29f382?mpid=7156&muid=c95463d0-1cf0-4a00-8987-6b5b1d426b34
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 24 Jan 2023 18:01:19 GMT

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame D3E9 70 B
265 B 296ms
47ms Image
image/gif 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=liveintent&ttd_tpi=1&gdpr=0
Requested by: Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-01ek?s=&cim=&ps=true&ls=true&duid=a54c2fa4f63f--01gqjf1z92kr429r80qz97ddw9&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Tue, 24 Jan 2023 18:01:21 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 204 merge
he.lijit.com/ Frame D3E9 0
61 B 416ms
130ms Image
text/plain 18.217.131.104
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://he.lijit.com/merge?pid=8100&event_type=email&lc_md5=72bd732a01b84cb28a36776e660c6d3c&lc_sha1=86e17687f1cff24ddeab9a2d66e2760d5264aa17&lc_sha256=71a34856a5bd6ab40f7886bceacdb20045309db77332acf80a82c8bcb9704408&duid=a54c2fa4f63f--01gqjf1z92kr429r80qz97ddw9&ls=true&monitorExternalSyncs=false&cim=&ps=true&ci=0&ppid=0&s=&euns=0&nosync=false&version=sc-v0.2.0
Requested by: Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-01ek?s=&cim=&ps=true&ls=true&duid=a54c2fa4f63f--01gqjf1z92kr429r80qz97ddw9&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.217.131.104 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-217-131-104.us-east-2.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:21 GMT
x-merge: Optout true
server: awselb/2.0

GET
H2 451 sync
pippio.com/api/ Frame D3E9 0
98 B 380ms
132ms Image
text/plain 107.178.254.65
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pippio.com/api/sync?pid=710914&_=1&it=4&iv=72bd732a01b84cb28a36776e660c6d3c&it=4&iv=86e17687f1cff24ddeab9a2d66e2760d5264aa17&it=4&iv=71a34856a5bd6ab40f7886bceacdb20045309db77332acf80a82c8bcb9704408
Requested by: Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-01ek?s=&cim=&ps=true&ls=true&duid=a54c2fa4f63f--01gqjf1z92kr429r80qz97ddw9&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.254.65 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 65.254.178.107.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:21 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 451 sync
pippio.com/api/ Frame D3E9 0
42 B 382ms
134ms Image
text/plain 107.178.254.65
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pippio.com/api/sync?pid=710914&_=2&it=4&iv=72bd732a01b84cb28a36776e660c6d3c&it=4&iv=86e17687f1cff24ddeab9a2d66e2760d5264aa17&it=4&iv=71a34856a5bd6ab40f7886bceacdb20045309db77332acf80a82c8bcb9704408
Requested by: Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-01ek?s=&cim=&ps=true&ls=true&duid=a54c2fa4f63f--01gqjf1z92kr429r80qz97ddw9&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.254.65 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 65.254.178.107.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:21 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 451 sync
pippio.com/api/ Frame D3E9 0
42 B 383ms
136ms Image
text/plain 107.178.254.65
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pippio.com/api/sync?pid=710914&_=3&it=4&iv=72bd732a01b84cb28a36776e660c6d3c&it=4&iv=86e17687f1cff24ddeab9a2d66e2760d5264aa17&it=4&iv=71a34856a5bd6ab40f7886bceacdb20045309db77332acf80a82c8bcb9704408
Requested by: Host: i.liadm.com
URL: https://i.liadm.com/s/c/a-01ek?s=&cim=&ps=true&ls=true&duid=a54c2fa4f63f--01gqjf1z92kr429r80qz97ddw9&ppid=0&euns=0&ci=0&version=sc-v0.2.0&nosync=false&monitorExternalSyncs=false&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.254.65 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 65.254.178.107.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://i.liadm.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 18:01:21 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
DATA 200
OK truncated
/ Frame CEC5 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f93ea08abf0d77b5d2d05efedade7fa7b21cc987fb9990fcf8780c324868f403

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame E084 22 KB
8 KB 22ms
21ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 82612
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 23 Jan 2023 19:04:28 GMT
expires: Tue, 23 Jan 2024 19:04:28 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

POST
H/1.1 200
OK webtag.resolve Show response
api.fullcontact.com/v3/ Frame D8BD 66 B
586 B 136ms
135ms Fetch
application/json 52.207.50.117
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.fullcontact.com/v3/webtag.resolve?webtagKey=qfQjd8yL44YJ9qx0nsFWouHROW5oUoaj

Requested by

Host: tags.fullcontact.com
URL: https://tags.fullcontact.com/anon/fullcontact.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.207.50.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-207-50-117.compute-1.amazonaws.com

Software

Resource Hash

3a6edd2bd695de1afe00607654e6129f242774e53ef1d4c84efa9aef7d5c3fda

Security Headers

Name	Value
Content-Security-Policy	default-src: 'self'; navigate-to: 'self'; block-all-mixed-content
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Referer: https://www.tri-cityherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json

Response headers

Content-Security-Policy: default-src: 'self'; navigate-to: 'self'; block-all-mixed-content
Date: Tue, 24 Jan 2023 18:01:21 GMT
Referrer-Policy: same-origin
X-Content-Type-Options: nosniff
Vary: Origin, Origin
X-Frame-Options: sameorigin
Content-Type: application/json
Access-Control-Allow-Origin: https://www.tri-cityherald.com
Access-Control-Allow-Credentials: true
X-FullContact-RateDelay: 0
Connection: keep-alive
X-Robots-Tag: noindex,nofollow
Content-Length: 66
X-XSS-Protection: 1

OPTIONS
H/1.1 200
OK webtag.resolve
api.fullcontact.com/v3/ Frame 0
0 513ms
114ms Preflight
text/plain 52.207.50.117
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://api.fullcontact.com/v3/webtag.resolve?webtagKey=qfQjd8yL44YJ9qx0nsFWouHROW5oUoaj

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.207.50.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-207-50-117.compute-1.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src: 'self'; navigate-to: 'self'; block-all-mixed-content
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.tri-cityherald.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, PUT, PATCH, POST, DELETE, HEAD, OPTIONS
Access-Control-Allow-Origin: https://www.tri-cityherald.com
Access-Control-Max-Age: 3600
Allow: POST,OPTIONS
Connection: keep-alive
Content-Length: 13
Content-Security-Policy: default-src: 'self'; navigate-to: 'self'; block-all-mixed-content
Content-Type: text/plain
Date: Tue, 24 Jan 2023 18:01:21 GMT
Referrer-Policy: same-origin
Vary: Origin
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
X-FullContact-RateDelay: 0
X-Robots-Tag: noindex,nofollow
X-XSS-Protection: 1

GET
DATA 200
OK truncated
/ Frame F255 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: baa795b13d4729d3cb6d1cdb8a0b3024cacec2480f019f50f5bde1566b0e109d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 4FB7 22 KB
8 KB 45ms
21ms Document
text/html 2a00:1450:4001:801::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 82613
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 23 Jan 2023 19:04:28 GMT
expires: Tue, 23 Jan 2024 19:04:28 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js Show response
pagead2.googlesyndication.com/bg/ Frame 4AC3 36 KB
16 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b14e828cf0e3d31af68db645e32ec8c04a113529f475d9d04bc9d1bafc67c626

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 11:18:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24185
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16096
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 24 Jan 2024 11:18:16 GMT

GET
H3 200 sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js Show response
pagead2.googlesyndication.com/bg/ Frame 348B 36 KB
16 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b14e828cf0e3d31af68db645e32ec8c04a113529f475d9d04bc9d1bafc67c626

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 11:18:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24185
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16096
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 24 Jan 2024 11:18:16 GMT

GET
H3 200 sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js Show response
pagead2.googlesyndication.com/bg/ Frame E084 36 KB
16 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b14e828cf0e3d31af68db645e32ec8c04a113529f475d9d04bc9d1bafc67c626

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 11:18:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24185
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16096
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 24 Jan 2024 11:18:16 GMT

GET
H3 200 sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js Show response
pagead2.googlesyndication.com/bg/ Frame 4FB7 36 KB
16 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/sU6CjPDj0xr2jbZF4y7IwEoRNSn0ddnQS8nRuvxnxiY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b14e828cf0e3d31af68db645e32ec8c04a113529f475d9d04bc9d1bafc67c626

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 11:18:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 24185
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16096
x-xss-protection: 0
last-modified: Tue, 03 Jan 2023 14:58:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 24 Jan 2024 11:18:16 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame B90F 42 B
64 B 129ms
129ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstq0pISElKq_4sphUHTEj1V0iStIvXsystMcWxLszfpR4d8G_zG6cWpVFtRW_A3mG5p3pekvcnWR6-MANqDHmbuyZjsymgfnYpIO3UTmL2lDZgUYuzGLf4yQy4JhKG8dDMKqDXt7Q&sai=AMfl-YS_tJMJLlkw9AQfLBKXh8--p0ls0COK5a_0ZaoRI-RZ4Zh5_-ttnMUxk_J5dXiHZnZS_n0GHZqGHEInSRym0P5sfngOKWy8qw6zxzQaRaAEL2T0oIOPzLxsN6_6yEI&sig=Cg0ArKJSzDRPhxFh6QTeEAE&cid=CAQSPADUE5ym8P5k-vj-va3i8dPZeXZkRbPVgS1LUzpClgRGXSWNS8Br-4PrLd1U-ITZl8kE6BN2jbZI5flLkBgBIBM&id=lidar2&mcvt=1040&p=143,315,233,1285&mtos=1040,1040,1040,1040,1040&tos=1040,0,0,0,0&v=20230123&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2511834013&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1674583277478&rpt=2925&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 18:01:21 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F255 42 B
64 B 128ms
127ms Fetch
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssUy_sybq8EHcKIFij8nkDpTfZ5LlAdWihCmKMhE2lSk2DfBndm5OvCEBmU_XAUz1RDmyFWpxjAwfshJP2rwKALXsdkUH2EbxMURQDR7rjB1cg-BEvxu5uZBqNBuniMX8VIXZ69Bg&sai=AMfl-YSoQQ0D1_YPMhceTKJ44tcUahg72FXzO_arZpKNslH2tvZVR15966cryrOs2_JujUn20Z0hHE4OAYkHFviRDbs1Hyp436tzTF7j4Hzx7CZRk1B7bv9LSWFrY2cncsE&sig=Cg0ArKJSzKXtIP6IRfFlEAE&cid=CAQSPADUE5ym8P5k-vj-va3i8dPZeXZkRbPVgS1LUzpClgRGXSWNS8Br-4PrLd1U-ITZl8kE6BN2jbZI5flLkBgBIBM&id=lidar2&mcvt=1049&p=1102,323,1192,1293&mtos=1049,1049,1049,1049,1049&tos=1049,0,0,0,0&v=20230123&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=612434278&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&vs=4&r=v&rst=1674583277642&rpt=3217&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 18:01:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 348B 0
20 B 128ms
127ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B6UKt7BzQY4WGJ9Od1gaEzpfQDwAAAAA4AeAEAg&bg=!trWltfHNAAYDMoyoIzI7ACkAdvg8WqBcjfjDRB147EOtEcLy-Bm-Jxt2NiHhlpJncf432XB0-g2oJwIAAANNUgAAAARoAQeZAvpxzFn-ymjRUJZy0si7xil-VHGACG4LUkCFb4a9H599Sf5dyL49gDb8ojAsdUP2FDs9MuZW40oBKVYzXmGagvMmfnfuwKOA5pPSy1JMwCsKHe_Wjm2sy7uTEvvSrdPvVO-zoHlA8HWr6Xi_BRyA_C8ZV3n2DFRtvqqvRkWqzoH7vLANj9IVBwDLqvzErXWm1BEpR8_onKKudMedkKwM3RXiYr4HvuGNhhvtMd4WQQQUJxSMPq1PKLx0jBrynVJmiRewNGW95TYpZX7a49sBrfF2dop2D9Nc6g41ARxiOmYM6FFjRQVNyUYGZx-gVyx6TdYfrIKlwX3vlR-lBQNE8vxKLMXYuFm-0v3EPlrzlJGmCb1PXfYmxm7umP5yfHq7KK2VE0_-6O1GOEeje3LS0YLIM7jO5pqRDwSc1N3PZ0avPQw1aorQ3_KgYw2WEujMibMk_HgfGCor1qLdu6rgCLicW-pknAvg8pv0kJO05znIoJaELjgPBX7as4P7OktU6GDkq756BeVdxRh-UVAsNS1orvtWIFBudgAgSMOYTDrelCSufPwAq4uG1Fs1DADDFZ-96aLbvqvWT3dDprdlv6af3ANYuWwSNIMjKa5ik9cEVV_bePOu59bf1UiPQ0VFORYR9E094WbvyWUOGGn57ATUItFPAlFGIirJ0XRM_tEwS6KtJIqzhXICiQbQ1WukT7wBzsZnycDE9TtacuYAdSdCHS7db8Ju9bRqSKKFIE9kWOobq-87UYtrEVruxJBJMI_RljRlsPTm35ZVgmk5_WWlxYZwOb9ZY5N_GGK4UdfqFomgDy_Cpxdx4oeTuwXGWzJLsYyQUvxFKerUD05BPNsPzzl0SKP3ou4-R6Fg8SBEggMcS0poubiHatdVSB8Vjz68jU2VcA8KfIsvetO_HaODSi0j6qxhcsSLXQQvgUSON5i7hPiWrLN_HNVYPyFyFrGDq_iRwOHH2ku2a7T6iQk4l4e_TlO-WxW3xzqetPmk8ctXDtWdRARSzcE

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 18:01:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4AC3 0
20 B 127ms
127ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BnJKg7BzQY4OGJ9Od1gaEzpfQDwAAAAA4AeAEAg&bg=!-vml-b3NAAYDMoyoIzI7ACkAdvg8WmK-Opj6FCqZllW5rI3zGdEnkAhKcX5sXa2amV9rxpDaZOfvmQIAAAO6UgAAAARoAQeZAwIsjM5D1KucIXj6g0IPTpdR-ZQKDWJShL5pAaibhV4owx8wGtoYtmpWMQ_MGfAAM3beKGziU9yh2su2ympgnD9Xu37x_FifNlUvoLdjn7YqW30O6GaEWMudY1-xwkvLUuvoc96j_8DDhbdN0iR0zxZYjH14L5IQwJWhOpuSUnAmbCyJaiID0MA_jkiSQiOxWpln8HPTdBTdQ2skelm6yxn2pcjo6b3J7jlUdL2xAXtSVVEb0_jIzOS13TopDoV9VWEga0vQMwc9RFtmNApJQ0cpWda8G7i70aLr2-hdD47MJ34MWuky4b7Svy6q9cHA3TWy7vrfkzk1Rtcm8LwAmlIRKSb-PfTvl0b7lxbQ71_cB1-MMlh8aRBR8bcHpT-ID65PsGmXkmkj-HmaS6SiC0EyLtN_tAb9a6f1wTIqwm2vicMsgJRaOufTJQSUNkwjAfJccA4-zIXRqKsGjY7ZQA0-Ei5YDD8XNIB4RVfGjzC6U2erYA9Jof98tq4w5Z1PMJ_JMZf3z7s1WDI5f9W2yWcgu2BnX-Gbh625TJ4Z0fCbgxejmtA3F7lOyEADSIfod0Iv3uw9KBzM-_Wbu2c-Vp04WinCP3gjL_gi1no9RjwIbPWo_3ZhzO30Wi9lpVCBYh5XBJT1MbpRgOz1sxa2ze0rEO2dCrtK1Z89ZAGxvj0luG3PmToQHsphSFbWxUUZHKE8YP9qAyYbbDKgf20N6XBM13hBPAqZNFJNNiaV3CyF7Lhdcb7upKqntjHLqf560G7-1jN9_VyHtVfM5CrMdlTDDuNiNGjMDb1E2hKgSps_lTSxfa2DovDWCJWdj5Nexq9yNpk1fHRKFihTvmUPuVCo0BUwXyOB19okWXeIVpVGm0qyGWYSssN8wg8RPTFlOyVGZf6Ni6x_5viOO6DqD6dwnHcGGYTO5nSPMaXkrp86acni1I3xWzcjqQK_p7wFmCxs4KXOM4t4GlYz1vOs5Nmcu-Je2MpYOVR25F2H14eRnuYBs80ppUQgFpXRKBqeDX7dkQ

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 18:01:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E084 0
20 B 129ms
128ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B_zPe7BzQY4aGJ9Od1gaEzpfQDwAAAAA4AeAEAg&bg=!r6ylrOjNAAYDMoyoIzI7ACkAdvg8WvsljEZajIi3K8Me1l3wk0JDPlIfVIr48ADd8m29YrCmTbMm1gIAAANQUgAAAARoAQcKAF-bgKG3o4r3TC04uH9m6QTfotiRrENl4ihdTogUk5cNCEDlUUFa4_syaCEI5AnmXLpXxf03iK-iVLEAk3UZAWzpMHv3pX-loaMPasWA956c7b378TmGA0VhkptxBziW0JkC9lMQLPs6tkZJJYi6dp6sITyB0AuEiySi7wRaMllH68WWijw9ehi3YP0X3lCw7bzo-p-7sv2hS2xVJvSI-d1XuGvXeeR_7skq8rNmDZ7YWjjHefB0hy48aIb3C45nOsntm_yXXvFIecP-PliFGK_yizSG0P61dVc7wwnrBHH7pfMWyQLz9IwzhjrcCGmYtdGczA6cXgtOP_iWvcE6xGx9RxWScnMpGgoq2CjW-eNgw1VSvOXQKVUP_fCzhd6uDH_hayWgkMGr_djlUF77PtOQJEvqd60SeDQe6pGMJNf4JJDdOaxR6R6akvx9rCF9vOfS-Fc4tLrdepbA7xvTb606kcgEJrCb2jntPcRZgJlkU38L4EjB68eXbq6SKJ89t23F8-8zGgyVothIJf6v9zDrgRtmpIu6XGaZ7zpL2XwZ8yHLLR3lz_f_DVrbOv2TNfuu7WvJL70wlvYZH7XhAecjsi0a6pfGmxXvkIKftqVKz4wefTPveJ4nA4UiC4MyKmyc5_kuDbucSehxGdxcl20UwXxtCQbaeJoEEXnc00e94iWnDRJ4f7oNJfK74z-j9j3R2tosq7ZdiH0pGypH26Wi0q2WvHlVnCE8Eg5nGqtYvzt66bUjgRKsmkKwJF2LsEKVMbM_YaeicIVbVzGj2jeoIY8CVp5vwZuSNoeo7HwaTjCzSmaIzsR6gflhD1i5JuoBAr2ucflsXnnjZu2thgV4YPR-gyhw5bkag3q9dKjyqwKcqiYOdApS5-xnAlvPmcwGwqlx2X0mrLMKpu8F-r58UZT5isfMGcxWphmI-gPFBq6751DsJA87Aq7TccaZE5gxd1tuebA706Vd594j3Aneo67SAhXvHIfmi1SxmueAqA3t_pg7-M4xnVqWZdumVBsP6GorE-zdEXqqrSDjD5uC6s7YZrGSGw-f484roA3X7u_eYN2GICT-BW6fTUM2qYWRE9Vrm94LWuA1agRS1Mi-EH3oJDrBIsjFR24Q6BL7-HNEpC6VQ0Jz

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 18:01:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4FB7 0
20 B 128ms
128ms Image
image/gif 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B30ss7BzQY4eGJ9Od1gaEzpfQDwAAAAA4AeAEAg&bg=!trWltfHNAAYDMoyoIzI7ACkAdvg8WuTptS7qtYe1fPM9b9R_x37KFF2NvKck1jFqemBgiWM6U1er1QIAAAKHUgAAAAVoAQcKADvnnKT9nXciD4an0PeuPZRx78jO7_voiXs1ZtAlekWrrIxBEoFK4IuQyBCaky-SZ7GWgkXY4AOoKwcC05kC7kdrCH7GOaJEJ1-RL1KqUHNnHq_TPDSRxwqcn3LmIWzSGGYotEtb4N2rRkGB1T-wGK5V-2P_I4Q2kbPNoTfzsn_Z65FiKGbUG99EkD_3pI3IObAXUa9i_LMjag_8v1-QixtmsX-LABd_VtUXauXkYIB7mDTVmzO3-M2JBeD7bjrBT-M2cMQjJzXN1J0JzZvRqDWUORQWBouVxzt3gDBzVzqKqH3WgaNC8-qosetegpCGbHauka_tm0uK9foLXzg51X6m8YKVIN6-sxGGR-NbiCzpEkIbE9367YyE69okCkwmxGQv-AGd8GGBS8Aqx8TKz_CavTC3jIpkrPp2oOhK0Zs_yKxe6GUPuUe-J1qsBWfLQFHR8MB5_3Ugs9rtX55Fh4nmimk05y-IYVMa9mbZ-cXgWa5EmSA7eQxZvn6f1SvBYQMX2YzvVyNgYqdNe8gkl3ZzCeJRBJvXai9KUoSP4mO0YA-SvWu_xqRXu9rdLuffC4H0D9e_pcT8Udjs1qxLHgeq7PXfVlblnwrum1cF7dNDtFdDLoTCM6MTdC9lg9CuP-uAkQoSEU03hyPwgi4uvIjcCR3p6P1Jqaz4Iu1LsDq_UAp0pdX7UBaatIlqEVc8BZGhxdDacPuHXWfiBXoeDTBGZOnE9vXfjQ7HtuWX5o1RG9RaDH_jiYEcqP2Ld_9d-DhexqSVPm3v4n8euVY-YN1fA8V_TSPHN-8C1w9NV3UcBixTMRNho4MTZL6JRuMFl2CoTYKE6NQ8NUvB1IPSjOmEFyxdS3-a9Ot_fkz-LyGD6FHBNHqS4otxy486t1sMOFFNaX9CEJkj-pOu0G64a_Y31Mp7X8pbg4pJ7a2nS0C9uQ-JBahaOtCMZTh-MxyJJIphbB3SfHswUZMNeaxPsp2L2NfsxteNJULA36EZuMWNhb6t0VjrU8XS4FAnUeVn09u4RoAgjGt24yP_3whHq4goo29qHcwIz8rjyMESR322HDgyAp1KVSV32tkfJg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 24 Jan 2023 18:01:22 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 httpapi Show response
api2.amplitude.com/2/ 94 B
287 B 199ms
196ms Fetch
application/json 52.27.207.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Requested by

Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/noilosy-zb/tri-cityheraldcore.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.27.207.171 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-27-207-171.us-west-2.compute.amazonaws.com

Software

Resource Hash

662b1a20d9937e219de86e8729fe3b165da7a27f0fe187f03b1c613936719a16

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Referer: https://www.tri-cityherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Tue, 24 Jan 2023 18:01:22 GMT
strict-transport-security: max-age=15768000
trace-id: Root=1-63d01cf2-576af30f4e824221664e5f84
content-length: 94
access-control-allow-methods: GET, POST
content-type: application/json

OPTIONS
H2 200 httpapi
api2.amplitude.com/2/ Frame 0
0 574ms
187ms Preflight 52.27.207.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.27.207.171 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-27-207-171.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.tri-cityherald.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: *
content-length: 0
date: Tue, 24 Jan 2023 18:01:22 GMT
strict-transport-security: max-age=15768000

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 133ms
132ms Image
text/html 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2023011901&jk=1795392521007194&bg=!NzSlNHDNAAYDMoyoIzI7ACkAdvg8WidwP1SBWxbfZXG3mAAl_LvtiipI8-nHcAPMYPxdw0nleM2v3wIAAARFUgAAAARoAQeZAqxfzKsQKxOEq3TwkZxK8jR-Q6drl2hguv1UUDBKl2dV4bbwhbYUSGwa-WBuxBnTW5iq6bHUhFK7RU2B_3KwEuTAZTpKH9LeRdclv2c_r2TMlfSdAbu337uLZCnu0-6GkJbfk9wOzjfiUx_Ijl8vG8r5DJ4gkXBfwwdWRLq32icSuLKKeLXtZ9TZ1dU-5G-bCXnKbk-L16yWAuN0Mj233wHC4-qjuWKM_pV4i0TvBELxOx9t8smhP1mI8ev3NPpuxFsaSLIjkZpq1pKa1ssrwFhikc8ryYlln_X-AE6aGE1koTN-HyvuxC7rVVvi0oKHRnPVAf1Mq3oacw0dJlB1pdQEOy7FRArlx9rlYzhMe0UjY3hhOy8jsT91SCY7Rzj8yHw1QziAAoGSjb51L-GdNSLpJA01cTLpGJv_H4xWJedPPCMISToyfUGk-MBmBQdSR-6OfcZ_80MJn_u_6sbTqtxesyAVTj_6VFKu9KVGL1db0GJRaiQCRFpq-CdASIMamqsi_q7WdVnnRJLHgYkpuh2RcxBX3PT4bGVDY5RGvi65uWEufpL3qoszYYPO1RRmMg66Jxf3yuqgEtMShYzWTZ5hY_qsOE_sHGaLNodeMepTK8qixCim0ZSAJNm3E8phHdLjnZUnbf4_yfMPB0rXWug2ocr_Ygh0byIFJXmCh_68PbJuzpnQTIp6UimsrsbO8ZyodlLxAIrW0d5ACswWCRXG-kJ2e5yhkCag6RJHYf1Gmg_pK7zE93jhqrPZO1jVjDGD_vghjeKwSTP4o3xNv68Zuj6qbu9T12L2kUtAHcQyCURcdQP7cX-HYvYy3KaHznjUkcj1TfSe65SjCvERl_g_5TZk6Am933xdr6SJ6Oiuv3HLzzoPCgYZDNotS4HTpGqiD_7N4-EKtVgO0Pk
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

POST
H2 200 httpapi Show response
api2.amplitude.com/2/ 94 B
287 B 195ms
195ms Fetch
application/json 52.27.207.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Requested by

Host: www.tri-cityherald.com
URL: https://www.tri-cityherald.com/noilosy-zb/tri-cityheraldcore.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.27.207.171 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-27-207-171.us-west-2.compute.amazonaws.com

Software

Resource Hash

2ad630a47ebcef9ed7dec31b1fd309a3ee67a260002d4817dda9fa65b932ac6b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Referer: https://www.tri-cityherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: *
date: Tue, 24 Jan 2023 18:01:23 GMT
strict-transport-security: max-age=15768000
trace-id: Root=1-63d01cf3-5d351cfa346639fc476aeb27
content-length: 94
access-control-allow-methods: GET, POST
content-type: application/json

OPTIONS
H2 200 httpapi
api2.amplitude.com/2/ Frame 0
0 193ms
186ms Preflight 52.27.207.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.amplitude.com/2/httpapi

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.27.207.171 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-27-207-171.us-west-2.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.tri-cityherald.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

access-control-allow-headers: content-type
access-control-allow-methods: GET, POST
access-control-allow-origin: *
content-length: 0
date: Tue, 24 Jan 2023 18:01:23 GMT
strict-transport-security: max-age=15768000

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ Frame 9F7F 43 B
245 B 122ms
121ms Image
image/gif 34.224.131.223
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=pe&tv=js-3.0.160&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_es6=1&f_gears=2&tvltm=10&tvcfg=all&f_privb=0&tid=146c534a-4ae2-445f-95b0-768c313357ed&pid=94b9779c-438e-4670-bbaa-c79810ca3ef5&dtm=1674583284699&qnm=_matherq&visible=1&tabid=34bb6c7c-b55d-4bb2-95d8-96d2c9ed38b7&refr=https%3A%2F%2Fwww.tri-cityherald.com%2F&url=https%3A%2F%2Fwww.tri-cityherald.com%2F&vrefr=https%3A%2F%2Fwww.tri-cityherald.com%2F&vp=0x0&ds=0x0&tofa=1674583275&vid=1&lvidt=1674583275&duid=c3198a4c-259e-4a1f-af03-9ab47bc41973&fp=1279215348&cid=ma12095&mrk=74930803&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTY3NDU4MzI3MDU4NiIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIzMS4ybWIiLCJoZWFwVCI6IjM3LjNtYiIsImZzdFBhaW50IjoiMTkzNCIsImZldGNoUyI6Ijk1OSIsImRvbWFpblMiOiI5NTkiLCJkb21haW5FIjoiOTY0IiwiY29ublMiOiI5NjQiLCJjb25uRSI6IjEwNjIiLCJzc2xTIjoiOTk0IiwicmVxdVMiOiIxMDY0IiwicmVzcFMiOiIxMTYzIiwicmVzcEUiOiIxMTcyIiwiZG9tTG9hZCI6IjExNjciLCJkb21JbnRlciI6IjIxMjAiLCJkb21Mb2FkUyI6IjIyNzAiLCJkb21Mb2FkRSI6IjI0ODciLCJkb21DbXBsdCI6IjUzNzEiLCJsb2FkUyI6IjUzNzEiLCJsb2FkRSI6IjU2MzcifX0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.224.131.223 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-224-131-223.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tri-cityherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36

Response headers

P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date: Tue, 24 Jan 2023 18:01:24 GMT
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

POST
H2 204 event-stream Show response
k.p-n.io/ 0
126 B 113ms
24ms Fetch 54.93.152.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://k.p-n.io/event-stream
Requested by: Host: cdn.p-n.io
URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=nH0P14xdqrGzY1zOSuQwt72a30oPDpqvzKAs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.93.152.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-93-152-171.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tri-cityherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Tue, 24 Jan 2023 18:01:25 GMT
access-control-allow-headers: *
access-control-max-age: 600
access-control-allow-methods: *

POST
H2 204 event-stream Show response
k.p-n.io/ 0
125 B 77ms
25ms Fetch 54.93.152.171
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://k.p-n.io/event-stream
Requested by: Host: cdn.p-n.io
URL: https://cdn.p-n.io/pushly-sdk.min.js?domain_key=nH0P14xdqrGzY1zOSuQwt72a30oPDpqvzKAs
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.93.152.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-93-152-171.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tri-cityherald.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.74 Safari/537.36
content-type: text/plain

Response headers

access-control-allow-origin: *
date: Tue, 24 Jan 2023 18:01:25 GMT
access-control-allow-headers: *
access-control-max-age: 600
access-control-allow-methods: *

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: cf-images.us-east-1.prod.boltdns.net
URL: https://cf-images.us-east-1.prod.boltdns.net/v1/static/5615998027001/8710955d-63ea-4e4d-9696-749c7fea728f/6e65e6a5-fb9a-4b8a-986f-04862586e222/1280x720/match/image.jpg

Domain: cf-images.us-east-1.prod.boltdns.net
URL: https://cf-images.us-east-1.prod.boltdns.net/v1/jit/5615998027001/cc2319a9-8866-4b1c-9853-032158afb156/main/1280x720/3s750ms/match/image.jpg

Domain: cf-images.us-east-1.prod.boltdns.net
URL: https://cf-images.us-east-1.prod.boltdns.net/v1/static/5615998027001/60f3fcaf-e2f7-4722-8a80-2557f1af4019/bff8b7d0-2d44-48de-8dc2-e36e2dd4b52d/1280x720/match/image.jpg

Domain: lptag.liveperson.net
URL: https://lptag.liveperson.net/tag/tag.js?site=2196236

Verdicts & Comments Add Verdict or Comment

311 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

41 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
s953.tri-cityherald.com/DG/DEFAULT	1970-01-20 18:45:43	Name: BCSessionID Value: 410f72d4-89c7-4156-8f1a-faba2c506f62
mcclatchy.blueconic.net/DG/DEFAULT	1970-01-20 17:55:19	Name: BCSessionID Value: 410f72d4-89c7-4156-8f1a-faba2c506f62
i.liadm.com/s	1970-01-20 09:52:55	Name: _li_ss Value: Cg4KBQgKEJkUCgUIBhCZFBIvDQpLWmoSKAoGCJMBEJkUCgYIxQEQmRQKBgjGARCZFAoGCMcBEJkUCgYIqwEQmRQ
.demdex.net/	1970-01-20 13:28:55	Name: demdex Value: 06747444506445913633991903905931279226
.tri-cityherald.com/	1970-01-20 09:09:50	Name: ak_bmsc Value: 1E123527500A6607E9563093D89FECC9~000000000000000000000000000000~YAAQGU4SAgS+cOKFAQAAYvDw5BIpvsp8FF84rwHdTVO8Je0SxwdWrw12Q3jbu9s6unlNdLLBLhsvdggfZrKFmpNWaZKXuHgKujo9wXoxTs85pEHoJ2oVfCEasQUhbpbR7m2XQT3yljpl/1mF3E+BTxi/crAPgRbxkIKprrXGDIbzmHZhElglITtEdQTViM2aHtnYTQlYUZ/Pt9+3PT5OvXtazItIgKdvNgB+Dp3+tPMTYAZAldXJTqQk1Ttg5jZCYmdp1FCmhPEUpvze/0ZuJQ2Fi+9Zna4NrTLM3lqERbPEdrUKh8qCzNfW36xLUS+Amoha/oGWywFvayk6/w3byyrUsGb121j26AAmA0XAb5EgSP2lrTxxu75H01zFTC7IYTg6D4q6ewseWPG7YVY82urRg4rBZhwL24w6rx7uR6FvtHubiw/KhmO/ImQif6JgL3MPRcvR3ezpq1J8QfZToIDfzVaxYdPltLynUZ0EltAhbgPsHOrnUBO9k4S6TDgIK0wo8AY=
.doubleclick.net/	1970-01-20 18:31:19	Name: IDE Value: AHWqTUnLXUGd1Par8hcdnsOd5zkNiPPMYz8XRuVNUbCb8xay98r-bf-R3-GDEhwRK1M
.everesttech.net/	1970-01-20 17:55:19	Name: everest_g_v2 Value: g_surferid~Y9Ac6QAABdmD0gBh
.spotxchange.com/	1970-01-20 09:50:02	Name: audience Value: 1774b9c0-9c11-11ed-970f-1d66682b0106
.dpm.demdex.net/	1970-01-20 13:28:55	Name: dpm Value: 06747444506445913633991903905931279226
.tri-cityherald.com/	1970-01-20 09:09:45	Name: _ml_ses Value: *
.tri-cityherald.com/	1970-01-20 18:45:43	Name: adcloud Value: {%22_les_v%22:%22y%2Ctri-cityherald.com%2C1674585074%22}
.postrelease.com/	1970-01-20 17:55:19	Name: opt_out Value: 1
mcclatchy.blueconic.net/	1970-01-20 09:19:48	Name: AWSALBCORS Value: u74n2hXVL5E9A11dRBoq0k0dnhI5iZJBr7ncLdKhLJYy5nqyFn8hFNhHSKRjoMUQkUzfy5k3mCzHb87t1Fcb5NefzQ1HGPTnnU1kP4EBzI1S5irXzE5qYgX/0eYZ
.tri-cityherald.com/	1969-12-31 23:59:59	Name: _li_dcdm_c Value: .tri-cityherald.com
.tri-cityherald.com/	1970-01-20 18:45:43	Name: _lc2_fpi Value: a54c2fa4f63f--01gqjf1z92kr429r80qz97ddw9
.tri-cityherald.com/	1970-01-20 11:19:19	Name: _gcl_au Value: 1.1.55840521.1674583277
tags.srv.stackadapt.com/	1970-01-20 17:55:19	Name: sa-user-id Value: s%3A0-f9c9394a-e216-4f63-5286-ccc38013ffc7.MzdM5WbeYzEjIMWn5X1lAzEiSudeR5R7dYiELMyjeqE
.srv.stackadapt.com/	1970-01-20 17:55:19	Name: sa-user-id-v2 Value: s%3A-ck5SuIWT2NShszDgBP_x9ly14Q.NkJIqeU%2BwVv1E0mY3gK3P4NhoCnweRS9uliSL38EY4U
.tri-cityherald.com/	1970-01-20 11:19:19	Name: _fbp Value: fb.1.1674583277350.1683736224
s953.tri-cityherald.com/	1970-01-20 09:19:48	Name: AWSALB Value: GbTlXd45BdT7CUJezdv2LChdmQwpm+4PYdoUig3Idx8ETmXQLh6F74juIfgXBLfk2zPP/P0W9iP4r4AAI1hJNX5xQAFxH5c7vROcbmYtq8ETgDhfOpWI8y5mpQVx
s953.tri-cityherald.com/	1970-01-20 09:19:48	Name: AWSALBCORS Value: GbTlXd45BdT7CUJezdv2LChdmQwpm+4PYdoUig3Idx8ETmXQLh6F74juIfgXBLfk2zPP/P0W9iP4r4AAI1hJNX5xQAFxH5c7vROcbmYtq8ETgDhfOpWI8y5mpQVx
.quantserve.com/	1970-01-20 18:39:57	Name: mc Value: 63d01ced-61b44-b8d0f-531c0
.liadm.com/	1970-01-20 18:45:43	Name: lidid Value: 145655b9-cbe0-498e-bf15-0df6a2feb451
www.tri-cityherald.com/	1970-01-20 17:55:19	Name: sa-user-id Value: s%253A0-f9c9394a-e216-4f63-5286-ccc38013ffc7.MzdM5WbeYzEjIMWn5X1lAzEiSudeR5R7dYiELMyjeqE
www.tri-cityherald.com/	1970-01-20 17:55:19	Name: sa-user-id-v2 Value: s%253A-ck5SuIWT2NShszDgBP_x9ly14Q.NkJIqeU%252BwVv1E0mY3gK3P4NhoCnweRS9uliSL38EY4U
.tri-cityherald.com/	1970-01-20 18:34:12	Name: __qca Value: P0-1612375809-1674583276868
.tri-cityherald.com/	1970-01-20 18:45:43	Name: _ga Value: GA1.2.1452632116.1674583279
.tri-cityherald.com/	1970-01-20 09:11:09	Name: _gid Value: GA1.2.1464327996.1674583279
.tri-cityherald.com/	1970-01-20 09:09:43	Name: _gat_gtag_UA_48281581_1 Value: 1
www.tri-cityherald.com/	1970-01-20 09:09:43	Name: _liChk Value: 0.48428983745861043
.mathtag.com/	1970-01-20 18:35:38	Name: uuid Value: c95463d0-1cf0-4a00-8987-6b5b1d426b34
.e.dlx.addthis.com/	1970-01-20 18:39:57	Name: na_tc Value: Y
.addthis.com/	1970-01-20 18:39:57	Name: na_id Value: 2023012418012100014799850340
.addthis.com/	1970-01-20 18:39:57	Name: na_tc Value: Y
.addthis.com/	1970-01-20 18:39:57	Name: uid Value: 63d01cf157fc60ea
.addthis.com/	1970-01-20 18:39:57	Name: ouid Value: 63d01cf100019518876e69a8688a427e6677ab895e6adb1381b9
.dlx.addthis.com/	1970-01-20 09:52:55	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 09:52:55	Name: na_sr Value: 20230124
.dlx.addthis.com/	1970-01-20 09:09:43	Name: na_srp Value: 7601
.dlx.addthis.com/	1970-01-20 09:52:55	Name: na_sc_e Value: 0
.tri-cityherald.com/	1970-01-20 18:45:43	Name: _ml_id Value: c3198a4c-259e-4a1f-af03-9ab47bc41973.1674583275.1.1674583285.1674583275

19 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://www.tri-cityherald.com/noilosy-zb/quarantine.d8dd140cfa71427ccbcf.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security	warning	URL: https://www.tri-cityherald.com/noilosy-zb/quarantine.d8dd140cfa71427ccbcf.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security	warning	URL: https://www.tri-cityherald.com/noilosy-zb/quarantine.d8dd140cfa71427ccbcf.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security	warning	URL: https://www.tri-cityherald.com/noilosy-zb/quarantine.d8dd140cfa71427ccbcf.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 474) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 474) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security	warning	URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 474) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security	warning	URL: https://www.tri-cityherald.com/noilosy-zb/quarantine.d8dd140cfa71427ccbcf.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security	warning	URL: https://www.tri-cityherald.com/noilosy-zb/quarantine.d8dd140cfa71427ccbcf.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security	warning	URL: https://www.tri-cityherald.com/noilosy-zb/quarantine.d8dd140cfa71427ccbcf.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security	warning	URL: https://www.tri-cityherald.com/noilosy-zb/quarantine.d8dd140cfa71427ccbcf.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security	warning	URL: https://www.tri-cityherald.com/noilosy-zb/quarantine.d8dd140cfa71427ccbcf.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security	warning	URL: https://www.tri-cityherald.com/noilosy-zb/quarantine.d8dd140cfa71427ccbcf.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security	warning	URL: https://www.tri-cityherald.com/noilosy-zb/quarantine.d8dd140cfa71427ccbcf.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security	warning	URL: https://www.tri-cityherald.com/noilosy-zb/quarantine.d8dd140cfa71427ccbcf.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
security	warning	URL: https://www.tri-cityherald.com/noilosy-zb/quarantine.d8dd140cfa71427ccbcf.js Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
network	error	URL: https://pippio.com/api/sync?pid=710914&_=1&it=4&iv=72bd732a01b84cb28a36776e660c6d3c&it=4&iv=86e17687f1cff24ddeab9a2d66e2760d5264aa17&it=4&iv=71a34856a5bd6ab40f7886bceacdb20045309db77332acf80a82c8bcb9704408 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://pippio.com/api/sync?pid=710914&_=2&it=4&iv=72bd732a01b84cb28a36776e660c6d3c&it=4&iv=86e17687f1cff24ddeab9a2d66e2760d5264aa17&it=4&iv=71a34856a5bd6ab40f7886bceacdb20045309db77332acf80a82c8bcb9704408 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://pippio.com/api/sync?pid=710914&_=3&it=4&iv=72bd732a01b84cb28a36776e660c6d3c&it=4&iv=86e17687f1cff24ddeab9a2d66e2760d5264aa17&it=4&iv=71a34856a5bd6ab40f7886bceacdb20045309db77332acf80a82c8bcb9704408 Message: Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

972450d2d4026eaadc55496c57e9c0fb.safeframe.googlesyndication.com
aax-dtb-cf.amazon-adsystem.com
adobedc.demdex.net
adservice.google.com
adservice.google.de
ams-pageview-public.s3.amazonaws.com
api.bounceexchange.com
api.fullcontact.com
api.lab.amplitude.com
api2.amplitude.com
app.securiti.ai
assets.bounceexchange.com
b-code.liadm.com
bcp.crwdcntrl.net
c.amazon-adsystem.com
cd.connatix.com
cdn-prod.securiti.ai
cdn.confiant-integrations.net
cdn.p-n.io
cdn.parsely.com
cds.connatix.com
cf-images.us-east-1.prod.boltdns.net
cm.everesttech.net
cm.g.doubleclick.net
connect.facebook.net
d15kdpgjg3unno.cloudfront.net
dpm.demdex.net
dyv1bugovvq1g.cloudfront.net
e.dlx.addthis.com
edge.adobedc.net
edge.api.brightcove.com
edge.quantserve.com
fonts.googleapis.com
fonts.gstatic.com
geo.privacymanager.io
geolocation.onetrust.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
he.lijit.com
htlbid.com
htldotbid.s3.amazonaws.com
i.liadm.com
idx.liadm.com
imasdk.googleapis.com
jadserve.postrelease.com
js.matheranalytics.com
k.p-n.io
lasteventf-tm.everesttech.net
launchpad-wrapper.privacymanager.io
launchpad.privacymanager.io
lptag.liveperson.net
match.adsrvr.org
mcclatchy-next-apps-prod.s3.amazonaws.com
mcclatchy.blueconic.net
ml314.com
p1.parsely.com
pagead2.googlesyndication.com
pippio.com
pixel.quantserve.com
protected-by.clarium.io
pubads.g.doubleclick.net
publicapi.misitemgr.com
rp.liadm.com
rp4.liadm.com
rules.quantcount.com
s.ntv.io
s0.2mdn.net
s3.amazonaws.com
s953.tri-cityherald.com
sb.scorecardresearch.com
secure-us.imrworldwide.com
securepubads.g.doubleclick.net
sli.tri-cityherald.com
sqs.us-east-1.amazonaws.com
stags.bluekai.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.mathtag.com
sync.search.spotxchange.com
tag.wknd.ai
tags.crwdcntrl.net
tags.fullcontact.com
tags.srv.stackadapt.com
tpc.googlesyndication.com
us-u.openx.net
vi.ml314.com
www.everestjs.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.i.matheranalytics.com
www.kansascity.com
www.thenewstribune.com
www.tri-cityherald.com
cf-images.us-east-1.prod.boltdns.net
lptag.liveperson.net
107.178.250.234
107.178.254.65
13.225.85.39
13.32.121.78
13.32.27.70
13.32.28.197
13.51.103.175
142.250.186.66
143.204.215.23
143.204.215.30
143.204.215.96
15.236.117.205
151.101.130.27
151.101.2.49
151.101.66.132
151.101.66.137
166.108.36.240
18.201.4.185
18.202.203.7
18.217.131.104
18.66.112.6
185.29.134.248
185.94.180.126
2.18.234.163
2.21.186.235
216.58.212.162
23.2.233.205
23.203.125.189
2600:1f18:730:b130:76f1:8db6:2c4f:d1ab
2600:9000:2057:4200:8:8845:1500:93a1
2600:9000:206f:5a00:12:1bf:30c0:93a1
2600:9000:206f:a200:5:82fd:2500:21
2600:9000:2190:e400:6:44e3:f8c0:93a1
2600:9000:2304:4e00:4:a557:4cc0:93a1
2600:9000:2490:a800:11:b309:9100:21
2600:9000:2490:f000:1c:112d:e1c0:93a1
2606:4700::6812:116b
2606:4700::6812:1a55
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:801::2001
2a00:1450:4001:801::2002
2a00:1450:4001:808::200a
2a00:1450:4001:812::2002
2a00:1450:4001:827::2003
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2002
2a00:1450:4001:831::2002
2a00:1450:400c:c06::9d
2a00:1450:400d:803::2006
2a00:1450:400d:803::200e
2a00:1450:400d:804::2008
2a00:1450:400d:804::200a
2a00:1450:400d:806::2001
2a00:1450:400d:80a::2002
2a00:1450:400d:80a::2004
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
3.236.169.54
34.111.234.236
34.111.8.32
34.120.253.250
34.224.131.223
34.231.246.225
34.98.72.95
35.201.104.135
35.244.159.8
44.209.218.223
52.20.34.140
52.202.32.237
52.204.16.198
52.207.50.117
52.210.29.207
52.216.50.225
52.217.130.200
52.217.173.201
52.223.40.198
52.24.111.54
52.27.207.171
52.49.9.98
54.155.18.159
54.88.76.203
54.93.152.171
65.9.66.104
65.9.66.66
99.86.3.236
99.86.4.69
010afe0616bb28d0363457e61f299429fd9458d2765ba2ea65663b4c131e3342
02fba049759f060ce2ec53acb2440541ae6e99f0f338df9e369044f219de9f16
04ec30339b36e1341d00b5ba0629388f44dec2c81948d3ab8847ab72827a3963
05e470e14af2a774d5a01cc8a34f5446abd655ad4172a0ff55d6dc38ab66c53a
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07f99cd40031db3ac495f5780ca9a0c14e9add29cecac65854f49e6cd5c149af
0a7d0dc99585333e3e902b846fa852ff6a40a5bdaca8497b3cacfc9f9f6b3818
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0ba7d8effc7309dce7b36d4f0f0ae486edbc0b0a88030a8dc1831767b0031ed1
0f83531397727f64ead4266d70a984dee950bfaff04d2d4dcb7cc737bab95916
103b5d3101581404a3b431cbe53e4fcce7669301bd9affe349abf9fa2d050631
10b97070812409880dac8ae6358935a5ae92c44a92b8c68741db81a6c9e2241f
111fde01bb389a112d04fbc97daba062ec3d22bff6b7f2c5c52c984869922abb
11401b059365dd387ba607aa55ca532d326d764253ea85de141a4423cedfef27
12765462420db56f855f3ea8bfcdd2e41f4ff0d3d4b397f34e9eb79f28aa3172
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
12cdf4ac329e976c316808d6d46bb5847ea8a05a09a2c3a1ba3831d40807118c
15699b5c06672804532803e383673b1de9f2215346aa0b8e74fb7d2931206487
16665e70bbabbef07ee714f48a1716d3c4287106580092ef21742fb7020c6676
1ac0743ed94b9144a7d81d0087956383698d24c3a18a7301d93264466c6941d4
1e222e08ed932bb3c623674d4dc19c6fef67ec37043939ad469bba0f579717d6
1edb5ed37a0db504b42d9641eccf602ee2f265fe3474f9ace2d9c3319dbfd97e
23329bbb9d89d82b2e312cb8e8d8ee3f5af69c4e6d21844ee258a7cf538dac0a
25475d82cc976fb2c71b15b3e416c22bf636dd247bbb268d312e7c076ec5b6e4
258e9ddedcb8876304c2a6b9c7cb5757eed2609cf3de53f52d161ccf6c5321ac
26f1e7ef75fb5e9acecc7d04286aa2b3ce4b5343ab71e2bcec471eb3a561b7bf
27bc0cb7e7e10d7caf0982f160c1860cb1957c710ee64ad3a21af29ec4a1edfa
27d7b573de36acef9ddbf975de05251f5219d2e4b8424288aae62aa57d5a6396
28fd1abbe396c03b63e219a80bfa896f29550c848b317f388adeb7cfffdf69f6
292ca9e09a900cde3c17a06720d49db893fc24582958ff8ebad02b22b1a5cbcb
2ad630a47ebcef9ed7dec31b1fd309a3ee67a260002d4817dda9fa65b932ac6b
2c2d839942cb9548ad7447ed4fe2bd45e0c84b4eef108fd5c6ec085b0e2405da
2cabd0f8fbaee9fabee053e9b17c25b217c40a6061cc470dd6a8826f3ebc911a
2d9fb5c7fe4d61eec18550561f4b352bbef0e77ab90456ec51c90eb54072ba32
306918a1799397fbdb4eb6b7e6d7f0bd08ac794582e53c2e84f0a96e07faedf5
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
32074a16c8436817aa6ae745e28aae8b24a5f98d7b298b0183ba5fb636b405ac
341cac54e2233a3ea849713a87fce48e95ed8f3c8317c4d3bdcf0610da762e23
34470969cbce5179579cfb4327c0a3d12daff4432220e58302ce34b7af63b73c
359ca6d9de759ae6cc10299b0952d454830da1b9f1109146dc4626685b898258
3674ab176b8eb986478e2d0b2fecdb526a3628bff2dcc48d0ff44e0e5df7c6c9
38c6a2d5b4a654ad9062ea9e6ba8632e6396ebeaa2943020a0897b9f7e038519
3a6edd2bd695de1afe00607654e6129f242774e53ef1d4c84efa9aef7d5c3fda
3c17de4dcab73444b22380cca2773bc8fb69e2b424f1e3b469e922d6bb3ad84b
3ccdd01cbd5c46d4b5ce379c0e05f0b711c7bc36cdfa16bd4bf62d64693566de
3d4035e709c3856b025a4783eaab5d50a5fd43d9f08bddbf99dc97f133d3f169
3f85ddbc783a8d4d564df27e2d86478593b3d47f594e2f31a64c25f1b2be93a1
41dd3e48dbef1ddbc59957d4e99ef7662c1702dd8b55d0900b02150f87af354a
425d571d543d93623dd684230a513a8ea6c0f72377b6c29c6f203f241ba00217
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
443ea90e810ffee25d145c79c559053ccd324d49ebac3bf75a276fe5be019a6c
44b8303ce68f79cce6720b79e60c9ebbd51c58f40e40dbf6b3bc71a01ea371c8
45f08f27c7337d189e8c31e635b5d0a0781b273131135cd77ee8b6f12366e7a2
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47a5614a17b02134c28dbd6efd4212a7eb700b1aa35308427889bde9821f9152
484c737138f2ef20c099de8ca0813a81f11619e642d724d5a93ccc2488bbb313
48f08678e02e62a5a40fc22ecb0d4e4cf56a7128c65d8c61c3da35eeed607623
4a58062fc0a9323457fe44f5a08d2cad980d96dbca76bf56bca210787c72c514
4a7423b782e91da2e6f4a76801e3b48c5e6a0e91bbc061e25bf36262ff8787ff
4b11a5a999e3e3045fc364bfe9c81bad4fa5934331c65dc2decb4d59a08ada84
4d0067e1e19953512a106142fc9e15629b9504cb6be3d0315f7b490936119aae
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e52bdc22178e28fa03fde3ba2cd4e4b447452b7371b9d41b3924805a74243f0
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
506232725b472834278e60634b4137a0358256051a6fb7f6f03582964e756de9
50f06d05bc1a135363bdc7494362f903295660bffa41985313fb84fc26e87e52
54053b785aa3692bedafa8405ca745fcdf76ee87e34edf28e2b95cd03bfe8ee0
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
558c0c8be629970314afa707fe5ad72ef367bf1084864643ea28969a39bb0871
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
56ab345f28a0a51d54cbf735d3660f1ad65b4256905ab324024806fbadbc821f
58a07739b05fec4d319e4d5c6b1fa4ac79e2a625e08ab3f303929b77fde5bdf4
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a1ba6ff6db12f791bbbfc4da3cb389e06f0cd53eede09ef3eb3ceb074089ef1
5a6a1024807e3504d93d0fc26e07281450105e97e36169a178243b9856dad356
5a8f5ce3746d4cfb65c3fa8c0b5c76a9d83784397135aa7c9fe205e4bb303875
5b7a1d6931cbf188c5d1b0cfce85ae12021555ac95ebe5be8c1e3400682bb0d3
5bc1b63af6c01e01be5c53d47200f90667a90869980fe817bded5e984b368cd0
5d29807d19d4f4a82e07149787abd0ad571145e5cc44f613533ee43d888598fb
5df2498d566a9c0c42fef5906f0818a35cfc4ce1cac95e1e0eed4265c838eb10
5ecb58845a9ac30e4eb4b18eb0e7431ba1fb195ce035309735efaee67421c7a3
5f2aa04129904f9458ac2458baa9b4072b77a5083919474a3a80c84d1896af63
5fec21894f4774e4b1874d4153daf6a0dcbf68a34e8a784e6c7d063ac2c0871e
60c67b61c036e739d02f7ede3743012003c6bf06788c9fba601b65983c0a0ab3
61ac33de6e80b49ce05cb7b6805670f547ab2445579b6b0c1c8ca433e6d48c42
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
620cdff4c9861a52e5560bd877b5598f2162b2d55e2d3e088d8d0ddc5613eefb
625e7145cf1a0554ce35074ba62a893a2bb87e1b7eb8b37e531bbc7adff78bd2
62a20e257b8a5aa8cf9cddebb9b2d2c6a5d26f0458561846d94f56eca032a952
63b693778274923011281f0c339ac4116f8a31b9d186d0657849380cd5bd34b7
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
650587719d00d216eff81b7a8feade391863ace124e282d62018b1df5fd75f92
662b1a20d9937e219de86e8729fe3b165da7a27f0fe187f03b1c613936719a16
6942aa2d9cb977a25b9e503f731dd38210f0d0337b8b6783c5f9321924275261
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
6b7f1c14024ec6e97850760f9393deda36dc2373eac7e3df6903862b7ef368a9
6e4ece576a3bea8a4e44782cef4e683c0d01e4d52d0f2d968512334330bd8272
7062b06e6a15d9086fc982bdc80adaf4a620352798a29c3fbebea02a1a03960b
70ff993f7f07c41018317c99475a4558bdf0d206ad78256458ffc9afacfb55b2
7330c1fc5a616a82cd0df3d6a6ec5733dfca3111a4d199d2ffb2ab2445a8f42f
742445e50be5ada45d584852bd5a1cb6dc44f04fdfe89d4447f912679ad49416
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74a34854f0e59201f85c8aec6290e89eb484d223dc1ab185fc54424e50618daa
75d9d212e2811afea51e1b0d425566c5b3f2be843066b5a8f91f9df7c328cda6
764df958623e81ae49b597536c4f788d01b6d7d5b6fa5933868a4fd691e379df
766c7ef0126a38a86dee0e014065c827eee26de3584facf3b4b8feca9d6473fa
78d566d84342550fc2075fb4016094a423cb9b717d481ee34fc634c079ceff0a
798b67bb2ea3243fac61fc7df7e5585a5adc40887e278bdf62598ca5d7629903
7aa8d9d4c4a60dd68d72fed2e64e646cdd7d616f3a690c3f10b6282fa854148c
7ae7c69875eee557f7b1a30b09286ebb8a3206be86a0c7aaebb90b36f9c5c510
7b93ad48cdcb0da7023b89a96fbc596a58527722f2ded9714f3ab55be5b82e41
7bf1737363890f1829c6613d823d6ba755cf268596e6d6d35d1ea07b4c72f27e
80d54533f80e8233621f965ae0a7713928bdb4d491ed0eb5e90434550f1894cb
81e36db89cec73c66c5b4419349a29e1a6f1819575293a9231d22d866d31abe8
830cac2a8908afc16e114cd8393040e1cf11977a968af0c0dd052d592868ea16
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
87698ac6c6aa68eae00b463509df6e816683f54e09e94614c99d3cbaed51a267
88f00438d26021a325247c4427898f7c778a22976df9f1a9d9876429778bf265
8a8ab93e684363cca3ff93141a00b9a09dc95e42f7429b1a095a9f1c3ee0dfc1
8ac1013b3476b49ba5c8757300938355559722d7b008901cf63fd398572e60a9
8c5df54ffd454db37d8b014d2981d6d8d55e1362fcb3a78259a231addde91917
8cca5c9194ac528c91ac290ebe549996626a072f7029d9a9176ff8704ff49808
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dd021745855be5cb9135c9331ac33c35e7951481253c44836431a55161303fa
8f601d546607100a49775a3e45c56a9c53f2761fa1721b5b986c07c2e2a46a5d
9159f42fdc7769c186145cc4690f563a2a6c9d63cc7af3343d912c03a5054792
943c86949eee24ae98134e6f35c38c124aaa52b2621bda54dcbd4fae292ffe52
949b0b9bf6768359f6f85d4b5c112de352e47a7f476f0f47c1574a1e26f3f8e7
9598d17007ef46d7b9f8ecf056e06747eaa45f9df2704c59bfb0eaf82361d076
95e1b246cc90d4466cd86a73c0822606a31d50c76d9cba087bef3e4eeaf9f1f8
962633a9b2b7df607d091396cbe096cef615f8bd36ea627151254a5743c4e0c7
97a6b6328f6681e2c688de1576108091a2827b4a2f4b0ed4cb1502519b2ee72a
9818f1a3d0803ee3d70113673b5aa48a309eca146387d6cb0391235571d92515
987d5da0ab9202a9c0f62852a6939b618a0c3eb38db24e4d1afb947bbcd98bc7
99dc72a348c88c26717b3f513e64c50ac6eb062c87c37abebbcbf3330287b25f
9dffbd45ce48bf5e8eeb90b3d8567f8270f217c174de81fe3693d6dcdbaa1588
9e3335764540ad89b36e27c0e0c5a4d1e164c0ffefdb88007e01f745fc4fe790
9e759fb230c933e6bc04a5620a261a728e3fed6f8bfe43a10588182e66cc2fbe
9fb5e4a319e43a892940aa80a3a19a1a3267b7822fc6897ca25cfd96cad17ec4
9ff8be4caae44452d25370811829bcf0de87a264bc6dab2b9c45ec89b57b7c8c
a0107a6693b6ccde2883d4ad8f80a8a19a8278c5deb30f75f7dcd10292258e60
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0a9ce1553fa74dad4d8cf55b7df7d012a3acdec01cd39d682fce0e5b52e99f2
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a14d957276e4c62ee1b1c3f6aa50ffb00e8432ce5888c5d19089b80a8bc271f3
a1a74eef6e94e2e8414e313d3dac9c34b11fccf52909e9eb833ce2cf70ced650
a1f4cf701c34333d57d1eefb0b64c67f5d1d7b60975ec43f01270cdcd6e0d71f
a3d561016ccd3a810f1d3395781ede59a06b27fcbab8668e0d06da2abab0eafa
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4e78e492e2cb5bba49246d91ae417ffc26edba507b5ef6bf7f7156bb9b73381
a8f221f028cab6d2619c4c624a1be0044cdea534580268ef8e26eced08d61f27
a9196e994e4b8c341c24bd4c2f7e132d060b9191fb3f628641c5f0fd10e6736d
aad0de1ea5ec51195efd90589282fe5dfa46a187d8e66d673230d52cdc5fb6d2
abb45ae4b3a896ae99132c1786a9676218c119ea552d3fbb5ab6d40d9e05e43c
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad52f02bedef8c1ef921e2a1564a783d5296fc5dddfd2b9fe262b4b923f8c9f9
ad8416d71fc033c5f99a818ca197a8bbdb7b58557c88bd57950b2858100da0cd
aeb8b6e67c3c02f20a0c010763e30fdb3e684144e5b93e508dfca1c3f0985187
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afeb72a9000a98b2723bd8c035adadb59077931bf67f3afb40c37b7b0083ed1f
b08259e3c3f7b18a6f81fdd52d97198d7df94634144aaced415bfb1061883bcc
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b14e828cf0e3d31af68db645e32ec8c04a113529f475d9d04bc9d1bafc67c626
b38fe55dfadcf94bbe6c3259dd1a31d5406897b5ce60166dab067f9d81a68a2f
b39fcc81af925088d9201d7407567ec7fb48371565cf25d63fef1f6be0273345
b3db5ede07a80b2d5092c7bc68a870aa9eb0c0a328a3ca3b86a2c643da069cb6
b5536b3c6a843edf27899c1969b5878162dc6909f93e5e34e3110128ea24ee88
b59e31aeaca17f052e5e16fa1713cb48d45997454c26ae2876302420b77751c2
b7e88630df31a86b3b2f08009711557000dddade2c33e0482e4b314c5a44752a
b902eb21a12bbcca749f44a0323eaf05029d9e3f215cda51325a814c35d97a52
b9219efcd84de252676ddb9ef28a50a946cd36e221f770b1dcdfa97d29959902
ba7a432873593e5d79a785cce76f84c3af129d9347320e4f62063c202f2ae138
baa795b13d4729d3cb6d1cdb8a0b3024cacec2480f019f50f5bde1566b0e109d
bb093a956863dcadc681ac2c80d93b73ed30c83cd246c6f30cff3af9c73f48e3
becd124e0894570d928778df3677413aa7c44cb86e63e4592ccb117d3f2a5b21
bed31793e6a6753a6e9ffb9a93a57a7cd3a539ede3340039cc4bdf77c593360b
bf27a71dc58d016883e1da33d7aa4905e7e2d846a1bc9ede1b3d7ec8dc0ed173
bf6e1240adbfd769edcd48944929c17b7079ab797ffb0c1eecd552afda5e3cd9
c0b61e87cb6ee339087d1a9fca8f2a485a8f77f6ad607993ab34dfafe88083aa
c0f9a96a8b15dfa0bd82a9b0c4f7d31927c96784bb62af0a94fbaa78cde5e2fa
c1c30918a861cb6a985ab55d54ad7e861682354197f164cb3b7194f20eed67ac
c2eca0fe6ecb3f1512b5449e55f7e00190fbf4360f0ac0d03ade69e96335662a
c5668441749de5241c390d0d6893686bb5630a913045b360c7f1350ece80742a
c644c8c8df3a1e76a1a1b3d14995990ebe679314dbd0b7cea2f37fa0fa2bbcc0
c6a2acafca2240ed410b27b91023f58e3a9196bad947f6b0ddd2aebde99cb5c3
c7aea7c22a8be795f2387dd80341ffcbc21da955eae9408c2e6bb7173ebe0767
c97dcb70d635092868646d0fe67b38a04796f5343dad81c23945bb31d477a763
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cb51bdce63555841035a5dd1191a7afdb137f00a9cdc9e0c05607adfd38d500a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cff2fddd0382a2f4113ce84ee9e019eb1e60da60f02cd1dbc968d93f9142e17c
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1798f00809f57a10e52dd47948ceabfb7a5d6166ee026f06c885ec67076d4ee
d2535815833746fe6683a50cac72e5025b099db7b21e6a5b3896e01973c91050
d38236a3fa83635118b6b177bda2330ce7e5ce09a3e50d9f4a6933b2923c5af8
d47249325e2cf8c47798453b562d441244db94c476fe36555035c2da8790cbaa
d48d68a08b3ccfe7a0bf7bae8810bdc434b79c882bf4d4aa6951d43c25b70570
d56179d996f7bb8ce94673c80d3ab5169ee72f353d964e07f29fac5a1178f336
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
d82c76f26595d47085438aebf8993c7e7713f30b969f4032ab3db9d9d2a58a41
d89fcffc0f013b852144e04aa7a737bb546d07b34e548d8a4921ab04df726082
d8dc14168a92ecaeeb75d38c57b654690564848340ae09b72d6fbb2de03d75fa
daf1fec44c37c631ce9568f4cee06d2663c2e7a284a350ea2bdeac739322fbba
dbd08f2c4c52ca2c903bf94dd72aea0181ada5543ddbdab9c684291254432aca
dc23f0b941f100ab048b7ad426f8f0a3baa64f0214128f35c215eec65d79eb44
dcb9c6c2f2d50ffc5f84ae143318921c0fb4bebc99f3970bd3565422b9c19390
dd2c4b8829d43290d2d6f61b5c253b2b9edf5d715f61a3454a4123c00f5c477e
e1816c058d2ab84b1cb1962de47772e47d5182b58309e43ddab5b5aebbde3f82
e209665ef10fbcc77c20dd867a90137fb6b9bc60c329902c4965a54d2e0991e2
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3b9d318b3157ccbfc3bb00e82a446613294f9a592c01537662386bd848882b7
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e7e696f3b5ef25c97cde87bfbe910d446dc98e85192c814c4c3a540d1ac857ed
e904f28338dc2253c81f57d4c35a9f5f4dee036b4001212791acac11a2b326bf
ee54b51af15f1f68f707da981f3c135c249a25e9293871e1e0cbd2c24c7b6117
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef8f067f829af7c95936a36f38e54c98ab090f937f5557e4c78829ed8fcf5ffd
f1e25328be62ee5aca4777d33ecfbaf64a502f80dac2008bd7197e236cac8dc7
f1f8842f267b4ba14eba13922dbd36c50978e5b328534476639fe1548e742007
f4fc114373da7e63fade04d84f7f1cfb5b31632246f33b10f3b7b275b85e6dd6
f6f2d3824ff8dac18dbffc75bf0b7963f21b0b6be3ffddf2c0927da29f03a9ee
f7da44c9657d7a2dbd9d127c5d9834ab4d9599445f264f90e2b922e61bdc9ff9
f8a79e266d9f0a5982f3b2cfd1b044546e52716331afa03dc052bf86beab6ad3
f8cedfeab9b33549e06bd1f53d3317e9f825f094299af11d86e4042d409c3d03
f93ea08abf0d77b5d2d05efedade7fa7b21cc987fb9990fcf8780c324868f403
fbf5a809affc2436edaeec5bf7b723d8feaf4f9e7cbd8ba5f7f0f1e237b17f27
fda4b2621803a750891ca048224b0680e6db5d7ecf02e1fd44251dba472ae455
fe3fcb884394be745dbd11141b6d780028a4d86106b6292d7502db096f582218
fe8e8325cca37fc986268bab20aa134722a066dc93347d824b0f989b9a94e023
feef76f5e9b3feefeece0e36b636d90d747298ed3b3512f6378c63dfa075756f
ff9162cf5ac6d80acf12216be212ed691a1fe9e8242585668c0fa329b68d2fe3

www.tri-cityherald.com Open in urlscan Pro 2.21.186.235 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

363 Requests

81 %HTTPS

35 %IPv6

59 Domains

98 Subdomains

85 IPs

9 Countries

8275 kBTransfer

17826 kBSize

41 Cookies

34 Outgoing links

Page URL History

Redirected requests

363 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.tri-cityherald.com Open in urlscan Pro
2.21.186.235 Public Scan

Screenshot
Live screenshot

Full Image

363
Requests

81 %
HTTPS

35 %
IPv6

59
Domains

98
Subdomains

85
IPs

9
Countries

8275 kB
Transfer

17826 kB
Size

41
Cookies

363 HTTP transactions
7 data transactions