www.durangoherald.com Open in urlscan Pro
107.154.114.252 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://durangoherald.com/
Effective URL:
https://www.durangoherald.com/
Submission: On September 28 via manual (September 28th 2022, 3:14:22 pm UTC) from US — Scanned from DE

Summary HTTP 253 Redirects Links 40 Behaviour Indicators

Summary

This website contacted 48 IPs in 8 countries across 38 domains to perform 253 HTTP transactions. The main IP is 107.154.114.252, located in United States and belongs to INCAPSULA, US. The main domain is www.durangoherald.com. The Cisco Umbrella rank of the primary domain is 831789.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2022 Q3 on August 17th 2022. Valid for: 6 months.

This is the only time www.durangoherald.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	107.154.109.252 107.154.109.252	19551 (INCAPSULA) (INCAPSULA)
41	107.154.114.252 107.154.114.252	19551 (INCAPSULA) (INCAPSULA)
7	2a02:26f0:350... 2a02:26f0:3500:16::215:148f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:82f::200a	15169 (GOOGLE) (GOOGLE)
1	184.51.9.197 184.51.9.197	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac18::1:a:1b	20446 (STACKPATH...) (STACKPATH-CDN)
1	35.167.201.97 35.167.201.97	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:5814	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
32	13.225.78.71 13.225.78.71	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:350... 2a02:26f0:3500:16::215:148b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	50.17.180.6 50.17.180.6	14618 (AMAZON-AES) (AMAZON-AES)
1	18.66.112.92 18.66.112.92	16509 (AMAZON-02) (AMAZON-02)
1 11	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:400d:807::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1 13	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
7	63.34.160.33 63.34.160.33	16509 (AMAZON-02) (AMAZON-02)
3	13.224.195.78 13.224.195.78	16509 (AMAZON-02) (AMAZON-02)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:402... 2a00:1450:4025:402::9b	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	23.35.237.151 23.35.237.151	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.32.10.16 13.32.10.16	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6810:d735	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2		() ()
5	2a00:1450:400... 2a00:1450:4001:802::2001	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:400d:80a::2001	15169 (GOOGLE) (GOOGLE)
4	2606:4700::68... 2606:4700::6812:1740	13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	2a00:1450:400... 2a00:1450:400d:80d::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
6 14	142.250.180.194 142.250.180.194	15169 (GOOGLE) (GOOGLE)
3 7	104.18.19.126 104.18.19.126	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 5	37.252.172.250 37.252.172.250	29990 (ASN-APPNEX) (ASN-APPNEX)
12	2a00:1450:400... 2a00:1450:4001:830::2006	15169 (GOOGLE) (GOOGLE)
4	142.251.39.34 142.251.39.34	15169 (GOOGLE) (GOOGLE)
2	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:400d:806::2001	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:350... 2a02:26f0:3500:11::215:14cb	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	54.220.47.254 54.220.47.254	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:220... 2600:9000:2204:5600:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	34.252.39.216 34.252.39.216	16509 (AMAZON-02) (AMAZON-02)
1	85.14.248.72 85.14.248.72	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
2 2	3.121.84.223 3.121.84.223	16509 (AMAZON-02) (AMAZON-02)
1 2	2606:4700:440... 2606:4700:4400::ac40:98f5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	2a05:d018:d29... 2a05:d018:d29:3605:c283:2fe6:5625:9484	16509 (AMAZON-02) (AMAZON-02)
2 2	37.157.4.23 37.157.4.23	198622 (ADFORM) (ADFORM)
1	185.64.190.78 185.64.190.78	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2 2	72.251.249.13 72.251.249.13	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
2 2	63.34.160.83 63.34.160.83	16509 (AMAZON-02) (AMAZON-02)
253	48

2 107.154.109.252 (United States) 2 redirects

ASN19551 (INCAPSULA, US)
PTR: 107.154.109.252.ip.incapdns.net

durangoherald.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

41 107.154.114.252 (United States)

ASN19551 (INCAPSULA, US)
PTR: 107.154.114.252.ip.incapdns.net

www.durangoherald.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:26f0:3500:16::215:148f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.51.9.197 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-9-197.deploy.static.akamaitechnologies.com

s.ntv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac18::1:a:1b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.167.201.97 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-167-201-97.us-west-2.compute.amazonaws.com

prod.ew.dur.navigacloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5814 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 13.225.78.71 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-71.fra2.r.cloudfront.net

imengine.public.prod.dur.navigacloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:16::215:148b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 50.17.180.6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-50-17-180-6.compute-1.amazonaws.com

durangoherald-co.newsmemory.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.112.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-92.fra56.r.cloudfront.net

static.ew.dur.navigacloud.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400d:807::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 63.34.160.33 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-160-33.eu-west-1.compute.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.195.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-195-78.fra2.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4025:402::9b (Den Helder, Netherlands)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.237.151 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-151.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s-jsonp.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.32.10.16 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-10-16.vie50.r.cloudfront.net

aax-dtb-cf.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:d735 (United States)

ASN13335 (CLOUDFLARENET, US)

ads.adventive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 (None, )

ASN- ()

d3768553-257c-69ae-8152-69ae257cd376	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
d3768d55-257c-69ae-8954-69ae257cd376	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:400d:80a::2001 (Ireland)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6812:1740 (United States)

ASN13335 (CLOUDFLARENET, US)

assets.adventivecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:400d:80d::2002 (Ireland)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 142.250.180.194 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s33-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 104.18.19.126 (Shahr, Iran, Islamic Republic Of) 3 redirects

ASN13335 (CLOUDFLARENET, US)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 37.252.172.250 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:830::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.251.39.34 (United States)

ASN15169 (GOOGLE, US)
PTR: bud02s38-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:806::2001 (Ireland)

ASN15169 (GOOGLE, US)

76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:11::215:14cb (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.220.47.254 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-220-47-254.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2204:5600:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.252.39.216 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-39-216.eu-west-1.compute.amazonaws.com

skydeutschland.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.14.248.72 (Kamp-Lintfort, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.121.84.223 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-84-223.eu-central-1.compute.amazonaws.com

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:4400::ac40:98f5 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d018:d29:3605:c283:2fe6:5625:9484 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.157.4.23 (Denmark) 2 redirects

ASN198622 (ADFORM, DK)

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 72.251.249.13 (Amsterdam, Netherlands) 2 redirects

ASN32475 (SINGLEHOP-LLC, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.34.160.83 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-160-83.eu-west-1.compute.amazonaws.com

match.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 143 pagead2.googlesyndication.com — Cisco Umbrella Rank: 102 76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com	551 KB
43	durangoherald.com 2 redirects durangoherald.com — Cisco Umbrella Rank: 686324 www.durangoherald.com — Cisco Umbrella Rank: 831789	1 MB
37	doubleclick.net 7 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 180 stats.g.doubleclick.net — Cisco Umbrella Rank: 79 googleads.g.doubleclick.net — Cisco Umbrella Rank: 42 cm.g.doubleclick.net — Cisco Umbrella Rank: 212 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 299	418 KB
34	navigacloud.com prod.ew.dur.navigacloud.com imengine.public.prod.dur.navigacloud.com — Cisco Umbrella Rank: 502468 static.ew.dur.navigacloud.com	7 MB
14	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2 region1.analytics.google.com — Cisco Umbrella Rank: 5431 adservice.google.com — Cisco Umbrella Rank: 76	43 KB
12	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 268	480 KB
8	typekit.net use.typekit.net — Cisco Umbrella Rank: 448 p.typekit.net — Cisco Umbrella Rank: 588	196 KB
7	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 528	6 KB
7	postrelease.com jadserve.postrelease.com — Cisco Umbrella Rank: 1160	4 KB
6	gstatic.com www.gstatic.com fonts.gstatic.com	369 KB
5	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 229	5 KB
5	ampproject.org cdn.ampproject.org — Cisco Umbrella Rank: 382	109 KB
5	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 191	202 KB
4	adventivecdn.com assets.adventivecdn.com — Cisco Umbrella Rank: 48258	60 KB
4	adventive.com ads.adventive.com — Cisco Umbrella Rank: 46236	69 KB
4	amazon-adsystem.com c.amazon-adsystem.com — Cisco Umbrella Rank: 297 aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 494	47 KB
3	google.de www.google.de — Cisco Umbrella Rank: 6301 adservice.google.de — Cisco Umbrella Rank: 8962	1 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 151	90 KB
2	360yield.com 2 redirects match.360yield.com — Cisco Umbrella Rank: 3547	783 B
2	lijit.com 2 redirects ap.lijit.com — Cisco Umbrella Rank: 598	1 KB
2	adform.net 2 redirects c1.adform.net — Cisco Umbrella Rank: 614	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com — Cisco Umbrella Rank: 805 s.tribalfusion.com — Cisco Umbrella Rank: 2173	1 KB
2	w55c.net 2 redirects pm.w55c.net — Cisco Umbrella Rank: 727	2 KB
2	demdex.net 1 redirects skydeutschland.demdex.net — Cisco Umbrella Rank: 101382	2 KB
2	adsafeprotected.com 1 redirects pixel.adsafeprotected.com — Cisco Umbrella Rank: 591 static.adsafeprotected.com — Cisco Umbrella Rank: 575	667 B
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 208	26 KB
2	function sub() { [native code] }.	34 KB
2	moatads.com z.moatads.com — Cisco Umbrella Rank: 385 s-jsonp.moatads.com — Cisco Umbrella Rank: 13790	55 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 41	1 KB
1	pubmatic.com image6.pubmatic.com — Cisco Umbrella Rank: 647	166 B
1	yahoo.com 1 redirects pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 439	701 B
1	exactag.com m.exactag.com — Cisco Umbrella Rank: 14068	1 KB
1	createjs.com code.createjs.com — Cisco Umbrella Rank: 1496	63 KB
1	newsmemory.com durangoherald-co.newsmemory.com	39 KB
1	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 389	39 KB
1	jquery.com code.jquery.com — Cisco Umbrella Rank: 663	30 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 64	74 KB
1	ntv.io s.ntv.io — Cisco Umbrella Rank: 2919	143 KB
253	38

	Domain	Requested by
41	www.durangoherald.com	www.durangoherald.com
32	imengine.public.prod.dur.navigacloud.com	www.durangoherald.com
22	pagead2.googlesyndication.com	d3768d55-257c-69ae-8954-69ae257cd376 googleads.g.doubleclick.net tpc.googlesyndication.com securepubads.g.doubleclick.net 76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com s0.2mdn.net www.googletagservices.com
22	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.durangoherald.com d3768553-257c-69ae-8152-69ae257cd376 d3768d55-257c-69ae-8954-69ae257cd376 tpc.googlesyndication.com 76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com s0.2mdn.net
14	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net 76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com
13	securepubads.g.doubleclick.net	1 redirects www.googletagservices.com securepubads.g.doubleclick.net www.durangoherald.com d3768553-257c-69ae-8152-69ae257cd376
12	s0.2mdn.net	www.durangoherald.com s0.2mdn.net d3768d55-257c-69ae-8954-69ae257cd376 76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com
11	www.google.com	1 redirects www.durangoherald.com www.gstatic.com www.google.com securepubads.g.doubleclick.net d3768d55-257c-69ae-8954-69ae257cd376 76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com tpc.googlesyndication.com
7	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
7	jadserve.postrelease.com	s.ntv.io www.durangoherald.com
7	use.typekit.net	www.durangoherald.com use.typekit.net
5	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
5	googleads.g.doubleclick.net	d3768d55-257c-69ae-8954-69ae257cd376 www.durangoherald.com 76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com
5	cdn.ampproject.org	securepubads.g.doubleclick.net
5	www.googletagservices.com	www.durangoherald.com securepubads.g.doubleclick.net d3768553-257c-69ae-8152-69ae257cd376 d3768d55-257c-69ae-8954-69ae257cd376 76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com
4	googleads4.g.doubleclick.net	www.durangoherald.com
4	assets.adventivecdn.com	www.durangoherald.com srcdoc
4	ads.adventive.com	securepubads.g.doubleclick.net ads.adventive.com www.durangoherald.com
4	www.gstatic.com	www.google.com www.gstatic.com
3	c.amazon-adsystem.com	www.durangoherald.com c.amazon-adsystem.com
3	connect.facebook.net	www.durangoherald.com connect.facebook.net
2	match.360yield.com	2 redirects
2	ap.lijit.com	2 redirects
2	c1.adform.net	2 redirects
2	pm.w55c.net	2 redirects
2	skydeutschland.demdex.net	1 redirects 76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com
2	76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	cdnjs.cloudflare.com	ads.adventive.com s0.2mdn.net
2	adservice.google.com	securepubads.g.doubleclick.net
2	adservice.google.de	securepubads.g.doubleclick.net
2	fonts.gstatic.com	www.google.com
2	fonts.googleapis.com	www.durangoherald.com
2	durangoherald.com	2 redirects
1	image6.pubmatic.com	76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com
1	pr-bh.ybp.yahoo.com	1 redirects
1	s.tribalfusion.com	76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com
1	a.tribalfusion.com	1 redirects
1	m.exactag.com	76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com
1	static.adsafeprotected.com	76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com
1	pixel.adsafeprotected.com	1 redirects
1	code.createjs.com	s0.2mdn.net
1	d3768d55-257c-69ae-8954-69ae257cd376	securepubads.g.doubleclick.net
1	d3768553-257c-69ae-8152-69ae257cd376	securepubads.g.doubleclick.net
1	s-jsonp.moatads.com	www.durangoherald.com
1	aax-dtb-cf.amazon-adsystem.com	c.amazon-adsystem.com
1	z.moatads.com	s.ntv.io
1	www.google.de	www.durangoherald.com
1	stats.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	static.ew.dur.navigacloud.com	www.durangoherald.com
1	durangoherald-co.newsmemory.com	www.durangoherald.com
1	p.typekit.net	use.typekit.net
1	cdn.jsdelivr.net	www.durangoherald.com
1	prod.ew.dur.navigacloud.com	www.durangoherald.com
1	code.jquery.com	www.durangoherald.com
1	www.googletagmanager.com	www.durangoherald.com
1	s.ntv.io	www.durangoherald.com
253	57

This site contains links to these domains. Also see Links.

Domain
darksky.net
subscriptions.durangoherald.com
obituaries.durangoherald.com
www.4cornersjobs.com
fourcornersflavor.com
fourcornersrealestate.com
secure.adpay.com
www.facebook.com
twitter.com
durangoherald-co.newsmemory.com
issuu.com
ballantinecommunicationsinc.com
the-journal.com
dgomag.com
directoryplus.com
bcimedia.com
www.fourcornersexpos.com
facebook.com
instagram.com

Subject Issuer	Validity	Valid
imperva.com GlobalSign Atlas R3 DV TLS CA 2022 Q3	`2022-08-17` - `2023-02-13`	6 months	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.ntv.io DigiCert SHA2 Secure Server CA	`2021-12-04` - `2022-12-06`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
durangoherald.com Amazon	`2022-02-28` - `2023-03-29`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-01`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-07-07` - `2022-10-05`	3 months	crt.sh
*.public.prod.dur.navigacloud.com Amazon	`2022-02-10` - `2023-03-11`	a year	crt.sh
*.newsmemory.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-01` - `2023-03-31`	a year	crt.sh
static.ew.dur.navigacloud.com Amazon	`2022-06-13` - `2023-07-12`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-09-12` - `2022-12-05`	3 months	crt.sh
*.postrelease.com Amazon	`2022-02-17` - `2023-03-18`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
www.google.de GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-11-27` - `2022-11-29`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon	`2022-06-15` - `2023-06-15`	a year	crt.sh
*.google.de GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
adventive.com Cloudflare Inc ECC CA-3	`2022-05-03` - `2023-05-03`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-09-05` - `2022-11-28`	3 months	crt.sh
tls.adobe.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-29` - `2023-05-30`	a year	crt.sh
adventivecdn.com Cloudflare Inc ECC CA-3	`2022-05-09` - `2023-05-09`	a year	crt.sh
*.exactag.com Sectigo ECC Domain Validation Secure Server CA	`2022-08-19` - `2023-09-15`	a year	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2022-06-13` - `2023-07-14`	a year	crt.sh

This page contains 22 frames:

Primary Page: https://www.durangoherald.com/
Frame ID: DA097FDAF2DE98B737C06A2E3CB169A3
Requests: 127 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcrgKUgAAAAAHyUspIhYrfgfQ5WzJFL9MsWMQSp&co=aHR0cHM6Ly93d3cuZHVyYW5nb2hlcmFsZC5jb206NDQz&hl=de&v=ovmhLiigaw4D9ujHYlHcKKhP&size=invisible&cb=n5wfquhx5ucc
Frame ID: F2846FD341A69F0AB3EAFAA6F84EF077
Requests: 8 HTTP requests in this frame

Frame: https://ads.adventive.com/ad?j&pid=e4561928-8aa0-4a7b-8a75-e1734455c9a6&type=4&cb=2015549143&click=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsv0WTNFulPb81pzF5E66o7VtBh527RmCIZ3zFLEG1YYJtnJAIqwTud8LjJH605nenH86CtgVcqqEHZPG19G3R264et3J5vl6iJnSbD318Aqk8DqbOtqSi-0C2C__saIqqhVuUGOU10UbtcqdQnlVVYPMIqGNMBJhqim5Rp4_CIrfAvIRXsB0J5dLJDAgw2qHgYcPD-pWey_NkHFu72EEP7OmS25QtU_83lOk-nfdy5IAxazve2Z0KBsvNTzmI_suuF9roZhjUektK_bH9xe3P8BYl965BO8THc5A_0sB3hfi4_0j2SGsuATIp-xWRi-XxRrSXKnfJbMtCyiNQ0kT1B6%2526sai%253DAMfl-YSZbaQpmBXJu8WygEX8P5ApE0bt5VN6JTP3QNcsfEAOi4yrHG0AQJ1x9KRXLb0Y0DnTdZpoPOBhhncjA5SN2Ajqw0CXXvzCYYGGKT3r51UoFsG_CQCdlfL3MbYj7pvQdzyB_g%2526sig%253DCg0ArKJSzA3Gq6mbguedEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D&enc=1&fb_url=&ref=durangoherald.com&gdpr=&addtl_consent=&line_item=6122134939&order_id=1443748576&advertiser_id=1360748416&creative_id=138406142892&oop=https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjsu3QeKP99-WGecIT7K9qVL85pdfzwbjrJnffbHF9kCAk04-1ctuvZX9fMJa7XIP8KsF_Zx0VDSq2C-lsYPZfjTP65dQR4eKhg2PxGPZR_R1bxskJpys4jW4gBlvSSx5Ba5wWJ1ddyDAjplQ8qNL6hDIgXO_5Zs4T3bdeiq1XXfIK0dYQhM96e64anJZWOD6G274kuHvf1dvRPMrLD1DeOSHnpSha93MFrXRG_xncdndQEymReS2uSCVZCm-wS9WGExDVEB72H9pn4di7Cwr3mR8TmD_hR1joy0JL5hQ_KfSd3U7YYmLArw2pNyCbXBTQbBApY3Ssb_RDiI9IeU_kxcxVbH_duV-JSKK0oi507udeok%26sai%3DAMfl-YR5rucuHzupMMU76aNYS1enu-tTlj62gwhQ2w19G8ATdMrIIYrOa-yS0Zavzg8up4JPjkMlpimLSNEAPFV0TT-iOWzTpic0uR49tZpXuWOsrkq8rHkSaOE6ATupY5vLLP5qwQ%26sig%3DCg0ArKJSzNsaj43q0NFrEAE%26uach_m%3D%5BUACH%5D%26urlfix%3D1%26adurl%3D
Frame ID: 9BE8CE09B0A68C457EC439E42903CD98
Requests: 4 HTTP requests in this frame

Frame: uuid-in-package://d3768553-257c-69ae-8152-69ae257cd376
Frame ID: 39970F5ECD47B7B43635C65B148B9192
Requests: 13 HTTP requests in this frame

Frame: uuid-in-package://d3768d55-257c-69ae-8954-69ae257cd376
Frame ID: F4CB02035566149A12FFFA4C50DBF33D
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012209072154000/amp4ads-v0.mjs
Frame ID: 770C5078C5A2446A2A558B4314E5BFDA
Requests: 12 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv86nL-PcT6ToHyhrLziLgudCVO93psBRKqK2i2n3AaJxLlIOgTTZDD0hqzPSWX78V8HTUk4SjlaMVHMQHCZbWoLL69GRLGgY9WfcuzZiHL8o7ncUi73FChb2EycWVWbwUcnDNWbJhwKfV6Bs32a-Dc6v5zjVADjrlXcH_QpkHDX8OZddnpvvb30ymL4Vf8OzpROQDJVTAt_SVEyNFdZXvp__NDkB-CB0xe7jQ0AcshiBreM_POMV_WheIGddvukRFGNscUuNaCZkr3bmKHFXKZJCwgobrYHo2aixUGYbQFceMoWm2dIwmpIWK3faNq9-31ND3Cfv8_Yw&sai=AMfl-YSNOkdf4eqY-WmO8Kwz5-Tcaeo2XAqOTASxrDhqePAtCZhKITKIXy_S3CIBaTgcSKOA06tZsKVqDeftqHoKNSqnroOWUCkxXSSLQKsh8uv12mRfkYxWIwF0TU-O1JMR9P5l&sig=Cg0ArKJSzBlJb7QzkRrwEAE&uach_m=[UACH]&adurl=
Frame ID: E670EBD6B0A704A7E9E5D1273A887532
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCwifCiAxiE8MHIATAB&v=APEucNXMUJRTJn2K5I1NFa3XUkifmWiLufPHsRiSd5P7vLacGtz4LQvHCz8msiG0AxM4vz8cSkdAdIWunPMqMG6Apmkvne_i2cuYGWpPGEEfRllvdJL-NEOin1F5SNBCj_eyyJ-sz5ICyKK1Vpxm2j0QwhBrDgWtA-yUyA7SWGUNFGrCTv78IbY
Frame ID: 295410E7F6C9A47ABC53197086813CB7
Requests: 5 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9550724388066307941/728x90.html
Frame ID: A4241169FB36AD7F188F7BE7EEB913D4
Requests: 4 HTTP requests in this frame

Frame: https://76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: BD4BA3E89184F1836BEC40007073F44B
Requests: 1 HTTP requests in this frame

Frame: https://assets.adventivecdn.com/cdn-cgi/image/f=auto,q=90,w=500/332/0abadbe9-7345-470b-a631-e9a6a92f28d7
Frame ID: 72589C4725E84839AB5BC336B982C6F1
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7CEE2A3A11AEAF39E217BE6C4D4B7DDC
Requests: 3 HTTP requests in this frame

Frame: https://76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 4E6B1DADA6D7DCA405D2CAB6573FE4DC
Requests: 16 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGLuk_M0BMAE&v=APEucNVeXMWv1ZRrq3js0tuFbUETS6fmuwavYCa8_S1aaCObIZfWrl0nOfnM0xTs9etyq2_nLAyp_SyoGWBMUM_2k3NtXs_2v5DkePYt8yLAFHZkLZDaghPIqtRrd6Phpaz0DxYb7GeO5CuIGibb8Es7yK9dncvchuUXoWinsSxTNYmTiY294kU
Frame ID: 085547B597EDB006FBFD0A51CE072D34
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F16FFCB3CD2E914861C095682A270D12
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 1101BD1C2D55110D343196E993F906DF
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: A00CA36F51A064CC9A95983ED7DB4D56
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F8E9E57DDF8F85A0072F6E3DC45AF08C
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 790C463FC2EDE371401DDC2C539FDF04
Requests: 2 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6657181183598343709/index.html?e=69&leftOffset=0&topOffset=0&c=gsMeSeUhGb&t=1&renderingType=2&ev=01_247
Frame ID: 21F142DBBB25FA2616939B20DB87CA9A
Requests: 10 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E0F9708FD11D8FD835FE5AE8D309ECB1
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js
Frame ID: 134B750B07BD77ED1D1C725B7CB8EACB
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

The Durango Herald – Breaking news and photos from Durango, Colorado

Page URL History Show full URLs

http://durangoherald.com/ HTTP 301
https://durangoherald.com/ HTTP 301
https://www.durangoherald.com/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/
wp-embed\.min\.js\?ver=([\d.]+)

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Imperva (Security) Expand

Overall confidence: 100%
Detected patterns

/_Incapsula_Resource

Moat (Analytics) Expand

Overall confidence: 100%
Detected patterns

moatads\.com

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?slick-theme\.css
(?:/([\d.]+))?/slick(?:\.min)?\.js

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

253
Requests

91 %
HTTPS

56 %
IPv6

38
Domains

57
Subdomains

48
IPs

8
Countries

11628 kB
Transfer

17133 kB
Size

36
Cookies

40 Outgoing links

These are links going to different origins than the main page.

URL: http://darksky.net/forecast/37.270500,-107.878700
Title: Full Forecast

Search URL Search Domain Scan URL

URL: https://subscriptions.durangoherald.com/circstore
Title: Subscribe

Search URL Search Domain Scan URL

URL: http://obituaries.durangoherald.com/obituaries/durangoherald/
Title: Obituaries

Search URL Search Domain Scan URL

URL: https://www.4cornersjobs.com/
Title: 4CornersJobs

Search URL Search Domain Scan URL

URL: https://fourcornersflavor.com/
Title: Four Corners Flavor

Search URL Search Domain Scan URL

URL: https://fourcornersrealestate.com/
Title: Real Estate

Search URL Search Domain Scan URL

URL: https://secure.adpay.com/SearchResults.aspx?p=8727
Title: Classifieds

Search URL Search Domain Scan URL

URL: https://secure.adpay.com/searchresultsdisplay.aspx?p=8727&procid=5df4752d-4e7f-4fc8-bf5b-fd3b5c531e60&searchCategory=2161&Asearch=&searchZip=81302&searchDistance=500&filtercatid=319375
Title: Public Notices

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer/sharer.php?u=https://www.durangoherald.com/articles/photos-iron-horse-bicycle-classic-sprite-kids-race/&title=Photos%3A%20Iron%20Horse%20Bicycle%20Classic%20Sprite%20Kids%20Race

Search URL Search Domain Scan URL

URL: http://twitter.com/intent/tweet?status=Photos%3A%20Iron%20Horse%20Bicycle%20Classic%20Sprite%20Kids%20Race+https://www.durangoherald.com/articles/photos-iron-horse-bicycle-classic-sprite-kids-race/

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer/sharer.php?u=https://www.durangoherald.com/articles/fort-lewis-college-football-takes-on-arizona-christian/&title=Fort%20Lewis%20College%20football%20takes%20on%20Arizona%20Christian

Search URL Search Domain Scan URL

URL: http://twitter.com/intent/tweet?status=Fort%20Lewis%20College%20football%20takes%20on%20Arizona%20Christian+https://www.durangoherald.com/articles/fort-lewis-college-football-takes-on-arizona-christian/

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer/sharer.php?u=https://www.durangoherald.com/articles/pride-parade-and-festival/&title=Pride%20parade%20and%20festival

Search URL Search Domain Scan URL

URL: http://twitter.com/intent/tweet?status=Pride%20parade%20and%20festival+https://www.durangoherald.com/articles/pride-parade-and-festival/

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer/sharer.php?u=https://www.durangoherald.com/articles/photos-family-fun-at-the-la-plata-county-fair/&title=Photos%3A%20Family%20fun%20at%20the%20La%20Plata%20County%20Fair

Search URL Search Domain Scan URL

URL: http://twitter.com/intent/tweet?status=Photos%3A%20Family%20fun%20at%20the%20La%20Plata%20County%20Fair+https://www.durangoherald.com/articles/photos-family-fun-at-the-la-plata-county-fair/

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer/sharer.php?u=https://www.durangoherald.com/articles/photos-la-plata-county-fair-is-off-and-running/&title=La%20Plata%20County%20Fair%20is%20off%20and%20running

Search URL Search Domain Scan URL

URL: http://twitter.com/intent/tweet?status=La%20Plata%20County%20Fair%20is%20off%20and%20running+https://www.durangoherald.com/articles/photos-la-plata-county-fair-is-off-and-running/

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer/sharer.php?u=https://www.durangoherald.com/articles/patriotic-drone-show-unfolds-above-durangos-night-sky/&title=Patriotic%20drone%20show%20unfolds%20above%20Durango%E2%80%99s%20night%20sky

Search URL Search Domain Scan URL

URL: http://twitter.com/intent/tweet?status=Patriotic%20drone%20show%20unfolds%20above%20Durango%E2%80%99s%20night%20sky+https://www.durangoherald.com/articles/patriotic-drone-show-unfolds-above-durangos-night-sky/

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer/sharer.php?u=https://www.durangoherald.com/articles/photos-protesters-chide-supreme-court-decision-reversing-roe-v-wade/&title=Photos%3A%20Protesters%20chide%20Supreme%20Court%20decision%20reversing%20Roe%20v.%20Wade

Search URL Search Domain Scan URL

URL: http://twitter.com/intent/tweet?status=Photos%3A%20Protesters%20chide%20Supreme%20Court%20decision%20reversing%20Roe%20v.%20Wade+https://www.durangoherald.com/articles/photos-protesters-chide-supreme-court-decision-reversing-roe-v-wade/

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer/sharer.php?u=https://www.durangoherald.com/articles/photos-burrofest-in-mancos/&title=Photos%3A%20BurroFest%20in%20Mancos%20

Search URL Search Domain Scan URL

URL: http://twitter.com/intent/tweet?status=Photos%3A%20BurroFest%20in%20Mancos%20+https://www.durangoherald.com/articles/photos-burrofest-in-mancos/

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer/sharer.php?u=https://www.durangoherald.com/articles/fun-times-at-the-ute-mountain-roundup-rodeo-in-cortez/&title=Fun%20times%20at%20the%20Ute%20Mountain%20Roundup%20rodeo%20in%20Cortez

Search URL Search Domain Scan URL

URL: http://twitter.com/intent/tweet?status=Fun%20times%20at%20the%20Ute%20Mountain%20Roundup%20rodeo%20in%20Cortez+https://www.durangoherald.com/articles/fun-times-at-the-ute-mountain-roundup-rodeo-in-cortez/

Search URL Search Domain Scan URL

URL: http://www.facebook.com/sharer/sharer.php?u=https://www.durangoherald.com/articles/iron-horse-bicycle-classic-hobby-horse-community-bike-ride/&title=Iron%20Horse%20Bicycle%20Classic%20Hobby%20Horse%20Community%20Bike%20Ride

Search URL Search Domain Scan URL

URL: http://twitter.com/intent/tweet?status=Iron%20Horse%20Bicycle%20Classic%20Hobby%20Horse%20Community%20Bike%20Ride+https://www.durangoherald.com/articles/iron-horse-bicycle-classic-hobby-horse-community-bike-ride/

Search URL Search Domain Scan URL

URL: https://durangoherald-co.newsmemory.com/

Search URL Search Domain Scan URL

URL: https://issuu.com/durangoherald/docs/bestofdurango2022is

Search URL Search Domain Scan URL

URL: https://ballantinecommunicationsinc.com/
Title: Ballantine Communications, Inc.

Search URL Search Domain Scan URL

URL: https://the-journal.com/
Title: The Journal

Search URL Search Domain Scan URL

URL: https://dgomag.com/
Title: DGO

Search URL Search Domain Scan URL

URL: https://directoryplus.com/
Title: Directory Plus

Search URL Search Domain Scan URL

URL: https://bcimedia.com/
Title: BCI Media Services

Search URL Search Domain Scan URL

URL: https://www.fourcornersexpos.com/
Title: Four Corners Expos

Search URL Search Domain Scan URL

URL: https://ballantinecommunicationsinc.com/careers
Title: Careers With Us

Search URL Search Domain Scan URL

URL: https://facebook.com/TheDurangoHerald
Title: Facebook

Search URL Search Domain Scan URL

URL: https://twitter.com/durangoherald
Title: Twitter

Search URL Search Domain Scan URL

URL: https://instagram.com/durango_herald
Title: Instagram

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://durangoherald.com/ HTTP 301
https://durangoherald.com/ HTTP 301
https://www.durangoherald.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 148

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu3QeKP99-WGecIT7K9qVL85pdfzwbjrJnffbHF9kCAk04-1ctuvZX9fMJa7XIP8KsF_Zx0VDSq2C-lsYPZfjTP65dQR4eKhg2PxGPZR_R1bxskJpys4jW4gBlvSSx5Ba5wWJ1ddyDAjplQ8qNL6hDIgXO_5Zs4T3bdeiq1XXfIK0dYQhM96e64anJZWOD6G274kuHvf1dvRPMrLD1DeOSHnpSha93MFrXRG_xncdndQEymReS2uSCVZCm-wS9WGExDVEB72H9pn4di7Cwr3mR8TmD_hR1joy0JL5hQ_KfSd3U7YYmLArw2pNyCbXBTQbBApY3Ssb_RDiI9IeU_kxcxVbH_duV-JSKK0oi507udeok&sai=AMfl-YR5rucuHzupMMU76aNYS1enu-tTlj62gwhQ2w19G8ATdMrIIYrOa-yS0Zavzg8up4JPjkMlpimLSNEAPFV0TT-iOWzTpic0uR49tZpXuWOsrkq8rHkSaOE6ATupY5vLLP5qwQ&sig=Cg0ArKJSzNsaj43q0NFrEAE&uach_m=[UACH]&urlfix=1&adurl=https://assets.adventivecdn.com/oop/1x1.png HTTP 302
https://assets.adventivecdn.com/oop/1x1.png

Request Chain 161

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBoCoXbButp86TZx5BA37Ic&google_cver=1

Request Chain 162

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YzRkyATX6z1W9oM8W47YQQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBoCoXbButp86TZx5BA37Ic&google_cver=1

Request Chain 163

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEOZOK69R503vJ5WopHo7DM8&google_cver=1

Request Chain 164

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTE1MTkyMjg5MjE4ODUwNjA5MA%3D%3D

Request Chain 165

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 201

https://pixel.adsafeprotected.com/rfw/st/1083870/64162797/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&ias_dspID=3&ias_campId=1008209757&ias_pubId=pub-6055882063795349&ias_chanId=1&ias_placementId=17611746397&bidurl=durangoherald.com/&ias_dealId=&adsafe_par&ias_impId=v4~~ABAjH0iyJwStadcO_PscAKLXg5Vp HTTP 302
https://static.adsafeprotected.com/skeleton.gif

Request Chain 206

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBoCoXbButp86TZx5BA37Ic&google_cver=1

Request Chain 207

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YzRkyATX6z1W9oM8W47YQQAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBoCoXbButp86TZx5BA37Ic&google_cver=1

Request Chain 208

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEOZOK69R503vJ5WopHo7DM8&google_cver=1

Request Chain 209

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTE1MTkyMjg5MjE4ODUwNjA5MA%3D%3D

Request Chain 222

https://skydeutschland.demdex.net/event?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=132133369&d_placement=339772153&d_campaign=28017826&d_bust=109138123&gdpr=&gdpr_consent= HTTP 302
https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=132133369&d_placement=339772153&d_campaign=28017826&d_bust=109138123&gdpr=&gdpr_consent=

Request Chain 226

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEG9zC_evZCqnR-CNn46ik8I&google_cver=1&google_push=AZmPxg94DGEiSN3lV5wI8VWo2Nv3X-lZKW_OXkfXICVbd0GgeYZobGfI-UsoZzBqEqcKDcdZGnvqCuRunY2IQ_ajIyxFnOWK2g HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEG9zC_evZCqnR-CNn46ik8I&google_cver=1&google_push=AZmPxg94DGEiSN3lV5wI8VWo2Nv3X-lZKW_OXkfXICVbd0GgeYZobGfI-UsoZzBqEqcKDcdZGnvqCuRunY2IQ_ajIyxFnOWK2g HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZjdqeDN4V2IxT0R5TG41&google_gid=CAESEG9zC_evZCqnR-CNn46ik8I&google_cver=1&google_push=AZmPxg94DGEiSN3lV5wI8VWo2Nv3X-lZKW_OXkfXICVbd0GgeYZobGfI-UsoZzBqEqcKDcdZGnvqCuRunY2IQ_ajIyxFnOWK2g

Request Chain 227

https://a.tribalfusion.com/i.match?p=b6&u=CAESENr4qvwPyeMv6nxWbL4-Rs0&google_cver=1&google_push=AZmPxg93a76PuEp0FTj37Hb0j7GAniyRSg37QaSbcfnXIaPb8WkgP1ROGu1wtfdyEn6QgGbDTnk127GTGNPd7r5HixdNK5frQQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg93a76PuEp0FTj37Hb0j7GAniyRSg37QaSbcfnXIaPb8WkgP1ROGu1wtfdyEn6QgGbDTnk127GTGNPd7r5HixdNK5frQQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP 302
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENr4qvwPyeMv6nxWbL4-Rs0&google_cver=1&google_push=AZmPxg93a76PuEp0FTj37Hb0j7GAniyRSg37QaSbcfnXIaPb8WkgP1ROGu1wtfdyEn6QgGbDTnk127GTGNPd7r5HixdNK5frQQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg93a76PuEp0FTj37Hb0j7GAniyRSg37QaSbcfnXIaPb8WkgP1ROGu1wtfdyEn6QgGbDTnk127GTGNPd7r5HixdNK5frQQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

Request Chain 228

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEG5VYrYcZqBY6A8xJEr7K68&google_cver=1&google_push=AZmPxg_jlPL-aOE-LPsA5f2CyQJvnkIwr7KbUSWQv93KbjrZh-xFK5uAO2I8OMRc6V_FyVztLGsxVv4dq99l9j9_rMdHE--GAA0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg_jlPL-aOE-LPsA5f2CyQJvnkIwr7KbUSWQv93KbjrZh-xFK5uAO2I8OMRc6V_FyVztLGsxVv4dq99l9j9_rMdHE--GAA0&google_hm=MjYyNzM4MTcyNzM1NTI4NTIwNQ%3D%3D

Request Chain 229

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEI38lBrs-JF-EAvaaF4uFMc&google_cver=1&google_push=AZmPxg8k6H3g5gisltC5RcZ9xXXoa3-g0vxvcewN5WYn-ci9QXWWNy_eH3eXAE1j0vYhnraNSTx6pnpK0CH9eLqD0gmouuwITMs HTTP 302
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEI38lBrs-JF-EAvaaF4uFMc&google_cver=1&google_push=AZmPxg8k6H3g5gisltC5RcZ9xXXoa3-g0vxvcewN5WYn-ci9QXWWNy_eH3eXAE1j0vYhnraNSTx6pnpK0CH9eLqD0gmouuwITMs HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDc4NDM4MzM5NzgyNTI5NTI4&google_push=AZmPxg8k6H3g5gisltC5RcZ9xXXoa3-g0vxvcewN5WYn-ci9QXWWNy_eH3eXAE1j0vYhnraNSTx6pnpK0CH9eLqD0gmouuwITMs

Request Chain 231

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEDT6tSpC5kVtANid4uk9q94&google_cver=1&google_push=AZmPxg-ODZr-MCPQ9OZKxHPtwC__arSVJbMIbKP4pHXM9LCBIKSgIWfWyW95sFBSrP-rhpIrPEGmwfh_s6Xdou7gAUg2WBx9xas HTTP 307
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEDT6tSpC5kVtANid4uk9q94&google_cver=1&google_push=AZmPxg-ODZr-MCPQ9OZKxHPtwC__arSVJbMIbKP4pHXM9LCBIKSgIWfWyW95sFBSrP-rhpIrPEGmwfh_s6Xdou7gAUg2WBx9xas&sovrn_retry=true HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AZmPxg-ODZr-MCPQ9OZKxHPtwC__arSVJbMIbKP4pHXM9LCBIKSgIWfWyW95sFBSrP-rhpIrPEGmwfh_s6Xdou7gAUg2WBx9xas&google_hm=FZGyqGZHsJXGYHwzRc6PqZAL

Request Chain 232

https://match.360yield.com/match/ebda?google_gid=CAESEE_9Ue4mkC6eeetgDh4xSyo&google_cver=1&google_push=AZmPxg-22YnFLCWi0FNlkvoqD7bbQ8k_wGmzUeRucmVzZsKA90YBM42QWfyErWyNlFmq9LIYtsgeZ11t2dUzpq_x3_Sr3s6xftc HTTP 302
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEE_9Ue4mkC6eeetgDh4xSyo&google_cver=1&google_push=AZmPxg-22YnFLCWi0FNlkvoqD7bbQ8k_wGmzUeRucmVzZsKA90YBM42QWfyErWyNlFmq9LIYtsgeZ11t2dUzpq_x3_Sr3s6xftc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=7v0Gh1NIRPW3J0SbXSjn-Q&google_push=AZmPxg-22YnFLCWi0FNlkvoqD7bbQ8k_wGmzUeRucmVzZsKA90YBM42QWfyErWyNlFmq9LIYtsgeZ11t2dUzpq_x3_Sr3s6xftc

253 HTTP transactions
3 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.durangoherald.com/
Redirect Chain

http://durangoherald.com/
https://durangoherald.com/
https://www.durangoherald.com/

355 KB
62 KB

1630ms
1546ms

Document
text/html

107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: imio /
Resource Hash: 03e557024acc19298ac2dea7cf70ac47abc61fd89ab387c30b927883184195b8

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: max-age=120, public
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 28 Sep 2022 15:14:13 GMT
link: <https://www.durangoherald.com/wp-json/>; rel="https://api.w.org/" <https://www.durangoherald.com/wp-json/wp/v2/pages/6>; rel="alternate"; type="application/json" <https://www.durangoherald.com/>; rel=shortlink
server: imio
vary: Accept-Encoding
x-cdn: Imperva
x-iinfo: 14-101340539-101340545 NNNN CT(183 377 0) RT(1664378052053 28) q(0 0 6 0) r(14 16) U12

Redirect headers

cache-control: max-age=120, public
content-type: text/html; charset=UTF-8
date: Wed, 28 Sep 2022 15:14:12 GMT
expires: Wed, 11 Jan 1984 05:00:00 GMT
location: https://www.durangoherald.com/
server: imio
x-cdn: Imperva
x-iinfo: 35-42269571-42269576 NNNY CT(197 172 0) RT(1664378051795 95) q(0 0 0 -1) r(1 1) U11
x-redirect-by: WordPress

GET
H2 200 ibr8mku.css
use.typekit.net/ 17 KB
2 KB 53ms
11ms Stylesheet
text/css 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/ibr8mku.css

Requested by

Host: www.durangoherald.com
URL: https://www.durangoherald.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

31bf507422c1054fc0fadc1784508841709bf4e6ce7abf89a7d8e1f86e796a99

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Wed, 28 Sep 2022 15:14:14 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 1683

GET
H2 200 css
fonts.googleapis.com/ 985 B
493 B 56ms
17ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Teko:500

Requested by

Host: www.durangoherald.com
URL: https://www.durangoherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

87a786e71d8ba6b098a115fc81e2f27e3b3e42b271af34381926e4555ff71543

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 28 Sep 2022 15:14:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 28 Sep 2022 15:14:14 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 28 Sep 2022 15:14:14 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1018 B 55ms
16ms Stylesheet
text/css 2a00:1450:4001:82f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Merriweather

Requested by

Host: www.durangoherald.com
URL: https://www.durangoherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0d5d0d75b4424eb797db47c2d4856e87cfbeed920e478b76adf57d61e25c6926

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Wed, 28 Sep 2022 15:14:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 28 Sep 2022 13:32:47 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 28 Sep 2022 15:14:14 GMT

GET
H/1.1 200
OK load.js Show response
s.ntv.io/serve/ 509 KB
143 KB 214ms
28ms Script
application/x-javascript 184.51.9.197
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/serve/load.js
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 184.51.9.197 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a184-51-9-197.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: afc2ce9394130574085ed713adbc885c14e3cdf88dd68fcf692e1576e4ed16c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Date: Wed, 28 Sep 2022 15:14:14 GMT
Content-Encoding: gzip
x-amz-request-id: DGXYEQ03M3YX0FKA
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: xjmH7EU/MhxhlBTHS2yyiZUOHlrUy/kbfB41oaXD4W1ezWp8/NGnBdfnQtLSJ9dYXQTL3XLgX9M=
Last-Modified: Tue, 27 Sep 2022 14:54:26 GMT
Server: AmazonS3
ETag: "2b44653598f326690dbd1d1c0ee1e046"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 210 KB
74 KB 216ms
28ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Y4MLN3PXZ8

Requested by

Host: www.durangoherald.com
URL: https://www.durangoherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

9306bca909e7a400d62deb7f6c022fcf9e702188001564768ba96d9cd26241c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:14 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 75433
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 28 Sep 2022 15:14:14 GMT

GET
H2 200 style.min.css
www.durangoherald.com/wp-includes/css/dist/block-library/ 53 KB
8 KB 128ms
110ms Stylesheet
text/css 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.durangoherald.com/wp-includes/css/dist/block-library/style.min.css?ver=1663244043189
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: /
Resource Hash: 8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:13 GMT
content-encoding: gzip
last-modified: Thu, 27 Aug 2020 18:00:38 GMT
x-cdn: Imperva
etag: W/"5f47f4c6-d293"
content-type: text/css
x-iinfo: 14-101340539-0 0CNN RT(1664378052053 1694) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=314226167, public
content-length: 7906
expires: Sun, 12 Sep 2032 12:17:00 GMT

GET
H2 200 yop-poll-public-6.4.1.css
www.durangoherald.com/wp-content/plugins/yop-poll/public/assets/css/ 157 KB
21 KB 142ms
124ms Stylesheet
text/css 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.durangoherald.com/wp-content/plugins/yop-poll/public/assets/css/yop-poll-public-6.4.1.css?ver=1663244043189
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: /
Resource Hash: 9eee73c5b6d0869b871ced8dfe382b04d4b85bf8ee49907f8b400a8ba691f821

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:13 GMT
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 19:00:48 GMT
x-cdn: Imperva
etag: W/"631a3be0-2745a"
content-type: text/css
x-iinfo: 14-101340539-0 0CNN RT(1664378052053 1709) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=314226167, public
content-length: 21450
expires: Sun, 12 Sep 2032 12:17:00 GMT

GET
H2 200 styles.css
www.durangoherald.com/wp-content/plugins/contact-form-7/includes/css/ 1 KB
782 B 150ms
133ms Stylesheet
text/css 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.durangoherald.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.1.4
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: /
Resource Hash: 85d571bd94b34bcdb672e3c3016f84e91fd938033ffa726f003fc7b4da0ca8fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:13 GMT
content-encoding: gzip
last-modified: Mon, 11 Jul 2022 20:55:42 GMT
x-cdn: Imperva
etag: W/"62cc8e4e-695"
content-type: text/css
x-iinfo: 14-101340539-0 0CNN RT(1664378052053 1718) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=308557095, public
content-length: 615
expires: Thu, 08 Jul 2032 21:32:28 GMT

GET
H2 200 style.css
www.durangoherald.com/wp-content/themes/everyware-theme-base-1/ 188 B
279 B 154ms
138ms Stylesheet
text/css 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.durangoherald.com/wp-content/themes/everyware-theme-base-1/style.css?ver=1663244043189
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: /
Resource Hash: acaa8b8cdef45311158f315d38ee002f0b6b7359d9faa81f627f2a356d170609

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:13 GMT
content-encoding: gzip
last-modified: Thu, 15 Sep 2022 12:14:13 GMT
x-cdn: Imperva
etag: "63231715-bc"
content-type: text/css
x-iinfo: 14-101340539-0 0CNN RT(1664378052053 1723) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=314226167, public
content-length: 157
expires: Sun, 12 Sep 2032 12:17:00 GMT

GET
H2 200 base-theme.min.css
www.durangoherald.com/wp-content/themes/durango/css/ 29 KB
6 KB 159ms
144ms Stylesheet
text/css 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.durangoherald.com/wp-content/themes/durango/css/base-theme.min.css?ver=1663244043189
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: /
Resource Hash: ebe8dc90e0e1e958adaccbbb222051f6d8e6c9dd47de2023bf213f9a87e2e846

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:13 GMT
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 19:00:37 GMT
x-cdn: Imperva
etag: W/"631a3bd5-7384"
content-type: text/css
x-iinfo: 14-101340539-0 0CNN RT(1664378052053 1729) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=314226169, public
content-length: 6003
expires: Sun, 12 Sep 2032 12:17:02 GMT

GET
H2 200 understrap.min.css
www.durangoherald.com/wp-content/themes/everyware-theme-base-1/css/ 252 KB
35 KB 170ms
155ms Stylesheet
text/css 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.durangoherald.com/wp-content/themes/everyware-theme-base-1/css/understrap.min.css?ver=1663244043189
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: /
Resource Hash: 7957958e558b7ff0e29f946e66af0ad96c9b22d9bd623740b37b2d3b9675de43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:13 GMT
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 19:00:47 GMT
x-cdn: Imperva
etag: W/"631a3bdf-3efe5"
content-type: text/css
x-iinfo: 14-101340539-0 0CNN RT(1664378052053 1740) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=314226167, public
content-length: 35587
expires: Sun, 12 Sep 2032 12:17:00 GMT

GET
H2 200 main.css
www.durangoherald.com/wp-content/themes/durango/css/ 156 KB
23 KB 332ms
317ms Stylesheet
text/css 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.durangoherald.com/wp-content/themes/durango/css/main.css?ver=202209280914
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: /
Resource Hash: 8d4daf01ac842e9165a39ca80dda29515dd0f5dc611b959540ba7477d36c3d82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:13 GMT
content-encoding: gzip
last-modified: Thu, 15 Sep 2022 12:14:01 GMT
x-cdn: Imperva
etag: W/"63231709-26ee4"
content-type: text/css
x-iinfo: 14-101340539-101340806 3CNN RT(1664378052053 1747) q(0 1 1 -1) r(1 2) U18
cache-control: max-age=315359989, public
content-length: 22821
expires: Sat, 25 Sep 2032 15:14:02 GMT

GET
H2 200 durangoherald.css
www.durangoherald.com/wp-content/themes/durango/css/ 246 B
292 B 180ms
166ms Stylesheet
text/css 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.durangoherald.com/wp-content/themes/durango/css/durangoherald.css?ver=202110050846
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: /
Resource Hash: 957ccf4746551d933ba28aa85c448fe43dc62e5376f018d91b14b91ed20b9042

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:13 GMT
content-encoding: gzip
last-modified: Mon, 11 Jul 2022 20:55:31 GMT
x-cdn: Imperva
etag: "62cc8e43-12e"
content-type: text/css
x-iinfo: 14-101340539-0 0CNN RT(1664378052053 1751) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=308557095, public
content-length: 171
expires: Thu, 08 Jul 2032 21:32:28 GMT

GET
H2 200 style.css
www.durangoherald.com/wp-content/themes/durango/assets/css/ 0
159 B 363ms
349ms Stylesheet
text/css 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.durangoherald.com/wp-content/themes/durango/assets/css/style.css?ver=1663244043189
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: imio /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:14 GMT
last-modified: Thu, 15 Sep 2022 12:14:01 GMT
server: imio
x-cdn: Imperva
etag: "63231709-0"
content-type: text/css
x-iinfo: 14-101340539-101340809 3NNN RT(1664378052053 1754) q(0 0 0 -1) r(0 1) U19
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 0
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 slick.css
www.durangoherald.com/wp-content/themes/durango/slick/ 1 KB
591 B 183ms
170ms Stylesheet
text/css 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.durangoherald.com/wp-content/themes/durango/slick/slick.css?ver=1663244043189
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: /
Resource Hash: c569951d4abd4b4efe25bf2b4a19f174385eacc39fe063fcba3b3dc7d8bb03b2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:13 GMT
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 19:00:37 GMT
x-cdn: Imperva
etag: W/"631a3bd5-6f0"
content-type: text/css
x-iinfo: 14-101340539-0 0CNN RT(1664378052053 1756) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=314226167, public
content-length: 491
expires: Sun, 12 Sep 2032 12:17:00 GMT

GET
H2 200 slick-theme.css
www.durangoherald.com/wp-content/themes/durango/slick/ 3 KB
1 KB 184ms
171ms Stylesheet
text/css 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.durangoherald.com/wp-content/themes/durango/slick/slick-theme.css?ver=1663244043189
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: /
Resource Hash: 88dea3842c3eeb781bdfa182fabf5cc4d799f2e75e3825839e4d6a9540978da5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:13 GMT
content-encoding: gzip
last-modified: Thu, 15 Sep 2022 12:14:01 GMT
x-cdn: Imperva
etag: W/"63231709-cde"
content-type: text/css
x-iinfo: 14-101340539-0 0CNN RT(1664378052053 1757) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=314226167, public
content-length: 910
expires: Sun, 12 Sep 2032 12:17:00 GMT

GET
H2 200 style.css
www.durangoherald.com/wp-content/themes/durango/ 209 B
300 B 186ms
174ms Stylesheet
text/css 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.durangoherald.com/wp-content/themes/durango/style.css?ver=1663244043189
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: /
Resource Hash: 38114c5de35349d4e12d5fcde4d20432ef6586c760a22712f8682e3a0a750a1e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:13 GMT
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 19:00:37 GMT
x-cdn: Imperva
etag: "631a3bd5-d1"
content-type: text/css
x-iinfo: 14-101340539-0 0CNN RT(1664378052053 1760) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=314226168, public
content-length: 160
expires: Sun, 12 Sep 2032 12:17:01 GMT

GET
H2 200 jquery-3.3.1.min.js Show response
code.jquery.com/ 85 KB
30 KB 586ms
122ms Script
application/javascript 2001:4de0:ac18::1:a:1b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.3.1.min.js?ver=3.3.1
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:14 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-1538f"
vary: Accept-Encoding
x-hw: 1664378054.dop207.fr8.t,1664378054.cds143.fr8.hn,1664378054.cds057.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30288

GET
H2 200 login-modal.js Show response
www.durangoherald.com/wp-content/themes/durango/js/ 812 B
513 B 186ms
175ms Script
application/javascript 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.durangoherald.com/wp-content/themes/durango/js/login-modal.js?ver=1663244043189
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: /
Resource Hash: 4d788357d10fca0d5e377c170d397a7919beb3616bbb69e2b95d1db9b4710029

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:13 GMT
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 19:00:37 GMT
x-cdn: Imperva
etag: W/"631a3bd5-4c0"
content-type: application/javascript
x-iinfo: 14-101340539-0 0CNN RT(1664378052053 1761) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=314226167, public
content-length: 395
expires: Sun, 12 Sep 2032 12:17:00 GMT

GET
H2 200 yop-poll-public-6.4.1.min.js Show response
www.durangoherald.com/wp-content/plugins/yop-poll/public/assets/js/ 46 KB
12 KB 188ms
177ms Script
application/javascript 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.durangoherald.com/wp-content/plugins/yop-poll/public/assets/js/yop-poll-public-6.4.1.min.js?ver=1663244043189
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: /
Resource Hash: 97b867d594a61ec531b3ada04e4dc8c82f0e73f2d7c34b7fd5127e1b6f538548

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:13 GMT
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 19:00:48 GMT
x-cdn: Imperva
etag: W/"631a3be0-b7bc"
content-type: application/javascript
x-iinfo: 14-101340539-0 0CNN RT(1664378052053 1763) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=314226168, public
content-length: 11740
expires: Sun, 12 Sep 2032 12:17:01 GMT

GET
H2 200 main.js Show response
www.durangoherald.com/wp-content/themes/durango/js/ 20 KB
4 KB 358ms
348ms Script
application/javascript 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.durangoherald.com/wp-content/themes/durango/js/main.js?ver=202209280914
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: /
Resource Hash: c76749cafd48ecb64ccf7cfbebdf4a12dd54683ecdbe2436beca7926f5177462

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:13 GMT
content-encoding: gzip
last-modified: Thu, 15 Sep 2022 12:14:01 GMT
x-cdn: Imperva
etag: W/"63231709-4eed"
content-type: application/javascript
x-iinfo: 14-101340539-101340772 3CNN RT(1664378052053 1764) q(0 0 0 -1) r(1 1) U18
cache-control: max-age=315359989, public
content-length: 4251
expires: Sat, 25 Sep 2032 15:14:02 GMT

GET
H2 200 jwplayer.js Show response
www.durangoherald.com/wp-content/themes/durango/js/ 214 KB
61 KB 189ms
179ms Script
application/javascript 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.durangoherald.com/wp-content/themes/durango/js/jwplayer.js?ver=1663244043189
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: /
Resource Hash: 3f317580bdc191899303a8dccb293fc8d11dfcccc94818622c008285645d3f57

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:13 GMT
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 19:00:37 GMT
x-cdn: Imperva
etag: W/"631a3bd5-356cb"
content-type: application/javascript
x-iinfo: 14-101340539-0 0CNN RT(1664378052053 1765) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=314226168, public
content-length: 62040
expires: Sun, 12 Sep 2032 12:17:01 GMT

GET
H2 200 paywall.js Show response
www.durangoherald.com/wp-content/themes/durango/js/ 14 KB
4 KB 358ms
349ms Script
application/javascript 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.durangoherald.com/wp-content/themes/durango/js/paywall.js?ver=202209280914
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: /
Resource Hash: 446c8cf887683dd3f33b4dcdb5b724e22af0b117546dea6aa0c66e071740ef94

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:13 GMT
content-encoding: gzip
last-modified: Thu, 15 Sep 2022 12:14:01 GMT
x-cdn: Imperva
etag: W/"63231709-4159"
content-type: application/javascript
x-iinfo: 14-101340539-101340818 3CNN RT(1664378052053 1766) q(0 0 0 -1) r(0 1) U18
cache-control: max-age=315359989, public
content-length: 4019
expires: Sat, 25 Sep 2032 15:14:02 GMT

GET
H2 200 cookie.js Show response
www.durangoherald.com/wp-content/themes/durango/js/ 2 KB
923 B 195ms
186ms Script
application/javascript 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.durangoherald.com/wp-content/themes/durango/js/cookie.js?ver=1663244043189
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: /
Resource Hash: f288c846c9e301ccbf6afc835de4a8eb87441045bed3391c1b8fcc0810fa23fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:13 GMT
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 19:00:37 GMT
x-cdn: Imperva
etag: W/"631a3bd5-7a0"
content-type: application/javascript
x-iinfo: 14-101340539-0 0CNN RT(1664378052053 1768) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=314226168, public
content-length: 823
expires: Sun, 12 Sep 2032 12:17:01 GMT

GET
H2 200 head.js Show response
www.durangoherald.com/wp-content/themes/durango/assets/js/ 511 B
406 B 200ms
192ms Script
application/javascript 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.durangoherald.com/wp-content/themes/durango/assets/js/head.js?ver=1663244043189
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: /
Resource Hash: b0904426b658f49f43280cc6ba75d9dc9fbe6a764b7c9fc2c11897c30af3f3e7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:13 GMT
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 19:00:37 GMT
x-cdn: Imperva
etag: "631a3bd5-224"
content-type: application/javascript
x-iinfo: 14-101340539-0 0CNN RT(1664378052053 1769) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=314226168, public
content-length: 308
expires: Sun, 12 Sep 2032 12:17:01 GMT

GET
H2 200 / Show response
prod.ew.dur.navigacloud.com/ 0
165 B 605ms
224ms Script
text/html 35.167.201.97
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prod.ew.dur.navigacloud.com/?dm=57c9b89633572b02cc3fff738d631684&action=load&blogid=2&siteid=1&t=814715750&back=https%3A%2F%2Fwww.durangoherald.com%2F
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.167.201.97 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-167-201-97.us-west-2.compute.amazonaws.com
Software: imio /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:14 GMT
cache-control: max-age=120, public
content-encoding: gzip
server: imio
vary: Accept-Encoding
content-type: text/html; charset=UTF-8

GET
H2 200 foundation.min.js Show response
cdn.jsdelivr.net/npm/foundation-sites@6.6.3/dist/js/ 178 KB
39 KB 58ms
31ms Script
application/javascript 2606:4700::6810:5814
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/foundation-sites@6.6.3/dist/js/foundation.min.js

Requested by

Host: www.durangoherald.com
URL: https://www.durangoherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5814 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a51177ce27c9440f635c6bfef9bd3aab0b52a97d5bc8540e2e3a9ad8f4c46f6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.durangoherald.com/
Origin: https://www.durangoherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:14 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 16523548
x-jsd-version: 6.6.3
content-encoding: br
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19154-FRA
x-jsd-version-type: version
server: cloudflare
etag: W/"2c73d-pLjSDYklCYoc1Mafcq5YwhfHQJY"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=p9IxajOMm0BXQs%2FICwrd1jZAzAUAwAwLPtl238RQHN1WC6zCwYbtfoXD8MB1kYwTi5tNBZi%2FpH4T4lgz1%2FR8BCCjSD1OR70YxZKPTPSDKq9BalcwSnYptGusH9iTdSFBCsas5SLPmtQZwfQt8Fs%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 751d6d7599305c3e-FRA

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 200ms
11ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.durangoherald.com
URL: https://www.durangoherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f4ea36aa06f1d3900bdbfba6cebd7fc3f8a0b14c66f15ca3bc5a345705bd420c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.durangoherald.com/
Origin: https://www.durangoherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 15:14:14 GMT
content-md5: bIp80+LA5ptSUldbkd2eGw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: V84Z1CrQseRg/2WUVgiVjb5bcJ0TCEzktDZ35Ck3Dvp/M6l/Dp8doRTkbNnNJ0MSRV3ENO3k0PM8XOKiDwE1+w==
x-fb-trip-id: 917726464
x-fb-content-md5: 6dea212b1861f7ab4375224900363f81
cross-origin-opener-policy: same-origin-allow-popups
etag: "4872cec4c8ebc669c5fbfa7417bb3c7d"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 28 Sep 2022 15:27:09 GMT

GET
H2 200 partly-cloudy-day.png
www.durangoherald.com/wp-content/themes/durango/images/weather-icons/ 12 KB
12 KB 23ms
15ms Image
image/png 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.durangoherald.com/wp-content/themes/durango/images/weather-icons/partly-cloudy-day.png
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: /
Resource Hash: 05eec522d5621fa82ff4a821e720ebf7dbd20ad8a7d20fb24b458b68e9f3be50

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:14 GMT
last-modified: Mon, 11 Jul 2022 20:55:31 GMT
x-cdn: Imperva
etag: "62cc8e43-7d8c"
content-type: image/png
x-iinfo: 14-101340539-0 0CNN RT(1664378052053 2241) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=308557079, public
content-length: 11820
expires: Thu, 08 Jul 2032 21:32:13 GMT

GET
H2 200 rain.png
www.durangoherald.com/wp-content/themes/durango/images/weather-icons/ 22 KB
22 KB 24ms
16ms Image
image/png 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.durangoherald.com/wp-content/themes/durango/images/weather-icons/rain.png
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: /
Resource Hash: df41cc389549fe31dc397dd4564d87c6efdf901606dca8f2b18e8632c7afab81

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:14 GMT
last-modified: Mon, 11 Jul 2022 20:55:31 GMT
x-cdn: Imperva
etag: "62cc8e43-9ff2"
content-type: image/png
x-iinfo: 14-101340539-0 0CNN RT(1664378052053 2242) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=308557080, public
content-length: 22547
expires: Thu, 08 Jul 2032 21:32:14 GMT

GET
H2 200 top-bar-logo.png
www.durangoherald.com/wp-content/themes/durango/images/durangoherald/ 7 KB
7 KB 25ms
18ms Image
image/png 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.durangoherald.com/wp-content/themes/durango/images/durangoherald/top-bar-logo.png
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: /
Resource Hash: 24032c7addbd8fb21eee6aae9469100ea0e25505b7338fda06fcc26417cc858f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:14 GMT
last-modified: Mon, 11 Jul 2022 20:55:31 GMT
x-cdn: Imperva
etag: "62cc8e43-5aa8"
content-type: image/png
x-iinfo: 14-101340539-0 0CNN RT(1664378052053 2243) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=308557095, public
content-length: 7096
expires: Thu, 08 Jul 2032 21:32:29 GMT

GET
H2 200 default_logo.png
www.durangoherald.com/wp-content/themes/durango/images/durangoherald/ 35 KB
35 KB 26ms
19ms Image
image/png 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.durangoherald.com/wp-content/themes/durango/images/durangoherald/default_logo.png
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: /
Resource Hash: 05335a7404043e95248ffa3d969efd32b02c656b52142c2f2cc9629159b2f27a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:14 GMT
last-modified: Mon, 11 Jul 2022 20:55:31 GMT
x-cdn: Imperva
etag: "62cc8e43-8d12"
content-type: image/png
x-iinfo: 14-101340539-0 0CNN RT(1664378052053 2244) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=308557080, public
content-length: 36114
expires: Thu, 08 Jul 2032 21:32:14 GMT

GET
H2 200 /
imengine.public.prod.dur.navigacloud.com/ 306 KB
307 KB 262ms
74ms Image
image/jpeg 13.225.78.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imengine.public.prod.dur.navigacloud.com/?uuid=3afa7d2e-ed76-5de8-88d4-f8519fe7d6f7&function=cropresize&type=preview&source=false&q=75&crop_w=0.99999&crop_h=0.83333&width=2000&height=1125&x=1.0E-5&y=0.03519
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-71.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: e11678b0ef38c12f0cce7df03799636e7a04d38d3ec565bf721258f72c3ae630

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: public
date: Wed, 28 Sep 2022 11:03:56 GMT
via: 1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
last-modified: Wed, 28 Sep 2022 11:03:56 +0000
server: nginx
x-amz-cf-pop: FRA2-C2
age: 15018
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=15552000
x-amz-cf-id: nT_2HwBl1qcbByGSAH1xkNnwTqjKhP-JXtqk8KXuPbAINMIONT5-CA==
expires: Mon, 27 Mar 2023 11:03:56 GMT

GET
H2 200 /
imengine.public.prod.dur.navigacloud.com/ 19 KB
19 KB 237ms
50ms Image
image/jpeg 13.225.78.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imengine.public.prod.dur.navigacloud.com/?uuid=e9979376-946f-5ebb-8d1a-f74954de5466&function=cropresize&type=preview&source=false&q=75&crop_w=0.725&crop_h=0.99999&width=700&height=525&x=1.0E-5&y=1.0E-5
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-71.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 16cc32d19c83b6836716c22532f46876f2a5c0420425c0634190bebdb946ef48

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: public
date: Wed, 28 Sep 2022 02:57:44 GMT
via: 1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
last-modified: Wed, 28 Sep 2022 02:57:44 +0000
server: nginx
x-amz-cf-pop: FRA2-C2
age: 44190
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=15552000
x-amz-cf-id: UuYoDj_kprnOgs7x7wLixqLMr6JsBltfeNpx9rnogMmkJv_0KFWpbQ==
expires: Mon, 27 Mar 2023 02:57:44 GMT

GET
H2 200 /
imengine.public.prod.dur.navigacloud.com/ 651 KB
652 KB 243ms
56ms Image
image/jpeg 13.225.78.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imengine.public.prod.dur.navigacloud.com/?uuid=dfe36c28-8755-5cd8-81d7-2a1540c61741&function=cropresize&type=preview&source=false&q=75&crop_w=0.7825&crop_h=0.87828&width=2000&height=1500&x=0.09&y=1.0E-5
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-71.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: f998913c05f99e1f93af8efd625c654f6c0dd8e4855fd4ca1f5887df7a8ff0ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: public
date: Wed, 28 Sep 2022 01:17:43 GMT
via: 1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
last-modified: Wed, 28 Sep 2022 01:17:43 +0000
server: nginx
x-amz-cf-pop: FRA2-C2
age: 50191
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=15552000
x-amz-cf-id: ADTmK0K0C0y0RxEzDTC8b3IrgqN3GiroWD0tBFKK42pMv89ajPTc5w==
expires: Mon, 27 Mar 2023 01:17:43 GMT

GET
H2 200 /
imengine.public.prod.dur.navigacloud.com/ 33 KB
33 KB 249ms
62ms Image
image/jpeg 13.225.78.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imengine.public.prod.dur.navigacloud.com/?uuid=05FFDDBA-8B32-4C9B-B02B-265AA80D0122&function=thumbnail&type=preview&source=false&width=600&height=400
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-71.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 37a2ac7dd93637f81c046eb3efb5fb2c73c59c7669287fa04475f6ec37edcb6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: public
date: Wed, 28 Sep 2022 01:17:43 GMT
via: 1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
last-modified: Wed, 28 Sep 2022 01:17:43 +0000
server: nginx
x-amz-cf-pop: FRA2-C2
age: 50191
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=15552000
x-amz-cf-id: fgurzzW0ZosSBdzosKLwHwfwStwWLaGD20YfItWb3UuPjYnNfXXLyg==
expires: Mon, 27 Mar 2023 01:17:43 GMT

GET
H2 200 /
imengine.public.prod.dur.navigacloud.com/ 149 KB
149 KB 233ms
47ms Image
image/jpeg 13.225.78.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imengine.public.prod.dur.navigacloud.com/?uuid=b76cc2e9-524b-5eda-8244-1cf2662d085d&function=cropresize&type=preview&source=false&q=75&crop_w=0.94&crop_h=0.99999&width=1551&height=1163&x=0.04&y=1.0E-5
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-71.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: adaa323f32baeb8ebeefdd4eabcb423f3a88a6f0c0c5af390c6e682b847bb855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: public
date: Wed, 28 Sep 2022 00:37:41 GMT
via: 1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
last-modified: Wed, 28 Sep 2022 00:37:41 +0000
server: nginx
x-amz-cf-pop: FRA2-C2
age: 52593
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=15552000
x-amz-cf-id: enccHKA3J80JhyoNbvlQKshLhY4JuoOag8ELFaYEDTkDofsPwpyAbw==
expires: Mon, 27 Mar 2023 00:37:41 GMT

GET
H2 200 /
imengine.public.prod.dur.navigacloud.com/ 49 KB
49 KB 263ms
77ms Image
image/jpeg 13.225.78.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imengine.public.prod.dur.navigacloud.com/?uuid=0dc3a046-ae8e-58c2-ad12-a35fe4b14029&function=cropresize&type=preview&source=false&q=75&crop_w=0.99999&crop_h=0.85349&width=864&height=648&x=1.0E-5&y=0.07397
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-71.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 72065d57eec8cdd299f72fd431ec0b9d6c632949a4037df2080c15ddfdd4dd05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: public
date: Wed, 28 Sep 2022 00:11:49 GMT
via: 1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
last-modified: Wed, 28 Sep 2022 00:11:49 +0000
server: nginx
x-amz-cf-pop: FRA2-C2
age: 54145
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=15552000
x-amz-cf-id: __K65IQj18EQhI7yKYGdvXrgD8JhiKKaAFuc-uhaJZNsI-nsArVeDw==
expires: Mon, 27 Mar 2023 00:11:49 GMT

GET
H2 200 /
imengine.public.prod.dur.navigacloud.com/ 577 KB
578 KB 96ms
29ms Image
image/jpeg 13.225.78.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imengine.public.prod.dur.navigacloud.com/?uuid=3e8a4b7b-c41e-5b6d-904c-f08ccb1cfb55&function=cropresize&type=preview&source=false&q=75&crop_w=0.65875&crop_h=0.77821&width=2000&height=1500&x=0.3325&y=0.03891
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-71.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 8c9d606a627678a4b16cd95b69c4913096447d49568a87044c7af21c340f9c6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: public
date: Wed, 28 Sep 2022 02:39:44 GMT
via: 1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
last-modified: Wed, 28 Sep 2022 02:39:44 +0000
server: nginx
x-amz-cf-pop: FRA2-C2
age: 45270
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=15552000
x-amz-cf-id: HTbXNKcreNsRwFNYUHlIAnngHk0UNMlVx3DNgnJQdtBM-Z7GOUsh7g==
expires: Mon, 27 Mar 2023 02:39:44 GMT

GET
H2 200 /
imengine.public.prod.dur.navigacloud.com/ 13 KB
13 KB 140ms
73ms Image
image/jpeg 13.225.78.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imengine.public.prod.dur.navigacloud.com/?uuid=128787ad-3319-5157-b8e5-3ba8545f7917&function=thumbnail&type=preview&source=false&width=600&height=400
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-71.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: d59f2aca9cfb279eca7a9f9a83d6aa95ee3b69e40b7382acc5aa34edc1874f96

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: public
date: Tue, 27 Sep 2022 04:09:29 GMT
via: 1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
last-modified: Tue, 27 Sep 2022 04:09:29 +0000
server: nginx
x-amz-cf-pop: FRA2-C2
age: 126285
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=15552000
x-amz-cf-id: PgMe2ewK-EUTNa6e3GkOZn7IMNECeSHktbYR5Jf85oap89j_i-ERog==
expires: Sun, 26 Mar 2023 04:09:29 GMT

GET
H2 200 /
imengine.public.prod.dur.navigacloud.com/ 42 KB
42 KB 142ms
75ms Image
image/jpeg 13.225.78.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imengine.public.prod.dur.navigacloud.com/?uuid=89338fe3-016a-58f5-bd3f-33e856ca4728&function=thumbnail&type=preview&source=false&width=600&height=400
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-71.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: d5a9f65d43e9cbe882254f38ea1cef6c0e019143e546a2d879fc1ec123e6b4ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: public
date: Tue, 27 Sep 2022 21:29:25 GMT
via: 1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
last-modified: Tue, 27 Sep 2022 21:29:25 +0000
server: nginx
x-amz-cf-pop: FRA2-C2
age: 63889
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=15552000
x-amz-cf-id: pTT-JsczW5voiiYjz4UtTo4ilEvkA62cm_Km3FjOetyj-uFt07fWVg==
expires: Sun, 26 Mar 2023 21:29:25 GMT

GET
H2 200 /
imengine.public.prod.dur.navigacloud.com/ 39 KB
39 KB 143ms
76ms Image
image/jpeg 13.225.78.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imengine.public.prod.dur.navigacloud.com/?uuid=62b2409c-1157-5763-b3ed-0b0d29f00732&function=thumbnail&type=preview&source=false&width=600&height=400
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-71.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: ab9023c418902450ad4f7f6c6a514ec01ef341b88d372ff7888c01ea66d13660

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: public
date: Tue, 27 Sep 2022 22:04:39 GMT
via: 1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
last-modified: Tue, 27 Sep 2022 22:04:39 +0000
server: nginx
x-amz-cf-pop: FRA2-C2
age: 61775
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=15552000
x-amz-cf-id: WKt2bCA0JXtYOcLa2xuIoeKR9FRzhMz8zwtnI_926bPWfN0LT1dbsQ==
expires: Sun, 26 Mar 2023 22:04:39 GMT

GET
H2 200 /
imengine.public.prod.dur.navigacloud.com/ 59 KB
59 KB 82ms
14ms Image
image/jpeg 13.225.78.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imengine.public.prod.dur.navigacloud.com/?uuid=91D89A13-3063-41F3-A205-BA79599C6178&function=thumbnail&type=preview&source=false&width=600&height=400
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-71.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 55f8f64d8afe9f9247c9f6c454677cd8d532bb2ebb2d14c136e81a0c154f229e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: public
date: Tue, 27 Sep 2022 20:17:40 GMT
via: 1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
last-modified: Tue, 27 Sep 2022 20:17:40 +0000
server: nginx
x-amz-cf-pop: FRA2-C2
age: 68194
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=15552000
x-amz-cf-id: 8sPnC6u4bxxs1kIzzP4uAjQ02uARxVVYtBqK3R1Usah3zUknECy27A==
expires: Sun, 26 Mar 2023 20:17:40 GMT

GET
H2 200 /
imengine.public.prod.dur.navigacloud.com/ 170 KB
170 KB 140ms
73ms Image
image/jpeg 13.225.78.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imengine.public.prod.dur.navigacloud.com/?uuid=FE49F817-1B98-46DA-911C-551D93C9B8E3&function=cropresize&type=preview&source=false&q=75&crop_w=0.88375&crop_h=0.99999&width=1290&height=968&x=1.0E-5&y=1.0E-5
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-71.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: c10ae5f6c4872dff4a634de95bbc01513810b378212445592795128575206af0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: public
date: Tue, 27 Sep 2022 19:37:39 GMT
via: 1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
last-modified: Tue, 27 Sep 2022 19:37:39 +0000
server: nginx
x-amz-cf-pop: FRA2-C2
age: 70595
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=15552000
x-amz-cf-id: UWtxSnLMfnBjLYkjnI2EvW56Zo8n11cFhkMLzBUkFuxp5PirojBbsQ==
expires: Sun, 26 Mar 2023 19:37:39 GMT

GET
H2 200 /
imengine.public.prod.dur.navigacloud.com/ 45 KB
46 KB 90ms
23ms Image
image/jpeg 13.225.78.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imengine.public.prod.dur.navigacloud.com/?uuid=cf022c79-a948-5439-9c8b-c61f49d637f1&function=cropresize&type=preview&source=false&q=75&crop_w=0.99999&crop_h=0.42056&width=1026&height=577&x=1.0E-5&y=0.17196
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-71.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: c14b6c1f19579babac8efc5af33e08ae464006650629cbfadbaa8320a4929344

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: public
date: Tue, 27 Sep 2022 03:23:05 GMT
via: 1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
last-modified: Tue, 27 Sep 2022 03:23:05 +0000
server: nginx
x-amz-cf-pop: FRA2-C2
age: 129069
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=15552000
x-amz-cf-id: aHWORJF-3sJeP-N0NxVtC3XaG_pBSdmIvA9KCb4mQWdnVEvb0kbAQg==
expires: Sun, 26 Mar 2023 03:23:05 GMT

GET
H2 200 /
imengine.public.prod.dur.navigacloud.com/ 283 KB
283 KB 66ms
61ms Image
image/jpeg 13.225.78.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imengine.public.prod.dur.navigacloud.com/?uuid=e737dce1-2322-5148-b562-ff16bcac5b40&function=cropresize&type=preview&source=false&q=75&crop_w=0.99999&crop_h=0.79929&width=5046&height=2838&x=1.0E-5&y=0.10124
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-71.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: eb51f6ee1408e5a436babf55bd97e8ade233f60ec1620a90754d2b53c983a5aa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: public
date: Wed, 28 Sep 2022 05:17:44 GMT
via: 1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
last-modified: Wed, 28 Sep 2022 05:17:44 +0000
server: nginx
x-amz-cf-pop: FRA2-C2
age: 35790
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=15552000
x-amz-cf-id: wzy14hpBS2Jf3zh92_bvUU6J2O0RAXfO54yD8s4WkKII77b9-nci9g==
expires: Mon, 27 Mar 2023 05:17:44 GMT

GET
H2 200 /
imengine.public.prod.dur.navigacloud.com/ 137 KB
137 KB 64ms
61ms Image
image/jpeg 13.225.78.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imengine.public.prod.dur.navigacloud.com/?uuid=736e4377-8908-5cea-8caf-1b945a96f848&function=cropresize&type=preview&source=false&q=75&crop_w=0.99999&crop_h=0.375&width=1334&height=750&x=1.0E-5&y=0.02833
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-71.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 3def69a6a4ab29e6407622558054abacb94da5e8ae9a21ecc2810582f7aed256

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: public
date: Wed, 28 Sep 2022 01:57:43 GMT
via: 1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
last-modified: Wed, 28 Sep 2022 01:57:43 +0000
server: nginx
x-amz-cf-pop: FRA2-C2
age: 47791
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=15552000
x-amz-cf-id: VVGyfTscBdnd2idzI0bP_Pcy18ohb3qPBrOmSrLdmCmq-0v_RtbYQg==
expires: Mon, 27 Mar 2023 01:57:43 GMT

GET
H2 200 /
imengine.public.prod.dur.navigacloud.com/ 172 KB
172 KB 71ms
68ms Image
image/jpeg 13.225.78.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imengine.public.prod.dur.navigacloud.com/?uuid=e244beeb-c316-5b35-a6a5-d5494eb85512&function=thumbnail&type=preview&source=false&width=1920&height=1080
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-71.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 2a7e68d0087973ead34ca76786e18702ea9f1101ce9e5239bff15f3d2b58205d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: public
date: Sat, 24 Sep 2022 05:00:07 GMT
via: 1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
last-modified: Sat, 24 Sep 2022 05:00:07 +0000
server: nginx
x-amz-cf-pop: FRA2-C2
age: 382447
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=15552000
x-amz-cf-id: AeN-s3Q_vpwQwRsNEAVLFmd585W-9K-ZmHHTnHgOnQolh5xt1q9A1Q==
expires: Thu, 23 Mar 2023 05:00:07 GMT

GET
H2 200 /
imengine.public.prod.dur.navigacloud.com/ 228 KB
228 KB 65ms
62ms Image
image/jpeg 13.225.78.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imengine.public.prod.dur.navigacloud.com/?uuid=ef35b8cd-c26c-5263-8b03-b8f76deb0911&function=thumbnail&type=preview&source=false&width=1920&height=1080
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-71.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: cf9414742b9e5d3de2cc2a115ac5aa8607431828fe3d9ba2d1fb92386a000482

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: public
date: Sun, 11 Sep 2022 00:23:01 GMT
via: 1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
last-modified: Sun, 11 Sep 2022 00:23:01 +0000
server: nginx
x-amz-cf-pop: FRA2-C2
age: 1522273
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=15552000
x-amz-cf-id: 0qpaeb21l4Rkg16Wc5wBuUujjWCmnUhiMtuA5FNG2LLniqrUaavEzw==
expires: Fri, 10 Mar 2023 00:23:01 GMT

GET
H2 200 /
imengine.public.prod.dur.navigacloud.com/ 173 KB
173 KB 67ms
64ms Image
image/jpeg 13.225.78.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imengine.public.prod.dur.navigacloud.com/?uuid=01461635-1b1b-5c9f-a7f7-db5c90cb18c7&function=cropresize&type=preview&source=false&q=75&crop_w=0.99999&crop_h=0.73892&width=1600&height=900&x=1.0E-5&y=0.06076
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-71.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: edf33f4ac238ec0f1f48727982ad9f1a1c79b364070aa14845286fa24137b01a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: public
date: Fri, 09 Sep 2022 01:32:49 GMT
via: 1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
last-modified: Fri, 09 Sep 2022 01:32:49 +0000
server: nginx
x-amz-cf-pop: FRA2-C2
age: 1690884
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=15552000
x-amz-cf-id: w-dtVwNFBjtoQFc5fy5SLiECGe1GwgAUB-yX8J3tCwgfE2MOItsCGg==
expires: Wed, 08 Mar 2023 01:32:49 GMT

GET
H2 200 /
imengine.public.prod.dur.navigacloud.com/ 231 KB
231 KB 67ms
64ms Image
image/jpeg 13.225.78.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imengine.public.prod.dur.navigacloud.com/?uuid=183c57da-1f21-593e-a03d-246eeecd46ea&function=cropresize&type=preview&source=false&q=75&crop_w=0.99999&crop_h=0.77187&width=1600&height=900&x=1.0E-5&y=0.02401
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-71.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 949c2b6588872fdebac31a475a18c447e9f42ccb96fc683b830e8e6fc3848ddd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: public
date: Fri, 09 Sep 2022 02:35:21 GMT
via: 1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
last-modified: Fri, 09 Sep 2022 02:35:21 +0000
server: nginx
x-amz-cf-pop: FRA2-C2
age: 1687133
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=15552000
x-amz-cf-id: D8kJhDkwcJhrAL9FzLrYchlK2n1EAmeimCiYlmmQGFZhiWtbbAfozA==
expires: Wed, 08 Mar 2023 02:35:21 GMT

GET
H2 200 /
imengine.public.prod.dur.navigacloud.com/ 72 KB
73 KB 70ms
67ms Image
image/jpeg 13.225.78.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imengine.public.prod.dur.navigacloud.com/?uuid=7a30bd7d-d046-56fb-a4af-0a2fb1e0ee47&function=cropresize&type=preview&source=false&q=75&crop_w=0.99999&crop_h=0.86207&width=1300&height=731&x=1.0E-5&y=0.0613
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-71.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 7569633a69ae6303f1c5e73c4c9207b442635bfd3712ca959f26bcee7908779e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: public
date: Wed, 28 Sep 2022 10:58:12 GMT
via: 1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
last-modified: Wed, 28 Sep 2022 10:58:12 +0000
server: nginx
x-amz-cf-pop: FRA2-C2
age: 15362
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=15552000
x-amz-cf-id: ZF5F48TkzNdMHWzIXolqPELcCu9NrMPiJj6U4MvmvNTzJtEArF-J1w==
expires: Mon, 27 Mar 2023 10:58:12 GMT

GET
H2 200 /
imengine.public.prod.dur.navigacloud.com/ 369 KB
370 KB 71ms
68ms Image
image/jpeg 13.225.78.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imengine.public.prod.dur.navigacloud.com/?uuid=acffec3d-1ad1-51ea-847b-1cd5ce11ce64&function=cropresize&type=preview&source=false&q=75&crop_w=0.99999&crop_h=0.82721&width=1600&height=900&x=1.0E-5&y=0.0864
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-71.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: b550486f6b586d7e13c64d36ad96c5bed0172c46e6600cc1e2de9d53006fbf29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: public
date: Wed, 28 Sep 2022 10:58:12 GMT
via: 1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
last-modified: Wed, 28 Sep 2022 10:58:12 +0000
server: nginx
x-amz-cf-pop: FRA2-C2
age: 15362
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=15552000
x-amz-cf-id: zKQVSMPPLU1ojphUQfove-PXhn0Dc5hxlMOgYK8cFd_dQTCGhx3buQ==
expires: Mon, 27 Mar 2023 10:58:12 GMT

GET
H2 200 /
imengine.public.prod.dur.navigacloud.com/ 325 KB
326 KB 68ms
65ms Image
image/jpeg 13.225.78.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imengine.public.prod.dur.navigacloud.com/?uuid=9554c139-ae26-54de-a867-04f380d6a1bb&function=cropresize&type=preview&source=false&q=75&crop_w=0.99999&crop_h=0.77855&width=1600&height=900&x=1.0E-5&y=0.09862
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-71.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 7d4fb730fb78fa7201576aac8678fb1ef55a3c1b4704600e36d3debec868087f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: public
date: Tue, 20 Sep 2022 03:42:23 GMT
via: 1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
last-modified: Tue, 20 Sep 2022 03:42:23 +0000
server: nginx
x-amz-cf-pop: FRA2-C2
age: 732711
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=15552000
x-amz-cf-id: e_DNNcMK2vKteY8zytxaLNJVxkCDEZwpt8hGYHBAH-ySUlzgkEl9Cg==
expires: Sun, 19 Mar 2023 03:42:23 GMT

GET
H2 200 /
imengine.public.prod.dur.navigacloud.com/ 140 KB
141 KB 71ms
69ms Image
image/jpeg 13.225.78.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imengine.public.prod.dur.navigacloud.com/?uuid=319f44cc-6eae-5b80-adcf-d2fd7576a2ed&function=thumbnail&type=preview&source=false&width=1920&height=1080
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-71.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 997710a38586226681604f9f2b0d0b98699da2c28d4fd7b0405325bbbfe62c0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: public
date: Fri, 09 Sep 2022 02:35:21 GMT
via: 1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
last-modified: Fri, 09 Sep 2022 02:35:21 +0000
server: nginx
x-amz-cf-pop: FRA2-C2
age: 1687133
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=15552000
x-amz-cf-id: X-LPwoAVgUVnzelfCYSXnR3XouXSc0HnQWm1SlFRgN4-OzmxtP_P_A==
expires: Wed, 08 Mar 2023 02:35:21 GMT

GET
H2 200 p.css
p.typekit.net/ 5 B
181 B 45ms
10ms Stylesheet
text/css 2a02:26f0:3500:16::215:148b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=ibr8mku&ht=tk&f=139.140.175.176.143.144.147.148.605.606.607.5550.5551.6335.14541.14542.14545.14548.15815.15818.25253.25254.28098.28099&a=15379666&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ibr8mku.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:14 GMT
last-modified: Sat, 16 Oct 2021 08:18:43 GMT
server: nginx
etag: "616a8ae3-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 /
imengine.public.prod.dur.navigacloud.com/ 252 KB
252 KB 67ms
64ms Image
image/jpeg 13.225.78.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imengine.public.prod.dur.navigacloud.com/?uuid=07671be4-1124-5095-888a-18d0a84f7496&function=cropresize&type=preview&source=false&q=75&crop_w=0.99999&crop_h=0.72698&width=1400&height=788&x=1.0E-5&y=0.1664
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-71.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: aea01aebbd37f22702da35b5e4859313e267078e1de4b1a50b872dc50133d92a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: public
date: Sun, 25 Sep 2022 06:12:02 GMT
via: 1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
last-modified: Sun, 25 Sep 2022 06:12:02 +0000
server: nginx
x-amz-cf-pop: FRA2-C2
age: 291732
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=15552000
x-amz-cf-id: DqE-xw0AB41-HU93eIusASV4agoauc9J7Rjgy_yGGbZH99sp_4P97A==
expires: Fri, 24 Mar 2023 06:12:02 GMT

GET
H2 200 /
imengine.public.prod.dur.navigacloud.com/ 244 KB
244 KB 68ms
66ms Image
image/jpeg 13.225.78.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imengine.public.prod.dur.navigacloud.com/?uuid=f6401bc9-25cb-5fa9-80e7-3e75619fae6f&function=cropresize&type=preview&source=false&q=75&crop_w=0.99999&crop_h=0.84428&width=1400&height=788&x=1.0E-5&y=0.08443
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-71.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 7e78fcdfd223b53f5539d516a7ba0fec6f30ae763e7ca07091df1b86f3010e98

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: public
date: Wed, 07 Sep 2022 01:54:54 GMT
via: 1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
last-modified: Wed, 07 Sep 2022 01:54:54 +0000
server: nginx
x-amz-cf-pop: FRA2-C2
age: 1862360
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=15552000
x-amz-cf-id: E8UZlFXXvZzkDRqOX8I2QoArl5RcBlB-jB5PAzHIZnQ3nMd87SZkUw==
expires: Mon, 06 Mar 2023 01:54:54 GMT

GET
H2 200 /
imengine.public.prod.dur.navigacloud.com/ 17 KB
18 KB 72ms
69ms Image
image/jpeg 13.225.78.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imengine.public.prod.dur.navigacloud.com/?uuid=05FFDDBA-8B32-4C9B-B02B-265AA80D0122&function=thumbnail&type=preview&source=false&width=420&height=235
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-71.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 7921e0105e099b9c4d457e7b92813bb33943e9a78091030a5033045a559091bf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: public
date: Wed, 28 Sep 2022 01:17:43 GMT
via: 1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
last-modified: Wed, 28 Sep 2022 01:17:43 +0000
server: nginx
x-amz-cf-pop: FRA2-C2
age: 50191
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=15552000
x-amz-cf-id: A8zeG1BGZs7HzZAl73qRHxLCrgfrY3lZonDtMmezw9Oc9cYEiGby5A==
expires: Mon, 27 Mar 2023 01:17:43 GMT

GET
H2 200 /
imengine.public.prod.dur.navigacloud.com/ 186 KB
186 KB 68ms
66ms Image
image/jpeg 13.225.78.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imengine.public.prod.dur.navigacloud.com/?uuid=55E3DBA4-D80D-4AD3-8165-9DAD31C93B9B&function=cropresize&type=preview&source=false&q=75&crop_w=0.99999&crop_h=0.75&width=1600&height=900&x=1.0E-5&y=0.15667
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-71.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 78bd59e6eec6ddba5f0eb3096ed6ba47becea4110155464a3bb255a72c8e52ca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: public
date: Tue, 27 Sep 2022 02:34:17 GMT
via: 1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
last-modified: Tue, 27 Sep 2022 02:34:17 +0000
server: nginx
x-amz-cf-pop: FRA2-C2
age: 131997
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=15552000
x-amz-cf-id: Ae-5pqJEfjA37PD89Pzo0_9RTExUxYSTyF0IQT-lDYNDbmO9hYPg7w==
expires: Sun, 26 Mar 2023 02:34:17 GMT

GET
H2 200 /
imengine.public.prod.dur.navigacloud.com/ 6 KB
7 KB 69ms
66ms Image
image/jpeg 13.225.78.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imengine.public.prod.dur.navigacloud.com/?uuid=322d52fc-565a-5b51-84ec-6b7ebe60b707&function=hardcrop&type=preview&source=false&width=256&height=256
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-71.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 047bdc2c6df73f0b6d779c6e828fd987bc97c8a9eceae14e68aa6f266cb3cb68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: public
date: Mon, 26 Sep 2022 11:00:40 GMT
via: 1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
last-modified: Mon, 26 Sep 2022 11:00:40 +0000
server: nginx
x-amz-cf-pop: FRA2-C2
age: 188014
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=15552000
x-amz-cf-id: d_RaRZlzsQe7yePEVIViqclYSb-_jpSCk3h1QZbcXtBhqr2WikURfg==
expires: Sat, 25 Mar 2023 11:00:40 GMT

GET
H2 200 /
imengine.public.prod.dur.navigacloud.com/ 5 KB
5 KB 67ms
65ms Image
image/jpeg 13.225.78.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imengine.public.prod.dur.navigacloud.com/?uuid=491fe305-3153-55fb-bc8b-68089428fc22&function=hardcrop&type=preview&source=false&width=256&height=256
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-71.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 292057fd73bdf2b6ad9d7a83275ecaa9c82fd1168d53b0f970b6df3b01fcf20f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: public
date: Sat, 24 Sep 2022 12:16:23 GMT
via: 1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
last-modified: Sat, 24 Sep 2022 12:16:23 +0000
server: nginx
x-amz-cf-pop: FRA2-C2
age: 356271
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=15552000
x-amz-cf-id: VpqSmoZIV4GpZZeZISNkKRK2bg1ra6i5vuZqPqZjIb5ob1ykQ5W3oQ==
expires: Thu, 23 Mar 2023 12:16:23 GMT

GET
H2 200 /
imengine.public.prod.dur.navigacloud.com/ 4 KB
5 KB 68ms
65ms Image
image/jpeg 13.225.78.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imengine.public.prod.dur.navigacloud.com/?uuid=9a7b5d50-7a7b-5928-b5a7-a92c9da3785c&function=hardcrop&type=preview&source=false&width=256&height=256
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-71.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: e6d084ffc939bd4d4ec1689e43c4728bfe3ba79aa72be20d3ee829a18cba28eb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: public
date: Fri, 23 Sep 2022 23:19:24 GMT
via: 1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
last-modified: Fri, 23 Sep 2022 23:19:24 +0000
server: nginx
x-amz-cf-pop: FRA2-C2
age: 402890
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=15552000
x-amz-cf-id: 4S8ShzElqlcp4MSi_bzkAWxH2gGk-YnEIre73V3eH7gsh2sQZ-ti9A==
expires: Wed, 22 Mar 2023 23:19:24 GMT

GET
H2 200 /
imengine.public.prod.dur.navigacloud.com/ 430 KB
431 KB 69ms
67ms Image
image/jpeg 13.225.78.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imengine.public.prod.dur.navigacloud.com/?uuid=6e8c64c4-17bd-5d58-844b-03bef123d176&function=cropresize&type=preview&source=false&q=75&crop_w=0.99999&crop_h=0.84428&width=2000&height=1125&x=1.0E-5&y=0.0788
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-71.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 1c1107a3bfba71e8a9765ca70aaf92ee5df4d71912428f6e9bb1439f901b41ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: public
date: Sat, 24 Sep 2022 02:48:28 GMT
via: 1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
last-modified: Sat, 24 Sep 2022 02:48:28 +0000
server: nginx
x-amz-cf-pop: FRA2-C2
age: 390346
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=15552000
x-amz-cf-id: h84fHOpybV9Z2US24toT4pxg-TQTsxvODbnIXjVpxFaHGclezy8Rlg==
expires: Thu, 23 Mar 2023 02:48:28 GMT

GET
H2 200 /
imengine.public.prod.dur.navigacloud.com/ 629 KB
630 KB 469ms
467ms Image
image/jpeg 13.225.78.71
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imengine.public.prod.dur.navigacloud.com/?uuid=37f37910-cf8b-5e2d-ae07-7f4bc7b1567e&function=cropresize&type=preview&source=false&q=75&crop_w=0.99999&crop_h=0.84428&width=3840&height=2160&x=1.0E-5&y=1.0E-5
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-71.fra2.r.cloudfront.net
Software: nginx /
Resource Hash: 3cd271fbb5f4ea8e284e440a0ded9850585e6472a7cc5225cf55fda1d9f3c741

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: public
date: Wed, 28 Sep 2022 15:14:15 GMT
via: 1.1 ec9e3bc729d9c6d55ed32446408ad62e.cloudfront.net (CloudFront)
last-modified: Wed, 28 Sep 2022 15:14:15 +0000
server: nginx
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=15552000
x-amz-cf-id: loFQR52M8pv__js1jpClZeOkAPzUWqknT9kurQNo6LTevhcJyVFCbg==
expires: Mon, 27 Mar 2023 15:14:15 GMT

GET
H2 200 InYourEar.jpg
www.durangoherald.com/wp-content/themes/durango/images/ 710 KB
711 KB 23ms
21ms Image
image/jpeg 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.durangoherald.com/wp-content/themes/durango/images/InYourEar.jpg
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: /
Resource Hash: bcc93eb05ec0935626e3f23b82351ef31b04fc0326a7d800ed92a8c0c78747c7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:14 GMT
last-modified: Mon, 11 Jul 2022 20:55:31 GMT
x-cdn: Imperva
etag: "62cc8e43-b18f3"
content-type: image/jpeg
x-iinfo: 14-101340539-0 0CNN RT(1664378052053 2246) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=308557081, public
content-length: 727283
expires: Thu, 08 Jul 2032 21:32:15 GMT

GET
H/1.1 200
OK /
durangoherald-co.newsmemory.com/ 38 KB
39 KB 945ms
204ms Image
image/png 50.17.180.6
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://durangoherald-co.newsmemory.com/?getprima
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 50.17.180.6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-50-17-180-6.compute-1.amazonaws.com
Software: Apache /
Resource Hash: b1f1edfded3b12ec9d08ae4b64821869d453a663af645e295de35ab0467656a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Expires: Wed, 28 Sep 2022 15:29:15 GMT
Date: Wed, 28 Sep 2022 15:14:15 GMT
Cache-Control: max-age=900,s-maxage=900
Server: Apache
Transfer-Encoding: chunked
Content-Type: image/png

GET
H2 200 Screen-Shot-2022-09-26-at-10.37.46-AM.png
static.ew.dur.navigacloud.com/wp-content/uploads/sites/2/2022/09/26043806/ 1006 KB
1007 KB 105ms
13ms Image
image/png 18.66.112.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.ew.dur.navigacloud.com/wp-content/uploads/sites/2/2022/09/26043806/Screen-Shot-2022-09-26-at-10.37.46-AM.png
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-92.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 62bebe5fd35015aee17a6346f05e5413154a6721791cda0bfe0a48d0583842be

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 16:39:18 GMT
via: 1.1 7463e2e784b132604afa3cd91a5d39a2.cloudfront.net (CloudFront)
last-modified: Mon, 26 Sep 2022 16:38:07 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P5
age: 167697
etag: "397c5db0b98fdca9f7e79d3741cf4f48"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 1029954
x-amz-cf-id: iKUdEbxxqZCh5wPs_EkBXtF1JAHxyrxrihhRZdvaFvrLHx5Nnm447A==

GET
H2 200 default_footer-logo.png
www.durangoherald.com/wp-content/themes/durango/images/durangoherald/ 5 KB
5 KB 28ms
26ms Image
image/png 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.durangoherald.com/wp-content/themes/durango/images/durangoherald/default_footer-logo.png
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: /
Resource Hash: 77abd96282cea97814e153fc458782284ac2407cd2ed5f840c7b6c92764652b4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:14 GMT
last-modified: Mon, 11 Jul 2022 20:55:31 GMT
x-cdn: Imperva
etag: "62cc8e43-1a3b"
content-type: image/png
x-iinfo: 14-101340539-0 0CNN RT(1664378052053 2248) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=308557081, public
content-length: 4626
expires: Thu, 08 Jul 2032 21:32:15 GMT

GET
H2 200 scripts.js Show response
www.durangoherald.com/wp-content/plugins/contact-form-7/includes/js/ 11 KB
3 KB 9ms
9ms Script
application/javascript 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.durangoherald.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.1.4
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: /
Resource Hash: 0bca081fbb993025163879e469c315a98ede0d22ed7a5d6b98bd875deda59c6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:14 GMT
content-encoding: gzip
last-modified: Mon, 11 Jul 2022 20:55:42 GMT
x-cdn: Imperva
etag: W/"62cc8e4e-3868"
content-type: application/javascript
x-iinfo: 14-101340539-0 0CNN RT(1664378052053 2178) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=308557080, public
content-length: 3351
expires: Thu, 08 Jul 2032 21:32:14 GMT

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 884 B
998 B 227ms
18ms Script
text/javascript 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?render=6LcrgKUgAAAAAHyUspIhYrfgfQ5WzJFL9MsWMQSp&ver=3.0

Requested by

Host: www.durangoherald.com
URL: https://www.durangoherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1810548a0a4f5ffbf2760eb47fb85778434750b77feb43e5b9f190849664f89d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 585
x-xss-protection: 1; mode=block
expires: Wed, 28 Sep 2022 15:14:14 GMT

GET
H2 200 understrap.min.js Show response
www.durangoherald.com/wp-content/themes/everyware-theme-base-1/js/ 69 KB
20 KB 17ms
8ms Script
application/javascript 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.durangoherald.com/wp-content/themes/everyware-theme-base-1/js/understrap.min.js?ver=1663244043189
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: /
Resource Hash: 3f38c93344789f557b5aa27f3e0c7811f6f6958882cbd6a895cdd2005b8222e9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:14 GMT
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 19:00:47 GMT
x-cdn: Imperva
etag: W/"631a3bdf-11543"
content-type: application/javascript
x-iinfo: 14-101340539-0 0CNN RT(1664378052053 2232) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=314226166, public
content-length: 20699
expires: Sun, 12 Sep 2032 12:17:00 GMT

GET
H2 200 menus.js Show response
www.durangoherald.com/wp-content/themes/durango/js/ 4 KB
1 KB 173ms
164ms Script
application/javascript 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.durangoherald.com/wp-content/themes/durango/js/menus.js?ver=202209280914
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: /
Resource Hash: dff91edeb3acaaa0588c9f24fa09e53657bfc83f1423e37332e55d32ff2f9f2b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:14 GMT
content-encoding: gzip
last-modified: Thu, 15 Sep 2022 12:14:01 GMT
x-cdn: Imperva
etag: W/"63231709-12d3"
content-type: application/javascript
x-iinfo: 14-101340539-101340818 3CNN RT(1664378052053 2234) q(0 0 0 -1) r(2 2) U18
cache-control: max-age=315359988, public
content-length: 1064
expires: Sat, 25 Sep 2032 15:14:02 GMT

GET
H2 200 content.js Show response
www.durangoherald.com/wp-content/themes/durango/js/ 4 KB
1 KB 174ms
165ms Script
application/javascript 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.durangoherald.com/wp-content/themes/durango/js/content.js?ver=202209280914
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: /
Resource Hash: c26ea605253d9ae8dafd8820f37d0b223752fb54c5c754f7ba1b6fcbe7faea9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:14 GMT
content-encoding: gzip
last-modified: Thu, 15 Sep 2022 12:14:01 GMT
x-cdn: Imperva
etag: W/"63231709-f37"
content-type: application/javascript
x-iinfo: 14-101340539-101339942 3CNN RT(1664378052053 2234) q(0 0 0 -1) r(2 2) U18
cache-control: max-age=315359988, public
content-length: 1419
expires: Sat, 25 Sep 2032 15:14:02 GMT

GET
H2 200 slick-theme.js Show response
www.durangoherald.com/wp-content/themes/durango/slick/ 683 B
475 B 172ms
163ms Script
application/javascript 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.durangoherald.com/wp-content/themes/durango/slick/slick-theme.js?ver=202209280914
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: /
Resource Hash: d94f18e4a6c5b3f5cb7055c23757321077e461e2ecb5f117c9eeeda1a93435b3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:14 GMT
content-encoding: gzip
last-modified: Thu, 15 Sep 2022 12:14:01 GMT
x-cdn: Imperva
etag: "63231709-444"
content-type: application/javascript
x-iinfo: 14-101340539-101340463 3CNN RT(1664378052053 2235) q(0 0 0 -1) r(2 2) U18
cache-control: max-age=315359988, public
content-length: 286
expires: Sat, 25 Sep 2032 15:14:02 GMT

GET
H2 200 body.js Show response
www.durangoherald.com/wp-content/themes/durango/assets/js/ 70 KB
21 KB 20ms
11ms Script
application/javascript 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.durangoherald.com/wp-content/themes/durango/assets/js/body.js?ver=1663244043189
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: /
Resource Hash: 0169f0c4db4157dd94cb7398e456eaf46fce4f357d7ffb1ba74151639b3b8326

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:14 GMT
content-encoding: gzip
last-modified: Thu, 15 Sep 2022 12:14:01 GMT
x-cdn: Imperva
etag: W/"63231709-11a5c"
content-type: application/javascript
x-iinfo: 14-101340539-0 0CNN RT(1664378052053 2236) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=314226167, public
content-length: 20969
expires: Sun, 12 Sep 2032 12:17:01 GMT

GET
H2 200 slick.js Show response
www.durangoherald.com/wp-content/themes/durango/slick/ 52 KB
11 KB 20ms
11ms Script
application/javascript 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.durangoherald.com/wp-content/themes/durango/slick/slick.js?ver=1663244043189
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: /
Resource Hash: 23fe36a9296ce39e4754d108a9662995a3d29c0239d2af8c171934033b548aaf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:14 GMT
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 19:00:37 GMT
x-cdn: Imperva
etag: W/"631a3bd5-15b7b"
content-type: application/javascript
x-iinfo: 14-101340539-0 0CNN RT(1664378052053 2237) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=314226167, public
content-length: 11380
expires: Sun, 12 Sep 2032 12:17:01 GMT

GET
H2 200 breaking.js Show response
www.durangoherald.com/wp-content/themes/durango/js/ 103 B
206 B 21ms
12ms Script
application/javascript 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.durangoherald.com/wp-content/themes/durango/js/breaking.js?ver=1663244043189
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: /
Resource Hash: 03ad25e3fcb013ef61e8820c255ee7cf9eb8f50d2dd44dd4e860c82783c8a4ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:14 GMT
content-encoding: gzip
last-modified: Thu, 08 Sep 2022 19:00:37 GMT
x-cdn: Imperva
etag: "631a3bd5-71"
content-type: application/javascript
x-iinfo: 14-101340539-0 0CNN RT(1664378052053 2238) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=314226168, public
content-length: 109
expires: Sun, 12 Sep 2032 12:17:02 GMT

GET
H2 200 wp-embed.min.js Show response
www.durangoherald.com/wp-includes/js/ 1 KB
864 B 22ms
13ms Script
application/javascript 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.durangoherald.com/wp-includes/js/wp-embed.min.js?ver=1663244043189
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: /
Resource Hash: 0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:14 GMT
content-encoding: gzip
last-modified: Sat, 26 Oct 2019 00:17:07 GMT
x-cdn: Imperva
etag: W/"5db39083-59a"
content-type: application/javascript
x-iinfo: 14-101340539-0 0CNN RT(1664378052053 2239) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=314226167, public
content-length: 740
expires: Sun, 12 Sep 2032 12:17:01 GMT

GET
H2 200 _Incapsula_Resource Show response
www.durangoherald.com/ 142 KB
20 KB 35ms
33ms Script
application/javascript 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.durangoherald.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=1274958918
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: /
Resource Hash: 8485f542dc47f238ebfdf4763df0e0150d19e9418efdec6fd0eb7a44f0b7955c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

cache-control: no-cache, no-store
content-encoding: gzip
x-robots-tag: noindex
content-length: 20505
content-type: application/javascript

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 80 KB
28 KB 122ms
55ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.durangoherald.com
URL: https://www.durangoherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d90500059bf2da09057e5ec01286818fcf24f72964f045c8a40c0507639af2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27722
x-xss-protection: 0
server: sffe
etag: "1347 / 999 of 1000 / last-modified: 1664363254"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 28 Sep 2022 15:14:14 GMT

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 74ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: www.durangoherald.com
URL: https://www.durangoherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

f4ea36aa06f1d3900bdbfba6cebd7fc3f8a0b14c66f15ca3bc5a345705bd420c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 15:14:14 GMT
content-md5: bIp80+LA5ptSUldbkd2eGw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 1686
x-fb-rlafr: 0
x-fb-debug: V84Z1CrQseRg/2WUVgiVjb5bcJ0TCEzktDZ35Ck3Dvp/M6l/Dp8doRTkbNnNJ0MSRV3ENO3k0PM8XOKiDwE1+w==
x-fb-trip-id: 917726464
x-fb-content-md5: 6dea212b1861f7ab4375224900363f81
cross-origin-opener-policy: same-origin-allow-popups
etag: "4872cec4c8ebc669c5fbfa7417bb3c7d"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 28 Sep 2022 15:27:09 GMT

GET
H2 200 gray-mp-background.png
www.durangoherald.com/wp-content/themes/durango/images/ 753 B
919 B 12ms
11ms Image
image/png 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.durangoherald.com/wp-content/themes/durango/images/gray-mp-background.png
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/wp-content/themes/durango/css/main.css?ver=202209280914
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: /
Resource Hash: 691d56279f97db26395e7dec13bb2ef3d30700d540a904889ec3c063a702150b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/wp-content/themes/durango/css/main.css?ver=202209280914
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:14 GMT
last-modified: Wed, 20 Jul 2022 11:59:39 GMT
x-cdn: Imperva
etag: "62d7ee2b-45e0"
content-type: image/png
x-iinfo: 14-101340539-0 0CNN RT(1664378052053 2259) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=309367645, public
content-length: 753
expires: Sun, 18 Jul 2032 06:41:39 GMT

GET
H2 200 l
use.typekit.net/af/b54a97/000000000000000000017227/27/ 40 KB
40 KB 40ms
7ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/b54a97/000000000000000000017227/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ibr8mku.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 858ea5e76dceb60430928bc0c2b62d2237e908bb9e6893c7c0bdee3d6a4f29cb

Request headers

Referer: https://use.typekit.net/ibr8mku.css
Origin: https://www.durangoherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:14 GMT
server: nginx
etag: "056d29fea175b1851e314833b9af3fafd353bdaf"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 40468

GET
H2 200 l
use.typekit.net/af/4838bd/00000000000000003b9b0934/27/ 32 KB
32 KB 53ms
20ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/4838bd/00000000000000003b9b0934/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ibr8mku.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 9b99ce50d05750058143cb93936075ad5107f9a3e5b03f2d4872c0ebe753a9f7

Request headers

Referer: https://use.typekit.net/ibr8mku.css
Origin: https://www.durangoherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:14 GMT
server: nginx
etag: "852dacc5cd2685c187708b882b28635465e17bd0"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 32688

GET
H2 200 l
use.typekit.net/af/1b21e4/000000000000000000017225/27/ 39 KB
39 KB 41ms
9ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/1b21e4/000000000000000000017225/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ibr8mku.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 3cfef72b107916204f184a60622b32a8342eec17a7eae44a3c903a59bfbe71b2

Request headers

Referer: https://use.typekit.net/ibr8mku.css
Origin: https://www.durangoherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:14 GMT
server: nginx
etag: "a8ccf2a4092ab7b4faee8149b36f34660d8df552"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 40024

GET
H2 200 l
use.typekit.net/af/71f83c/00000000000000003b9b093b/27/ 33 KB
33 KB 41ms
9ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/71f83c/00000000000000003b9b093b/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ibr8mku.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: a2b997da567762896061490c3c08e506b2e5b936978560fc12251dd245140b32

Request headers

Referer: https://use.typekit.net/ibr8mku.css
Origin: https://www.durangoherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:14 GMT
server: nginx
etag: "a0f35f91fdc2ca0a90c8288c08c20681c1aecfcf"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 33660

GET
H2 200 fontawesome-webfont.woff2
www.durangoherald.com/wp-content/themes/everyware-theme-base-1/fonts/ 75 KB
76 KB 16ms
15ms Font
application/octet-stream 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.durangoherald.com/wp-content/themes/everyware-theme-base-1/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/wp-content/themes/everyware-theme-base-1/css/understrap.min.css?ver=1663244043189
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: /
Resource Hash: 2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer: https://www.durangoherald.com/wp-content/themes/everyware-theme-base-1/css/understrap.min.css?ver=1663244043189
Origin: https://www.durangoherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:14 GMT
last-modified: Wed, 20 Jul 2022 11:59:49 GMT
x-cdn: Imperva
etag: "62d7ee35-12d68"
content-type: application/octet-stream
x-iinfo: 14-101340539-0 0CNN RT(1664378052053 2263) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=309306908, public
content-length: 77160
expires: Sat, 17 Jul 2032 13:49:22 GMT

GET
H2 200 l
use.typekit.net/af/5d6ecf/0000000000000000000171b8/27/ 10 KB
10 KB 53ms
22ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/5d6ecf/0000000000000000000171b8/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ibr8mku.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 365e54b0e814e15184b1245b057afc4967d1071eda5d00e7a0258770cc5a0dcb

Request headers

Referer: https://use.typekit.net/ibr8mku.css
Origin: https://www.durangoherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:14 GMT
server: nginx
etag: "bc3ca558790a46ad7469c4980e001589e3ebc433"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 10152

GET
H2 200 slick.woff
www.durangoherald.com/wp-content/themes/durango/slick/fonts/ 1 KB
1 KB 21ms
21ms Font
application/font-woff 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.durangoherald.com/wp-content/themes/durango/slick/fonts/slick.woff
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/wp-content/themes/durango/slick/slick-theme.css?ver=1663244043189
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: /
Resource Hash: 26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc

Request headers

Referer: https://www.durangoherald.com/wp-content/themes/durango/slick/slick-theme.css?ver=1663244043189
Origin: https://www.durangoherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:14 GMT
content-encoding: gzip
last-modified: Mon, 11 Jul 2022 20:55:31 GMT
x-cdn: Imperva
etag: "62cc8e43-564"
content-type: application/font-woff
x-iinfo: 14-101340539-0 0CNN RT(1664378052053 2264) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=308557094, public
content-length: 1343
expires: Thu, 08 Jul 2032 21:32:28 GMT

GET
H2 200 l
use.typekit.net/af/3c9a2c/000000000000000000017226/27/ 39 KB
39 KB 7ms
7ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/3c9a2c/000000000000000000017226/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=i4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/ibr8mku.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 5cac59099c99113382f265adbccd1a6c55f5b59a74c1966f01fa73dd2bf940d9

Request headers

Referer: https://use.typekit.net/ibr8mku.css
Origin: https://www.durangoherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:14 GMT
server: nginx
etag: "07b0891354a5cd4a5bed30501657cfdfe89b2414"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 39856

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 313 KB
86 KB 12ms
9ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=1d938da2bbbb3d3e4ae20e938125a522

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4788e27c7a0524bbd9be08e423597036e980f6c6e527e778db89b53920badc6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.durangoherald.com/
Origin: https://www.durangoherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 28 Sep 2022 15:14:14 GMT
content-md5: M6jPU1YKqkseIyvZ7O5Y4g==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 87369
x-fb-rlafr: 0
x-fb-debug: VZY8ZSdM2S1LcqwEdF9/rmd67VTFgUMxKLgLXdnGyih08CjgG0+XGc5y7E/hhRLa4qxBYn/rLirG6alG/qieuQ==
x-fb-trip-id: 917726464
x-fb-content-md5: eec208e2d54048c4b374502cfae75dae
cross-origin-opener-policy: same-origin-allow-popups
etag: "a6c39fb48745eb5ed3be87b07abf08a9"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
timing-allow-origin: *
expires: Thu, 28 Sep 2023 10:50:53 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/ 391 KB
157 KB 286ms
8ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=6LcrgKUgAAAAAHyUspIhYrfgfQ5WzJFL9MsWMQSp&ver=3.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ad74b30972057e9efc8dd2c5d013ed97938050ceab38f1209780d584bcd6fb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.durangoherald.com/
Origin: https://www.durangoherald.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:08:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 326
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 159555
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 04:01:43 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Sep 2023 15:08:49 GMT

GET
H2 200 _Incapsula_Resource
www.durangoherald.com/ 1 B
35 B 12ms
12ms Image
text/plain 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.durangoherald.com/_Incapsula_Resource?SWKMTFSR=1&e=0.8980952334672647
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 1
content-type: text/plain

GET
H2 200 pubads_impl_2022092201.js Show response
securepubads.g.doubleclick.net/gpt/ 379 KB
129 KB 33ms
7ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b326a1469c739c2ef2e5ff8b87f3824156131ed264eddbe1049410de4696426c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 14:47:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1605
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131358
x-xss-protection: 0
last-modified: Thu, 22 Sep 2022 08:36:30 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 28 Sep 2023 14:47:30 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 152 B
749 B 70ms
47ms XHR
application/json 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.durangoherald.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0596c9a23341585844ec3f9784716005022cd4c534e2e050f6fab16d4c5a25cb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 113
x-xss-protection: 0
expires: Wed, 28 Sep 2022 15:14:15 GMT

GET
H2 200 t Show response
jadserve.postrelease.com/ 3 KB
2 KB 123ms
45ms Script
text/javascript 63.34.160.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.durangoherald.com%2F&ntv_mvi
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.34.160.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-34-160-33.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: 09e60d1957ca452c11466b3bb732b49a5bd9cc539a904e3945adc85197d1e02b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 15:14:15 GMT
content-encoding: gzip
server: nginx/1.12.1
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 1174
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 167 KB
43 KB 68ms
9ms Script
application/javascript 13.224.195.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.195.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-195-78.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d420ee64cb607d68e208a3105b39934807ed2e4d43ced2542f7b6b0cd153ca43

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 14:59:20 GMT
content-encoding: gzip
via: 1.1 c6b364b1181abfafd7a69f210841edca.cloudfront.net (CloudFront), 1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
last-modified: Thu, 15 Sep 2022 20:15:35 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1, FRA2-C1
age: 896
x-amz-server-side-encryption: AES256
etag: W/"da0e8e1151d3ebb7a34f07d19a6e05d0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: WX4hza6sgGHhDEwF0c1J8tzmjsqaZnNXpw_eytRk636BA6lwfwPk3w==

GET
H2 200 ajax-loader.gif
www.durangoherald.com/wp-content/themes/durango/slick/ 4 KB
4 KB 12ms
12ms Image
image/gif 107.154.114.252
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.durangoherald.com/wp-content/themes/durango/slick/ajax-loader.gif
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/wp-content/themes/durango/slick/slick-theme.css?ver=1663244043189
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.114.252 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.114.252.ip.incapdns.net
Software: /
Resource Hash: e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/wp-content/themes/durango/slick/slick-theme.css?ver=1663244043189
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:14 GMT
last-modified: Mon, 11 Jul 2022 20:55:31 GMT
x-cdn: Imperva
etag: "62cc8e43-1052"
content-type: image/gif
x-iinfo: 14-101340539-0 0CNN RT(1664378052053 2916) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=308557081, public
content-length: 4178
expires: Thu, 08 Jul 2032 21:32:15 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
352 B 40ms
15ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-Y4MLN3PXZ8&gtm=2oe9q0&_p=392783754&_gaz=1&cid=571021667.1664378055&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_z=ccd.v9B&_s=1&sid=1664378055&sct=1&seg=0&dl=https%3A%2F%2Fwww.durangoherald.com%2F&dt=The%20Durango%20Herald%20%E2%80%93%20Breaking%20news%20and%20photos%20from%20Durango%2C%20Colorado&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1&ep.dimension1=&ep.dimension2=home&ep.dimension7=&ep.dimension8=false&ep.dimension9=&ep.dimension11=false
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y4MLN3PXZ8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 15:14:15 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.durangoherald.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
352 B 70ms
24ms Ping
text/plain 2a00:1450:4025:402::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-Y4MLN3PXZ8&cid=571021667.1664378055&gtm=2oe9q0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Y4MLN3PXZ8
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4025:402::9b Den Helder, Netherlands, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 15:14:15 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.durangoherald.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 86ms
47ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-Y4MLN3PXZ8&cid=571021667.1664378055&gtm=2oe9q0&aip=1&z=2045997209

Requested by

Host: www.durangoherald.com
URL: https://www.durangoherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 15:14:15 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame F284 42 KB
22 KB 56ms
32ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcrgKUgAAAAAHyUspIhYrfgfQ5WzJFL9MsWMQSp&co=aHR0cHM6Ly93d3cuZHVyYW5nb2hlcmFsZC5jb206NDQz&hl=de&v=ovmhLiigaw4D9ujHYlHcKKhP&size=invisible&cb=n5wfquhx5ucc

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

867edfa8845fc9391720137d613b7493723a92f54e97da1a7a596c8880574107

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-RNjQcze6OxNtVw_CWkeqQA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.durangoherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22247
content-security-policy: script-src 'report-sample' 'nonce-RNjQcze6OxNtVw_CWkeqQA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 15:14:15 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 moatcontent.js Show response
z.moatads.com/nativonielsen548znrb18/ 167 KB
55 KB 60ms
7ms Script
application/x-javascript 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/nativonielsen548znrb18/moatcontent.js?moatClientLevel1=9287
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 4217045a8d701cac3b4a766a11076e7cc5342087464a8a6e3cc7e4f9feec09a3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

unused62: 8096267
date: Wed, 28 Sep 2022 15:14:15 GMT
content-encoding: gzip
last-modified: Mon, 24 Aug 2020 17:04:05 GMT
server: AmazonS3
x-amz-request-id: 541CA3CB462144FD
etag: "774acff2cee5852cdfc3fd8471cb2667"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=11959
accept-ranges: bytes
content-length: 55696
x-amz-id-2: WNwhnB94WoMq7DmM1MaoToceuK3QbHC7vn11hUldfKqO5oRdP3/lkIWqAFpXgth7b2BO5KLt3DE=

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
427 B 44ms
32ms Image
image/gif 63.34.160.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=8017976&ntv_pl=776915
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.34.160.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-34-160-33.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 15:14:15 GMT
server: nginx/1.12.1
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
427 B 46ms
32ms Image
image/gif 63.34.160.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=d5c7af8a-d552-4564-acec-324474e12224&ntv_fl=BPDple0Qhatxi_y7tHwGTjUWOmNTstmN19hjdO7chW8DCv5dBnnHbIxXoLFuP1kvv3IHohhDNN_OEz2jiVlsdXdoNdc02G8JVSNYKlJso_3Bwn_HAxVkyOHyhBmCYvmY&ntv_ht=x2Q0YwA&ntv_at=303,302&ntv_a=AAAAAAAAAAAu4PA&ord=1664378055609&ntv_it
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.34.160.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-34-160-33.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 15:14:15 GMT
server: nginx/1.12.1
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
427 B 45ms
32ms Image
image/gif 63.34.160.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=d5c7af8a-d552-4564-acec-324474e12224&ntv_fl=BPDple0Qhatxi_y7tHwGTjUWOmNTstmN19hjdO7chW8DCv5dBnnHbIxXoLFuP1kvv3IHohhDNN_OEz2jiVlsdXdoNdc02G8JVSNYKlJso_3Bwn_HAxVkyOHyhBmCYvmY&ntv_ht=x2Q0YwA&ntv_at=321,322,333&ntv_a=AAAAAAAAAAAu4PA&ntv_jlt=3552&ntv_jad=428&ntv_jte=25&ntv_it
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.34.160.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-34-160-33.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 15:14:15 GMT
server: nginx/1.12.1
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
427 B 70ms
58ms Image
image/gif 63.34.160.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=d79725d0-1fb1-499e-aac8-2bd9d4933b70&ntv_fl=Gc9iQB61Ot3yLfKOXW_CIztThHt78fcsQouQ0NwhrmGIaMcfLZud3R3wFs8N1B4jaWyxoOtWoo-AlFGb6B9_CBjPraHbvXZkosXHUZe3NNRyi2zD3b2s-gIaO2Z0WNaK&ntv_ht=x2Q0YwA&ntv_at=303&ntv_a=AAAAAAAAAA_u0PA&ord=1664378055611&ntv_it
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.34.160.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-34-160-33.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 15:14:15 GMT
server: nginx/1.12.1
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 trk.gif
jadserve.postrelease.com/ 43 B
427 B 43ms
33ms Image
image/gif 63.34.160.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/trk.gif?ntv_ui=059b21e6-c6db-464f-82e0-11103a79562d&ntv_fl=VMZ2DBD0N-w291m08sPC2oLq68FfV3SzO2-fIQGyBnd_vfRQCA-lc52g752EdnmKAKrtZSPhmgr2fvLWTcK0y8kXk0A1BkjkUI8ihpiSrmdc6qfjBsz4EXBohO8m_TrS&ntv_ht=x2Q0YwA&ntv_at=303&ntv_a=AAAAAAAAAA09oLA&ord=1664378055611&ntv_it
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.34.160.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-34-160-33.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 15:14:15 GMT
server: nginx/1.12.1
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 gdprConsent
jadserve.postrelease.com/ 43 B
427 B 43ms
34ms Image
image/gif 63.34.160.33
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://jadserve.postrelease.com/gdprConsent?ntv_pl=1043966&ntv_gdpr_consent=&ntv_it
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.34.160.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-34-160-33.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 15:14:15 GMT
server: nginx/1.12.1
content-type: image/gif
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 204 config Show response
c.amazon-adsystem.com/cdn/prod/ 0
314 B 17ms
16ms XHR
text/plain 13.224.195.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.durangoherald.com&pubid=50040495-0c55-4949-8e68-6573435333b6
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.195.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-195-78.fra2.r.cloudfront.net
Software: Server /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 10:11:33 GMT
via: 1.1 42b60ee17f7593fff72ca1cb725d6c9a.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA2-C1
age: 18161
x-cache: Hit from cloudfront
access-control-allow-origin: https://www.durangoherald.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
x-amz-cf-id: pbSolgFPbnTbu2nidQ1HQltxL6SDrmBH5IoaTPJGayzKlecUqAeS7A==

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 23 B
468 B 397ms
73ms XHR
text/javascript 13.32.10.16
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.durangoherald.com%2F&pid=eP34sXVJwGTnL&cb=0&ws=1600x1200&v=22.9.81452&t=2000&slots=%5B%7B%22sd%22%3A%22halfpage%22%2C%22s%22%3A%5B%22300x600%22%5D%2C%22sn%22%3A%22%2F3200696%2Fdh_1_homepage%22%7D%2C%7B%22sd%22%3A%22leaderboard%22%2C%22s%22%3A%5B%22728x90%22%2C%22320x50%22%5D%2C%22sn%22%3A%22%2F3200696%2Fdh_1_homepage%22%7D%2C%7B%22sd%22%3A%22mrec%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F3200696%2Fdh_1_homepage%22%7D%2C%7B%22sd%22%3A%22mrec2%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F3200696%2Fdh_1_homepage%22%7D%5D&pubid=50040495-0c55-4949-8e68-6573435333b6&gdprl=%7B%22status%22%3A%22no-cmp%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.10.16 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-10-16.vie50.r.cloudfront.net

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:16 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 c772b2e53d72432d4d471ac66f4794fa.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: VIE50-C2
x-amz-rid: EQP0233XKHDM9CX7MNT0
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.durangoherald.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: dgAOFI10UZTIurzu1MEEimpvzlZYffUwQYBx2kOFlmz6Frh9epvImA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 29ms
11ms XHR
application/javascript 13.224.195.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.195.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-195-78.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

x-amz-version-id: I95TjGhhrR3O7F99m0mjPLrSrnJRj9o4
content-encoding: gzip
via: 1.1 2ec3090d74e200e4acdb2780da3c3c44.cloudfront.net (CloudFront)
date: Wed, 28 Sep 2022 05:17:31 GMT
x-amz-cf-pop: FRA2-C1
age: 35805
x-cache: Hit from cloudfront
last-modified: Mon, 19 Sep 2022 09:37:07 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: _EmIZ04dRKIS_8mdb73YxPLMsN95to-NdWGxs12gf4Aeyk56mSdQ2g==

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/ Frame F284 52 KB
24 KB 25ms
8ms Stylesheet
text/css 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcrgKUgAAAAAHyUspIhYrfgfQ5WzJFL9MsWMQSp&co=aHR0cHM6Ly93d3cuZHVyYW5nb2hlcmFsZC5jb206NDQz&hl=de&v=ovmhLiigaw4D9ujHYlHcKKhP&size=invisible&cb=n5wfquhx5ucc

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 14:33:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2465
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24251
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 04:01:43 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Sep 2023 14:33:10 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/ Frame F284 391 KB
156 KB 24ms
8ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ad74b30972057e9efc8dd2c5d013ed97938050ceab38f1209780d584bcd6fb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:08:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 326
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 159555
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 04:01:43 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Sep 2023 15:08:49 GMT

GET
H2 200 9287 Show response
s-jsonp.moatads.com/ocr/NATIVOINVCONTENT1/level3/ 0
252 B 477ms
418ms Script
application/x-javascript 23.35.237.151
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s-jsonp.moatads.com/ocr/NATIVOINVCONTENT1/level3/9287?t=2022828152
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-237-151.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:16 GMT
last-modified: Tue, 18 Nov 2014 20:18:12 GMT
server: AmazonS3
x-amz-request-id: B17D55F7DE27FB81
etag: "d41d8cd98f00b204e9800998ecf8427e"
content-type: application/x-javascript
cache-control: max-age=1951
accept-ranges: bytes
content-length: 0
x-amz-id-2: mIU50l84eryBjMRqOnAd1Wue1SPq7w6EiQwUrn6rNchVVQCR2FTaNBeV7eOeh+EnU1pv9ak3kX4=

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame F284 2 KB
2 KB 8ms
7ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Thu, 22 Sep 2022 19:40:09 GMT
x-content-type-options: nosniff
age: 502446
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 29 Sep 2022 19:40:09 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F284 15 KB
16 KB 32ms
8ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 17:06:41 GMT
x-content-type-options: nosniff
age: 79654
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 27 Sep 2023 17:06:41 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F284 15 KB
15 KB 34ms
10ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 22:21:19 GMT
x-content-type-options: nosniff
age: 147176
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Sep 2023 22:21:19 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame F284 102 B
133 B 18ms
18ms Other
text/javascript 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=ovmhLiigaw4D9ujHYlHcKKhP

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

4b424d73a944f41d95c60333c46cb5a2791d2c7dc225e4c6410c36a0ee92fe43

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcrgKUgAAAAAHyUspIhYrfgfQ5WzJFL9MsWMQSp&co=aHR0cHM6Ly93d3cuZHVyYW5nb2hlcmFsZC5jb206NDQz&hl=de&v=ovmhLiigaw4D9ujHYlHcKKhP&size=invisible&cb=n5wfquhx5ucc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111
x-xss-protection: 1; mode=block
expires: Wed, 28 Sep 2022 15:14:15 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame F284 32 KB
18 KB 55ms
54ms XHR
application/json 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LcrgKUgAAAAAHyUspIhYrfgfQ5WzJFL9MsWMQSp

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/ovmhLiigaw4D9ujHYlHcKKhP/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0011a205005ea4084d4d83b0d88b728d3dd8c3354aff786bb72623d8a3b41572

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcrgKUgAAAAAHyUspIhYrfgfQ5WzJFL9MsWMQSp&co=aHR0cHM6Ly93d3cuZHVyYW5nb2hlcmFsZC5jb206NDQz&hl=de&v=ovmhLiigaw4D9ujHYlHcKKhP&size=invisible&cb=n5wfquhx5ucc
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Wed, 28 Sep 2022 15:14:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18694
x-xss-protection: 1; mode=block
expires: Wed, 28 Sep 2022 15:14:16 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 41ms
17ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.durangoherald.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 40ms
16ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.durangoherald.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads
securepubads.g.doubleclick.net/gampad/ 0
12 KB 182ms
166ms Other
application/webbundle 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1510348527640675&correlator=1421182448340137&wbsu=3fd90f20-2fd2-4e2b-83b4-b442ece32f61&callback=googletag.wbn1&eid=31069838%2C21068767%2C31069953%2C31062931%2C31068919&output=wbn&gdfp_req=1&vrg=2022092201&ptt=17&impl=fifs&iu_parts=3200696%2Cdh_1_weathersponsor_88x31%2Cdh_0_bestof_728x90_top%2Cdh_1_pushdown_970x90%2Cdh_1_homepage_offpage%2Cdh_1_new-mexico_offpage%2Cdh_1_homepage_offpage_snow&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6&prev_iu_szs=88x31%7C168x28%2C728x90%2C970x90%2C1x1%2C1x1%2C1x1&ifi=1&adks=77734305%2C2701202534%2C3795131112%2C2905884810%2C3195136093%2C3080749105&sfv=1-0-38&ists=7&fsapi=false&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1664378056063&lmt=1664378056&dlt=1664378053972&idt=1556&adxs=-9%2C-9%2C315%2C299%2C-9%2C-9&adys=-9%2C-9%2C296%2C297%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C-1%7C0%7C0%7C-1%7C-1&ucis=1%7C2%7C3%7C4%7C5%7C6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.durangoherald.com%2F&frm=20&vis=1&psz=0x-1%7C0x-1%7C1002x0%7C1002x0%7C0x-1%7C0x-1&msz=0x-1%7C0x-1%7C1002x0%7C1002x0%7C0x-1%7C0x-1&fws=2%2C2%2C0%2C0%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0&ga_vid=571021667.1664378055&ga_sid=1664378056&ga_hid=392783754&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:16 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12562
x-xss-protection: 0
google-lineitem-id: -2,5626954265,-2,6122134939,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,138340464101,-2,138406142892,-2,-2
content-type: application/webbundle
access-control-allow-origin: https://www.durangoherald.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
UUID-IN-PACKAGE 200
OK 3fd90f20-2fd2-4e2b-83b4-b442ece32f61 Show response
/ 9 KB
9 KB 184ms
184ms Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL

uuid-in-package:3fd90f20-2fd2-4e2b-83b4-b442ece32f61

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js

Protocol

UUID-IN-PACKAGE

Server

-, , ASN (),

Reverse DNS

Software

Resource Hash

d474b57418549db82c6ff109048fc1df96781e3132732c22cd8ce17b3473573c

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

X-Content-Type-Options: nosniff, nosniff
content-type: text/javascript; charset=utf-8

GET
H3 200 ads
securepubads.g.doubleclick.net/gampad/ 0
38 KB 509ms
494ms Other
application/webbundle 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1510348527640675&correlator=3802553987748293&wbsu=73a44f9b-58d1-441d-bcc1-87b81309231a&callback=googletag.wbn2&eid=31069838%2C21068767%2C31069953%2C31062931%2C31068919&output=wbn&gdfp_req=1&vrg=2022092201&ptt=17&impl=fifs&iu_parts=3200696%2Cdh_1_homepage&enc_prev_ius=%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1%2C%2F0%2F1&prev_iu_szs=300x250%2C728x90%2C300x250%2C300x600&ifi=7&adks=966404168%2C2090853807%2C919999707%2C1638875882&sfv=1-0-38&fsapi=false&prev_scp=%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1664378056073&lmt=1664378056&dlt=1664378053972&idt=1556&adxs=-12245933%2C436%2C994%2C994&adys=-12245933%2C750%2C1669%2C2355&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1%7C0%7C1%7C2&ucis=7%7C8%7C9%7Ca&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.durangoherald.com%2F&frm=20&vis=1&psz=0x-1%7C1002x30%7C313x0%7C313x0&msz=0x-1%7C1002x0%7C313x0%7C313x0&fws=644%2C0%2C0%2C0&ohw=1600%2C0%2C0%2C0&ga_vid=571021667.1664378055&ga_sid=1664378056&ga_hid=392783754&ga_fc=true

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:16 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38889
x-xss-protection: 0
google-lineitem-id: 5626954265,-1,-1,6104222060
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138340464029,-1,-1,138403231793
content-type: application/webbundle
access-control-allow-origin: https://www.durangoherald.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
UUID-IN-PACKAGE 200
OK 73a44f9b-58d1-441d-bcc1-87b81309231a Show response
/ 101 KB
101 KB 513ms
513ms Script
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL

uuid-in-package:73a44f9b-58d1-441d-bcc1-87b81309231a

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js

Protocol

UUID-IN-PACKAGE

Server

-, , ASN (),

Reverse DNS

Software

Resource Hash

a47b1ed560753a1e31a7bf7130a3e12688a22f80c662938ad7f14940c91b17d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff, nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

X-Content-Type-Options: nosniff, nosniff
content-type: text/javascript; charset=utf-8

GET
H2 200 ad Show response
ads.adventive.com/ Frame 9BE8 181 KB
34 KB 291ms
235ms Script
text/javascript 2606:4700::6810:d735
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adventive.com/ad?j&pid=e4561928-8aa0-4a7b-8a75-e1734455c9a6&type=4&cb=2015549143&click=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsv0WTNFulPb81pzF5E66o7VtBh527RmCIZ3zFLEG1YYJtnJAIqwTud8LjJH605nenH86CtgVcqqEHZPG19G3R264et3J5vl6iJnSbD318Aqk8DqbOtqSi-0C2C__saIqqhVuUGOU10UbtcqdQnlVVYPMIqGNMBJhqim5Rp4_CIrfAvIRXsB0J5dLJDAgw2qHgYcPD-pWey_NkHFu72EEP7OmS25QtU_83lOk-nfdy5IAxazve2Z0KBsvNTzmI_suuF9roZhjUektK_bH9xe3P8BYl965BO8THc5A_0sB3hfi4_0j2SGsuATIp-xWRi-XxRrSXKnfJbMtCyiNQ0kT1B6%2526sai%253DAMfl-YSZbaQpmBXJu8WygEX8P5ApE0bt5VN6JTP3QNcsfEAOi4yrHG0AQJ1x9KRXLb0Y0DnTdZpoPOBhhncjA5SN2Ajqw0CXXvzCYYGGKT3r51UoFsG_CQCdlfL3MbYj7pvQdzyB_g%2526sig%253DCg0ArKJSzA3Gq6mbguedEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D&enc=1&fb_url=&ref=durangoherald.com&gdpr=&addtl_consent=&line_item=6122134939&order_id=1443748576&advertiser_id=1360748416&creative_id=138406142892&oop=https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjsu3QeKP99-WGecIT7K9qVL85pdfzwbjrJnffbHF9kCAk04-1ctuvZX9fMJa7XIP8KsF_Zx0VDSq2C-lsYPZfjTP65dQR4eKhg2PxGPZR_R1bxskJpys4jW4gBlvSSx5Ba5wWJ1ddyDAjplQ8qNL6hDIgXO_5Zs4T3bdeiq1XXfIK0dYQhM96e64anJZWOD6G274kuHvf1dvRPMrLD1DeOSHnpSha93MFrXRG_xncdndQEymReS2uSCVZCm-wS9WGExDVEB72H9pn4di7Cwr3mR8TmD_hR1joy0JL5hQ_KfSd3U7YYmLArw2pNyCbXBTQbBApY3Ssb_RDiI9IeU_kxcxVbH_duV-JSKK0oi507udeok%26sai%3DAMfl-YR5rucuHzupMMU76aNYS1enu-tTlj62gwhQ2w19G8ATdMrIIYrOa-yS0Zavzg8up4JPjkMlpimLSNEAPFV0TT-iOWzTpic0uR49tZpXuWOsrkq8rHkSaOE6ATupY5vLLP5qwQ%26sig%3DCg0ArKJSzNsaj43q0NFrEAE%26uach_m%3D%5BUACH%5D%26urlfix%3D1%26adurl%3D

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:d735 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d2549e131f505d2172565b0c0b2911e257cbd3c5bf1f6928dfcfb221d0845e2a

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:16 GMT
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Wed, 28 Sep 2022 15:14:16 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-apo-via: origin,host
cf-ray: 751d6d845b925bf5-FRA
timing-allow-origin: *
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
UUID-IN-PACKAGE 200
OK d3768553-257c-69ae-8152-69ae257cd376 Show response
/ Frame 3997 20 KB
20 KB 0ms
0ms Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL

uuid-in-package:d3768553-257c-69ae-8152-69ae257cd376

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js

Protocol

UUID-IN-PACKAGE

Server

-, , ASN (),

Reverse DNS

Software

Resource Hash

b00ed0378997e41a4bf2e1dcbfcc05c4b50fe1b9b1d922fa99ef68622ef7145e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

X-Content-Type-Options: nosniff
content-type: text/html; charset=utf-8
x-content-type-options: nosniff

GET
UUID-IN-PACKAGE 200
OK d3768d55-257c-69ae-8954-69ae257cd376 Show response
/ Frame F4CB 14 KB
15 KB 0ms
0ms Document
text/html

General

Check archive.org

Show headers Download Go to

Full URL

uuid-in-package:d3768d55-257c-69ae-8954-69ae257cd376

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js

Protocol

UUID-IN-PACKAGE

Server

-, , ASN (),

Reverse DNS

Software

Resource Hash

cd31b85c0984f6a193e9787df2e9cbbf7cb3af2ad280ae4556ef649e4082b9aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Content-Type-Options	nosniff

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

X-Content-Type-Options: nosniff
content-type: text/html; charset=utf-8
x-content-type-options: nosniff

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012209072154000/ Frame 770C 220 KB
61 KB 82ms
13ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209072154000/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ab720224c1548ed676ca1a6e9f2ecbb3d92fe43ab4e573de9246e48f440a4636

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 26 Sep 2022 17:08:56 GMT
age: 165920
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 61518
x-xss-protection: 0
server: sffe
etag: "b9e6b1d3ca7cc68d"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 26 Sep 2023 17:08:56 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012209072154000/v0/ Frame 770C 14 KB
5 KB 101ms
31ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209072154000/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

efff01c62418d6f4467c02e31f8c01ec7c4459e9310654f6dcbc30120a385209

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 26 Sep 2022 17:08:56 GMT
age: 165920
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5208
x-xss-protection: 0
server: sffe
etag: "dcaf3864e0ab6b08"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 26 Sep 2023 17:08:56 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012209072154000/v0/ Frame 770C 94 KB
28 KB 97ms
28ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209072154000/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

527d0808216e24ce838e14ffd686947cd4a8719fd9562a21412ed08c8ac14614

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 26 Sep 2022 16:38:30 GMT
age: 167746
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28888
x-xss-protection: 0
server: sffe
etag: "95b4b320f7966d1a"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 26 Sep 2023 16:38:30 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012209072154000/v0/ Frame 770C 5 KB
2 KB 101ms
32ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209072154000/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

607150d742ffb67d983e9bd23ab87e0d436f68776c67898c57db306319840cb5

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 26 Sep 2022 17:08:56 GMT
age: 165920
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1908
x-xss-protection: 0
server: sffe
etag: "5561dff7c028bd87"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 26 Sep 2023 17:08:56 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012209072154000/v0/ Frame 770C 40 KB
13 KB 93ms
25ms Script
text/javascript 2a00:1450:4001:802::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012209072154000/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dd22c52347ad42343ca4c6fa76a783715312f1f4a35e97f937611a5b26aa2354

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 26 Sep 2022 17:08:56 GMT
age: 165920
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12958
x-xss-protection: 0
server: sffe
etag: "00747b471d2f1a24"
vary: Accept-Encoding
report-to: {"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="amphtml-china-available"
expires: Tue, 26 Sep 2023 17:08:56 GMT

GET
DATA 200
OK truncated
/ Frame 770C 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b0793658a18fae9cf683872c09dc2c7bb70837d50fdbb82e9e708f8f977c7177

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E670 0
0 45ms
44ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv86nL-PcT6ToHyhrLziLgudCVO93psBRKqK2i2n3AaJxLlIOgTTZDD0hqzPSWX78V8HTUk4SjlaMVHMQHCZbWoLL69GRLGgY9WfcuzZiHL8o7ncUi73FChb2EycWVWbwUcnDNWbJhwKfV6Bs32a-Dc6v5zjVADjrlXcH_QpkHDX8OZddnpvvb30ymL4Vf8OzpROQDJVTAt_SVEyNFdZXvp__NDkB-CB0xe7jQ0AcshiBreM_POMV_WheIGddvukRFGNscUuNaCZkr3bmKHFXKZJCwgobrYHo2aixUGYbQFceMoWm2dIwmpIWK3faNq9-31ND3Cfv8_Yw&sai=AMfl-YSNOkdf4eqY-WmO8Kwz5-Tcaeo2XAqOTASxrDhqePAtCZhKITKIXy_S3CIBaTgcSKOA06tZsKVqDeftqHoKNSqnroOWUCkxXSSLQKsh8uv12mRfkYxWIwF0TU-O1JMR9P5l&sig=Cg0ArKJSzBlJb7QzkRrwEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.durangoherald.com
URL: https://www.durangoherald.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 28 Sep 2022 15:14:16 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/ Frame E670 23 KB
10 KB 97ms
20ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220922/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d485f54c3ae5920cd21c8d180458c50f092554777b97f9c52ac6f76359838a05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 14:47:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1586
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9559
x-xss-protection: 0
server: cafe
etag: 12142024561622733046
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Oct 2022 14:47:50 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/ Frame E670 3 KB
1 KB 117ms
40ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 14:24:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2962
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Oct 2022 14:24:54 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame E670 0
0 19ms
18ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSzN6RUyopjXMk5JEwMFwRiWbhF4kAHsIQ8fQGpI4_uWswwH-4X3YNA5RLmN-38CJJjEJ6q41WkbrxCOXjHXjsUcSFMdg
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame E670 140 KB
44 KB 130ms
87ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

111ac61e627008261e23043c5e6b486035f0b123b1963e2fa8671e188eb33829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44528
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664191987193040"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 28 Sep 2022 15:14:16 GMT

GET
H2 200 282286658418993580
tpc.googlesyndication.com/simgad/ Frame E670 247 KB
248 KB 135ms
59ms Image
image/jpeg 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/282286658418993580

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5656cede2b9662ded580d222b9db077a803c741d5e4829d14eb5c385c2a2d50c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sun, 25 Sep 2022 15:03:02 GMT
x-content-type-options: nosniff
age: 259874
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 253321
x-xss-protection: 0
last-modified: Fri, 01 Jul 2022 19:38:31 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Mon, 25 Sep 2023 15:03:02 GMT

GET
H2 200 14828492229214819266
tpc.googlesyndication.com/simgad/ Frame 770C 46 KB
46 KB 116ms
41ms Image
image/png 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14828492229214819266?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qntK6diN12SXYqD1N1Z_zlXziQvPw

Requested by

Host: www.durangoherald.com
URL: https://www.durangoherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

90398d274e093821b066f9bc367d1ddb8e2fa9d18d7660c10cc3704c4d9f519f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 06:42:46 GMT
x-content-type-options: nosniff
age: 376290
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 46612
x-xss-protection: 0
last-modified: Wed, 17 Nov 2021 09:20:46 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 24 Sep 2023 06:42:46 GMT

GET
H2 200 en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 770C 2 KB
3 KB 102ms
27ms Image
image/png 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/en.png

Requested by

Host: www.durangoherald.com
URL: https://www.durangoherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 10:58:38 GMT
x-content-type-options: nosniff
server: cafe
age: 15338
etag: 14819457070020093239
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2502
x-xss-protection: 0
expires: Thu, 29 Sep 2022 10:58:38 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 770C 295 B
424 B 101ms
26ms Image
image/png 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png

Requested by

Host: www.durangoherald.com
URL: https://www.durangoherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 10:58:38 GMT
x-content-type-options: nosniff
server: cafe
age: 15338
etag: 426692510519060060
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: image/png
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Thu, 29 Sep 2022 10:58:38 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 770C 0
0 18ms
18ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaS-udp7YxhRb90vBvmyhVo1mxpWZw_ZaZr5vuT3KcCskGw__6lpkU1QMTrE6pHzE8L_gprBDhbgfpv5X21DE0I9hw3aLQ
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

GET
H3 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 770C 0
0 52ms
51ms Image
text/html 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cd_vjyGQ0Y5iTCpTP7_UPp7uVyArG4qCZbMPDg-qyENvZHhABILjw7CRglZKhgrAHoAGcr_uoAsgBAuACAKgDAcgDCKoEmAJP0E_XDD1NqGyksNl3-znUTrrN6EMRgv5RQqOR6wHuUm6m1bT9lKCG2R8ciuZeq6OfUO-u6rI3ww_5RFg2VhnJIPRnoDHaatwG2fSf-uNhiAnpbCrScdx8lOxjlXWegKfEhHR8yqgep237_c1tqlpr24GUsR6TJu-s4rRolNf9BneE_JsTOuVoLTrZEil3cj-9dAAEyUoOkKekE5RTI7s2ejxN-GfCyqZ6xt-qKWrhnnsk-WCEgwFkpjInSjz-rlo3eKtDo6cvkRK7J-8rduSpewyd9-Blwl2Bt9hP8Wb3Jlh_lkn5bO1CEa7uz5m5JxIXwpfga_eVBhWIY2VLLA4TghWUE2mMSEWjuagK9j-Q6g9kz8MQINEmwASBhYjTmQTgBAGSBQQIBBgBkgUECAUYBKAGAoAHzNCE1wGoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDo0zrSCBIIiOGAEBABGB0yA6qCAToCgECACgPICwHYEw3QFQGYFgGAFwGyFx4KHAgAEhRwdWItNDA5NjAzNTUyODIwMjY4MxjQvA4&sigh=qW2TBzsmqiE&uach_m=[UACH]
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

GET
H3 200 ad Show response
ads.adventive.com/ 179 KB
34 KB 233ms
220ms Script
text/javascript 2606:4700::6810:d735
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: ads.adventive.com
URL: https://ads.adventive.com/ad?j&pid=e4561928-8aa0-4a7b-8a75-e1734455c9a6&type=4&cb=2015549143&click=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjsv0WTNFulPb81pzF5E66o7VtBh527RmCIZ3zFLEG1YYJtnJAIqwTud8LjJH605nenH86CtgVcqqEHZPG19G3R264et3J5vl6iJnSbD318Aqk8DqbOtqSi-0C2C__saIqqhVuUGOU10UbtcqdQnlVVYPMIqGNMBJhqim5Rp4_CIrfAvIRXsB0J5dLJDAgw2qHgYcPD-pWey_NkHFu72EEP7OmS25QtU_83lOk-nfdy5IAxazve2Z0KBsvNTzmI_suuF9roZhjUektK_bH9xe3P8BYl965BO8THc5A_0sB3hfi4_0j2SGsuATIp-xWRi-XxRrSXKnfJbMtCyiNQ0kT1B6%2526sai%253DAMfl-YSZbaQpmBXJu8WygEX8P5ApE0bt5VN6JTP3QNcsfEAOi4yrHG0AQJ1x9KRXLb0Y0DnTdZpoPOBhhncjA5SN2Ajqw0CXXvzCYYGGKT3r51UoFsG_CQCdlfL3MbYj7pvQdzyB_g%2526sig%253DCg0ArKJSzA3Gq6mbguedEAE%2526fbs_aeid%253D%255Bgw_fbsaeid%255D%2526urlfix%253D1%2526adurl%253D&enc=1&fb_url=&ref=durangoherald.com&gdpr=&addtl_consent=&line_item=6122134939&order_id=1443748576&advertiser_id=1360748416&creative_id=138406142892&oop=https://securepubads.g.doubleclick.net/pcs/view%3Fxai%3DAKAOjsu3QeKP99-WGecIT7K9qVL85pdfzwbjrJnffbHF9kCAk04-1ctuvZX9fMJa7XIP8KsF_Zx0VDSq2C-lsYPZfjTP65dQR4eKhg2PxGPZR_R1bxskJpys4jW4gBlvSSx5Ba5wWJ1ddyDAjplQ8qNL6hDIgXO_5Zs4T3bdeiq1XXfIK0dYQhM96e64anJZWOD6G274kuHvf1dvRPMrLD1DeOSHnpSha93MFrXRG_xncdndQEymReS2uSCVZCm-wS9WGExDVEB72H9pn4di7Cwr3mR8TmD_hR1joy0JL5hQ_KfSd3U7YYmLArw2pNyCbXBTQbBApY3Ssb_RDiI9IeU_kxcxVbH_duV-JSKK0oi507udeok%26sai%3DAMfl-YR5rucuHzupMMU76aNYS1enu-tTlj62gwhQ2w19G8ATdMrIIYrOa-yS0Zavzg8up4JPjkMlpimLSNEAPFV0TT-iOWzTpic0uR49tZpXuWOsrkq8rHkSaOE6ATupY5vLLP5qwQ%26sig%3DCg0ArKJSzNsaj43q0NFrEAE%26uach_m%3D%5BUACH%5D%26urlfix%3D1%26adurl%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:d735 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

04fe87d33adc84f83a3c8162e43893790b8c4a1905307415aa37faa7e2b6b217

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:16 GMT
content-encoding: br
cf-cache-status: DYNAMIC
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Wed, 28 Sep 2022 15:14:16 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
cf-apo-via: origin,host
cf-ray: 751d6d864c3d902a-FRA
timing-allow-origin: *
expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2

200

1x1.png
assets.adventivecdn.com/oop/ Frame 9BE8
Redirect Chain

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu3QeKP99-WGecIT7K9qVL85pdfzwbjrJnffbHF9kCAk04-1ctuvZX9fMJa7XIP8KsF_Zx0VDSq2C-lsYPZfjTP65dQR4eKhg2PxGPZR_R1bxskJpys4jW4gBlvSSx5Ba5wWJ1ddyDAj...
https://assets.adventivecdn.com/oop/1x1.png

34 B
649 B

115ms
55ms

Image
image/webp

2606:4700::6812:1740
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.adventivecdn.com/oop/1x1.png
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H2
Server: 2606:4700::6812:1740 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:16 GMT
cf-cache-status: HIT
x-amz-request-id: A2JHCVCYFQA6J8W7
age: 49365
cf-polished: origFmt=png, origSize=68
content-disposition: inline; filename="1x1.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34
x-amz-id-2: 7IxYZ1Px7648J0h6DYxVw6eN/9ebTAnCANNuMOTo87ZdQ3Qp/j92qd0HoyNU62wSDC/QzdqLqnY=
cf-bgj: imgq:100,h2pri
last-modified: Tue, 02 Feb 2016 17:43:14 GMT
server: cloudflare
etag: "978c1bee49d7ad5fc1a4d81099b13e18"
vary: Accept
content-type: image/webp
cache-control: max-age=43200
accept-ranges: bytes
cf-ray: 751d6d86db77bb71-FRA

Redirect headers

date: Wed, 28 Sep 2022 15:14:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
location: https://assets.adventivecdn.com/oop/1x1.png
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 stats
ads.adventive.com/api/ Frame 9BE8 43 B
438 B 198ms
187ms Image
image/gif 2606:4700::6810:d735
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.adventive.com/api/stats?acc=332&adv=9756&atid=4&auid=153541&cache=1&cid=66414&gid=0&pcid=89363&pid=168639&sid=495&tag=e4561928-8aa0-4a7b-8a75-e1734455c9a6&tz=America%2FDenver&up=0.00000&ut=RM&vid=1&ckid=f18ac284-7030-40be-89fd-9f9412c7c5bb&ip=2a01%3A4a0%3A2b%3A%3A12&clk=0&dat=%7B%7D&dh=1200&dw=1600&eng=0&grp=0&hc=wmkioaca&iid=aa9f64a5c77d47afa66eaa6416a27a07&ref=https%3A%2F%2Fwww.durangoherald.com%2F&type=serve_impression&hov=0
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:d735 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:16 GMT
content-encoding: none
cf-cache-status: DYNAMIC
p3p: CP="CAO PSA OUR"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
x-ua-compatible: IE=edge
pragma: cache
server: cloudflare
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: private, max-age=86400, must-revalidate
cf-apo-via: origin,host
cf-ray: 751d6d864c40902a-FRA
timing-allow-origin: *
expires: Thu, 29 Sep 2022 15:14:16 GMT

GET
DATA 200
OK truncated
/ Frame 9BE8 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 230aa8718729a00366ba1430f4961526e060a18cbd313b356f1f34222a5fb569

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 3997 22 KB
7 KB 77ms
23ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: d3768553-257c-69ae-8152-69ae257cd376
URL: uuid-in-package:d3768553-257c-69ae-8152-69ae257cd376

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 13:58:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 90918
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 27 Sep 2023 13:58:58 GMT

GET
H3 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 3997 80 KB
27 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: d3768553-257c-69ae-8152-69ae257cd376
URL: uuid-in-package:d3768553-257c-69ae-8152-69ae257cd376

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d90500059bf2da09057e5ec01286818fcf24f72964f045c8a40c0507639af2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27722
x-xss-protection: 0
server: sffe
etag: "1347 / 817 of 1000 / last-modified: 1664363254"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 28 Sep 2022 15:14:16 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3997 140 KB
44 KB 234ms
215ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d3768553-257c-69ae-8152-69ae257cd376
URL: uuid-in-package:d3768553-257c-69ae-8152-69ae257cd376

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

111ac61e627008261e23043c5e6b486035f0b123b1963e2fa8671e188eb33829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44528
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664191987193040"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 28 Sep 2022 15:14:16 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame F4CB 42 B
494 B 115ms
53ms Image
image/gif 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ByK0SDsa8crdy0h5hq7ZP87v_wnkOvYXoSY15RSvGgZgaBuRC_TeJn2C8yIHtpGgE0lIEuzMaMP6eIOAV8smdPjHae9gGqhugEFMTGaFW0zDL_Pao

Requested by

Host: d3768d55-257c-69ae-8954-69ae257cd376
URL: uuid-in-package:d3768d55-257c-69ae-8954-69ae257cd376

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 15:14:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/ Frame F4CB 3 KB
1 KB 144ms
97ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/window_focus_fy2021.js

Requested by

Host: d3768d55-257c-69ae-8954-69ae257cd376
URL: uuid-in-package:d3768d55-257c-69ae-8954-69ae257cd376

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 14:24:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2962
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Oct 2022 14:24:54 GMT

GET
H2 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/ Frame F4CB 17 KB
7 KB 73ms
36ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: d3768d55-257c-69ae-8954-69ae257cd376
URL: uuid-in-package:d3768d55-257c-69ae-8954-69ae257cd376

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 14:14:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3574
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7553
x-xss-protection: 0
server: cafe
etag: 15375136450269253166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Oct 2022 14:14:42 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame F4CB 0
0 15ms
15ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQT7EbCaL-40TzrUqYtfxHelyC7bLGS84KCMHQDg94aU9EPIbLs7Cq88NCW73w4cRi9SbrFmf4pt9KRwHl5NoxRder5tw
Requested by: Host: d3768d55-257c-69ae-8954-69ae257cd376
URL: uuid-in-package:d3768d55-257c-69ae-8954-69ae257cd376
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F4CB 140 KB
44 KB 219ms
215ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: d3768d55-257c-69ae-8954-69ae257cd376
URL: uuid-in-package:d3768d55-257c-69ae-8954-69ae257cd376

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

111ac61e627008261e23043c5e6b486035f0b123b1963e2fa8671e188eb33829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44528
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664191987193040"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 28 Sep 2022 15:14:16 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 2954 624 B
733 B 47ms
20ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCwifCiAxiE8MHIATAB&v=APEucNXMUJRTJn2K5I1NFa3XUkifmWiLufPHsRiSd5P7vLacGtz4LQvHCz8msiG0AxM4vz8cSkdAdIWunPMqMG6Apmkvne_i2cuYGWpPGEEfRllvdJL-NEOin1F5SNBCj_eyyJ-sz5ICyKK1Vpxm2j0QwhBrDgWtA-yUyA7SWGUNFGrCTv78IbY

Requested by

Host: d3768d55-257c-69ae-8954-69ae257cd376
URL: uuid-in-package:d3768d55-257c-69ae-8954-69ae257cd376

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 15:14:16 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame F4CB 79 KB
34 KB 78ms
53ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AsCp2EaI2jSISbd6nFUW5reV3tRH-28QQHfzJc0hb-HSvNArb15CVnamXGsjznSGKzMKZ2Jq8QsIepwAHmCO5gKgn-0w&cry=1&dbm_d=AKAmf-CO3Jlt8btdqq9fL-UEGD8gxm8BIjyPIMMO7rir96uOtx0KlNYyEFFPbNH6SAuy2sMk-e4Vof0RFFMvDUTTbtDxtcIK4mRV5niDTkVeyB1w56FSPg6qjoPMHygaPztaZCBc0kIWZCp1Xjt-OAYek71MvEeCxesBoJ2S_OwiVG1lzOkmzJRN2zPJXLBe1z6zpFwoRG-LCSXgaQ2cVqLfpawIm4BhIF0txHNdrmIC8m3ssLi69N52aNerpOMuFrtlF_EzkQGHtwsWUaJviQ7CjdhCLj1T1Q7YTzX_wXBB3O3lCO4l3TcCBWhTExSb_fRNXbRucFWeKEmgG3Q1qjSWNbN3EgQCV2wzwTDMnf61nQr8WlEZ71BD1y_fTYquoLyZ6TnknNj8lH7gfFWbXnlOZvAI3rDun72ogvDL7xjv3iLTGc4tK1_U2ZTe1lNnrqEU4Zk9BOdrbqR3syIisLiJWUzb5mhmRdbDwMhO-AIRjpJMASsGiH0Hhlin9FE46e4Cxeo8xm12UWydSeKOkB3sxCvCXxel5Ry6eGqdkF17U4jDzXTx36gw4DgKji0BrsB-4GJ2-M3GotsyHtUOZC_45Wd8VqBiATUYY5Tw0dhZXCYmRllsA_xbRc3mHw3KUa3FfxSoS_nZGjnSTzrul5S7IjD23aY3mxSqoRgq1ywZIU0uIUVxR8OKHS-AyVH3C0mCn5EsRW7p_NUrnqbQ1-5NRJwACziz6NR36nZ6rx-oJzijuLeTpDtBvTdBYnUBom3ZE1mA90Hr7hpmKKHWe3I6RlUkKTfHQ0JviYUutbXVdkEGBpzfzF6SvD_eLBZtPDbjpXKB0MMTOrUlP_WhLFNq4DBtG4Tmi83IxwiCAAu3vgq5CvtD2gNbnYMTiKVl1n4-EhQihvxZla0wAMcf41khFPsiu1-Nr72NCmej4I8_6x_iK3ZzIELgtL4ZE-Ov8_6CnKS2JmixtNn7FAUG44TYDaklOMMRoWxNjgfHS7BWXjn31saScGQk68lfUbDQ7eaJ9_kGBfC3f_5TibvQOZ-2upgXHFLLH3dEP5GbuoEeTo7eCS6SQQZE5GOrET-Hx3BAZppJz_VrT2nlOU470c_USHNHk7jOPDECIW-Dgw-VvDdEBMNv1ZgyuUV8CVPbId5zoMqiY8fyWRY7ZyX12OoLvoYk0xHG4e4dqU5wQ8hqMkz-_4DLhHCxnir8izBouMyJf0cR6vytdz92OPqoIjAV5uSkLc0f85HlL--yD2jXD3fA4NoWui1xk-dXhsqmfAjYfMAflmnPY-a8CExG1rrJaxlSim6vmUpIcXGzfeGBux571xsQOoJg_lwljm_dcl9Crbn-Z36HxmWCNJsYjq3L_UWLzV2Qz7m_4Ly2PgQoNiw6BCw3CboeBQodcWPAr-KgkIP0KBPGSJJy97qldpo-EKKYymux12wxFM5Tg5ctmkKo9fGcfwEob67yE0WH0Ik_hXvHxaOvdqsFshmCIO01dYqrxPdelUO0PyMcwcFrqQI9Hw2osmkIwyXhPSiUTzYXd_vX7ZlualZoJaqynXF8yIqsL19hqXVhmYCuX4o4dTUTx8WDEmAZtirxq_LDgzWGA_Adbw_GVWBdU2-z4Y-ULz5xx-Vo7HGjrK2sHbewnXhFYbDJopEpc3eJU7zY92F0NcLg062oFQfE55rRi-Ia887X1ktZ5HhvLH8kg7G3y7EL4r7J5ekHQ5p8MoO3ZxCVkEGM3bSP06rm-MD3hhhu8VS4xAKEUiMqNmEnH8eVxEc6biDVLA6hE-6OE5dCnZO8cxyhNTvAuGIwMhHckLBRfVGYQgTdGdHwmAFv__LrmyigPSlsf68WFJQIEsaQc2ZJEArCBIKkNPvp2ooIAfK9ip_45Hu9RjsYa7_rAlSy5k3mo3TOYH7ltiUiPWJs79VFQaysyFE7naRYfZhGGAPoNHuzju_VSMDT1ir0xZ3KuwkSf6cCYVG9btpvix_msS3YWSdyh5B-FHX6OHKdPStz4X5GQvptYatkefS306WhJviNP7h-XhsDDezzWxWZL9agEgZuF-R7cmCc5rMRYPdilxA3FKjP5VMSxB-_bn0qsX-UFr3q8NEthPp8pTrJgY9varExBiuS7NeOhOfLUgIpSxVlLzVxCDIh9AwBx-yqC5NyknoosovKiKlQA5eSpcYeir2xHxoyX8dqMT_ouau-NroSOnkAckYW51zebIHAhHKqYxEJwyWZ_hUfUC7WLE8ST9Qe55YRrNUjKpbvD0EWn7EYz8nAh8KcBVXOgQuo1ibo1-lg9f5nAYaoI2HQ9VNPcDw6_aItCbRefz0jTs1qJhHfB4muw3I-_LTPNVUpv6wRKU3DaFqmYoQ_X5dBjMbhj45LMKKuKhitKHXFORW2gT5pEihs_H9GLN8xk7ApdcvfGB0Uv6moEj8EG7CBpfLykPJJpbJzIeGmA3i8q-QR1-rtyvJa3O_zIZ_F_R-7YqQuOIgWZEjCr5hLUZn6Z8BZ_8FzjFGH-li2KzdpNK4L6KA-saXOttMHglp4XmNDMKtXTNzicbfBDVBLJnaIDvaQsGDQgraeTo6IPg6-mYac3rZJRf_JN4VZUxzLIrQMLSM8sXUiimjK-ZzA6uv9r7vOJ_5DpxtJpT0pDmgoexQ6PRPbirv0omFFHB4X1TsEogGuOEAIHPAq-Hgd2zwY9iQNSiTVYK_YOsYTEYuBTdTSY27vDNY9JP84x_pdw8gmDWuprnzIPlfsbfPkP8cbh95kvbq8cJDq7edrlVHTYd3MzXh6yL3sqPxYgNmW9CBsvaA47CJHa_uAeoM1PCIq80zBSTUSGkjSU6OBVyqMEUh5nAqg4Q_LqmHNxEqLaod3U3c6c9C7ELhCrWEZvsTUMJRA2uX63Tuf99Ux4B5o9F9pxsF_1w68mkkdkTeOnZyBfsRvtDKnJsSq7lau3zRms7WU1eRFiaL3pHwWBx6XXhsPdkT-vSBJIZLr8KYkmzYvYW7O54inRQJuK3io6Vnab2KrSaq8T8rk8dIvbencfERQw3fMtgW6EnN-HTgVKedAGkXfh4xB3NHRQdK7m-CretFJqaWQTvWc1X7GMGmLRjdV_8Vi8vfVYUClpBfalHe_slPFitC8S9zaaGAVu7lPYWvqVKYD8Zg6AbUJGe4kERQTRxSmwJrFGAjKJgNs5a6Fx6r5rQGbB0QIJIx5wNSzeIafJ5ZhEH4RhYRGr1fhJ3clEAh6wtagbjhLHrpUZOi3lCvsUKREsvKXWxstT80pAQm2HOsIklcqWZd3GxjYyzbwuw5XEtk_10dIbhvFzqoSXhBw21wTI2YWIFY5IQx1pUICYnQjFWsPxkNs5dIaD202VCoRR5OXd37903T5h71ZU_nh0yvJJs6Hw7AsqCee9zTs849LBxIKnia4dHEY_Y3R3yHnn3BipA&cid=CAASJ-Roz1wmWtvrB36HkkwyMC6EDz8ya8VzFmbFZtzfgXsbBJm9ry73qQ&rfl=1%2Chttps%253A%252F%252Fwww.durangoherald.com%242%2Cuuid-in-package%253Ad3768d55-257c-69ae-8954-69ae257cd376%240

Requested by

Host: d3768d55-257c-69ae-8954-69ae257cd376
URL: uuid-in-package:d3768d55-257c-69ae-8954-69ae257cd376

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

546c6d6545722c65b4e17eb3f7d3331b42e9268bd339dab651a44f7538b31f3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 15:14:16 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34153
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 2954
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBoCoXbButp86TZx5BA37Ic&google_cver=1

43 B
882 B

39ms
35ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBoCoXbButp86TZx5BA37Ic&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCwifCiAxiE8MHIATAB&v=APEucNXMUJRTJn2K5I1NFa3XUkifmWiLufPHsRiSd5P7vLacGtz4LQvHCz8msiG0AxM4vz8cSkdAdIWunPMqMG6Apmkvne_i2cuYGWpPGEEfRllvdJL-NEOin1F5SNBCj_eyyJ-sz5ICyKK1Vpxm2j0QwhBrDgWtA-yUyA7SWGUNFGrCTv78IbY
Protocol: H3
Server: 104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 15:14:16 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zhS4v0ZfP3B3oBnxYo0ToQXDu7ziEVbx2NtUrQAqY6NgHsm8Jf%2Fz%2FOOwU%2Fk76mIbaYZhnKfFpag5Rop87y7xm%2FxQXFsgihJHMuAinQ1hhe2hO007afVzt39U0tS%2F2U4ARqT4tEoQ%2Fg%2BWkA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 751d6d87ced99c01-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 28 Sep 2022 15:14:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBoCoXbButp86TZx5BA37Ic&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 2954
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YzRkyATX6z1W9oM8W47YQQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBoCoXbButp86TZx5BA37Ic&google_cver=1

43 B
842 B

36ms
35ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBoCoXbButp86TZx5BA37Ic&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCwifCiAxiE8MHIATAB&v=APEucNXMUJRTJn2K5I1NFa3XUkifmWiLufPHsRiSd5P7vLacGtz4LQvHCz8msiG0AxM4vz8cSkdAdIWunPMqMG6Apmkvne_i2cuYGWpPGEEfRllvdJL-NEOin1F5SNBCj_eyyJ-sz5ICyKK1Vpxm2j0QwhBrDgWtA-yUyA7SWGUNFGrCTv78IbY
Protocol: H3
Server: 104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 15:14:17 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ajvzaF99aSiFFnbhK0bH9AMLHIjdbzvdZmhWRAIHL1U0valvslWkqKZyVoF%2BxLhcKoy7k%2BJb0N0MEHmOTsXAvI5Rqd9sTM7ItiUiONjxGuDI8LV1MmgDn6z3YHPpJwSAGVpdfUk5gUV2pw%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 751d6d88c9869c01-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 28 Sep 2022 15:14:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBoCoXbButp86TZx5BA37Ic&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 2954
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEOZOK69R503vJ5WopHo7DM8&google_cver=1

43 B
1010 B

47ms
43ms

Image
image/gif

37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEOZOK69R503vJ5WopHo7DM8&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CL6WcRCwifCiAxiE8MHIATAB&v=APEucNXMUJRTJn2K5I1NFa3XUkifmWiLufPHsRiSd5P7vLacGtz4LQvHCz8msiG0AxM4vz8cSkdAdIWunPMqMG6Apmkvne_i2cuYGWpPGEEfRllvdJL-NEOin1F5SNBCj_eyyJ-sz5ICyKK1Vpxm2j0QwhBrDgWtA-yUyA7SWGUNFGrCTv78IbY

Protocol

HTTP/1.1

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Sep 2022 15:14:16 GMT
AN-X-Request-Uuid: a4b2306e-38c7-4b3d-85d2-95395533a5b5
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 81.95.5.39; 81.95.5.39; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 28 Sep 2022 15:14:16 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEOZOK69R503vJ5WopHo7DM8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 2954
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTE1MTkyMjg5MjE4ODUwNjA5MA%3D%3D

170 B
188 B

85ms
44ms

Image
image/png

142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTE1MTkyMjg5MjE4ODUwNjA5MA%3D%3D

Requested by

Protocol

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 15:14:16 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 28 Sep 2022 15:14:16 GMT
AN-X-Request-Uuid: 93381c83-dfe3-4ad6-85b9-a16400294d59
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTE1MTkyMjg5MjE4ODUwNjA5MA%3D%3D
Connection: keep-alive
X-Proxy-Origin: 81.95.5.39; 81.95.5.39; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 770C
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
0

42ms
26ms

Image
text/html

2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by: Host: www.durangoherald.com
URL: https://www.durangoherald.com/
Protocol: H3
Server: 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Redirect headers

date: Wed, 28 Sep 2022 15:14:16 GMT
x-content-type-options: nosniff
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame E670 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2cc757d457062af553dd19f8a9f098d7949a01808de3ff8e5fc921a9f2677f5f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3997 0
0 46ms
46ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss9cZE0453GhBnEAT1pel7mdMAPg9avCX-tkW21d9K-E2OogeyR8-ylfORrHVZTYOEDfhe9c1cX3s6kztufmXtfQx5af9qGIvKyQiaE4XG87Uk7Z_SSnJRnBHNpHzDA4bvrBIgEENbuMru2oPLX9Uv0jAuiN-VYspXvzXwjCC9xNWBdcxvqYeoLBOVfn4mZvCnRHdISoX4C2nn6zJ5iv4BfhbtAhA7UuoIee7NOGncEoOv8Q-ivKlLsVRVD_715CeOSU9Kk1u0D7od3GY8yGvwLiwJ9OrH_WWoYXqcDwqlxOyjHRGdMY-bUQU3nxu7fW5Ad3ZDORokzGP2aS0goM5fJoalFSf1iyubv&sai=AMfl-YShpk1-igupNcaPhDWTZudifjmZnzlcY0TzZcDqzQjO-EZn9godooavnFzk7rzsfPVPueWDjlJZ_zUsSfdGIPZ67XTxQb_1MeD8FRnOy4O4uWWXjAcVOeOM4GChJfFQwl9x&sig=Cg0ArKJSzBMLvISpIURhEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: d3768553-257c-69ae-8152-69ae257cd376
URL: uuid-in-package:d3768553-257c-69ae-8152-69ae257cd376

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame F4CB 106 KB
38 KB 34ms
8ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: www.durangoherald.com
URL: https://www.durangoherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
Origin: null
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 11:13:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14429
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 29 Sep 2022 11:13:47 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220922/r20110914/elements/html/ Frame F4CB 8 KB
3 KB 66ms
25ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220922/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-AsCp2EaI2jSISbd6nFUW5reV3tRH-28QQHfzJc0hb-HSvNArb15CVnamXGsjznSGKzMKZ2Jq8QsIepwAHmCO5gKgn-0w&cry=1&dbm_d=AKAmf-CO3Jlt8btdqq9fL-UEGD8gxm8BIjyPIMMO7rir96uOtx0KlNYyEFFPbNH6SAuy2sMk-e4Vof0RFFMvDUTTbtDxtcIK4mRV5niDTkVeyB1w56FSPg6qjoPMHygaPztaZCBc0kIWZCp1Xjt-OAYek71MvEeCxesBoJ2S_OwiVG1lzOkmzJRN2zPJXLBe1z6zpFwoRG-LCSXgaQ2cVqLfpawIm4BhIF0txHNdrmIC8m3ssLi69N52aNerpOMuFrtlF_EzkQGHtwsWUaJviQ7CjdhCLj1T1Q7YTzX_wXBB3O3lCO4l3TcCBWhTExSb_fRNXbRucFWeKEmgG3Q1qjSWNbN3EgQCV2wzwTDMnf61nQr8WlEZ71BD1y_fTYquoLyZ6TnknNj8lH7gfFWbXnlOZvAI3rDun72ogvDL7xjv3iLTGc4tK1_U2ZTe1lNnrqEU4Zk9BOdrbqR3syIisLiJWUzb5mhmRdbDwMhO-AIRjpJMASsGiH0Hhlin9FE46e4Cxeo8xm12UWydSeKOkB3sxCvCXxel5Ry6eGqdkF17U4jDzXTx36gw4DgKji0BrsB-4GJ2-M3GotsyHtUOZC_45Wd8VqBiATUYY5Tw0dhZXCYmRllsA_xbRc3mHw3KUa3FfxSoS_nZGjnSTzrul5S7IjD23aY3mxSqoRgq1ywZIU0uIUVxR8OKHS-AyVH3C0mCn5EsRW7p_NUrnqbQ1-5NRJwACziz6NR36nZ6rx-oJzijuLeTpDtBvTdBYnUBom3ZE1mA90Hr7hpmKKHWe3I6RlUkKTfHQ0JviYUutbXVdkEGBpzfzF6SvD_eLBZtPDbjpXKB0MMTOrUlP_WhLFNq4DBtG4Tmi83IxwiCAAu3vgq5CvtD2gNbnYMTiKVl1n4-EhQihvxZla0wAMcf41khFPsiu1-Nr72NCmej4I8_6x_iK3ZzIELgtL4ZE-Ov8_6CnKS2JmixtNn7FAUG44TYDaklOMMRoWxNjgfHS7BWXjn31saScGQk68lfUbDQ7eaJ9_kGBfC3f_5TibvQOZ-2upgXHFLLH3dEP5GbuoEeTo7eCS6SQQZE5GOrET-Hx3BAZppJz_VrT2nlOU470c_USHNHk7jOPDECIW-Dgw-VvDdEBMNv1ZgyuUV8CVPbId5zoMqiY8fyWRY7ZyX12OoLvoYk0xHG4e4dqU5wQ8hqMkz-_4DLhHCxnir8izBouMyJf0cR6vytdz92OPqoIjAV5uSkLc0f85HlL--yD2jXD3fA4NoWui1xk-dXhsqmfAjYfMAflmnPY-a8CExG1rrJaxlSim6vmUpIcXGzfeGBux571xsQOoJg_lwljm_dcl9Crbn-Z36HxmWCNJsYjq3L_UWLzV2Qz7m_4Ly2PgQoNiw6BCw3CboeBQodcWPAr-KgkIP0KBPGSJJy97qldpo-EKKYymux12wxFM5Tg5ctmkKo9fGcfwEob67yE0WH0Ik_hXvHxaOvdqsFshmCIO01dYqrxPdelUO0PyMcwcFrqQI9Hw2osmkIwyXhPSiUTzYXd_vX7ZlualZoJaqynXF8yIqsL19hqXVhmYCuX4o4dTUTx8WDEmAZtirxq_LDgzWGA_Adbw_GVWBdU2-z4Y-ULz5xx-Vo7HGjrK2sHbewnXhFYbDJopEpc3eJU7zY92F0NcLg062oFQfE55rRi-Ia887X1ktZ5HhvLH8kg7G3y7EL4r7J5ekHQ5p8MoO3ZxCVkEGM3bSP06rm-MD3hhhu8VS4xAKEUiMqNmEnH8eVxEc6biDVLA6hE-6OE5dCnZO8cxyhNTvAuGIwMhHckLBRfVGYQgTdGdHwmAFv__LrmyigPSlsf68WFJQIEsaQc2ZJEArCBIKkNPvp2ooIAfK9ip_45Hu9RjsYa7_rAlSy5k3mo3TOYH7ltiUiPWJs79VFQaysyFE7naRYfZhGGAPoNHuzju_VSMDT1ir0xZ3KuwkSf6cCYVG9btpvix_msS3YWSdyh5B-FHX6OHKdPStz4X5GQvptYatkefS306WhJviNP7h-XhsDDezzWxWZL9agEgZuF-R7cmCc5rMRYPdilxA3FKjP5VMSxB-_bn0qsX-UFr3q8NEthPp8pTrJgY9varExBiuS7NeOhOfLUgIpSxVlLzVxCDIh9AwBx-yqC5NyknoosovKiKlQA5eSpcYeir2xHxoyX8dqMT_ouau-NroSOnkAckYW51zebIHAhHKqYxEJwyWZ_hUfUC7WLE8ST9Qe55YRrNUjKpbvD0EWn7EYz8nAh8KcBVXOgQuo1ibo1-lg9f5nAYaoI2HQ9VNPcDw6_aItCbRefz0jTs1qJhHfB4muw3I-_LTPNVUpv6wRKU3DaFqmYoQ_X5dBjMbhj45LMKKuKhitKHXFORW2gT5pEihs_H9GLN8xk7ApdcvfGB0Uv6moEj8EG7CBpfLykPJJpbJzIeGmA3i8q-QR1-rtyvJa3O_zIZ_F_R-7YqQuOIgWZEjCr5hLUZn6Z8BZ_8FzjFGH-li2KzdpNK4L6KA-saXOttMHglp4XmNDMKtXTNzicbfBDVBLJnaIDvaQsGDQgraeTo6IPg6-mYac3rZJRf_JN4VZUxzLIrQMLSM8sXUiimjK-ZzA6uv9r7vOJ_5DpxtJpT0pDmgoexQ6PRPbirv0omFFHB4X1TsEogGuOEAIHPAq-Hgd2zwY9iQNSiTVYK_YOsYTEYuBTdTSY27vDNY9JP84x_pdw8gmDWuprnzIPlfsbfPkP8cbh95kvbq8cJDq7edrlVHTYd3MzXh6yL3sqPxYgNmW9CBsvaA47CJHa_uAeoM1PCIq80zBSTUSGkjSU6OBVyqMEUh5nAqg4Q_LqmHNxEqLaod3U3c6c9C7ELhCrWEZvsTUMJRA2uX63Tuf99Ux4B5o9F9pxsF_1w68mkkdkTeOnZyBfsRvtDKnJsSq7lau3zRms7WU1eRFiaL3pHwWBx6XXhsPdkT-vSBJIZLr8KYkmzYvYW7O54inRQJuK3io6Vnab2KrSaq8T8rk8dIvbencfERQw3fMtgW6EnN-HTgVKedAGkXfh4xB3NHRQdK7m-CretFJqaWQTvWc1X7GMGmLRjdV_8Vi8vfVYUClpBfalHe_slPFitC8S9zaaGAVu7lPYWvqVKYD8Zg6AbUJGe4kERQTRxSmwJrFGAjKJgNs5a6Fx6r5rQGbB0QIJIx5wNSzeIafJ5ZhEH4RhYRGr1fhJ3clEAh6wtagbjhLHrpUZOi3lCvsUKREsvKXWxstT80pAQm2HOsIklcqWZd3GxjYyzbwuw5XEtk_10dIbhvFzqoSXhBw21wTI2YWIFY5IQx1pUICYnQjFWsPxkNs5dIaD202VCoRR5OXd37903T5h71ZU_nh0yvJJs6Hw7AsqCee9zTs849LBxIKnia4dHEY_Y3R3yHnn3BipA&cid=CAASJ-Roz1wmWtvrB36HkkwyMC6EDz8ya8VzFmbFZtzfgXsbBJm9ry73qQ&rfl=1%2Chttps%253A%252F%252Fwww.durangoherald.com%242%2Cuuid-in-package%253Ad3768d55-257c-69ae-8954-69ae257cd376%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:09:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 296
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Oct 2022 15:09:20 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220922/r20110914/ Frame F4CB 30 KB
11 KB 58ms
21ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220922/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5c422737a3014e58810db4ac5052acbb9cf489d0c303cab94453cc77d4cdfed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 134
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11724
x-xss-protection: 0
server: cafe
etag: 16554960040364120486
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Oct 2022 15:12:02 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame E670 0
0 64ms
48ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu5HX78iDMKif0Vnyv2tUVeeKjD4GggOB7_ChucbvoZOLFiYrUxWRwDssAhryeq5_NgXXg2AQsrSZsDIDoy0SRwAvUsj46f2h8e-oLM9YQmoeF_Wz7VYTs8q8k7WCoapOlJD0ndH9s-wk7yoGyk6r9lX--daNm7kBEsx9ab6WO3okDD7RfwOBXshq8D7cdNktKaU6rrTPJH9XrMK5Q2vHWJwAookXX6A0mJ0Q_chp2bh2lykOVyXzsfmcQi4dxN-yUrkSWT4vXZyYeWfGsoYXr-4IArgxJYJoEMhwEcAWTY-osIxDQAtLhpE_kOD_xQGQpeBOPJrs9bOMgJ&sai=AMfl-YQNMey2vWMrVm7lx_ByL2efIV666UEC0sws_Da9h3ooIBA3GfrJeGrVsrUbDclgkUcd87u6Zl9C7epYObVIKEHDTJLa28lmPKiM1br_q418QkADQZuLM6GDT55elug8nnWU&sig=Cg0ArKJSzB6-E0MKcQy8EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:16 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 28 Sep 2022 15:14:16 GMT

GET
H3 200 pubads_impl_2022092201.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 3997 379 KB
128 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b326a1469c739c2ef2e5ff8b87f3824156131ed264eddbe1049410de4696426c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 14:47:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1606
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131358
x-xss-protection: 0
last-modified: Thu, 22 Sep 2022 08:36:30 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 28 Sep 2023 14:47:30 GMT

GET
H3 200 728x90.html Show response
s0.2mdn.net/sadbundle/9550724388066307941/ Frame A424 6 KB
2 KB 24ms
8ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9550724388066307941/728x90.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c16346c37c164608164e7b460eeb10cf49a70852f68367c46b085d27c99e075

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 92586
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 2319
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 27 Sep 2022 13:31:10 GMT
expires: Wed, 27 Sep 2023 13:31:10 GMT
last-modified: Fri, 16 Sep 2022 15:06:30 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame F4CB 0
622 B 164ms
66ms Ping
image/gif 142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuIzkXEvWhxJmYHhNBN5Y8LdQMTE4pomT0k6kSeVOoegILJ94j6TAhoTTtaQdJmH1ZwD9XxVoluORr9oBOH2muSCVQ216Wl4NWEnHJ6kXKYWvRMg5GL_raZ2mgzpqM_7vzZbmk62e3WcBDiBopTo0kkI36RHjfBWW9lQOB7RzCkIYYcJ_7yOyGUaXfIMx0WhUOWS3xBNqC1Kt-IqrYWJodwd1PMEzl567h_woGxWFObJZPR89umBZGFYtcx1yuM4J1V2LdOYBdHXxS6_5ujuNQg9Hha1ZxJ4MY0ysRuSzLbuISUHx9ExvM0hxAhqK7Qbw7O_pUo0acaLFKLR4WKos_mbBOG-_9vMaKVqzU9WTEuCjT8Lui-p9Gj0fyOB5Z2R1y9I-z8HsNOhLEkAyfrmOq95_6cst8ZpIiCxsK3VajVB4iNFOQmZtcoZVuAHqYsQ477X9roJDIqgafxBY_Kr7nYCscElmi2xzZvkZByCDavJO0vbQELsbBfic6qSoV9e8sS101G_8znbMTiU6FTSNXThXK5fwPfX2-c5wPAB3KAvh1j1bjDEQx0A0S3mxZP1FlsZaspu7nDgmfwmKSR2WBTFAAAyOGzZ-KJH-NkUApSEkpZI9xrp6J4D42OyVbp0Z6jWkosXf3GVneY6JFUNiBdWP9IEyVpL5vnGrIyvBNATYo40dfA47FPZ_DBoiQbkGuq1Lsg256wiLE1b5wqSIKjiujbAG1sj8KHMpYzTKHDZ24lhkthyD4HVmTHC-KIGhv2eBeuKRCzClneAkXVCkYdyB9AtFBKHsn7fXf-rzLgN5vMYAa_s4C1qPiUlXzJ950mSFXpIclGCYdh1Mkqu1uA3SKMGFwwy8bK--TXuQzc138zfRE2RkZ0x0j8nT8rYee263qDeKyQmDO5NCsxS4ogB8en1nye2pN8U2JdupU2mLM-OaWymbaBkJsrh_UUWD99oSIyDenOs3FLD5XYgHv9bNPeNak_UZgyh0vGffwv58fnhwI9Qsfvlj9-oJLvF7QYQa48xEssgY_SyfHJScQSbJlNkLxIQc7TVQENBVEir8MdQ_xv9v95miUc7sA8SJXen928V-BcI1qXlyfEHZB_xtpoTNdV4JCzGdpRnBoUk2mafN82LfFGuANsZ0FUDiQXlsv7tKFzSirQfqMBx72clAuCXpMDiWCaXEbQhZEpcHJItr3txdE95YYNMcMsqLsAvzZtNGifweSwHnC4vLrdV5kf5JY8v5tiHzlMCrCjZLK6Gq9snwweGcYG5eK7uGoFadTK1_wXN7ma9S89b2XV_VZZOTjSbApD9g&sai=AMfl-YQO8c93F6zcNQalLkQ8M255c4srHfd4CqR-dBMWnpG-piaoeH3o8Mk3zyhpYsU7r_AscvWQrP-85AV6sirlw1Crqq2br-oTKsvRslSxcQTd9DEMmzEH2jjKj6oh0G2lMoe-ImdcTD7vp-c37cUB7WwzFfVQ9mjOVT1eF-5UHJVZOLnpaEr8UWJAiQo0gAChDFiD5AG9NO3IKiCCI_iejS_HepU-I-exjQ&sig=Cg0ArKJSzH_6RTAzN0QPEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=120&cbvp=1&cstd=117&cisv=r20220922.43254&adurl=

Requested by

Host: www.durangoherald.com
URL: https://www.durangoherald.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 28 Sep 2022 15:14:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 vissense.min.js Show response
cdnjs.cloudflare.com/ajax/libs/vissense/0.10.0/ 11 KB
4 KB 45ms
25ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/vissense/0.10.0/vissense.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c34e28196cd412790c548696f1447aff0116ee662fead57bf578021e8cc01ba5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 764211
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 3066
last-modified: Mon, 04 May 2020 16:17:44 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb04028-2af5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pDE9Xv7GPOrqXO5IHwjd50mhSmNDpN5K1b4lyOv0OYKo2%2FlbLRf668pHWuCOzzMv0JZ1qBFOYtgufCJ7x6AsdwPQBGoEA2zmrX%2FHq%2B2KGQjsOiKAaRfSc%2Fb9dc51F7zwq1VfFCdxMnjnXCkXoeEmnKyc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 751d6d8839159951-FRA
expires: Mon, 18 Sep 2023 15:14:17 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame F4CB 41 KB
15 KB 64ms
20ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: d3768d55-257c-69ae-8954-69ae257cd376
URL: uuid-in-package:d3768d55-257c-69ae-8954-69ae257cd376

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 18:03:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76266
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Sep 2023 18:03:11 GMT

GET
DATA 200
OK truncated
/ Frame F4CB 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e28bbb1a4bd3864d8b848f825c93bf4224a4a5a4274e344c20b66b65e3f2b562

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ Frame 3997 107 B
122 B 38ms
19ms Script
application/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ Frame 3997 107 B
122 B 37ms
20ms Script
application/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 3997 19 KB
10 KB 265ms
265ms XHR
text/plain 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3854978622122251&correlator=2529120257231706&eid=31068929%2C44768257%2C31069354&output=ldjh&gdfp_req=1&vrg=2022092201&ptt=17&impl=fif&iu_parts=21843165966%3A3200696%2CBCI_Media%2CBCI_DH&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=1&adks=2476587702&sfv=1-0-38&fsapi=false&eri=4&sc=1&abxe=1&dt=1664378057035&dlt=1664378056672&idt=353&adxs=-12245933&adys=-12245933&biw=-12245933&bih=-12245933&scr_x=-12245933&scr_y=-12245933&ucis=58n8b2xdhoh9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&bc=23&nvt=1&nhd=1&url=%20durangoherald.com&loc=uuid-in-package%3Ad3768553-257c-69ae-8152-69ae257cd376&top=www.durangoherald.com&frm=8&vis=1&psz=0x0&msz=0x0&fws=256&ohw=0&ea=0&ga_vid=1392952064.1664378057&ga_sid=1664378057&ga_hid=62515877&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3e4c5caa9f998e263be019c15ce95f580a5ce33f7bc3347d0f02bd64effc99bf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:17 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10306
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: null
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame BD4B 6 KB
4 KB 140ms
51ms Document
text/html 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 15:14:17 GMT
expires: Thu, 28 Sep 2023 15:14:17 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame A424 236 KB
63 KB 59ms
15ms Script
text/javascript 2a02:26f0:3500:11::215:14cb
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9550724388066307941/728x90.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:3500:11::215:14cb Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:17 GMT
content-encoding: gzip
server: Apache
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=900
x-n: S
accept-ranges: bytes
expires: Wed, 28 Sep 2022 15:29:17 GMT

GET
H3 200 728x90.js Show response
s0.2mdn.net/sadbundle/9550724388066307941/ Frame A424 47 KB
10 KB 9ms
9ms Script
application/x-javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9550724388066307941/728x90.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9550724388066307941/728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a915754dd6e088c034edafadf0d920508bc0c3377967a3b0677e278c800bd9cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9550724388066307941/728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 05:55:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 119954
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10332
x-xss-protection: 0
last-modified: Fri, 16 Sep 2022 15:06:30 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 27 Sep 2023 05:55:03 GMT

GET
H3 200 0abadbe9-7345-470b-a631-e9a6a92f28d7
assets.adventivecdn.com/cdn-cgi/image/f=auto,q=90,w=500/332/ Frame 7258 57 KB
58 KB 196ms
183ms Image
image/avif 2606:4700::6812:1740
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://assets.adventivecdn.com/cdn-cgi/image/f=auto,q=90,w=500/332/0abadbe9-7345-470b-a631-e9a6a92f28d7

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:1740 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f6a0e647ce9ceefdc9b9cf4ffeaefbb1108bcd0d64660ab6aac0917de4ee7757

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; navigate-to 'none'; form-action 'none'
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:17 GMT
content-security-policy: default-src 'none'; navigate-to 'none'; form-action 'none'
x-content-type-options: nosniff
cf-cache-status: HIT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 58600
cf-resized: internal=ok/h q=0 n=18 c=1299 v=2022.9.6 l=58600
last-modified: Thu, 15 Sep 2022 16:20:14 GMT
cf-bgj: imgq:90,h2pri
server: cloudflare
etag: "cfgglbv-ykcoWjoPMQTijBvw:7a0f6d3650ab6991562c2d94f5b767e4"
vary: Accept, Accept-Encoding
content-type: image/avif
cache-control: max-age=43200
accept-ranges: bytes
cf-ray: 751d6d88cb9890e6-FRA

GET
H3 200 blank.png
assets.adventivecdn.com/ui/images/ Frame 7258 34 B
458 B 50ms
37ms Image
image/webp 2606:4700::6812:1740
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.adventivecdn.com/ui/images/blank.png
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1740 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:17 GMT
cf-cache-status: HIT
x-amz-request-id: D9V6TH2DEHDCFNDN
age: 62572
cf-polished: origFmt=png, origSize=68
content-disposition: inline; filename="blank.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 34
x-amz-id-2: U3upXv7F0JN0IiOWJgpxK0xV7/rJHr/QqD5utT41YRfTROP5dFFWhYUE5LyU9jgyIST8fZeSpCE=
cf-bgj: imgq:100,h2pri
last-modified: Wed, 24 Jul 2019 17:44:25 GMT
server: cloudflare
etag: "e679fbd466a2d656f194a5da4fa083cd"
vary: Accept
content-type: image/webp
cache-control: max-age=43200
accept-ranges: bytes
cf-ray: 751d6d88cb8c90e6-FRA

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 7CEE 22 KB
8 KB 20ms
19ms Document
text/html 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 333085
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 24 Sep 2022 18:42:52 GMT
expires: Sun, 24 Sep 2023 18:42:52 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 728x90_atlas_1.png
s0.2mdn.net/sadbundle/9550724388066307941/images/ Frame A424 199 KB
200 KB 9ms
9ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/9550724388066307941/images/728x90_atlas_1.png

Requested by

Host: d3768d55-257c-69ae-8954-69ae257cd376
URL: uuid-in-package:d3768d55-257c-69ae-8954-69ae257cd376

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4f92ae0d3ab6cc4e73bcc03c1d415ebbdd2ffc7fe5582c93dd0a70155f5f907

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9550724388066307941/728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 20:13:47 GMT
x-content-type-options: nosniff
age: 154830
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 204259
x-xss-protection: 0
last-modified: Fri, 16 Sep 2022 15:06:30 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 26 Sep 2023 20:13:47 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame F4CB 0
26 B 98ms
56ms Ping
image/gif 142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.durangoherald.com
URL: https://www.durangoherald.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js Show response
pagead2.googlesyndication.com/bg/ Frame 7CEE 36 KB
16 KB 21ms
20ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 20:19:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 327310
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16009
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 24 Sep 2023 20:19:07 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3997 0
0 45ms
44ms Fetch
image/gif 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvcXe1GzzXPIinPWlEXrl5yhuSav_REQhnF83lW5dB4UpsDCsg998VUJKam2iwL6JVi6mSGZp_TGlIscIeVQVGl-vtSmRM2WTmNixryilmIoAfQHwyuER7d5zhiPRdz0Vc_nowvCp0RcdXkMeLUM9UJaPabRVspojXKbyHokCR4PtGPOkGfi71RAsmVmWBLrByxbj62nHnzYt2rqcKEGXXdEdeMASV0lXtMSAU3Idu7FKdrvAPeNd7nNQ57kZer4Eu3M2lB2MuBFK9liqvbyQOHPCnDP7E31ORSiLJ0ZsGi8xEQ3oXF_jY0LDaftOkkUi74CtKE_lvnlOUcat-M&sai=AMfl-YTzYnQc64RgL1h8BQwBimAmj2Wi5r0prdTpFhwcpk55Wd_yxTbtNd_bEBlYIOaqQIM1rUQLfMQre6H9MdvMaZ5CI_H8SPfU2Wh_JSTze5a9LyyphNbf_eOamYX7FbZFgfmW&sig=Cg0ArKJSzEB5AWh8mUpIEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Wed, 28 Sep 2022 15:14:17 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 3997 14 KB
11 KB 106ms
65ms XHR
application/json 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022092201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b833cb134b87cc8aff62b4ec463dd4d022dc0cec53dc9c9b403103c88f9a8de9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11239
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 67ms
67ms XHR
application/json 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022092201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0b2e37215654c96974390fe090e178697bc2353c3971bda36992e572f09ec233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11320
x-xss-protection: 0

GET
H3 200 container.html Show response
76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4E6B 6 KB
3 KB 65ms
20ms Document
text/html 2a00:1450:400d:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: gzip
content-length: 3108
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 15:14:17 GMT
expires: Thu, 28 Sep 2023 15:14:17 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 interstitial-close.svg
assets.adventivecdn.com/ui/images/ 3 KB
1 KB 20ms
20ms Image
image/svg+xml 2606:4700::6812:1740
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.adventivecdn.com/ui/images/interstitial-close.svg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6812:1740 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4a519d2bd3043b930e0bbc73d78b2c4d672981401a8de9e846831502365c4509

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:17 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 06 Nov 2019 15:50:45 GMT
server: cloudflare
x-amz-request-id: CZ1FMN8D10XBY0HC
age: 25321
etag: W/"63fb9f6703706b219d1cd65c1d88c1d3"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=43200
cf-ray: 751d6d8a5ed290e6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: cS+bc3ebFer9oj1GCSciiG3B2VsZiq22BbOjCJSMOwvIID7tdWv+IX9dFNb1cxve6h+JrrC/l3Q=

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 3997 17 KB
6 KB 104ms
104ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 28 Sep 2022 15:14:17 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 7CEE 0
20 B 57ms
57ms Image
image/gif 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Br670yGQ0Y4O4LZez9u8Pooif8AEAAAAAOAHgBAI&bg=!dXaldjLNAAYIxsuQKMY7ACkAdvg8WnGF4SQb9g0BExww-Sd3wHSn2TBoaONcdM0l4WrrwAJt8wwK4QIAAACoUgAAAAJoAQeZAqa44Kfos701Csw2H0Ziss4GXOsamy5vFaxle0gOahBkDgddkpD2kczdWNg0ECmAWmpuBFWD-WNw9W_UGCPXiKMzejY4KbAi30M3_59xNLjhSzp7MEcBvOySzKKooOIViFzmoHOP2xlysFZUEfqjz9nc3U9XRWixo7IpgfHVjX7ho9F2k7JjnewhwOScmh10WYLD45oWNlBIrAhIfEhCbui9z3qZLvoV676R618BXAuntw_zOe0HHnjlskVghhCPrs3THcUsDI1L4h3EGynoSvje7DIP_XbC4lOuoOO7ue2N2JnEeyxHitVY6lw3yqbjrAeW0GBfxnos_YIGrblNRq3RgXz53ncWoxbmvLpQU8KyMoSlyij4vrXNr_GywU0O8DdWOp4QyUUFQiOCBYhtl4BcP4qidud0tKUXntnZlqnQrET8qsw2S8bKC1rAMCK4vPGiz3ABpzC__f8hGh4f5vzjtztqIQVih8j7wc3DVOWCv9aKQInEdLBqrMFUdlNKe1d3asFxrLc5yDZScR9OYqy3trm4mWUVmOZsiho-G15BdDuVOC6Pf4f3_WLcPBHVvyx9kCg_AMzr8F6GqYfMblQrJX644-s9AxvljC_Jdw8-R2sUv97JSe5lmfJlDONpsMWLaEmlzhAvvcOCiS0GfoETbM7f6bIzHDW9GbKFmDq8qysSK7DRh-IU7VtBTpJ4JOv82TjMGMU71VEdgUvwDJeVw0-pP1cVVHYW-H4AtJTquTPIP4YCmWAT3Bw2U1Me3Rd4NXR2e0NAA_sW6zxAvvH0W6NBHfUEaXkT7DVNW-jQiH1B2Lsx9_QmYFTK8Mjiz1zUG0kq4jEgmAYNJZ0HnXgDLZCaW9bDkdwDSTdsvHVhvnFdgmm6k8m_iOZpzTGxAIMxifKyGuI

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 15:14:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 196ms
195ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022092201.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 28 Sep 2022 15:14:17 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 0855 624 B
297 B 22ms
21ms Document
text/html 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGLuk_M0BMAE&v=APEucNVeXMWv1ZRrq3js0tuFbUETS6fmuwavYCa8_S1aaCObIZfWrl0nOfnM0xTs9etyq2_nLAyp_SyoGWBMUM_2k3NtXs_2v5DkePYt8yLAFHZkLZDaghPIqtRrd6Phpaz0DxYb7GeO5CuIGibb8Es7yK9dncvchuUXoWinsSxTNYmTiY294kU

Requested by

Host: 76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com
URL: https://76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private
content-encoding: gzip
content-length: 276
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 15:14:17 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 4E6B 86 KB
35 KB 68ms
67ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BKFNO6vDHV_K3flMAuaSEopAzlEbsxL5fVHi9ysPn08oRBQJhfFfKDDhg6whRt2pxqSVyX-a_RckmCdGX0WT02P9nQ8LxvRrag5iXmoh7ivoLbvqfl_xU1SdCfDDwsgawyiGmewim7OxFmnSzQPrR_6MUIxpeWul08ldoqbhQ6o8pHgl4&dbm_d=AKAmf-BXvJf8JO-dEVWTuTsx4QwPQHRwFrpH98IS9ii7oQCCcIYfJxggbiDJmJavqtSdOlVgPcqGewTXeJPuK2nprF034MMjlI-EwdyjwmfsmaUzRIHlJUq9kR77Ao_uhR5OJD2GmKAn89PKCaTYYnhrcm-x0rzT2u6Zenaw5-r8tkwegC4giJ2dsOuRl7Qq5Ehu8Y2AB3SCHIQbOHGzwK6tTTDwWKO-2bs0xCk30u3NpgOHDe1V85lfN3NfDuKW-K6S7sN6V1LStL0V5IQMtByX-JltHhfPpFYnwD5VHGyAXmWeKMLIWv_xM6GHJyRdg4SXXnEGueuTx5d8dW5CD1kPZC_t6yb3qxzmJB5BISS_yETGcT5oWNOa-Ug0cCjsTxQcPSN6C4EEyZnDqYrEZdvjDvjZeIFFTsXfjl-Fs_0HUexMhsM719bjmiJRzpboOlg6Cowfv3ggbwkZsJq0a2KEGjS9tK3jociyCoQyimX-a2TX1qOhNz5oqg4J9F_fLtHnjBpQ3EreBEVyypdE6FmcEk4Vuloxrxnwuy8o-LcJuiu-P_eFK67ASKvLYGzF-MZIXG4ml9WziL8fxiu8uj6gNUeqXagMD12VJ0OrMrvjn49CNMUDcI_nBQmm7OERLtoz93LL1CTiX2EjshJu5gilXI81exfIr1Gww_cJZyaPbToi76PWA2T9IKjFAMYCMv49nazFi49d3SBD6er3cnfSXotp0cXo3lccUMlC1kI0LJIIikmHxUto1wgsEEBTrtbQFsEGsLmH4Q2PmIk6ttVyzKJsvLUMwFYH5GlBasq9yazdsXglYA4k2N4Krq4WAnJq6PLnTtqO1ymAg0uWJ20BcKFBHvt9gLXqTf8kV0TI8bOfYIT4rnvBMwoeFNfN9RbdvL68Y_gSwppRwOLhDfpjMqVujsxLfyl73das2e4mZveOQBEcCuPQEpeh-mwoHZFDF84N0-RdhXhnbXV3mFJo5f93HNpxbWp9oBoaBcYuRZU-0cjacVYA8377Aftk3hLedvmL-GaujMsfnTLpxjX0H8Ld8IAO6_2Lw8UDNsUupze5eZPJMp8PZ6UOx9xH-43Oq2jVoWxXrN1DidSh88vkW-xIy4RVxuD0WODZpwyC_aI3w-N_3omKkG1oPhtZue6p9BQWfQHutzz-oxHizRr_QPi0H3bJ38RFDnju2bdVgdwrMbweaUXVpuFJelf5rdw2VZMzGD8PjvOdzn2DBEXhYtItICemFqz-Q9MF3YUjkQvloNoTspUQzZewRf5bkkkDjgYzslvCDDO6-h5BOAnYlnonBVWFVNjRlGsmucr9nPUAvQjEQcZcTBwpzEJ1cwdvkuNESJcgAlF2pKadzYhA-OPYJrmMq6IfThokQLEHVksDv4AabeEOSGT8ncFQgmg72HEWQbrRvnRPKkQTPGaZ-NplVCX-w1fwgYClvxm-Nv2g1rUB5lEmDa8wJuUuoViADEuf4tnknCaRh-agvIDcIdt_dG6k2yIQEow1-BL6vdIYX_XOzzVzZN5HUf-1Gy4ND9pBWbpNbnigUwlz7lkm7SAdFIj6XTRAQ0L9Clfht_Jzb0rpg6mDyjJuMZ-xnbfFHZIEir6cm5YX_le5uJ5mX1wnr8Ky4Q5En5ev-q_2YVgapTUIUT1xp7VaD-WmWNRZYZduUsj0hgRKjJ3qUVCXAmAKZv5f3-0qL3uZdE_8UB_xDE6eA8_ZGK7bRkcluPV7xcYmc7PpJUFYft3NZNy_2rSKsxkBgJtz4yvjnJEEQOOBg4Ft1fb7qEOfnFzB45_1JQ8BlKJPSEBSm6-4A3dosCRxR2OJf_qpucCh9CKcTr_3Ud-9zkRLFx9V1y5uS0qhF0iXP07MK-9vwYNRLexq1RMzUsSn0-uc5yOZqYcWKVY9dyq_10oRqn93DSRFIXD2qkN9Fz9_TGsMonMrPONcv7P_N1zulvxc54gfUeRHUq7_Kc7ATupxoqiIQ3N7oyIOY4Y35BRJKOF02So-xVniVS606faPI_GkYmU4miBs1MWrLHCyL2EZ7cDXRkk2jdQR0GPcGtBpWNsn2uLMXnkiuXjy9fAeqyCoKVi9rzl_nXem_8gIBeRfiBRs5o7GVyGxrGM7kM9vuR9h6rUG_FThoFx6Uk6R6cphh-9kQgUyL2nRdqFU7WEiVpHmYCwu8wTpDYbRsHW0Bx1JhIYIEzVkDuQNzSe779ldf-tewgh4ecsclQS8o0vKsmR4Fs23n5XYfxC4ihCEoYCdpU4DlCTW3FBtmlZriNlUUH30rc4boPdbEbZ4rgN32aPPZpnpLkT0sCUMoT6-Zbn9JiNjhscbsVR1KsrTC0K7EKA4uI1iE3u_AS4MeJQdiM60YMbmAfH-yqqLW-qB4_HNfbOyFfL4VIsTkogxqcQ0wPXmOeKGcgPVurfQp2SHoM0VJY1205UgDYF_Ny6mw4mk_HfCgCrWiPpn6V5AbKNnlQ1qubtRWkrLSn7oahqPEAUtDrp58coXfV2pNdOyfYyHQ3IUsKFSVzB_ZDvx59c9yYN5CEhlVYM_3sRuAvD2yR7gqH5ChGvQHp0K7KQttplYiZNbaFODu8fbq6DC4OAh4mcJGp0c50q6JBd2fvR38eySaHOnf8kGXNL8PhUQ6lEwzQv6k2WjNfmceNXk-bGQ7vA-0zLX46Ve-AcFLP_7yZ576x_hoCLhLhyQy9nPNz9_pl98gaA26YPXkDI2e60DEpXNMpGBI-zcmGC5zG6Jqz3AsZSxarU-jAOOjdnhgdDslyVS-T5ITKmeOYsoL0h2cyIvgRdxsLqR9bJkx7FxqYGANV-B0mjBhJTCEPgvqjRKpUqlG-h9xuKmmp-LIVN6fVo252szj2X20ZFu2QMKoNeiL1wcCmMoIZLkAscR1EWJFwFDD7nQ3vaVAyLlikn105iZPtuOja6MLHrMbAM8WIe_19nZ2jfxBzdaReO7vcV3u7JpSQ-OYe7oNfgISu-45MAzpQp0Yv5KSbbeDYNWIQ-43y_WQ6AU5jlNB5ZXG6owYtc5TfI4lnbIlmPXtEWPnNjcduk_v6v6zxJQmFB2Qbf33sZPFee82dNqpQ1JAUpUgyvjQlv2E2Icrq0NFBhllw-dzxEWGcE9NxdxODbvnrGTPHF579jL20to8uWAEyryBYmwPYqpQVdUzxoWxwvDh6Jq0W_5YHgIBMIVwPatuoIOh_HeCC900yhKaeMCUPtPY7nH4rfHt4gAcLa9h6fPr_nGTd1u0Qb0s1Xf3ormy5ZEC1vVVctSZLLSSwY08ixn_qns8X-lnZDlcw6NWSqMZuhS8-U0_uGLj80bvHABuTm-PZhQXbtDXs4qBfOSmf2z-gX65ddIpmTV72QVhoqF--4HD6wfLNVJPhy017o&cid=CAASEuRoffNkVwr8Cb1g4rFnEvrIqQ&rfl=2%2Chttps%253A%252F%252Fwww.durangoherald.com%242%2C%2Chttps%253A%252F%252F76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com%252Fsafeframe%252F1-0-38%252Fhtml%252Fcontainer.html%253Fn%253D1%240

Requested by

Host: www.durangoherald.com
URL: https://www.durangoherald.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e96644ef81390c7b40d54eae84637f274cfd50f8d0ce7794c417e7004b8e4d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 15:14:17 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35773
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4E6B 42 B
63 B 57ms
53ms Image
image/gif 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-CSr2eWQwqUElbsxSyFJX2vm8J4FCeX9X34adBTs9WxRAs-JZTmWjOClS8g0hJt4I2DhaBqmDQJaOs0fBvC035rBISznj4LokpxE6bi64L-Aqi-Ypc

Requested by

Host: 76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com
URL: https://76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 15:14:17 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

skeleton.gif
static.adsafeprotected.com/ Frame 4E6B
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/1083870/64162797/skeleton.gif?gdpr=&gdpr_consent=&gdpr_pd=&ias_dspID=3&ias_campId=1008209757&ias_pubId=pub-6055882063795349&ias_chanId=1&ias_placementId=176...
https://static.adsafeprotected.com/skeleton.gif

43 B
482 B

85ms
14ms

Image
image/gif

2600:9000:2204:5600:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.adsafeprotected.com/skeleton.gif
Requested by: Host: 76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com
URL: https://76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Server: 2600:9000:2204:5600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 25 Jun 2022 14:52:58 GMT
x-amz-version-id: iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via: 1.1 5345148f0ba8ae3c67b69d035acdbfc4.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS50-C1
age: 8209279
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 43
last-modified: Mon, 17 Aug 2020 23:55:15 GMT
server: AmazonS3
etag: "45cf913e5d9d3c9b2058033056d3dd23"
content-type: image/gif
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: 6bwWFD9spCvubQxxyz4sMGteLIuF63-m7g7kstGzxNSifmclojdZVA==

Redirect headers

pragma: no-cache
date: Wed, 28 Sep 2022 15:14:17 GMT
server: nginx
x-server-name: app17.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.gif
cache-control: no-cache
content-length: 0

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/ Frame 4E6B 3 KB
1 KB 25ms
22ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/window_focus_fy2021.js

Requested by

Host: 76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com
URL: https://76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 14:45:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1709
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1359
x-xss-protection: 0
server: cafe
etag: 1484984001845508991
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Oct 2022 14:45:48 GMT

GET
H3 200 qs_click_protection_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/ Frame 4E6B 17 KB
7 KB 26ms
23ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220922/r20110914/client/qs_click_protection_fy2021.js

Requested by

Host: 76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com
URL: https://76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 14:50:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1421
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7553
x-xss-protection: 0
server: cafe
etag: 15375136450269253166
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Oct 2022 14:50:36 GMT

GET
H3 204 l
www.google.com/ads/measurement/ Frame 4E6B 0
0 20ms
17ms Image
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRh16ZxII2Cwg7A9DOQVFXwJKzjfDYKYbbyXS60djQwyOvcAX8tPqO9oP_oQW9xTbM3EL2Uq56x0fMS5F4q3E1SsnnbOA
Requested by: Host: 76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com
URL: https://76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4E6B 140 KB
44 KB 88ms
86ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com
URL: https://76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

111ac61e627008261e23043c5e6b486035f0b123b1963e2fa8671e188eb33829

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44528
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1664191987193040"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 28 Sep 2022 15:14:17 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 0855
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBoCoXbButp86TZx5BA37Ic&google_cver=1

43 B
846 B

30ms
30ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBoCoXbButp86TZx5BA37Ic&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGLuk_M0BMAE&v=APEucNVeXMWv1ZRrq3js0tuFbUETS6fmuwavYCa8_S1aaCObIZfWrl0nOfnM0xTs9etyq2_nLAyp_SyoGWBMUM_2k3NtXs_2v5DkePYt8yLAFHZkLZDaghPIqtRrd6Phpaz0DxYb7GeO5CuIGibb8Es7yK9dncvchuUXoWinsSxTNYmTiY294kU
Protocol: H3
Server: 104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 15:14:17 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6WquaHwvFQ9wLt6wdwZ3Ado7hK2Fw9yHryRim5wPMeZ%2B5dBOVJvVctLxXGUqsmN32YB%2FWB4v8ZESdNpYSMDTamm8HDtsI0kZ1nR40pj0AnSIFGT3w5MwC1C%2FeiQ%2BxP8QSi8Iebr%2FLte6Ag%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 751d6d8b9f609c01-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 28 Sep 2022 15:14:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBoCoXbButp86TZx5BA37Ic&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

rum
dsum-sec.casalemedia.com/ Frame 0855
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YzRkyATX6z1W9oM8W47YQQAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBoCoXbButp86TZx5BA37Ic&google_cver=1

43 B
845 B

27ms
26ms

Image
image/gif

104.18.19.126
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBoCoXbButp86TZx5BA37Ic&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGLuk_M0BMAE&v=APEucNVeXMWv1ZRrq3js0tuFbUETS6fmuwavYCa8_S1aaCObIZfWrl0nOfnM0xTs9etyq2_nLAyp_SyoGWBMUM_2k3NtXs_2v5DkePYt8yLAFHZkLZDaghPIqtRrd6Phpaz0DxYb7GeO5CuIGibb8Es7yK9dncvchuUXoWinsSxTNYmTiY294kU
Protocol: H3
Server: 104.18.19.126 Shahr, Iran, Islamic Republic Of, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 15:14:17 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JlSZCIJJ8VulwukaPwMqZ7BhQBrRE06Bvm1gSwoRNAePMLYvmZrghJn09de6ovH70o7bo%2BEXHkY6xRRpSxmfIMgRuLqI7%2FB0AXyVXGnk69LOic1DblL%2BRpfVm3lu%2FwuOPK0dOcvv23UJIQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type: image/gif
cache-control: no-cache
cf-ray: 751d6d8bf8169c01-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 28 Sep 2022 15:14:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEBoCoXbButp86TZx5BA37Ic&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 0855
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEOZOK69R503vJ5WopHo7DM8&google_cver=1

43 B
1010 B

12ms
12ms

Image
image/gif

37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEOZOK69R503vJ5WopHo7DM8&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=COWiHhDhjN4CGLuk_M0BMAE&v=APEucNVeXMWv1ZRrq3js0tuFbUETS6fmuwavYCa8_S1aaCObIZfWrl0nOfnM0xTs9etyq2_nLAyp_SyoGWBMUM_2k3NtXs_2v5DkePYt8yLAFHZkLZDaghPIqtRrd6Phpaz0DxYb7GeO5CuIGibb8Es7yK9dncvchuUXoWinsSxTNYmTiY294kU

Protocol

HTTP/1.1

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 28 Sep 2022 15:14:17 GMT
AN-X-Request-Uuid: ec1b5c80-c876-4d75-b79e-7436bf9876ca
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 81.95.5.39; 81.95.5.39; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 28 Sep 2022 15:14:17 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEOZOK69R503vJ5WopHo7DM8&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 0855
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTE1MTkyMjg5MjE4ODUwNjA5MA%3D%3D

170 B
188 B

50ms
46ms

Image
image/png

142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTE1MTkyMjg5MjE4ODUwNjA5MA%3D%3D

Requested by

Protocol

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 15:14:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 28 Sep 2022 15:14:17 GMT
AN-X-Request-Uuid: 054c3141-949f-4f4c-87b5-eec58190d35d
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTE1MTkyMjg5MjE4ODUwNjA5MA%3D%3D
Connection: keep-alive
X-Proxy-Origin: 81.95.5.39; 81.95.5.39; 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F16F 13 KB
5 KB 29ms
23ms Document
text/html 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 274538
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 25 Sep 2022 10:58:39 GMT
expires: Mon, 25 Sep 2023 10:58:39 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 1101 783 B
535 B 28ms
22ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

78b75daeac4d1ba8fff32264777441d5676638d72d672119eb03d21ebae1deb8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-ONKf8r4tcFE7u-vfD3YwJQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-ONKf8r4tcFE7u-vfD3YwJQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 15:14:17 GMT
expires: Wed, 28 Sep 2022 15:14:17 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 4E6B 170 KB
59 KB 33ms
8ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Requested by

Host: www.durangoherald.com
URL: https://www.durangoherald.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com/
Origin: https://76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 11:10:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14653
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60311
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:25 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 29 Sep 2022 11:10:04 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220922/r20110914/elements/html/ Frame 4E6B 8 KB
3 KB 23ms
22ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220922/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BKFNO6vDHV_K3flMAuaSEopAzlEbsxL5fVHi9ysPn08oRBQJhfFfKDDhg6whRt2pxqSVyX-a_RckmCdGX0WT02P9nQ8LxvRrag5iXmoh7ivoLbvqfl_xU1SdCfDDwsgawyiGmewim7OxFmnSzQPrR_6MUIxpeWul08ldoqbhQ6o8pHgl4&dbm_d=AKAmf-BXvJf8JO-dEVWTuTsx4QwPQHRwFrpH98IS9ii7oQCCcIYfJxggbiDJmJavqtSdOlVgPcqGewTXeJPuK2nprF034MMjlI-EwdyjwmfsmaUzRIHlJUq9kR77Ao_uhR5OJD2GmKAn89PKCaTYYnhrcm-x0rzT2u6Zenaw5-r8tkwegC4giJ2dsOuRl7Qq5Ehu8Y2AB3SCHIQbOHGzwK6tTTDwWKO-2bs0xCk30u3NpgOHDe1V85lfN3NfDuKW-K6S7sN6V1LStL0V5IQMtByX-JltHhfPpFYnwD5VHGyAXmWeKMLIWv_xM6GHJyRdg4SXXnEGueuTx5d8dW5CD1kPZC_t6yb3qxzmJB5BISS_yETGcT5oWNOa-Ug0cCjsTxQcPSN6C4EEyZnDqYrEZdvjDvjZeIFFTsXfjl-Fs_0HUexMhsM719bjmiJRzpboOlg6Cowfv3ggbwkZsJq0a2KEGjS9tK3jociyCoQyimX-a2TX1qOhNz5oqg4J9F_fLtHnjBpQ3EreBEVyypdE6FmcEk4Vuloxrxnwuy8o-LcJuiu-P_eFK67ASKvLYGzF-MZIXG4ml9WziL8fxiu8uj6gNUeqXagMD12VJ0OrMrvjn49CNMUDcI_nBQmm7OERLtoz93LL1CTiX2EjshJu5gilXI81exfIr1Gww_cJZyaPbToi76PWA2T9IKjFAMYCMv49nazFi49d3SBD6er3cnfSXotp0cXo3lccUMlC1kI0LJIIikmHxUto1wgsEEBTrtbQFsEGsLmH4Q2PmIk6ttVyzKJsvLUMwFYH5GlBasq9yazdsXglYA4k2N4Krq4WAnJq6PLnTtqO1ymAg0uWJ20BcKFBHvt9gLXqTf8kV0TI8bOfYIT4rnvBMwoeFNfN9RbdvL68Y_gSwppRwOLhDfpjMqVujsxLfyl73das2e4mZveOQBEcCuPQEpeh-mwoHZFDF84N0-RdhXhnbXV3mFJo5f93HNpxbWp9oBoaBcYuRZU-0cjacVYA8377Aftk3hLedvmL-GaujMsfnTLpxjX0H8Ld8IAO6_2Lw8UDNsUupze5eZPJMp8PZ6UOx9xH-43Oq2jVoWxXrN1DidSh88vkW-xIy4RVxuD0WODZpwyC_aI3w-N_3omKkG1oPhtZue6p9BQWfQHutzz-oxHizRr_QPi0H3bJ38RFDnju2bdVgdwrMbweaUXVpuFJelf5rdw2VZMzGD8PjvOdzn2DBEXhYtItICemFqz-Q9MF3YUjkQvloNoTspUQzZewRf5bkkkDjgYzslvCDDO6-h5BOAnYlnonBVWFVNjRlGsmucr9nPUAvQjEQcZcTBwpzEJ1cwdvkuNESJcgAlF2pKadzYhA-OPYJrmMq6IfThokQLEHVksDv4AabeEOSGT8ncFQgmg72HEWQbrRvnRPKkQTPGaZ-NplVCX-w1fwgYClvxm-Nv2g1rUB5lEmDa8wJuUuoViADEuf4tnknCaRh-agvIDcIdt_dG6k2yIQEow1-BL6vdIYX_XOzzVzZN5HUf-1Gy4ND9pBWbpNbnigUwlz7lkm7SAdFIj6XTRAQ0L9Clfht_Jzb0rpg6mDyjJuMZ-xnbfFHZIEir6cm5YX_le5uJ5mX1wnr8Ky4Q5En5ev-q_2YVgapTUIUT1xp7VaD-WmWNRZYZduUsj0hgRKjJ3qUVCXAmAKZv5f3-0qL3uZdE_8UB_xDE6eA8_ZGK7bRkcluPV7xcYmc7PpJUFYft3NZNy_2rSKsxkBgJtz4yvjnJEEQOOBg4Ft1fb7qEOfnFzB45_1JQ8BlKJPSEBSm6-4A3dosCRxR2OJf_qpucCh9CKcTr_3Ud-9zkRLFx9V1y5uS0qhF0iXP07MK-9vwYNRLexq1RMzUsSn0-uc5yOZqYcWKVY9dyq_10oRqn93DSRFIXD2qkN9Fz9_TGsMonMrPONcv7P_N1zulvxc54gfUeRHUq7_Kc7ATupxoqiIQ3N7oyIOY4Y35BRJKOF02So-xVniVS606faPI_GkYmU4miBs1MWrLHCyL2EZ7cDXRkk2jdQR0GPcGtBpWNsn2uLMXnkiuXjy9fAeqyCoKVi9rzl_nXem_8gIBeRfiBRs5o7GVyGxrGM7kM9vuR9h6rUG_FThoFx6Uk6R6cphh-9kQgUyL2nRdqFU7WEiVpHmYCwu8wTpDYbRsHW0Bx1JhIYIEzVkDuQNzSe779ldf-tewgh4ecsclQS8o0vKsmR4Fs23n5XYfxC4ihCEoYCdpU4DlCTW3FBtmlZriNlUUH30rc4boPdbEbZ4rgN32aPPZpnpLkT0sCUMoT6-Zbn9JiNjhscbsVR1KsrTC0K7EKA4uI1iE3u_AS4MeJQdiM60YMbmAfH-yqqLW-qB4_HNfbOyFfL4VIsTkogxqcQ0wPXmOeKGcgPVurfQp2SHoM0VJY1205UgDYF_Ny6mw4mk_HfCgCrWiPpn6V5AbKNnlQ1qubtRWkrLSn7oahqPEAUtDrp58coXfV2pNdOyfYyHQ3IUsKFSVzB_ZDvx59c9yYN5CEhlVYM_3sRuAvD2yR7gqH5ChGvQHp0K7KQttplYiZNbaFODu8fbq6DC4OAh4mcJGp0c50q6JBd2fvR38eySaHOnf8kGXNL8PhUQ6lEwzQv6k2WjNfmceNXk-bGQ7vA-0zLX46Ve-AcFLP_7yZ576x_hoCLhLhyQy9nPNz9_pl98gaA26YPXkDI2e60DEpXNMpGBI-zcmGC5zG6Jqz3AsZSxarU-jAOOjdnhgdDslyVS-T5ITKmeOYsoL0h2cyIvgRdxsLqR9bJkx7FxqYGANV-B0mjBhJTCEPgvqjRKpUqlG-h9xuKmmp-LIVN6fVo252szj2X20ZFu2QMKoNeiL1wcCmMoIZLkAscR1EWJFwFDD7nQ3vaVAyLlikn105iZPtuOja6MLHrMbAM8WIe_19nZ2jfxBzdaReO7vcV3u7JpSQ-OYe7oNfgISu-45MAzpQp0Yv5KSbbeDYNWIQ-43y_WQ6AU5jlNB5ZXG6owYtc5TfI4lnbIlmPXtEWPnNjcduk_v6v6zxJQmFB2Qbf33sZPFee82dNqpQ1JAUpUgyvjQlv2E2Icrq0NFBhllw-dzxEWGcE9NxdxODbvnrGTPHF579jL20to8uWAEyryBYmwPYqpQVdUzxoWxwvDh6Jq0W_5YHgIBMIVwPatuoIOh_HeCC900yhKaeMCUPtPY7nH4rfHt4gAcLa9h6fPr_nGTd1u0Qb0s1Xf3ormy5ZEC1vVVctSZLLSSwY08ixn_qns8X-lnZDlcw6NWSqMZuhS8-U0_uGLj80bvHABuTm-PZhQXbtDXs4qBfOSmf2z-gX65ddIpmTV72QVhoqF--4HD6wfLNVJPhy017o&cid=CAASEuRoffNkVwr8Cb1g4rFnEvrIqQ&rfl=2%2Chttps%253A%252F%252Fwww.durangoherald.com%242%2C%2Chttps%253A%252F%252F76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com%252Fsafeframe%252F1-0-38%252Fhtml%252Fcontainer.html%253Fn%253D1%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:09:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 297
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3181
x-xss-protection: 0
server: cafe
etag: 10699485926258732851
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Oct 2022 15:09:20 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220922/r20110914/ Frame 4E6B 30 KB
11 KB 26ms
21ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220922/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b5c422737a3014e58810db4ac5052acbb9cf489d0c303cab94453cc77d4cdfed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:12:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 135
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11724
x-xss-protection: 0
server: cafe
etag: 16554960040364120486
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 12 Oct 2022 15:12:02 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 4E6B 41 KB
15 KB 20ms
20ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: 76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com
URL: https://76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 18:03:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76266
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 27 Sep 2023 18:03:11 GMT

GET
H3 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame A00C 1 KB
749 B 20ms
20ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: 76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com
URL: https://76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 27825
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=86400
content-encoding: gzip
content-length: 724
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 07:30:32 GMT
etag: 48472445140208031
expires: Thu, 29 Sep 2022 07:30:32 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 1101 0
0 53ms
52ms Image
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022092201&jk=3854978622122251&rc=05AK_d_36yauzTzqVzs8lmGQTqN4YqOnMhRc5LvVaJXxDy6c_gOjXRedbN3BRSQI3iW4S3rW0v4l4GNXa9v_lOsZRqLaQzjOB7LYN7ep99CBUGbqhXwfZQtY4GDEmowgHhvoA3EhXhAF99I8zPM27zPNyQ9yVcuVwu8RB7kKLFBRWxmJNKjvfkCZ1qn5XdWvFyxZLjdenw5CgY-mjea2Y
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F8E9 13 KB
5 KB 21ms
20ms Document
text/html 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.durangoherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 274538
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sun, 25 Sep 2022 10:58:39 GMT
expires: Mon, 25 Sep 2023 10:58:39 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 790C 783 B
535 B 17ms
17ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

41927abcf736bab1d47d1687ca7bc31f774f0e1cd93b290b2aa789258c92e2a3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce--wUDp3Zs-2zQLp3QU3sXCw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.durangoherald.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce--wUDp3Zs-2zQLp3QU3sXCw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 15:14:17 GMT
expires: Wed, 28 Sep 2022 15:14:17 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 index.html Show response
s0.2mdn.net/sadbundle/6657181183598343709/ Frame 21F1 36 KB
6 KB 17ms
17ms Document
text/html 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6657181183598343709/index.html?e=69&leftOffset=0&topOffset=0&c=gsMeSeUhGb&t=1&renderingType=2&ev=01_247

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6441798447ba251e1090a35dcee01ee8b3e9446325a4c058fabda6090a90a16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Wed, 28 Sep 2022 15:14:17 GMT
expires: Thu, 28 Sep 2023 15:14:17 GMT
last-modified: Wed, 05 May 2021 19:27:44 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4E6B 0
27 B 64ms
64ms Ping
image/gif 142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvL71GJLP3a5l1AhSvzbEK28ZdSypPUa5E46iuD3d_HzFxcYJJiVu62D9JtyXRLS280QjN55y6wthrI_R3Hnryqucv9FeAiR8EV8Ik9111KrmfAflt5O_xKHLu2e8-4V4PvJb77s5soTFCEpd6NuyAzXiRrna5q7hycP1aS-EJYfQnJKrkX6UhFg5P1FQutV1HPlYqRqOR7wBGU526plVTxz6PlQ4bm8G62yEM7h6gxApYaVAX3ZlH-KCa95nO18uRojYHTY_F6Dn8DeeeW1xLxNUB12MsMoVQqj9GCCvbcvKlM-zAk8bY-4SqLr9GZLrD5Gz2OSkywsUPnA0ocY9bXQtp7JNH2WmI2kUB83G8Llmuk7pmeSsBjjRBs1nMC7UxUKMZBvvwgzr0tKkrJVrp0vcFgP4B_v3Ho4rGfS9lumwsqGwE3t2g14T3MPL7J3KOk7VkqkzQTK7rEMxxTds4RJpshOENrCxAXeSvnjHcA51hs3BmQkJTPBz75wDAK5xWBMYGDyCnyTJ_sqZyfc1IEyL737MHsEfdtFxrwI8RvFH7upoNhlkndIklIfwJ35wo2WxI7trRdJ2IW7A8NEYQj9X2g3bBDb14I9_Rq9l5G1ZOBjbedxyjKIet-3ucqJEDLs9qv_ed0ey0pQp5vySEo3Jthaw96SI7-ysHDzJPhMFdhiHcY8DeYJHIxkbIZFzHSy1DurP_WbRWpGwjSEtvgb9n_PZ0ZuQbEV3ZAmt9zD7qlDAKbA2vNofGXhZZDFb-VZaE8-dmvI34iEIVpieD7SAtGFWd4_PC8MTV7o7S7ihkVVrlGahhvW9bVKmFvk3gRh90r2L9xhAfplIALWBFe94rhU0K5ABmWW3Ge4_dlKpohSPg0FPz0Tbz8iwZK0DqDhglFGlT09WS6LvZlYxooV7IRzEO7_RFN5mfZrQgMAjgfTX2rFWJ39JLnTt2CNd7poxQjQBT4zr4L1oRXlCJ_R3cHs38Fa4z7BkPnOtI1RenbO4xysimwLP-nJhOSkk8hyVQXxpbhwwdws6c5KZ0PqIxvh95z76lPctX66jSIza0ANcmqFJ66dF1BdOVhR8mANncEppuISmyTy8eJaxbampcY7nRmjO6BLzpXXrWkTEZZvpHvUXRoXNgs2Dgmz74j_qA0i7_bE2bH-GNHasc0-AApfJOb5wtZcImWEf4tS5RSI9WiGKCDGLFQjUq7G9WJpKizLFpaAQnPnfo-0F3uKHfgL4gAI6soMw6nGvaHOIc7vYBu72OgdIjC5TPkPv83BWXJyP27pE-cjRbZDAY-HmCYaGntdwg&sai=AMfl-YR_3ztwqbRW63wku9YDhdsLO5nphxVVqee33kOCEiYzwR1c3sdoMreXip1o0DAjTRHwuhE4qjoJaOVsgVb3D1fXXAWNCDCOwKSw4jLZaxT15vDVdioX122ajqoL6pccg1WR-mOuLOX9D52pCGCp2prxv6JNgiou&sig=Cg0ArKJSzF0V3NUvOVSUEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=149&cbvp=1&cstd=143&cisv=r20220922.36157&adurl=

Requested by

Host: www.durangoherald.com
URL: https://www.durangoherald.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

content-security-policy: script-src 'none'; object-src 'none'
date: Wed, 28 Sep 2022 15:14:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H/1.1

200
OK

firstevent
skydeutschland.demdex.net/ Frame 4E6B
Redirect Chain

https://skydeutschland.demdex.net/event?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=132133369&d_placement=339772153&d_campaign=28017826&d_bust=109138123&gdpr=&gdpr_cons...
https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=132133369&d_placement=339772153&d_campaign=28017826&d_bust=109138123&gdpr=&gdpr...

42 B
964 B

38ms
38ms

Image
image/gif

34.252.39.216
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=132133369&d_placement=339772153&d_campaign=28017826&d_bust=109138123&gdpr=&gdpr_consent=

Requested by

Host: 76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com
URL: https://76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

HTTP/1.1

Server

34.252.39.216 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-252-39-216.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v043-00910e507.edge-irl1.demdex.com 6 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: RlitdB+ET3E=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v043-0e6599244.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: eABR7T3eR1Q=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://skydeutschland.demdex.net/firstevent?d_event=imp&d_bu=9532313&d_site=5842564&d_src=158980&d_adsrc=&d_creative=132133369&d_placement=339772153&d_campaign=28017826&d_bust=109138123&gdpr=&gdpr_consent=
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 4E6B 43 B
1 KB 115ms
20ms Image
image/gif 85.14.248.72
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvApi=sky-dv360&extProvId=300&extPu=sky-dv360&extLi=1008209757&extPm=431952443&extCr=17611746397&gdpr=&gdpr_consent=&rnd=109138123

Requested by

Host: 76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com
URL: https://76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

85.14.248.72 Kamp-Lintfort, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
Date: Wed, 28 Sep 2022 15:14:17 GMT
X-Content-Type-Options: nosniff
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
cross-origin-resource-policy: cross-origin
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
X-Xss-Protection: 0
Pragma: no-cache
Last-Modified: Mi, 28 Sep 2022 03:14:17 GMT
X-ET-Code: 0
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 923
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js Show response
pagead2.googlesyndication.com/bg/ Frame F16F 36 KB
16 KB 21ms
20ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 20:19:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 327310
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16009
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 24 Sep 2023 20:19:07 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame E0F9 22 KB
8 KB 20ms
20ms Document
text/html 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 333085
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Sat, 24 Sep 2022 18:42:52 GMT
expires: Sun, 24 Sep 2023 18:42:52 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A00C
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEG9zC_evZCqnR-CNn46ik8I&google_cve...
https://pm.w55c.net/ping_match.gif?scc=1&ei=GOOGLE&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3D9675309%26google_hm%3D_wfivefivec64esc_&google_gid=CAESEG9zC_evZCqnR-CNn46ik8I&goog...
https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZjdqeDN4V2IxT0R5TG41&google_gid=CAESEG9zC_evZCqnR-CNn46ik8I&google_cver=1&google_push=AZmPxg94DGEiSN3lV5wI8VWo2Nv3X-lZKW_OXkfXICVbd0G...

170 B
188 B

43ms
43ms

Image
image/png

142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZjdqeDN4V2IxT0R5TG41&google_gid=CAESEG9zC_evZCqnR-CNn46ik8I&google_cver=1&google_push=AZmPxg94DGEiSN3lV5wI8VWo2Nv3X-lZKW_OXkfXICVbd0GgeYZobGfI-UsoZzBqEqcKDcdZGnvqCuRunY2IQ_ajIyxFnOWK2g

Requested by

Host: 76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com
URL: https://76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 15:14:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 28 Sep 2022 15:14:17 GMT
Strict-Transport-Security: max-age=2592000; includeSubDomains
Server: PingMatch/5cd8a5d#5cd8a5dae4649c563ed7e6eb1dd90a4f2423ff29 i-0b4514da13a8bc28c@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Location: https://cm.g.doubleclick.net/pixel?google_nid=9675309&google_hm=ZjdqeDN4V2IxT0R5TG41&google_gid=CAESEG9zC_evZCqnR-CNn46ik8I&google_cver=1&google_push=AZmPxg94DGEiSN3lV5wI8VWo2Nv3X-lZKW_OXkfXICVbd0GgeYZobGfI-UsoZzBqEqcKDcdZGnvqCuRunY2IQ_ajIyxFnOWK2g
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

i.match
s.tribalfusion.com/z/ Frame A00C
Redirect Chain

https://a.tribalfusion.com/i.match?p=b6&u=CAESENr4qvwPyeMv6nxWbL4-Rs0&google_cver=1&google_push=AZmPxg93a76PuEp0FTj37Hb0j7GAniyRSg37QaSbcfnXIaPb8WkgP1ROGu1wtfdyEn6QgGbDTnk127GTGNPd7r5HixdNK5frQQ&re...
https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENr4qvwPyeMv6nxWbL4-Rs0&google_cver=1&google_push=AZmPxg93a76PuEp0FTj37Hb0j7GAniyRSg37QaSbcfnXIaPb8WkgP1ROGu1wtfdyEn6QgGbDTnk127GTGNPd7r5HixdNK5frQQ&...

43 B
451 B

204ms
190ms

Image
image/gif

2606:4700:4400::ac40:98f5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENr4qvwPyeMv6nxWbL4-Rs0&google_cver=1&google_push=AZmPxg93a76PuEp0FTj37Hb0j7GAniyRSg37QaSbcfnXIaPb8WkgP1ROGu1wtfdyEn6QgGbDTnk127GTGNPd7r5HixdNK5frQQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg93a76PuEp0FTj37Hb0j7GAniyRSg37QaSbcfnXIaPb8WkgP1ROGu1wtfdyEn6QgGbDTnk127GTGNPd7r5HixdNK5frQQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
Requested by: Host: 76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com
URL: https://76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Server: 2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 15:14:18 GMT
cf-cache-status: DYNAMIC
x-function: 302
server: cloudflare
content-type: image/gif; charset=utf-8
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 751d6d8e1dd55c8c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 28 Sep 2022 15:14:17 GMT
cf-cache-status: DYNAMIC
x-function: 206
server: cloudflare
x-reuse-index: 570
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESENr4qvwPyeMv6nxWbL4-Rs0&google_cver=1&google_push=AZmPxg93a76PuEp0FTj37Hb0j7GAniyRSg37QaSbcfnXIaPb8WkgP1ROGu1wtfdyEn6QgGbDTnk127GTGNPd7r5HixdNK5frQQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAZmPxg93a76PuEp0FTj37Hb0j7GAniyRSg37QaSbcfnXIaPb8WkgP1ROGu1wtfdyEn6QgGbDTnk127GTGNPd7r5HixdNK5frQQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 751d6d8ccab15c8c-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A00C
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/adx?google_gid=CAESEG5VYrYcZqBY6A8xJEr7K68&google_cver=1&google_push=AZmPxg_jlPL-aOE-LPsA5f2CyQJvnkIwr7KbUSWQv93KbjrZh-xFK5uAO2I8OMRc6V_FyVztLGsxVv4dq99l9j9_rMdHE--...
https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg_jlPL-aOE-LPsA5f2CyQJvnkIwr7KbUSWQv93KbjrZh-xFK5uAO2I8OMRc6V_FyVztLGsxVv4dq99l9j9_rMdHE--GAA0&google_hm=MjYyNzM4MTcyNzM1NTI4NTI...

170 B
188 B

46ms
45ms

Image
image/png

142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg_jlPL-aOE-LPsA5f2CyQJvnkIwr7KbUSWQv93KbjrZh-xFK5uAO2I8OMRc6V_FyVztLGsxVv4dq99l9j9_rMdHE--GAA0&google_hm=MjYyNzM4MTcyNzM1NTI4NTIwNQ%3D%3D

Requested by

Host: 76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com
URL: https://76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 15:14:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Wed, 28 Sep 2022 15:14:17 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
server: ATS
content-security-policy: sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options: DENY
location: https://cm.g.doubleclick.net/pixel?google_nid=yahoo&google_push=AZmPxg_jlPL-aOE-LPsA5f2CyQJvnkIwr7KbUSWQv93KbjrZh-xFK5uAO2I8OMRc6V_FyVztLGsxVv4dq99l9j9_rMdHE--GAA0&google_hm=MjYyNzM4MTcyNzM1NTI4NTIwNQ%3D%3D
content-length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A00C
Redirect Chain

https://c1.adform.net/serving/cookie/match/?party=1&google_gid=CAESEI38lBrs-JF-EAvaaF4uFMc&google_cver=1&google_push=AZmPxg8k6H3g5gisltC5RcZ9xXXoa3-g0vxvcewN5WYn-ci9QXWWNy_eH3eXAE1j0vYhnraNSTx6pnpK...
https://c1.adform.net/serving/cookie/match/?CC=1&party=1&google_gid=CAESEI38lBrs-JF-EAvaaF4uFMc&google_cver=1&google_push=AZmPxg8k6H3g5gisltC5RcZ9xXXoa3-g0vxvcewN5WYn-ci9QXWWNy_eH3eXAE1j0vYhnraNSTx...
https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDc4NDM4MzM5NzgyNTI5NTI4&google_push=AZmPxg8k6H3g5gisltC5RcZ9xXXoa3-g0vxvcewN5WYn-ci9QXWWNy_eH3eXAE1j0vYhnraNSTx6pnpK...

170 B
188 B

44ms
43ms

Image
image/png

142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDc4NDM4MzM5NzgyNTI5NTI4&google_push=AZmPxg8k6H3g5gisltC5RcZ9xXXoa3-g0vxvcewN5WYn-ci9QXWWNy_eH3eXAE1j0vYhnraNSTx6pnpK0CH9eLqD0gmouuwITMs

Requested by

Host: 76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com
URL: https://76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 15:14:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 28 Sep 2022 15:14:17 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://cm.g.doubleclick.net/pixel?google_nid=1024&google_ula=1641347&google_hm=NDc4NDM4MzM5NzgyNTI5NTI4&google_push=AZmPxg8k6H3g5gisltC5RcZ9xXXoa3-g0vxvcewN5WYn-ci9QXWWNy_eH3eXAE1j0vYhnraNSTx6pnpK0CH9eLqD0gmouuwITMs
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 UCookieSetPug
image6.pubmatic.com/AdServer/ Frame A00C 0
166 B 131ms
19ms Image
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESENAjSa0CfUnAJklts9EkLB0&google_cver=1&google_push=AZmPxg8si5J7T-al4OGbwiZO1TI_YG3glEq1Wbqe84hpKjSpOz8U06bhqm0GjlDKJW0XW-4ePSGv8VTC1aKQK0KCI_AvZeUsw-o
Requested by: Host: 76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com
URL: https://76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Wed, 28 Sep 2022 15:14:17 GMT
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A00C
Redirect Chain

https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEDT6tSpC5kVtANid4uk9q94&google_cver=1&google_push=AZmPxg-ODZr-MCPQ9OZKxHPtwC__arSVJbMIbKP4pHXM9LCBIKSgIWfWyW95sFBSrP-rhpIrPEGmwfh_s6Xdou7gA...
https://ap.lijit.com/dsp/google/pixelmatch?google_gid=CAESEDT6tSpC5kVtANid4uk9q94&google_cver=1&google_push=AZmPxg-ODZr-MCPQ9OZKxHPtwC__arSVJbMIbKP4pHXM9LCBIKSgIWfWyW95sFBSrP-rhpIrPEGmwfh_s6Xdou7gA...
https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AZmPxg-ODZr-MCPQ9OZKxHPtwC__arSVJbMIbKP4pHXM9LCBIKSgIWfWyW95sFBSrP-rhpIrPEGmwfh_s6Xdou7gAUg2WBx9xas&google_hm=FZGyqGZHsJXGYHwzRc6PqZAL

170 B
188 B

47ms
46ms

Image
image/png

142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AZmPxg-ODZr-MCPQ9OZKxHPtwC__arSVJbMIbKP4pHXM9LCBIKSgIWfWyW95sFBSrP-rhpIrPEGmwfh_s6Xdou7gAUg2WBx9xas&google_hm=FZGyqGZHsJXGYHwzRc6PqZAL

Requested by

Host: 76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com
URL: https://76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 15:14:17 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Wed, 28 Sep 2022 15:14:17 GMT
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Location: https://cm.g.doubleclick.net/pixel?google_nid=sovrn&google_push=AZmPxg-ODZr-MCPQ9OZKxHPtwC__arSVJbMIbKP4pHXM9LCBIKSgIWfWyW95sFBSrP-rhpIrPEGmwfh_s6Xdou7gAUg2WBx9xas&google_hm=FZGyqGZHsJXGYHwzRc6PqZAL
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: close
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A00C
Redirect Chain

https://match.360yield.com/match/ebda?google_gid=CAESEE_9Ue4mkC6eeetgDh4xSyo&google_cver=1&google_push=AZmPxg-22YnFLCWi0FNlkvoqD7bbQ8k_wGmzUeRucmVzZsKA90YBM42QWfyErWyNlFmq9LIYtsgeZ11t2dUzpq_x3_Sr3s...
https://match.360yield.com/ul_cb/match/ebda?google_gid=CAESEE_9Ue4mkC6eeetgDh4xSyo&google_cver=1&google_push=AZmPxg-22YnFLCWi0FNlkvoqD7bbQ8k_wGmzUeRucmVzZsKA90YBM42QWfyErWyNlFmq9LIYtsgeZ11t2dUzpq_x...
https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=7v0Gh1NIRPW3J0SbXSjn-Q&google_push=AZmPxg-22YnFLCWi0FNlkvoqD7bbQ8k_wGmzUeRucmVzZsKA90YBM42QWfyErWyNlFmq9LIYtsgeZ11t2dUzpq_...

170 B
188 B

44ms
44ms

Image
image/png

142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=7v0Gh1NIRPW3J0SbXSjn-Q&google_push=AZmPxg-22YnFLCWi0FNlkvoqD7bbQ8k_wGmzUeRucmVzZsKA90YBM42QWfyErWyNlFmq9LIYtsgeZ11t2dUzpq_x3_Sr3s6xftc

Protocol

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 15:14:18 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=improve_digital_eb&google_hm=7v0Gh1NIRPW3J0SbXSjn-Q&google_push=AZmPxg-22YnFLCWi0FNlkvoqD7bbQ8k_wGmzUeRucmVzZsKA90YBM42QWfyErWyNlFmq9LIYtsgeZ11t2dUzpq_x3_Sr3s6xftc
access-control-allow-origin: *
date: Wed, 28 Sep 2022 15:14:18 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame A00C 0
12 B 43ms
41ms Image
text/html 142.250.180.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13I0_FOZ_s9ihJxSWI2eWyccW8bJA3rFbh797-T8EzUuUBsmdcejNu-q9s9ZzkptIWyTFF_n

Requested by

Host: 76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com
URL: https://76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.180.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s33-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:17 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H3 200 style.css
s0.2mdn.net/sadbundle/6657181183598343709/ Frame 21F1 6 KB
2 KB 10ms
9ms Stylesheet
text/css 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6657181183598343709/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6657181183598343709/index.html?e=69&leftOffset=0&topOffset=0&c=gsMeSeUhGb&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2392bb69de9eb1e9efad1da54204d43b70c52e5b6004b053d1e645fac906ac3f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6657181183598343709/index.html?e=69&leftOffset=0&topOffset=0&c=gsMeSeUhGb&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 13:16:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 7082
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1741
x-xss-protection: 0
last-modified: Wed, 05 May 2021 19:27:44 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 28 Sep 2023 13:16:15 GMT

GET
H3 200 Enabler_01_244.js Show response
s0.2mdn.net/879366/ Frame 21F1 109 KB
37 KB 11ms
10ms Script
text/javascript 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_244.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6657181183598343709/index.html?e=69&leftOffset=0&topOffset=0&c=gsMeSeUhGb&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e7052ee7e4fa3d19fa953957b23d6cd29b2311739ec0932d6e570577d19f2503

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6657181183598343709/index.html?e=69&leftOffset=0&topOffset=0&c=gsMeSeUhGb&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 06:58:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29777
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38072
x-xss-protection: 0
last-modified: Tue, 07 Jul 2020 18:35:15 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 29 Sep 2022 06:58:00 GMT

GET
H3 200 gsap.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/3.4.2/ Frame 21F1 59 KB
22 KB 30ms
18ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/3.4.2/gsap.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6657181183598343709/index.html?e=69&leftOffset=0&topOffset=0&c=gsMeSeUhGb&t=1&renderingType=2&ev=01_247

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a3c5ff7e114ffe32212ee07123f9dc6aa19c09072e44fe64649c9cc747040cab

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:17 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 763417
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21678
last-modified: Tue, 21 Jul 2020 23:12:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f177643-eca3"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9LamhuRQwsrIx1Y%2BFhKPkvq1qIcuaYIEaAqvT%2FkioFXt%2BixaQV0TaMQ2OK6nJXprGBdgVltkVOxpJa5ucIwhtK0Ekq%2BJc6jOF5umXRLONSzL8r9pZLIUFlPIzx%2F%2BwunwBO8mLF%2BBK%2BW%2Fgwx0vmj2qI7S"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 751d6d8cba919bb8-FRA
expires: Mon, 18 Sep 2023 15:14:17 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 790C 0
0 53ms
53ms Image
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022092201&jk=1510348527640675&rc=05AK_d_36yauzTzqVzs8lmGQTqN4YqOnMhRc5LvVaJXxDy6c_gOjXRedbN3BRSQI3iW4S3rW0v4l4GNXa9v_lOsZRqLaQzjOB7LYN7ep99CBUGbqhXwfZQtY4GDEmowgHhvoA3EhXhAF99I8zPM27zPNyQ9yVcuVwu8RB7kKLFBRWxmJNKjvfkCZ1qn5XdWvFyxZLjdenw5CgY-mjea2Y
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

GET
H3 200 f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js Show response
pagead2.googlesyndication.com/bg/ Frame F8E9 36 KB
16 KB 20ms
20ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 20:19:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 327310
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16009
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 24 Sep 2023 20:19:07 GMT

GET
H3 200 f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js Show response
pagead2.googlesyndication.com/bg/ Frame E0F9 36 KB
16 KB 20ms
20ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 20:19:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 327310
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16009
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 24 Sep 2023 20:19:07 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 4E6B 0
26 B 56ms
56ms Ping
image/gif 142.251.39.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.durangoherald.com
URL: https://www.durangoherald.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.39.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s38-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:17 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 21F1 7 KB
6 KB 62ms
60ms XHR
application/json 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_244&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_244.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2d2b42be0b916475bf6dbac5205ae4799b47b7d8a699740bd4b5ab2f5fc3c0b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5770
x-xss-protection: 0

GET
H3 200 blank.png_1621952972643_blank.png
s0.2mdn.net/dynamic/2/10812395/s0.2mdn.net/creatives/assets/3690075/ Frame 21F1 95 B
120 B 19ms
17ms Image
image/png 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10812395/s0.2mdn.net/creatives/assets/3690075/blank.png_1621952972643_blank.png

Requested by

Host: 76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com
URL: https://76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9df9512d0f2332b34e43e220b6bdc675dc6b663e72406edde64fd96dc9128e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6657181183598343709/index.html?e=69&leftOffset=0&topOffset=0&c=gsMeSeUhGb&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 18:14:58 GMT
x-content-type-options: nosniff
age: 161959
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95
x-xss-protection: 0
last-modified: Tue, 25 May 2021 14:29:47 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 26 Sep 2023 18:14:58 GMT

GET
H3 200 Resi_RTG_All_Sports_1207_300x250_1.jpg_1659522540301_Resi_RTG_All_Sports_1207_300x250_1.jpg
s0.2mdn.net/dynamic/2/10812395/s0.2mdn.net/creatives/assets/3690075/ Frame 21F1 57 KB
57 KB 13ms
12ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10812395/s0.2mdn.net/creatives/assets/3690075/Resi_RTG_All_Sports_1207_300x250_1.jpg_1659522540301_Resi_RTG_All_Sports_1207_300x250_1.jpg

Requested by

Host: 76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com
URL: https://76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b5524ad9d28b7bd3eb154f6fb37f9ce4ab0cd151972a07c7696f2aee99e10301

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6657181183598343709/index.html?e=69&leftOffset=0&topOffset=0&c=gsMeSeUhGb&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Tue, 27 Sep 2022 09:00:05 GMT
x-content-type-options: nosniff
age: 108852
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58556
x-xss-protection: 0
last-modified: Wed, 03 Aug 2022 10:29:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 27 Sep 2023 09:00:05 GMT

GET
H3 200 Resi_RTG_All_Sports_1207_300x250_2.jpg_1659522540301_Resi_RTG_All_Sports_1207_300x250_2.jpg
s0.2mdn.net/dynamic/2/10812395/s0.2mdn.net/creatives/assets/3690075/ Frame 21F1 44 KB
44 KB 17ms
16ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10812395/s0.2mdn.net/creatives/assets/3690075/Resi_RTG_All_Sports_1207_300x250_2.jpg_1659522540301_Resi_RTG_All_Sports_1207_300x250_2.jpg

Requested by

Host: 76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com
URL: https://76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7826192203ad368a74218ecb82bbacfdf2e3a17b338e4fc5ea58cd9ff7717a30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6657181183598343709/index.html?e=69&leftOffset=0&topOffset=0&c=gsMeSeUhGb&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Mon, 26 Sep 2022 16:33:13 GMT
x-content-type-options: nosniff
age: 168064
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44704
x-xss-protection: 0
last-modified: Wed, 03 Aug 2022 10:29:07 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 26 Sep 2023 16:33:13 GMT

GET
H3 200 Resi_RTG_All_Sports_1207_300x250_3.jpg_1659522540301_Resi_RTG_All_Sports_1207_300x250_3.jpg
s0.2mdn.net/dynamic/2/10812395/s0.2mdn.net/creatives/assets/3690075/ Frame 21F1 26 KB
26 KB 14ms
13ms Image
image/jpeg 2a00:1450:4001:830::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dynamic/2/10812395/s0.2mdn.net/creatives/assets/3690075/Resi_RTG_All_Sports_1207_300x250_3.jpg_1659522540301_Resi_RTG_All_Sports_1207_300x250_3.jpg

Requested by

Host: 76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com
URL: https://76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ab21a154fbc890cf68e7d8f7124d4776b88f5256ed30105b81350a12ea1bd82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6657181183598343709/index.html?e=69&leftOffset=0&topOffset=0&c=gsMeSeUhGb&t=1&renderingType=2&ev=01_247
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 14:59:55 GMT
x-content-type-options: nosniff
age: 862
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-programmable
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26340
x-xss-protection: 0
last-modified: Wed, 03 Aug 2022 10:29:10 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-programmable"
report-to: {"group":"ads-programmable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-programmable"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 28 Sep 2023 14:59:55 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F16F 0
10 B 20ms
19ms Image
text/plain 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?Fjavxg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:17 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 21F1 17 KB
6 KB 81ms
80ms Script
text/javascript 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_244.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 28 Sep 2022 15:14:17 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F8E9 0
10 B 19ms
19ms Image
text/plain 2a00:1450:400d:80a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?1-Znmw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80a::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:17 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H3 200 f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js Show response
pagead2.googlesyndication.com/bg/ Frame 134B 36 KB
16 KB 21ms
20ms Script
text/javascript 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/f36U5LLOSFCl_RQcRb4gz5dtt8ZR3FgOTI7LNXASQxk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Sat, 24 Sep 2022 20:19:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 327311
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16009
x-xss-protection: 0
last-modified: Mon, 19 Sep 2022 14:48:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 24 Sep 2023 20:19:07 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F4CB 42 B
64 B 55ms
55ms Fetch
image/gif 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstfJui6Ye65e_Cd_jbLUnAp-c-IzMsYD-YMypJW6hVDkh6tlbhCSeru4dARkPcIt_28czKhNB1_hoD9cpopLcBMYslHkS7wKAV8gpq0omPeK8wEf2dCNi9U3JnfMOYIvOFGgr2eLKU&sai=AMfl-YQTRPK6UDigiyASHJmQR4jC5icETbrP_uwBurGFvpx2qyRgssiOMIOta26FFx0-_pjArau8mN_jTqZlgPlEzXWwQ0mS7RmWh4aLNrCajti1WIJ4sID2K1Oif_dTHKVrDQ&sig=Cg0ArKJSzKPgDKUtV8S1EAE&cid=CAASJ-Roz1wmWtvrB36HkkwyMC6EDz8ya8VzFmbFZtzfgXsbBJm9ry73qQ&id=lidar2&mcvt=1020&p=778,436,868,1164&mtos=1020,1020,1020,1020,1020&tos=1020,0,0,0,0&v=20220926&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=2090853807&rs=4&la=0&cr=0&vs=4&r=v&rst=1664378056631&rpt=386&isd=0&lsd=0&met=ie&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 15:14:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 stats
ads.adventive.com/api/ 43 B
346 B 162ms
162ms Image
image/gif 2606:4700::6810:d735
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.adventive.com/api/stats?acc=332&adv=9756&atid=4&auid=153541&cache=1&cid=66414&gid=0&pcid=89363&pid=168639&sid=495&tag=e4561928-8aa0-4a7b-8a75-e1734455c9a6&tz=America%2FDenver&up=0.00000&ut=RM&vid=1&ckid=f18ac284-7030-40be-89fd-9f9412c7c5bb&ip=2a01%3A4a0%3A2b%3A%3A12&clk=0&dat=%7B%22viewTime%22%3A1%2C%22screenIndex%22%3A1%7D&dh=1200&dw=1600&eng=0&grp=0&hc=yscasigo&iid=188beab182a54ff7b029dd0ad5ebbbf4&ref=https%3A%2F%2Fwww.durangoherald.com%2F&type=ad_view_view_auto&hov=0&cb=1664378058113
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6810:d735 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

date: Wed, 28 Sep 2022 15:14:18 GMT
content-encoding: none
cf-cache-status: DYNAMIC
p3p: CP="CAO PSA OUR"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 43
x-ua-compatible: IE=edge
pragma: no-cache
last-modified: Wed, 11 Jan 2006 12:59:00 GMT
server: cloudflare
vary: Accept-Encoding
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cf-apo-via: origin,host
cf-ray: 751d6d8f3a3f902a-FRA
timing-allow-origin: *
expires: Wed, 11 Jan 2000 12:59:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E0F9 0
20 B 56ms
55ms Image
image/gif 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BxNzryWQ0Y7KAG4GQ9u8PsYiriAEAAAAAOAHgBAI&bg=!0tGl0ZXNAAYIxsuQKMY7ACkAdvg8WjqFQf7UefAO-tKyBzmz4-8-KR59XhASV_UQWGNjl3hKnnpYmAIAAAD-UgAAAAJoAQcKADaofGqPcqcPrIVYYTNc6RsBbLY9-vbfqSyY3q1HzRLZWuZMF_XaQf2PzjGQingVxBqcwhl4ELGZAvqroiwRyuOtQY10U1MC48LMrcYq531JlJu0XVvvh7JRBRUocV0prWNMf8WACf4Dutz1rvr-l-OJjkoyWj87Ik-reSk94XXuSO48xOTQwuthJim_xaa_lKggx6-Cd71naICFyKvzLiAHmtv-jvp1XcBPVWz1fL7SCTYQyQYbCtCSHu2hB51wmV0uBend07OgG0F8PoH48stGAx7hcJoL8cmhf9Cd9WWJFzrYtY1a0PFlMf9Z2i0MiQIJ4ZWxDFOdA57CRkbJOgTBWT0Iis8AFx2z2kiJhu4h72m0q1Ixxk5fNWLy5QMo7KJEV74OGnX8Pkap0JZ8mrtyA7Ork9jd-hBtEtYnp3_7FBigzADcSrVMWba2Lb0yPkjH91maV0Ta65VUQ8un04eJPDJgZNBAtRKOigJmd9S8w4wiYiA-dV6t53kaW8BX64RmHJ1lszCfZQBsspyuQ-FmngrSmlcfLfEGM0WpsA15TFfRUcCdKHuFKURavxl1lGB80v355KdgIUvH96lJN3k_0_9NvOq6KFUolA572FGZvEskJ3er2O6MbWTin3Q2jyBm6eBMX1HTx5NAErgV7TsT-EE448ARSkeTNjOXg-pvbwtMzVzXP4eAxRbM7W6PlpN5HohpvPeU4pExT07SFsI4Whsc4uAaF133NA252pT2FLFfWsyHe_ks04e8AbRwyqy1oq51vRaPrmd0k8s30ek0Qr0ot5uIELRNSEZfAD23MZQ9k-0vXKiAdU8UcNq_wtJAJ5frdXe5MZaRSdByJ0mQ_z1HjxZPxqpTNWslZ1nyo6SQffQ5wsEvaaXvxlD82wlK5P0KNh0M7O5GcI906n3xVsZGqjtLmbywWBHI1UeXk_QFoNi8Nf1Z6veqhqiv84gwmixwOh8ysgxy9EWSmTkXDVlcrBUraV5ojfBS27V-zI962PEOIrX2UKX4J53_0YPaZgCC6MpGJyDf9g7IaaqfYo8aOyZCgN-IoGPJe8YY1mq-5ctAqhxh-bZILXg4h0LEGOI

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 28 Sep 2022 15:14:18 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3997 0
0 55ms
55ms Image
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022092201&jk=3854978622122251&bg=!MTKlMnbNAAYIxsuQKMY7ACkAdvg8Wv4BNYzHhSfBieTh6zuZl8qZcj_ekutk73s_vP_7Y1TNbMJ2OAIAAADrUgAAAAJoAQcKADgbwnNzt8dbD80Mk-0mrIN_khjiG7Uk9BtCMIAJH4cTJrmu5LMOjLTJt4bATgWUHLKN8oo_nK5dJJkCuOUuWr09F04i8fD78DJSeocXVEOat5HQ5FjVtzAve6WN5H0Kjdw945iPveivES-5INblCCyhaVrwfxNVKbMLkXJIRl8u-6EbnB2yIZJ947-kYvGVoSVkJIQESo-rLu-7SUDVZB1L9PAI5AGgYT9ZSG4Jy89mwvpoI8uTdx-RJocRRL_FUOgk_D5_jv-cka8s521Rkp7t0U1CGX8iCiRjMnXmI4M0DWHaF-89EeM_nnwl0FgQiwQAllRI27lbk1iJMC4I7qYJUqWBpNd8hY6ZixJ281TPAtBEHCer3peM_CnBn1hgZnm3O9Q15v7xuMvb4rI9M678bvkolA7DVyQ-fSqLpN_xHQg4Pmn3DXpkZhbeBY8YTx9JkFa3LUGy8lLi1am3o4qq6TGYbQ8rSDJmPbRtFnzWI0i8AOEwYDGenE69CN2lMtVHXyyDB6px_M1hYcWVi97K4WvGLF2IcXxTu5N7i4G6Dtk4Y9WJDoimXaSr0R7IZ699HCe26vdkHckWeKuBFQV7236raqq4abJlNcdBuve6PFwv_eE5RMcGZ_B5ORKm8R2DQtfcw4L59BGEYDpCqp32s3U1oS2A-GyafyNX6kW5pU1swKB-peLdPCmnXpn-k8jPPVyEXzjMMuQDKBjq1fsQ1nm37OYF4cIhDwDcCu3c3of6az4Q_WpY1K0asecfv8cEan-B_v-qnZuMrFqOfyRs8t840EOLQg6OTWph8cnSsL7qE2GAuWXkglmFV4SrOysLxU-8JgbJHZLYZOV7rmNs7_aJoMZvjVMWiHDl1oOCrhcv3_oB2hvmU3mJtvz9phWVX62pWl60O_XVlBKK_DBeYQjm_3ijOOOiNDHnJmgkOFc2d_QK6vVUuLknRRDeu4NSCzeHXhkV8eutNTHAdaVouh6NFx0-r2ZW0ufHX8vNjsUf2A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 55ms
54ms Image
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022092201&jk=1510348527640675&bg=!pKelp-PNAAYIxsuQKMY7ACkAdvg8WitdjyS8Wfw_KlXZ04w3lwl3cfujEU4XImgYpzJwzZrFlAW8CAIAAADZUgAAAARoAQcKAOnoR6W3pXt-zQQy8sXtWz44z58v8itBlhfNOCI_Xx_tdrIzpWtenzA-n5gvLeiqxjl4XbpIQid5-BzQBjT-wUS3yJxBJfOY7OmVpe2p2Fvbf4kgyfUoehOwjVtDloTMu8q2VEQeSwfgbvu-wGbVOUBxiqcheha_5Uv0Pdx11GziQBsSCE00k376GYpAAYYKyEzP_Zo9fc7NM6Q1EKxXXxo_nXhoL0kj8y9Qq8HpNNYSceUj6WZ5qYzWn33jiFHhIKsV3cywe3uxxdDAQ8xTOrd90uCdVkhhR9vLoVLCeSeUBJveDkCAb849JZkCnchgZ3wsbV_Ueb4ipBqUBesBVPhDzHI2tqUonSI4sahDXpbQaXT_VrkmASdyMmMdmTkYhzzYbUwOmmypaEAIAiw2Dnr1207MmpIsgeh3CiWxQHQqrRL2avwy4Ep3WC6verGe-23USTCURlmT6xGiMIiWyukfP0vAbKtm-XYs560q5U7i1-86yH_GU18Rhc4wE2hqpq9GuaJqbcc3s1rIkSQXYs4UloVDUhcTplBDfNzEw5-Rx7ce7Q-ZmaHXsv4mz8hDLkKeyT2tqX8TUJdmPaokKXyECRrxoumZDuUoTU3vMbt4T84jH_EuIFwQlYp6_XGmQ2RczW9HZASPX4FgH0Dfg2Q0WfO7KU3KLWidt_6asECYAFtXuCDb8bw6TkUm5n4pKu0qZi3_PncujkPxtAt7xEcgwfQ8f89oOug37XhiMfDOiLawo2MiRGIzBI2Iri8sAQvL35vQRgxddNdghQZOlXaGtwSbY4RsELViRTxppBH6X9BjPex2q3LJGaBpD7kzyMnZlb2PKUbmcv9mBPd6AM6HBRKcGey0gdMKVg0C6MTQS8asNOOw_Dag9pB9vmPK08XtwnZD2TdQNL3qNrc680LQ6doZS6a0qvJGrOQAwXDfbQ9sr8srti7GQTNZoHITGrY6tBulSbROj-FYkZlEvKgCR3vWnaUAtGoeXS9qPRCDbLCXeid818HeBRtJef5lRcDGKNx09oWxxTkHHLHgvH6Hu6954Lbde4oVbvEvWa8FMb7B8wBRzGdpmh2kPW2dVfb5iEPkwcsA1RQywyFcLTs1CZpTwLwEeQVX2H6CsNYerRnHvbtcM0yfL0Ft_pAXRuIIKLcz9WvLjMWco3AEYJZ8cGMIQnHPwe0bpL0ObBbL1TsUqzy8bFC_LQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.durangoherald.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.61 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

227 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

36 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 10:38:50	Name: _GRECAPTCHA Value: 09AK_d_34is3QY06n7BzXaFGChapr7mpISvIjnTdx7ye9JxDIjtrQXn04wGb4XywHifC5InlyseSD4Yz4UGXQ32gM
.durangoherald.com/	1970-01-20 15:04:41	Name: visid_incap_2533496 Value: S2ozG8fqQYiXnX9jKfGn5MNkNGMAAAAAQUIPAAAAAAAF0wcf1ffzzXywEqEmhH92
.durangoherald.com/	1969-12-31 23:59:59	Name: nlbi_2533496 Value: wX2uSZwsqgADHafJKjp9cgAAAAA252SlDRGq56FAzzjINW4S
.durangoherald.com/	1969-12-31 23:59:59	Name: incap_ses_1700_2533496 Value: 0MFkQikct2B2hGj3EJ2XF8NkNGMAAAAA3aaA0kIDM/qBZH4R7JyB/Q==
.durangoherald.com/	1969-12-31 23:59:59	Name: incap_ses_247_2533496 Value: 6ZWzb5bvwylYLUErI4ZtA8VkNGMAAAAAhIar7JBbiS41M5rNyUbbnA==
.postrelease.com/	1970-01-20 15:05:14	Name: opt_out Value: 1
.durangoherald.com/	1970-01-20 15:55:38	Name: _ga_Y4MLN3PXZ8 Value: GS1.1.1664378055.1.0.1664378055.60.0.0
.durangoherald.com/	1970-01-20 15:55:38	Name: _ga Value: GA1.1.571021667.1664378055
www.durangoherald.com/	1969-12-31 23:59:59	Name: ntvSession Value: {"id":8017976,"placementID":776915,"lastInteraction":1664378055608,"sessionStart":1664378055608,"sessionEndDate":1664409600000,"experiment":""}
ads.adventive.com/	1970-01-20 08:43:38	Name: ADV_u_id Value: f18ac284-7030-40be-89fd-9f9412c7c5bb
.adventive.com/	1970-01-20 06:19:39	Name: __cf_bm Value: 0Nu_cyJ8TKT_t_lJL4j92HFg6g1k8y1nuPgFAT.0P2s-1664378056-0-AfkWWhgq6BcDedlmvYQD8wpxW6npqwZgJRoa7nykwm5S9GBbFa60d6k01JhQ8vls7vcTqQpVnV+rb4X6C06+Qqs=
.durangoherald.com/	1970-01-20 15:41:14	Name: __gads Value: ID=1db0c5b08308ca70-222dd22133ce00ef:T=1664378056:S=ALNI_Ma5lXJrGDjHKxetsJI1KEE5gZGxcQ
.doubleclick.net/	1970-01-20 15:41:14	Name: IDE Value: AHWqTUkJt0_T4pfEaro2LMj3w7OZJ6d8cneN4qO-yRrlZUxn5yCQ7RQpuBqyegveBd8
.adventivecdn.com/	1970-01-20 06:19:39	Name: __cf_bm Value: j9WKmkdqSuSrXPsGvDiQqtgi3Dis7FVU6ew6oGMYyz0-1664378056-0-AZw5n7+LUiZO1VSbr0lGoMBufGPZ2gKPdwV9uEE19MRcmQvFrxscMruXlgUYtKMw9ajzsCKzilXxfu2toX3n+3Y=
ads.adventive.com/	1970-01-20 07:46:02	Name: ADV_pid_168639 Value: 1
.adnxs.com/	1970-01-20 08:29:14	Name: uuid2 Value: 1151922892188506090
.doubleclick.net/	1970-01-20 06:19:41	Name: DSID Value: NO_DATA
.casalemedia.com/	1970-01-20 15:05:14	Name: CMID Value: YzRkyATX6z1W9oM8W47YQQAA
.casalemedia.com/	1970-01-20 08:29:14	Name: CMPS Value: 5146
.casalemedia.com/	1970-01-20 08:29:14	Name: CMPRO Value: 5146
.adnxs.com/	1970-01-20 08:29:14	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C$Gt(DsZ!]tc-8i_iqf!oN/@E'zz<Z0Qx![E<4[usB#950nj.!<>S-q!gCSQJO0WRgYTD._PlZ[C[-kX-s3Ec/
.casalemedia.com/	1970-01-20 08:29:14	Name: CMTS Value: 1186
.w55c.net/	1970-01-20 15:48:26	Name: wfivefivec Value: f7jx3xWb1ODyLn5
.w55c.net/	1970-01-20 07:02:50	Name: matchgoogle Value: 5
m.exactag.com/	1970-01-20 08:29:14	Name: exactag_new_gk Value: ba85b82f362141fb8010f65ab91b7794%7c27.11.2022+15%3a14%3a17
m.exactag.com/	1970-01-20 10:38:50	Name: exactag_new_uk Value: afaaa431172b4bd3b7e4bc1467b80135%7c
m.exactag.com/	1969-12-31 23:59:59	Name: session_session Value: f63acda9582a4ba58ab89c23
.adform.net/	1970-01-20 07:02:50	Name: C Value: 1
.lijit.com/	1970-01-20 15:05:14	Name: ljt_reader Value: FZGyqGZHsJXGYHwzRc6PqZAL
.yahoo.com/	1970-01-20 15:05:35	Name: A3 Value: d=AQABBMlkNGMCEBBdSGTmvNAUNm1475CV7T4FEgEBAQG2NWM-YwAAAAAA_eMAAA&S=AQAAAvT6TMKLjNPqwqLPEVIobXs
.demdex.net/	1970-01-20 10:38:50	Name: demdex Value: 69361748066664635362507291094392675196
.adform.net/	1970-01-20 07:46:02	Name: uid Value: 478438339782529528
.skydeutschland.demdex.net/	1970-01-20 10:38:50	Name: skydeutschland Value: 69361748066664635362507291094392675196
.360yield.com/	1970-01-20 08:29:14	Name: tuuid Value: eefd0687-5348-44f5-b727-449b5d28e7f9
.360yield.com/	1970-01-20 08:29:14	Name: tuuid_lu Value: 1664378057
.tribalfusion.com/	1970-01-20 08:29:14	Name: ANON_ID Value: aqntmImMZaE9DXqwmyCEZba3316EoPuS8ZbEw19YgVTdUW1U2VZcErXNU28qHCMlkLb80rNrOZcoWZbA2h1qWGMHZa12ZcJf

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://cdn.ampproject.org/rtv/012209072154000/v0/amp-ad-exit-0.1.mjs(Line 1) Message: Unrecognized feature: 'attribution-reporting'.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

76fdbfe50c41bda7725301c22af5f20d.safeframe.googlesyndication.com
a.tribalfusion.com
aax-dtb-cf.amazon-adsystem.com
ads.adventive.com
adservice.google.com
adservice.google.de
ap.lijit.com
assets.adventivecdn.com
c.amazon-adsystem.com
c1.adform.net
cdn.ampproject.org
cdn.jsdelivr.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
code.createjs.com
code.jquery.com
connect.facebook.net
d3768553-257c-69ae-8152-69ae257cd376
d3768d55-257c-69ae-8954-69ae257cd376
dsum-sec.casalemedia.com
durangoherald-co.newsmemory.com
durangoherald.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
image6.pubmatic.com
imengine.public.prod.dur.navigacloud.com
jadserve.postrelease.com
m.exactag.com
match.360yield.com
p.typekit.net
pagead2.googlesyndication.com
pixel.adsafeprotected.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prod.ew.dur.navigacloud.com
region1.analytics.google.com
s-jsonp.moatads.com
s.ntv.io
s.tribalfusion.com
s0.2mdn.net
securepubads.g.doubleclick.net
skydeutschland.demdex.net
static.adsafeprotected.com
static.ew.dur.navigacloud.com
stats.g.doubleclick.net
tpc.googlesyndication.com
use.typekit.net
www.durangoherald.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
z.moatads.com

104.18.19.126
107.154.109.252
107.154.114.252
13.224.195.78
13.225.78.71
13.32.10.16
142.250.180.194
142.251.39.34
18.66.112.92
184.51.9.197
185.64.190.78
2001:4860:4802:34::36
2001:4de0:ac18::1:a:1b
23.35.237.151
2600:9000:2204:5600:8:48e:53c0:93a1
2606:4700:4400::ac40:98f5
2606:4700::6810:5814
2606:4700::6810:d735
2606:4700::6811:180e
2606:4700::6812:1740
2a00:1450:4001:801::2002
2a00:1450:4001:802::2001
2a00:1450:4001:80e::2002
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2002
2a00:1450:4001:812::2004
2a00:1450:4001:827::2003
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2006
2a00:1450:400d:806::2001
2a00:1450:400d:807::2002
2a00:1450:400d:80a::2001
2a00:1450:400d:80d::2002
2a00:1450:4025:402::9b
2a02:26f0:3500:11::215:14cb
2a02:26f0:3500:16::215:148b
2a02:26f0:3500:16::215:148f
2a03:2880:f02d:12:face:b00c:0:3
2a05:d018:d29:3605:c283:2fe6:5625:9484
3.121.84.223
34.252.39.216
35.167.201.97
37.157.4.23
37.252.172.250
50.17.180.6
54.220.47.254
63.34.160.33
63.34.160.83
72.251.249.13
85.14.248.72
0011a205005ea4084d4d83b0d88b728d3dd8c3354aff786bb72623d8a3b41572
0169f0c4db4157dd94cb7398e456eaf46fce4f357d7ffb1ba74151639b3b8326
0284cbccebf1682452d62d06efa3665c874d642d4e03f5f5f9bb0f555da9251b
03ad25e3fcb013ef61e8820c255ee7cf9eb8f50d2dd44dd4e860c82783c8a4ad
03e557024acc19298ac2dea7cf70ac47abc61fd89ab387c30b927883184195b8
047bdc2c6df73f0b6d779c6e828fd987bc97c8a9eceae14e68aa6f266cb3cb68
04fe87d33adc84f83a3c8162e43893790b8c4a1905307415aa37faa7e2b6b217
05335a7404043e95248ffa3d969efd32b02c656b52142c2f2cc9629159b2f27a
0596c9a23341585844ec3f9784716005022cd4c534e2e050f6fab16d4c5a25cb
05eec522d5621fa82ff4a821e720ebf7dbd20ad8a7d20fb24b458b68e9f3be50
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
09e60d1957ca452c11466b3bb732b49a5bd9cc539a904e3945adc85197d1e02b
0b2e37215654c96974390fe090e178697bc2353c3971bda36992e572f09ec233
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bca081fbb993025163879e469c315a98ede0d22ed7a5d6b98bd875deda59c6b
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0d5d0d75b4424eb797db47c2d4856e87cfbeed920e478b76adf57d61e25c6926
111ac61e627008261e23043c5e6b486035f0b123b1963e2fa8671e188eb33829
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
16cc32d19c83b6836716c22532f46876f2a5c0420425c0634190bebdb946ef48
1810548a0a4f5ffbf2760eb47fb85778434750b77feb43e5b9f190849664f89d
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1c1107a3bfba71e8a9765ca70aaf92ee5df4d71912428f6e9bb1439f901b41ae
1e96644ef81390c7b40d54eae84637f274cfd50f8d0ce7794c417e7004b8e4d5
230aa8718729a00366ba1430f4961526e060a18cbd313b356f1f34222a5fb569
2392bb69de9eb1e9efad1da54204d43b70c52e5b6004b053d1e645fac906ac3f
23fe36a9296ce39e4754d108a9662995a3d29c0239d2af8c171934033b548aaf
24032c7addbd8fb21eee6aae9469100ea0e25505b7338fda06fcc26417cc858f
26726bac4060abb1226e6ceebc1336e84930fe7a7af1b3895a109d067f5b5dcc
292057fd73bdf2b6ad9d7a83275ecaa9c82fd1168d53b0f970b6df3b01fcf20f
2a7e68d0087973ead34ca76786e18702ea9f1101ce9e5239bff15f3d2b58205d
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2cc757d457062af553dd19f8a9f098d7949a01808de3ff8e5fc921a9f2677f5f
2d2b42be0b916475bf6dbac5205ae4799b47b7d8a699740bd4b5ab2f5fc3c0b6
31bf507422c1054fc0fadc1784508841709bf4e6ce7abf89a7d8e1f86e796a99
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
365e54b0e814e15184b1245b057afc4967d1071eda5d00e7a0258770cc5a0dcb
37a2ac7dd93637f81c046eb3efb5fb2c73c59c7669287fa04475f6ec37edcb6c
38114c5de35349d4e12d5fcde4d20432ef6586c760a22712f8682e3a0a750a1e
3cd271fbb5f4ea8e284e440a0ded9850585e6472a7cc5225cf55fda1d9f3c741
3cfef72b107916204f184a60622b32a8342eec17a7eae44a3c903a59bfbe71b2
3def69a6a4ab29e6407622558054abacb94da5e8ae9a21ecc2810582f7aed256
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3e4c5caa9f998e263be019c15ce95f580a5ce33f7bc3347d0f02bd64effc99bf
3f317580bdc191899303a8dccb293fc8d11dfcccc94818622c008285645d3f57
3f38c93344789f557b5aa27f3e0c7811f6f6958882cbd6a895cdd2005b8222e9
41927abcf736bab1d47d1687ca7bc31f774f0e1cd93b290b2aa789258c92e2a3
4217045a8d701cac3b4a766a11076e7cc5342087464a8a6e3cc7e4f9feec09a3
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
446c8cf887683dd3f33b4dcdb5b724e22af0b117546dea6aa0c66e071740ef94
4788e27c7a0524bbd9be08e423597036e980f6c6e527e778db89b53920badc6c
4a519d2bd3043b930e0bbc73d78b2c4d672981401a8de9e846831502365c4509
4b424d73a944f41d95c60333c46cb5a2791d2c7dc225e4c6410c36a0ee92fe43
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d788357d10fca0d5e377c170d397a7919beb3616bbb69e2b95d1db9b4710029
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
527d0808216e24ce838e14ffd686947cd4a8719fd9562a21412ed08c8ac14614
546c6d6545722c65b4e17eb3f7d3331b42e9268bd339dab651a44f7538b31f3c
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55f8f64d8afe9f9247c9f6c454677cd8d532bb2ebb2d14c136e81a0c154f229e
5656cede2b9662ded580d222b9db077a803c741d5e4829d14eb5c385c2a2d50c
58b603271da250778cca7450c81343eba7a896c87d93812f4de54ca5e1108488
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5cac59099c99113382f265adbccd1a6c55f5b59a74c1966f01fa73dd2bf940d9
607150d742ffb67d983e9bd23ab87e0d436f68776c67898c57db306319840cb5
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62bebe5fd35015aee17a6346f05e5413154a6721791cda0bfe0a48d0583842be
691d56279f97db26395e7dec13bb2ef3d30700d540a904889ec3c063a702150b
72065d57eec8cdd299f72fd431ec0b9d6c632949a4037df2080c15ddfdd4dd05
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7569633a69ae6303f1c5e73c4c9207b442635bfd3712ca959f26bcee7908779e
77abd96282cea97814e153fc458782284ac2407cd2ed5f840c7b6c92764652b4
7826192203ad368a74218ecb82bbacfdf2e3a17b338e4fc5ea58cd9ff7717a30
78b75daeac4d1ba8fff32264777441d5676638d72d672119eb03d21ebae1deb8
78bd59e6eec6ddba5f0eb3096ed6ba47becea4110155464a3bb255a72c8e52ca
7921e0105e099b9c4d457e7b92813bb33943e9a78091030a5033045a559091bf
7957958e558b7ff0e29f946e66af0ad96c9b22d9bd623740b37b2d3b9675de43
7ab21a154fbc890cf68e7d8f7124d4776b88f5256ed30105b81350a12ea1bd82
7d4fb730fb78fa7201576aac8678fb1ef55a3c1b4704600e36d3debec868087f
7e78fcdfd223b53f5539d516a7ba0fec6f30ae763e7ca07091df1b86f3010e98
7f7e94e4b2ce4850a5fd141c45be20cf976db7c651dc580e4c8ecb3570124319
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8485f542dc47f238ebfdf4763df0e0150d19e9418efdec6fd0eb7a44f0b7955c
858ea5e76dceb60430928bc0c2b62d2237e908bb9e6893c7c0bdee3d6a4f29cb
85d571bd94b34bcdb672e3c3016f84e91fd938033ffa726f003fc7b4da0ca8fc
867edfa8845fc9391720137d613b7493723a92f54e97da1a7a596c8880574107
86be52bdb7547413cafb3ed175a806a798c65de98b40849e0b974c47d187de65
87a786e71d8ba6b098a115fc81e2f27e3b3e42b271af34381926e4555ff71543
88dea3842c3eeb781bdfa182fabf5cc4d799f2e75e3825839e4d6a9540978da5
8aa048082094d36080fc028ab1584264596c64fb5b362038c4761ac9838d6b14
8ad74b30972057e9efc8dd2c5d013ed97938050ceab38f1209780d584bcd6fb3
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
8c9d606a627678a4b16cd95b69c4913096447d49568a87044c7af21c340f9c6c
8d4daf01ac842e9165a39ca80dda29515dd0f5dc611b959540ba7477d36c3d82
8d90500059bf2da09057e5ec01286818fcf24f72964f045c8a40c0507639af2f
90398d274e093821b066f9bc367d1ddb8e2fa9d18d7660c10cc3704c4d9f519f
9306bca909e7a400d62deb7f6c022fcf9e702188001564768ba96d9cd26241c3
949c2b6588872fdebac31a475a18c447e9f42ccb96fc683b830e8e6fc3848ddd
957ccf4746551d933ba28aa85c448fe43dc62e5376f018d91b14b91ed20b9042
96da839661d63f7cab3dc3e43613fee97166a472555cc91df21777d6d83e58d9
97b867d594a61ec531b3ada04e4dc8c82f0e73f2d7c34b7fd5127e1b6f538548
997710a38586226681604f9f2b0d0b98699da2c28d4fd7b0405325bbbfe62c0d
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9b99ce50d05750058143cb93936075ad5107f9a3e5b03f2d4872c0ebe753a9f7
9c16346c37c164608164e7b460eeb10cf49a70852f68367c46b085d27c99e075
9df9512d0f2332b34e43e220b6bdc675dc6b663e72406edde64fd96dc9128e1b
9eee73c5b6d0869b871ced8dfe382b04d4b85bf8ee49907f8b400a8ba691f821
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a2b997da567762896061490c3c08e506b2e5b936978560fc12251dd245140b32
a3c5ff7e114ffe32212ee07123f9dc6aa19c09072e44fe64649c9cc747040cab
a47b1ed560753a1e31a7bf7130a3e12688a22f80c662938ad7f14940c91b17d3
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4f92ae0d3ab6cc4e73bcc03c1d415ebbdd2ffc7fe5582c93dd0a70155f5f907
a51177ce27c9440f635c6bfef9bd3aab0b52a97d5bc8540e2e3a9ad8f4c46f6a
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a915754dd6e088c034edafadf0d920508bc0c3377967a3b0677e278c800bd9cd
ab720224c1548ed676ca1a6e9f2ecbb3d92fe43ab4e573de9246e48f440a4636
ab9023c418902450ad4f7f6c6a514ec01ef341b88d372ff7888c01ea66d13660
acaa8b8cdef45311158f315d38ee002f0b6b7359d9faa81f627f2a356d170609
adaa323f32baeb8ebeefdd4eabcb423f3a88a6f0c0c5af390c6e682b847bb855
aea01aebbd37f22702da35b5e4859313e267078e1de4b1a50b872dc50133d92a
afc2ce9394130574085ed713adbc885c14e3cdf88dd68fcf692e1576e4ed16c2
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b00ed0378997e41a4bf2e1dcbfcc05c4b50fe1b9b1d922fa99ef68622ef7145e
b0793658a18fae9cf683872c09dc2c7bb70837d50fdbb82e9e708f8f977c7177
b0904426b658f49f43280cc6ba75d9dc9fbe6a764b7c9fc2c11897c30af3f3e7
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1f1edfded3b12ec9d08ae4b64821869d453a663af645e295de35ab0467656a3
b326a1469c739c2ef2e5ff8b87f3824156131ed264eddbe1049410de4696426c
b550486f6b586d7e13c64d36ad96c5bed0172c46e6600cc1e2de9d53006fbf29
b5524ad9d28b7bd3eb154f6fb37f9ce4ab0cd151972a07c7696f2aee99e10301
b5c422737a3014e58810db4ac5052acbb9cf489d0c303cab94453cc77d4cdfed
b833cb134b87cc8aff62b4ec463dd4d022dc0cec53dc9c9b403103c88f9a8de9
bcc93eb05ec0935626e3f23b82351ef31b04fc0326a7d800ed92a8c0c78747c7
bd73c748eb9be5ca5b5bb9152257624ff89efcbb1a58458b02e768b8f571f04f
c10ae5f6c4872dff4a634de95bbc01513810b378212445592795128575206af0
c14b6c1f19579babac8efc5af33e08ae464006650629cbfadbaa8320a4929344
c26ea605253d9ae8dafd8820f37d0b223752fb54c5c754f7ba1b6fcbe7faea9d
c34e28196cd412790c548696f1447aff0116ee662fead57bf578021e8cc01ba5
c39e9db358e5d8045bebf902ed71b49c17d66f175c8ce0dcaeec96ec7d09090b
c569951d4abd4b4efe25bf2b4a19f174385eacc39fe063fcba3b3dc7d8bb03b2
c76749cafd48ecb64ccf7cfbebdf4a12dd54683ecdbe2436beca7926f5177462
caf2650aa985d277b2dd131a6261888bc64e6c9bc15e5564bfb9b380bcf82a10
cd31b85c0984f6a193e9787df2e9cbbf7cb3af2ad280ae4556ef649e4082b9aa
cf9414742b9e5d3de2cc2a115ac5aa8607431828fe3d9ba2d1fb92386a000482
d2549e131f505d2172565b0c0b2911e257cbd3c5bf1f6928dfcfb221d0845e2a
d420ee64cb607d68e208a3105b39934807ed2e4d43ced2542f7b6b0cd153ca43
d474b57418549db82c6ff109048fc1df96781e3132732c22cd8ce17b3473573c
d485f54c3ae5920cd21c8d180458c50f092554777b97f9c52ac6f76359838a05
d59f2aca9cfb279eca7a9f9a83d6aa95ee3b69e40b7382acc5aa34edc1874f96
d5a9f65d43e9cbe882254f38ea1cef6c0e019143e546a2d879fc1ec123e6b4ab
d94f18e4a6c5b3f5cb7055c23757321077e461e2ecb5f117c9eeeda1a93435b3
dd22c52347ad42343ca4c6fa76a783715312f1f4a35e97f937611a5b26aa2354
df41cc389549fe31dc397dd4564d87c6efdf901606dca8f2b18e8632c7afab81
dff91edeb3acaaa0588c9f24fa09e53657bfc83f1423e37332e55d32ff2f9f2b
e11678b0ef38c12f0cce7df03799636e7a04d38d3ec565bf721258f72c3ae630
e28bbb1a4bd3864d8b848f825c93bf4224a4a5a4274e344c20b66b65e3f2b562
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e6d084ffc939bd4d4ec1689e43c4728bfe3ba79aa72be20d3ee829a18cba28eb
e7052ee7e4fa3d19fa953957b23d6cd29b2311739ec0932d6e570577d19f2503
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
eb51f6ee1408e5a436babf55bd97e8ade233f60ec1620a90754d2b53c983a5aa
ebe8dc90e0e1e958adaccbbb222051f6d8e6c9dd47de2023bf213f9a87e2e846
edf33f4ac238ec0f1f48727982ad9f1a1c79b364070aa14845286fa24137b01a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efff01c62418d6f4467c02e31f8c01ec7c4459e9310654f6dcbc30120a385209
f288c846c9e301ccbf6afc835de4a8eb87441045bed3391c1b8fcc0810fa23fc
f4ea36aa06f1d3900bdbfba6cebd7fc3f8a0b14c66f15ca3bc5a345705bd420c
f6441798447ba251e1090a35dcee01ee8b3e9446325a4c058fabda6090a90a16
f6a0e647ce9ceefdc9b9cf4ffeaefbb1108bcd0d64660ab6aac0917de4ee7757
f998913c05f99e1f93af8efd625c654f6c0dd8e4855fd4ca1f5887df7a8ff0ca

www.durangoherald.com Open in urlscan Pro 107.154.114.252 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

253 Requests

91 %HTTPS

56 %IPv6

38 Domains

57 Subdomains

48 IPs

8 Countries

11628 kBTransfer

17133 kBSize

36 Cookies

40 Outgoing links

Page URL History

Redirected requests

253 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 3 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.durangoherald.com Open in urlscan Pro
107.154.114.252 Public Scan

Screenshot
Live screenshot

Full Image

253
Requests

91 %
HTTPS

56 %
IPv6

38
Domains

57
Subdomains

48
IPs

8
Countries

11628 kB
Transfer

17133 kB
Size

36
Cookies

253 HTTP transactions
3 data transactions