urlscan.io logo urlscan.io
SecurityTrails logo

www.timesunion.com Open in urlscan Pro
151.101.192.200  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://googleads.g.doubleclick.net/pcs/click?xai=AKAOjsvfG-7ngPewlrotzy0L9jgkGeVDIo7OeZz3kOZNLpTjofqspgzkcyCDAO_JxomC_GGys_gMT9iiA1...
Effective URL: https://www.timesunion.com/
Submission Tags: phishing
Submission: On May 10 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 7 IPs in 2 countries across 9 domains to perform 23 HTTP transactions. The main IP is 151.101.192.200, located in San Francisco, United States and belongs to FASTLY, US. The main domain is www.timesunion.com. The Cisco Umbrella rank of the primary domain is 134056.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2024 Q2 on April 22nd 2024. Valid for: a year.
This is the only time www.timesunion.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 142.250.185.162 15169 (GOOGLE)
1 1 13.33.187.51 16509 (AMAZON-02)
1 1 162.240.233.253 46606 (UNIFIEDLA...)
1 1 98.129.228.59 33070 (RMH-14)
5 151.101.192.200 54113 (FASTLY)
1 151.101.129.40 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
2 2a02:26f0:350... 20940 (AKAMAI-ASN1)
2 2a00:1450:400... 15169 (GOOGLE)
1 35.190.10.96 15169 (GOOGLE)
23 7
1    142.250.185.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net
googleads.g.doubleclick.net
1    13.33.187.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-187-51.fra60.r.cloudfront.net
qrco.de
1    162.240.233.253 (United States)

ASN46606 (UNIFIEDLAYER-AS-1, US)
PTR: 162-240-233-253.unifiedlayer.com
asifiuqty-isodyfuiwer.duckdns.org
1    98.129.228.59 (United States)

ASN33070 (RMH-14, US)
timesunion.com
5    151.101.192.200 (San Francisco, United States)

ASN54113 (FASTLY, US)
www.timesunion.com
1    151.101.129.40 (San Francisco, United States)

ASN54113 (FASTLY, US)
captcha.perimeterx.net
2    2a00:1450:4001:81c::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    2a02:26f0:3500:11::215:14d0 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
client.px-cloud.net
2    2a00:1450:4001:812::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    35.190.10.96 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 96.10.190.35.bc.googleusercontent.com
collector-px413gkwmt.px-client.net
Apex Domain
Subdomains		 Transfer
6 timesunion.com
timesunion.com — Cisco Umbrella Rank: 120736
www.timesunion.com — Cisco Umbrella Rank: 134056
336 KB
2 gstatic.com
fonts.gstatic.com
69 KB
2 px-cloud.net
client.px-cloud.net — Cisco Umbrella Rank: 4668
76 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 33
655 B
1 px-client.net
collector-px413gkwmt.px-client.net
1 KB
1 perimeterx.net
captcha.perimeterx.net — Cisco Umbrella Rank: 324686
522 KB
1 duckdns.org
asifiuqty-isodyfuiwer.duckdns.org
398 B
1 qrco.de
qrco.de — Cisco Umbrella Rank: 86295
357 B
1 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 35
28 B
23 9
Domain Requested by
5 www.timesunion.com www.timesunion.com
client.px-cloud.net
2 fonts.gstatic.com fonts.googleapis.com
2 client.px-cloud.net captcha.perimeterx.net
client.px-cloud.net
2 fonts.googleapis.com client
1 collector-px413gkwmt.px-client.net client.px-cloud.net
1 captcha.perimeterx.net www.timesunion.com
1 timesunion.com 1 redirects
1 asifiuqty-isodyfuiwer.duckdns.org 1 redirects
1 qrco.de 1 redirects
1 googleads.g.doubleclick.net 1 redirects
23 10

This site contains no links.

Subject Issuer Validity Valid
*.beaumontenterprise.com
GlobalSign Atlas R3 DV TLS CA 2024 Q2		 2024-04-22 -
2025-05-24		 a year crt.sh
*.perimeterx.net
GlobalSign Atlas R3 DV TLS CA 2023 Q3		 2023-08-25 -
2024-09-25		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
client.botchk.net
R3		 2024-02-29 -
2024-05-29		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2024-04-16 -
2024-07-09		 3 months crt.sh
*.px-cloud.net
Sectigo RSA Domain Validation Secure Server CA		 2023-08-15 -
2024-09-13		 a year crt.sh

This page contains 2 frames:

Primary Page: https://www.timesunion.com/
Frame ID: B6374BAD9BC06CB0C818F095C12A329E
Requests: 21 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Frame ID: 694C909D8D30CF1D763ED6E7FCEAA6E9
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Access to this page has been denied

Page URL History Show full URLs

  1. https://googleads.g.doubleclick.net/pcs/click?xai=AKAOjsvfG-7ngPewlrotzy0L9jgkGeVDIo7OeZz3kOZNLpTjofqspgzkcyCDAO... HTTP 302
    https://qrco.de/bf2uGx?userID=QMVFmy0P HTTP 302
    https://asifiuqty-isodyfuiwer.duckdns.org/?w0TatTkv9Fo HTTP 302
    https://timesunion.com/ HTTP 301
    https://www.timesunion.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns

Page Statistics

23
Requests

57 %
HTTPS

30 %
IPv6

9
Domains

10
Subdomains

7
IPs

2
Countries

1004 kB
Transfer

1328 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://googleads.g.doubleclick.net/pcs/click?xai=AKAOjsvfG-7ngPewlrotzy0L9jgkGeVDIo7OeZz3kOZNLpTjofqspgzkcyCDAO_JxomC_GGys_gMT9iiA1eximZsnGm9CP75sJnJ3WojVKhB7o1VXCHcE9GRJaWV40iJbfvMPNyM1oaxsdxMKubGRKrEgcKqqnixFGlG71btt8NM4V8sFickRvREKIIw0qELAc_zYk-91XCqP3rShcKz9rEyirghOgkK3RZ1rJSNwNhrpOOc9PDgX3K4XEl1lDTmNboZxfWVexcU_9-faVqKM62gYoTRkV8Dg065scjFXQIaD-McSohqr6NG8D68jxGl4O0DtP0zMpDn6LQRFwBYfWRgC5HdP-h9y72PTwpHzRYilIngJKka4l7kOnC5n4s89OOMhEWbZ7GlitL3MvtCDf92Y0mk1PuhjIlOqwBP&sai=AMfl-YS17WS1tsmufrMuzWrssk0Fm1aOY4Ovw3sOv2XCTQHRfzftY10i58pdp8aQaF0UNV57umFXAOIViRV93vP6_3wJw5VOmZoERgitf2IfRNb3xaY&sig=Cg0ArKJSzEFGB1vdX2he&fbs_aeid=%5Bgw_fbsaeid%5D&adurl=https://qrco.de/bf2uGx?userID=QMVFmy0P HTTP 302
    https://qrco.de/bf2uGx?userID=QMVFmy0P HTTP 302
    https://asifiuqty-isodyfuiwer.duckdns.org/?w0TatTkv9Fo HTTP 302
    https://timesunion.com/ HTTP 301
    https://www.timesunion.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

23 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.timesunion.com/
Redirect Chain
  • https://googleads.g.doubleclick.net/pcs/click?xai=AKAOjsvfG-7ngPewlrotzy0L9jgkGeVDIo7OeZz3kOZNLpTjofqspgzkcyCDAO_JxomC_GGys_gMT9iiA1eximZsnGm9CP75sJnJ3WojVKhB7o1VXCHcE9GRJaWV40iJbfvMPNyM1oaxsdxMKub...
  • https://qrco.de/bf2uGx?userID=QMVFmy0P
  • https://asifiuqty-isodyfuiwer.duckdns.org/?w0TatTkv9Fo
  • https://timesunion.com/
  • https://www.timesunion.com/
4 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.200 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
ac82da5f657f65873d21c7de33641b0672d3c7b80b279ef96ee5a9544cfec53e
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests
1
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

accept-ranges
bytes
content-length
4025
content-type
text/html
date
Fri, 10 May 2024 23:00:55 GMT
retry-after
0
server
Varnish
strict-transport-security
max-age=300
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-etou8220141-FRA
x-vcl-version
424
x-vclmem
12008

Redirect headers

Cache-Control
max-age=60
Connection
close
Content-Length
235
Content-Type
text/html; charset=iso-8859-1
Date
Fri, 10 May 2024 23:00:55 GMT
Expires
Fri, 10 May 2024 23:01:55 GMT
Location
https://www.timesunion.com/
Server
Apache
captcha.js
captcha.perimeterx.net/PX413gkwMT/ 		521 KB
522 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://captcha.perimeterx.net/PX413gkwMT/captcha.js?a=c&u=283ce3e7-0f21-11ef-a365-fef6debd3c37&v=&m=0
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.40 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7fe557f19bac819997ac51c8495ed4316a9665e9a59694bc70d067c308b9326e
Security Headers
Name Value
Content-Security-Policy default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.timesunion.com/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

content-security-policy
default-src 'self';base-uri 'self';font-src 'self' https: data:;form-action 'self';frame-ancestors 'self';img-src 'self' data:;object-src 'none';script-src 'self';script-src-attr 'none';style-src 'self' https: 'unsafe-inline';upgrade-insecure-requests
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
date
Fri, 10 May 2024 23:00:55 GMT
via
1.1 varnish
x-permitted-cross-domain-policies
none
age
419
x-dns-prefetch-control
off
x-cache
HIT
content-length
533380
x-xss-protection
0
x-served-by
cache-fra-etou8220107-FRA
referrer-policy
no-referrer
x-timer
S1715382056.773450,VS0,VE2
etag
W/"82384-nGMZNtMtrXI0+x/djP4QeiqMnuk"
x-download-options
noopen
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?1
cache-control
public, max-age=600
accept-ranges
bytes
x-cache-hits
1
css2
fonts.googleapis.com/ 		2 KB
655 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3f9005f509d279744935201dc8425848d3bc9d249f4f13c612965ae80d88479e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.timesunion.com/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Fri, 10 May 2024 23:00:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
expires
Fri, 10 May 2024 23:00:56 GMT
main.min.js
client.px-cloud.net/PX413gkwMT/ 		171 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://client.px-cloud.net/PX413gkwMT/main.min.js
Requested by
Host: captcha.perimeterx.net
URL: https://captcha.perimeterx.net/PX413gkwMT/captcha.js?a=c&u=283ce3e7-0f21-11ef-a365-fef6debd3c37&v=&m=0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:11::215:14d0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
04c83fac3de6c99f30c5a07632ea0bcb05b15a55ac5769fd7bc7855ee99285d9

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.timesunion.com/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Fri, 10 May 2024 23:00:56 GMT
content-encoding
gzip
etag
"2abd1-2MUqHuL8mnxyTOzHssx0IfSDOXY"
x-px-hash
Mjg4NDU3YjViNGRjMjA4YmQzZmYzNjRlNWUzMGExMzZmMzk3MDEzZDU2YzY4NWVjMmQxNmFkMGU5YmNkOGY3YQ==
vary
Accept-Encoding
active-cdn
Akamai
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
active-cdn,x-served-by,Akamai-Request-BC
cache-control
max-age=600
content-length
77720
logo.svg
www.timesunion.com/img/logos/black/ 		327 KB
328 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.timesunion.com/img/logos/black/logo.svg
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.200 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
de4df11df191595c52a6ec8ad7dcc2048a03be959a82fdf392730b3d80f9cf67
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.timesunion.com/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Fri, 10 May 2024 23:00:56 GMT
via
1.1 varnish
strict-transport-security
max-age=300
age
327491
x-cache
HIT
x-vclmem
16384
content-length
334587
x-served-by
cache-fra-etou8220141-FRA
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 06 May 2024 16:03:55 GMT
server
Apache
x-timer
S1715382056.164090,VS0,VE1
etag
"51afb-617cb3766a9ce"
vary
X-hnp-px,Fastly-SSL, X-HNP-backend, X-is-eu, Accept-Encoding, X-ab-scope
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=604800
x-vcl-version
424
accept-ranges
bytes
x-cache-hits
0
KFOmCnqEu92Fr1Me5Q.ttf
fonts.gstatic.com/s/roboto/v30/ 		127 KB
69 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Me5Q.ttf
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7277cfb805def6410f317129b8e1f78bdd47d1a4e24c233077d06e88a36e57ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.timesunion.com
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Fri, 10 May 2024 21:52:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4106
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69919
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 May 2025 21:52:30 GMT
bundle
www.timesunion.com/413gkwMT/xhr/assets/js/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.timesunion.com/413gkwMT/xhr/assets/js/bundle
Requested by
Host: client.px-cloud.net
URL: https://client.px-cloud.net/PX413gkwMT/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.200 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c72d2d0fed47c9a41b68d3890ae7344e422abc30df14ea167fc87c1698bd5075
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://www.timesunion.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 10 May 2024 23:00:56 GMT
via
1.1 google, 1.1 varnish
strict-transport-security
max-age=300
x-cache
MISS
x-vclmem
14648
content-length
1876
x-served-by
cache-fra-etou8220141-FRA
vary
X-hnp-px,Fastly-SSL, X-HNP-backend, X-is-eu, Accept-Encoding, X-ab-scope
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
x-vcl-version
424
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
0
css2
fonts.googleapis.com/ Frame 694C 		2 KB
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Requested by
Host: client
URL: about:client
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
3f9005f509d279744935201dc8425848d3bc9d249f4f13c612965ae80d88479e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.timesunion.com/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Fri, 10 May 2024 23:00:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
expires
Fri, 10 May 2024 23:00:56 GMT
KFOmCnqEu92Fr1Me5Q.ttf
fonts.gstatic.com/s/roboto/v30/ Frame 694C 		127 KB
0 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Me5Q.ttf
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7277cfb805def6410f317129b8e1f78bdd47d1a4e24c233077d06e88a36e57ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.timesunion.com
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Fri, 10 May 2024 21:52:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
4106
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69919
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:02 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/ttf
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 10 May 2025 21:52:30 GMT
main.min.js
client.px-cloud.net/PX413gkwMT/ 		0
0 		XHR
General
Check archive.org
Download Go to
Full URL
https://client.px-cloud.net/PX413gkwMT/main.min.js
Requested by
Host: client.px-cloud.net
URL: https://client.px-cloud.net/PX413gkwMT/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:11::215:14d0 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.timesunion.com/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Fri, 10 May 2024 23:00:56 GMT
content-encoding
gzip
etag
"2abd1-2MUqHuL8mnxyTOzHssx0IfSDOXY"
x-px-hash
Mjg4NDU3YjViNGRjMjA4YmQzZmYzNjRlNWUzMGExMzZmMzk3MDEzZDU2YzY4NWVjMmQxNmFkMGU5YmNkOGY3YQ==
vary
Accept-Encoding
active-cdn
Akamai
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
active-cdn,x-served-by,Akamai-Request-BC
cache-control
max-age=600
content-length
77720
4a730545-499d-4a65-93b0-38a7b0144f52
https://www.timesunion.com/ 		17 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.timesunion.com/4a730545-499d-4a65-93b0-38a7b0144f52
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1374b28d22b674e53a044425556a9cd48b82fd5aba3bf19e3545d51704227b10

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Content-Length
17
Content-Type
application/javascript
e1d25540-2c86-4ca2-b369-51a03d9916a8
https://www.timesunion.com/ 		5 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.timesunion.com/e1d25540-2c86-4ca2-b369-51a03d9916a8
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
04468e2a5840aed999be83858013d7d642abf31b8172bea43333d48091a7f9d5

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Content-Length
5008
Content-Type
application/javascript
8a9a69a2-6824-4acf-84bb-eabbd214c78d
https://www.timesunion.com/ 		5 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.timesunion.com/8a9a69a2-6824-4acf-84bb-eabbd214c78d
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
66a9f5e75797feb722d0a2331565860ff4feb8dc56a8277e2dab41a5fb4ae435

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Content-Length
5010
Content-Type
application/javascript
ecd27a1a-2302-4cf3-9b06-8ae1d726c9ab
https://www.timesunion.com/ 		5 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.timesunion.com/ecd27a1a-2302-4cf3-9b06-8ae1d726c9ab
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
02f5f3b68de50fb789f0546f64d1b1ad39797f6c090d303a82d3d319a24d51a0

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Content-Length
5011
Content-Type
application/javascript
affbb0dd-8dc5-4da5-ab32-a8de36a6ac52
https://www.timesunion.com/ 		5 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.timesunion.com/affbb0dd-8dc5-4da5-ab32-a8de36a6ac52
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
11da216f158653c8e958da94be61632ae8059645458100e2b0b326eed738bf7a

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Content-Length
5012
Content-Type
application/javascript
50607223-ad29-4eea-bc50-5468cc882541
https://www.timesunion.com/ 		5 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.timesunion.com/50607223-ad29-4eea-bc50-5468cc882541
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ab16aa4f313e6f58fc96676299c703f65285f618380365c26a3a4de0f6133325

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Content-Length
5012
Content-Type
application/javascript
8b9b4293-d6eb-4c8e-8a72-f5b7e5beb2d1
https://www.timesunion.com/ 		5 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.timesunion.com/8b9b4293-d6eb-4c8e-8a72-f5b7e5beb2d1
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0919251e57aebbfe3eb7655d46a6f0be00bad7ebb670d7f07c35ad0ab65e685f

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Content-Length
5012
Content-Type
application/javascript
2fcf3938-3d9d-4cd0-aa26-008dd0e9f605
https://www.timesunion.com/ 		5 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.timesunion.com/2fcf3938-3d9d-4cd0-aa26-008dd0e9f605
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5e5de5e3a5a0ce67c9a1eb5432ad49849723bd08c30d547ddfc3f880955ecbf1

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Content-Length
5012
Content-Type
application/javascript
e0abcfdd-189e-4b08-b900-40c4eb9abbcd
https://www.timesunion.com/ 		5 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.timesunion.com/e0abcfdd-189e-4b08-b900-40c4eb9abbcd
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c7d3dcd2ee95a48b25a285462586daea9a8bb29a1851ad89000e8927a0445b5d

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Content-Length
5012
Content-Type
application/javascript
e72defa0-083f-454c-bcff-33aea1f841bc
https://www.timesunion.com/ 		5 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.timesunion.com/e72defa0-083f-454c-bcff-33aea1f841bc
Requested by
Host: www.timesunion.com
URL: https://www.timesunion.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
4ee280a767c97cb99168fa6181e786892cd2349a6185b31c3de20805347e0314

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

Content-Length
5012
Content-Type
application/javascript
g
collector-px413gkwmt.px-client.net/b/ 		799 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector-px413gkwmt.px-client.net/b/g?payload=aUkQRhAIEGJqAwMLBgIQHhBWEAhJEGJqAwMBBQsQCFRTXkFXHhBiagMAAQIFEAgQYmoDAwUGBxAeGEG^JqAwMEBAoQCBBCSlpirDREB4Q^YmoDGAAE%3EGGChAIV`FNeQVcK;eDEGJqAwMEBgc`QCBBa[RkZ}GC}7QQgdHUVFRRxGW197XQUdcW11cHFFdXx0QT09v&appId=PX413gkwMT&tag=v8.9.0&uuid=283ce3e7-0f21-11ef-a365-fef6debd3c37&ft=324&seq=1&en=NTA&cs=7b02c8adf7e1c1440cfff9fde823d8164332012661697ecac10a0e12d2cde173&pc=3375279374188001&sid=28bf0394-0f21-11ef-80b3-794cac4bae9f%F3%A0%84%B1%F3%A0%84%B7%F3%A0%84%B1%F3%A0%84%B5%F3%A0%84%B3%F3%A0%84%B8%F3%A0%84%B2%F3%A0%84%B0%F3%A0%84%B5%F3%A0%84%B6%F3%A0%84%B4%F3%A0%84%B0%F3%A0%84%B3&vid=283ce777-0f21-11ef-a365-2e68b1ec7998&ci=28c3c230-0f21-11ef-8d12-5d97ee70c231&pxhd=4d9730d40f9f44a1764e170c727b4a49ada8373cd840bc1110597aeaf13652e1:283ce777-0f21-11ef-a365-2e68b1ec7998&cts=28bf5ea4-0f21-11ef-80b5-794cac4bae9f
Requested by
Host: client.px-cloud.net
URL: https://client.px-cloud.net/PX413gkwMT/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.10.96 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
96.10.190.35.bc.googleusercontent.com
Software
/
Resource Hash
abce546c4810a0fa8867ad8700d655184a2c0913431d3aa848c132e5ce7f6cac

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.timesunion.com/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Fri, 10 May 2024 23:00:55 GMT
via
1.1 google
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
image/gif
access-control-allow-origin
https://www.timesunion.com
cache-control
public, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
799
favicon.ico
www.timesunion.com/ 		662 B
932 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.timesunion.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.200 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache/2.4.58 (Unix) /
Resource Hash
d704047c19bf37f0319fe03dc010f66158b3a441c899721a5bac932f0599a05e
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Accept-Language
de-DE,de;q=0.9;q=0.9
Referer
https://www.timesunion.com/
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)

Response headers

date
Fri, 10 May 2024 23:00:56 GMT
content-encoding
br
via
1.1 varnish
strict-transport-security
max-age=300
age
60638
x-cache
HIT
x-vclmem
17040
content-length
667
x-served-by
cache-fra-etou8220141-FRA
server
Apache/2.4.58 (Unix)
x-timer
S1715382057.542556,VS0,VE1
etag
"l57q48ybih1rf"
vary
X-hnp-px,Fastly-SSL, Accept-Encoding, X-HNP-backend, X-is-eu, X-ab-scope
content-type
image/vnd.microsoft.icon
access-control-allow-origin
*
x-vcl-version
424
accept-ranges
bytes
x-cache-hits
0
bundle
www.timesunion.com/413gkwMT/xhr/assets/js/ 		844 B
924 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.timesunion.com/413gkwMT/xhr/assets/js/bundle
Requested by
Host: client.px-cloud.net
URL: https://client.px-cloud.net/PX413gkwMT/main.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.192.200 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
95bc35880b53c24f097b80ffb92556e9418287354bf432a65f85b20998ab00d8
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Referer
https://www.timesunion.com/
Accept-Language
de-DE,de;q=0.9;q=0.9
User-Agent
ia_archiver (+http://www.alexa.com/site/help/webmasters; crawler@alexa.com)
Content-type
application/x-www-form-urlencoded

Response headers

date
Fri, 10 May 2024 23:00:57 GMT
via
1.1 google, 1.1 varnish
strict-transport-security
max-age=300
x-cache
MISS
x-vclmem
21624
content-length
844
x-served-by
cache-fra-etou8220141-FRA
vary
X-hnp-px,Fastly-SSL, X-HNP-backend, X-is-eu, Accept-Encoding, X-ab-scope
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-credentials
true
x-vcl-version
424
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
0

Verdicts & Comments Add Verdict or Comment

21 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| script string| _pxVid string| _pxUuid string| _pxAppId string| _pxHostUrl string| _pxCustomLogo string| _pxJsClientSrc string| _pxFirstPartyEnabled function| _pxDisplayErrorMessage string| _pxAction boolean| _pxMobile object| _413gkwMThandler function| _pxToggleOpenForm function| _pxUuidCopyToClipboard function| _pxSubmitForm function| _pxItemSelected function| _pxInit object| regeneratorRuntime object| PX413gkwMT object| PX

11 Cookies

Domain/Path Name / Value
.doubleclick.net/ Name: IDE
Value: AHWqTUnAnzhWQahpFlroqSyckj4aFp_m7ILn1ZD7wybfvf_fk8tw29JbdeyHuJdS
asifiuqty-isodyfuiwer.duckdns.org/ Name: PHPSESSID
Value: 6a68365c807377ac960944e553dac208
www.timesunion.com/ Name: _pxhd
Value: 4d9730d40f9f44a1764e170c727b4a49ada8373cd840bc1110597aeaf13652e1:283ce777-0f21-11ef-a365-2e68b1ec7998
www.timesunion.com/ Name: location_data
Value: {"is_eu":true,"country_code":"DE","postal_code":"1"}
.timesunion.com/ Name: hnpdiudpf1
Value: BJfS2Ke2tt1JWbF2iplbfpBF2RD4D0vuqpY9y9l9//o=
.timesunion.com/ Name: hnpdiudpf2
Value: Nqx2Qa9Og+eYSsgQrqaAKO9JNsBSWeN9Ah4QDB2MkT0=
www.timesunion.com/ Name: ab_bucket
Value: 23
www.timesunion.com/ Name: pxcts
Value: 28bf5ea4-0f21-11ef-80b5-794cac4bae9f
www.timesunion.com/ Name: _pxvid
Value: 283ce777-0f21-11ef-a365-2e68b1ec7998
www.timesunion.com/ Name: _px2
Value: eyJ1IjoiMjgzY2UzZTctMGYyMS0xMWVmLWEzNjUtZmVmNmRlYmQzYzM3IiwidiI6IjI4M2NlNzc3LTBmMjEtMTFlZi1hMzY1LTJlNjhiMWVjNzk5OCIsInQiOjE3MTUzODIzNTcyMzAsImgiOiJhMzY3OWVmNWZiOTI4YWM1MThiZTFkYzM2OWJjNTM5MGJhMmViNzkzZGUwMmQ4ZDI0Yjk2ZmQ5NDc0NDRkM2FlIn0=
www.timesunion.com/ Name: _pxde
Value: 2932952ae29363d4812ed4da1fa7ccbf9d69fc6e2bc982325498ce5fe9230446:eyJ0aW1lc3RhbXAiOjE3MTUzODIwNTcyMzAsImZfa2IiOjAsImlwY19pZCI6W10sImluY19pZCI6WyIzN2Y5NjM4NDRhMDM3ODdiZTlmMWU0MGUyYmE0OGFmOSIsIjgzMTE1YzNmYjFkMzQ0ZmVhYWJjNTk3YWZkZjQyMDYyIiwiMzQzODljYjBhZTM0NmNjYzc2YjYyYWJmYTc3YTQ3NmYiXX0=

1 Console Messages

Source Level URL
Text
network error URL: https://www.timesunion.com/
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=300

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

asifiuqty-isodyfuiwer.duckdns.org
captcha.perimeterx.net
client.px-cloud.net
collector-px413gkwmt.px-client.net
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
qrco.de
timesunion.com
www.timesunion.com
13.33.187.51
142.250.185.162
151.101.129.40
151.101.192.200
162.240.233.253
2a00:1450:4001:812::2003
2a00:1450:4001:81c::200a
2a02:26f0:3500:11::215:14d0
35.190.10.96
98.129.228.59
02f5f3b68de50fb789f0546f64d1b1ad39797f6c090d303a82d3d319a24d51a0
04468e2a5840aed999be83858013d7d642abf31b8172bea43333d48091a7f9d5
04c83fac3de6c99f30c5a07632ea0bcb05b15a55ac5769fd7bc7855ee99285d9
0919251e57aebbfe3eb7655d46a6f0be00bad7ebb670d7f07c35ad0ab65e685f
11da216f158653c8e958da94be61632ae8059645458100e2b0b326eed738bf7a
1374b28d22b674e53a044425556a9cd48b82fd5aba3bf19e3545d51704227b10
3f9005f509d279744935201dc8425848d3bc9d249f4f13c612965ae80d88479e
4ee280a767c97cb99168fa6181e786892cd2349a6185b31c3de20805347e0314
5e5de5e3a5a0ce67c9a1eb5432ad49849723bd08c30d547ddfc3f880955ecbf1
66a9f5e75797feb722d0a2331565860ff4feb8dc56a8277e2dab41a5fb4ae435
7277cfb805def6410f317129b8e1f78bdd47d1a4e24c233077d06e88a36e57ae
7fe557f19bac819997ac51c8495ed4316a9665e9a59694bc70d067c308b9326e
95bc35880b53c24f097b80ffb92556e9418287354bf432a65f85b20998ab00d8
ab16aa4f313e6f58fc96676299c703f65285f618380365c26a3a4de0f6133325
abce546c4810a0fa8867ad8700d655184a2c0913431d3aa848c132e5ce7f6cac
ac82da5f657f65873d21c7de33641b0672d3c7b80b279ef96ee5a9544cfec53e
c72d2d0fed47c9a41b68d3890ae7344e422abc30df14ea167fc87c1698bd5075
c7d3dcd2ee95a48b25a285462586daea9a8bb29a1851ad89000e8927a0445b5d
d704047c19bf37f0319fe03dc010f66158b3a441c899721a5bac932f0599a05e
de4df11df191595c52a6ec8ad7dcc2048a03be959a82fdf392730b3d80f9cf67
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855