![](/screenshots/97016cc1-21e9-44c0-b383-fea45c49b6c9.png)
helenair.com
Open in
urlscan Pro
192.104.182.109
Public Scan
Effective URL: https://helenair.com/
Submission: On August 02 via api from US — Scanned from DE
Summary
TLS certificate: Issued by GTS CA 1P5 on July 8th 2023. Valid for: 3 months.
This is the only time helenair.com was scanned on urlscan.io!
urlscan.io Verdict: No classification
Domain & IP information
ASN16509 (AMAZON-02, US)
email.mail.helenair.com |
ASN10668 (LEE-ASN, US)
PTR: cms.chicago2.vip.townnews.com
helenair.com |
ASN16509 (AMAZON-02, US)
PTR: server-108-138-1-25.fra56.r.cloudfront.net
c.amazon-adsystem.com |
ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-117.fra56.r.cloudfront.net
tagan.adlightning.com |
ASN15169 (GOOGLE, US)
www.googletagmanager.com |
ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net |
ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
insight.adsrvr.org | |
match.adsrvr.org |
ASN16509 (AMAZON-02, US)
PTR: server-13-225-83-200.fra2.r.cloudfront.net
d1eoo1tco6rr5e.cloudfront.net |
ASN15169 (GOOGLE, US)
www.google-analytics.com |
ASN16509 (AMAZON-02, US)
PTR: server-52-222-239-116.fra56.r.cloudfront.net
aax.amazon-adsystem.com |
ASN16509 (AMAZON-02, US)
PTR: server-99-86-8-175.fra6.r.cloudfront.net
cdn.segment.com |
ASN14618 (AMAZON-AES, US)
PTR: ec2-3-208-247-56.compute-1.amazonaws.com
bidder.newspassid.com |
ASN16509 (AMAZON-02, US)
PTR: ec2-44-240-52-117.us-west-2.compute.amazonaws.com
api.segment.io |
ASN16509 (AMAZON-02, US)
PTR: ec2-3-125-84-164.eu-central-1.compute.amazonaws.com
match.sharethrough.com |
Domain | Requested by | |
---|---|---|
48 | bloximages.chicago2.vip.townnews.com |
helenair.com
bloximages.chicago2.vip.townnews.com |
20 | bidder.newspassid.com |
bloximages.chicago2.vip.townnews.com
cmp.osano.com bidder.newspassid.com ads.pubmatic.com |
9 | helenair.com |
helenair.com
|
7 | cm.g.doubleclick.net | 7 redirects |
7 | www.googletagmanager.com |
helenair.com
cmp.osano.com |
5 | image2.pubmatic.com |
ads.pubmatic.com
|
5 | cmp.osano.com |
helenair.com
cmp.osano.com |
4 | a.audrte.com | 3 redirects |
4 | cdn.segment.com |
cmp.osano.com
cdn.segment.com |
3 | ssum.casalemedia.com | 3 redirects |
3 | ib.adnxs.com | 3 redirects |
3 | eb2.3lift.com | 3 redirects |
3 | ad2.360yield.com | 3 redirects |
3 | x.bidswitch.net | 3 redirects |
3 | rtb.openx.net | 3 redirects |
3 | ads.avct.cloud | 1 redirects |
3 | ads.pubmatic.com |
bidder.newspassid.com
|
3 | aax.amazon-adsystem.com |
c.amazon-adsystem.com
|
3 | tagan.adlightning.com |
helenair.com
cmp.osano.com |
3 | c.amazon-adsystem.com |
helenair.com
c.amazon-adsystem.com |
2 | pixel.rubiconproject.com | |
2 | c1.adform.net | 2 redirects |
2 | cr.frontend.weborama.fr | 2 redirects |
2 | aax-eu.amazon-adsystem.com |
1 redirects
ads.pubmatic.com
|
2 | d5p.de17a.com | 2 redirects |
2 | image6.pubmatic.com |
1 redirects
ads.pubmatic.com
|
2 | ap.lijit.com |
bidder.newspassid.com
|
2 | match.sharethrough.com | |
2 | cm.adform.net | 1 redirects |
2 | www.google-analytics.com |
cmp.osano.com
|
2 | insight.adsrvr.org |
1 redirects
d1eoo1tco6rr5e.cloudfront.net
|
2 | securepubads.g.doubleclick.net |
cmp.osano.com
|
2 | www.gstatic.com |
helenair.com
|
1 | match.adsrvr.org | |
1 | simage2.pubmatic.com | |
1 | um.simpli.fi | |
1 | dmp.adform.net | 1 redirects |
1 | idsync.frontend.weborama.fr | |
1 | sync.crwdcntrl.net | |
1 | cms.quantserve.com | 1 redirects |
1 | p.rfihub.com | 1 redirects |
1 | dis.criteo.com |
ads.pubmatic.com
|
1 | api.segment.io |
cdn.segment.com
|
1 | ampcid.google.de |
www.google-analytics.com
|
1 | ampcid.google.com |
www.google-analytics.com
|
1 | d1eoo1tco6rr5e.cloudfront.net |
cmp.osano.com
|
1 | email.mail.helenair.com | 1 redirects |
151 | 47 |
This site contains links to these domains. Also see Links.
Domain |
---|
subscriberservices.lee.net |
legacy.memoriams.com |
www.stringr.com |
autos.montanawheelsforyou.com |
dingdingding.com |
www.google.com |
helenacolonial.redlion.com |
lee.net |
bloxcms.com |
bloxdigital.com |
Subject Issuer | Validity | Valid | |
---|---|---|---|
helenair.com GTS CA 1P5 |
2023-07-08 - 2023-10-06 |
3 months | crt.sh |
bloximages.chicago2.vip.townnews.com GeoTrust TLS RSA CA G1 |
2023-03-13 - 2024-04-12 |
a year | crt.sh |
cmp.osano.com Amazon RSA 2048 M02 |
2023-02-21 - 2023-09-30 |
7 months | crt.sh |
c.amazon-adsystem.com Amazon RSA 2048 M01 |
2023-02-28 - 2024-02-17 |
a year | crt.sh |
*.gstatic.com GTS CA 1C3 |
2023-07-10 - 2023-10-02 |
3 months | crt.sh |
*.adlightning.com Amazon RSA 2048 M01 |
2023-07-08 - 2024-08-05 |
a year | crt.sh |
*.google-analytics.com GTS CA 1C3 |
2023-07-10 - 2023-10-02 |
3 months | crt.sh |
*.g.doubleclick.net GTS CA 1C3 |
2023-07-10 - 2023-10-02 |
3 months | crt.sh |
*.cloudfront.net Amazon RSA 2048 M01 |
2022-12-08 - 2023-12-07 |
a year | crt.sh |
aax-dtb-mobile-cf.amazon-adsystem.com Amazon RSA 2048 M01 |
2023-03-16 - 2024-03-08 |
a year | crt.sh |
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020 |
2023-04-12 - 2024-05-13 |
a year | crt.sh |
*.google.com GTS CA 1C3 |
2023-07-10 - 2023-10-02 |
3 months | crt.sh |
*.segment.com Amazon RSA 2048 M01 |
2023-02-24 - 2024-01-12 |
a year | crt.sh |
bidder.newspassid.com Amazon RSA 2048 M01 |
2023-05-03 - 2024-05-31 |
a year | crt.sh |
*.google.de GTS CA 1C3 |
2023-07-10 - 2023-10-02 |
3 months | crt.sh |
*.segment.io Amazon RSA 2048 M01 |
2023-02-10 - 2024-02-10 |
a year | crt.sh |
*.adform.net DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-05-25 - 2024-06-18 |
a year | crt.sh |
*.sharethrough.com Amazon RSA 2048 M01 |
2023-06-14 - 2024-07-12 |
a year | crt.sh |
*.lijit.com Go Daddy Secure Certificate Authority - G2 |
2023-05-06 - 2024-05-04 |
a year | crt.sh |
*.pubmatic.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-01-25 - 2024-01-24 |
a year | crt.sh |
*.criteo.com DigiCert Global G2 TLS RSA SHA256 2020 CA1 |
2023-07-19 - 2023-10-18 |
3 months | crt.sh |
aax-eu.amazon-adsystem.com Amazon RSA 2048 M01 |
2023-06-21 - 2024-03-02 |
8 months | crt.sh |
*.crwdcntrl.net Amazon RSA 2048 M01 |
2022-11-07 - 2023-12-06 |
a year | crt.sh |
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1 |
2022-11-07 - 2023-12-08 |
a year | crt.sh |
ads-eu.avct.cloud Amazon RSA 2048 M01 |
2023-02-09 - 2024-01-31 |
a year | crt.sh |
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1 |
2023-03-05 - 2024-04-03 |
a year | crt.sh |
This page contains 13 frames:
Primary Page:
https://helenair.com/
Frame ID: 4EE9CD51A6DDAF7C6479C4D41BA0D329
Requests: 105 HTTP requests in this frame
Frame:
https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe
Frame ID: 7C8C950D7743FD25E38CCA782675F7EA
Requests: 2 HTTP requests in this frame
Frame:
https://cmp.osano.com/
Frame ID: D01AD34CAAF7124D2F6EF1D23E35BB76
Requests: 1 HTTP requests in this frame
Frame:
https://bidder.newspassid.com/static/load-cookie.html?usp_consent=1---&pubcid=25149be7-cf9a-4cab-a7d0-7b8831ce92d0&publisherId=NPID10000001&siteId=3500000335&cb=1691019109711&bidder=newspassid
Frame ID: 671D8D5952248FCF2566F7FF22930E95
Requests: 13 HTTP requests in this frame
Frame:
https://bidder.newspassid.com/static/load-cookie.html?usp_consent=1---&pubcid=25149be7-cf9a-4cab-a7d0-7b8831ce92d0&publisherId=NPID10000001&siteId=3500000335&cb=1691019109700&bidder=newspassid
Frame ID: DAEF292FC2FB8F16021A4D151E8F6B5F
Requests: 13 HTTP requests in this frame
Frame:
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid&predirect=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-newspassid%26uid%3D
Frame ID: 44A87F61B18577BDC6C699C6822AAD1D
Requests: 1 HTTP requests in this frame
Frame:
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid&predirect=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-newspassid%26uid%3D
Frame ID: AA95E60114F24E2C2B59B0F6CAFD8274
Requests: 11 HTTP requests in this frame
Frame:
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5981166460470537656
Frame ID: 82326602C817EC5D7D644E2DA983C2AD
Requests: 1 HTTP requests in this frame
Frame:
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 4EE300B28ACB7C62A5B581D1101B5089
Requests: 1 HTTP requests in this frame
Frame:
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5108559729057072238
Frame ID: 904EAD1A834280125F333692A90A06FE
Requests: 1 HTTP requests in this frame
Frame:
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=A829490D-D662-46D4-823B-37E5C272B770&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 07B971FAD006824FFE55111EF2763C7E
Requests: 1 HTTP requests in this frame
Frame:
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=jdpbRt7ZDkaW3AtCid4VFIncXUKW2Q1EjY2Pn9ac
Frame ID: 7D5D7350925C895576082F2E7D5108F9
Requests: 1 HTTP requests in this frame
Frame:
https://bidder.newspassid.com/setuid?bidder=pubmatic&gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid&uid=A829490D-D662-46D4-823B-37E5C272B770
Frame ID: 402362FAE005C43F210DEF527625922F
Requests: 1 HTTP requests in this frame
Screenshot
![](/screenshots/97016cc1-21e9-44c0-b383-fea45c49b6c9.png)
Page Title
Independent Record | Breaking News | | Read Helena, MT and Montana breaking news. Get latest news, events and information on Montana sports, weather, entertainment and lifestylesCollectionCollectionVideoVideoVideoVideoVideoVideoVideoAudioAudioAudioAudioVideoVideoCollectionCollectionCollectionCollectionPage URL History Show full URLs
-
http://email.mail.helenair.com/e/c/eyJlbWFpbF9pZCI6ImRnVE04d2NBQU9hX0EtV19Bd0dKdHBZMDZ4bFBWajNWY0RnRi13MD0i...
HTTP 307
https://email.mail.helenair.com/e/c/eyJlbWFpbF9pZCI6ImRnVE04d2NBQU9hX0EtV19Bd0dKdHBZMDZ4bFBWajNWY0RnRi13MD0i... HTTP 302
https://helenair.com/ Page URL
Detected technologies
![](/vendor/wappa/icons/Firebase.png)
Detected patterns
- /firebasejs/([\d.]+)/firebase
![](/vendor/wappa/icons/Bootstrap.png)
Detected patterns
- <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
- bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
![](/vendor/wappa/icons/Font Awesome.png)
Detected patterns
- (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Detected patterns
- google-analytics\.com/(?:ga|urchin|analytics)\.js
![](/vendor/wappa/icons/Google Tag Manager.png)
Detected patterns
- googletagmanager\.com/gtm\.js
- googletagmanager\.com/gtag/js
![](/vendor/wappa/icons/OWL Carousel.png)
Detected patterns
- owl\.carousel.*\.js
![](/vendor/wappa/icons/PubMatic.png)
Detected patterns
- https?://[^/]*\.pubmatic\.com
![](/vendor/wappa/icons/Rubicon Project.png)
Detected patterns
- https?://[^/]*\.rubiconproject\.com
![](/vendor/wappa/icons/Segment.png)
Detected patterns
- cdn\.segment\.com/analytics\.js
![](/vendor/wappa/icons/TrackJs.png)
Detected patterns
- tracker\.js
Detected patterns
- jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Page Statistics
14 Outgoing links
These are links going to different origins than the main page.
Title: Subscribe $1 for 9 months
Search URL Search Domain Scan URL
Title: Share a story
Search URL Search Domain Scan URL
Title: Share video
Search URL Search Domain Scan URL
Title: Cars
Search URL Search Domain Scan URL
Title: My Subscription
Search URL Search Domain Scan URL
Title: Dingdingding.com
Search URL Search Domain Scan URL
Title: 5660 Falcon Rd, Helena, MT 59602
Search URL Search Domain Scan URL
Title: 2915 COUNTRY CLUB AV, HELENA, MT 59601
Search URL Search Domain Scan URL
Title: 2301 Colonial Dr, Helena, MT 59601
Search URL Search Domain Scan URL
Title: Website
Search URL Search Domain Scan URL
Title: Manage Active Subscription
Search URL Search Domain Scan URL
Title: Work here
Search URL Search Domain Scan URL
Title: BLOX Content Management System
Search URL Search Domain Scan URL
Title: bloxdigital.com
Search URL Search Domain Scan URL
Page URL History
This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.
-
http://email.mail.helenair.com/e/c/eyJlbWFpbF9pZCI6ImRnVE04d2NBQU9hX0EtV19Bd0dKdHBZMDZ4bFBWajNWY0RnRi13MD0iLCJocmVmIjoiaHR0cHM6Ly9oZWxlbmFpci5jb20vIiwiaW50ZXJuYWwiOiJjY2YzMDcwMWI1ZDUwMWU2YmYwMyIsImxpbmtfaWQiOjF9/325cc3560d21683fcd42bc7f30bde9879a673c1beac152710b388895de1bdbc0/
HTTP 307
https://email.mail.helenair.com/e/c/eyJlbWFpbF9pZCI6ImRnVE04d2NBQU9hX0EtV19Bd0dKdHBZMDZ4bFBWajNWY0RnRi13MD0iLCJocmVmIjoiaHR0cHM6Ly9oZWxlbmFpci5jb20vIiwiaW50ZXJuYWwiOiJjY2YzMDcwMWI1ZDUwMWU2YmYwMyIsImxpbmtfaWQiOjF9/325cc3560d21683fcd42bc7f30bde9879a673c1beac152710b388895de1bdbc0/ HTTP 302
https://helenair.com/ Page URL
Redirected requests
There were HTTP redirect chains for the following requests:
Request Chain 58- https://insight.adsrvr.org/tags/nebsjkp/21usqg2/iframe HTTP 303
- https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe
- https://ads.avct.cloud/getuid?&gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid&url=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%7BUUID%7D%7D HTTP 307
- https://ads.avct.cloud/getuid?bounce=true&&gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid&url=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%7BUUID%7D%7D
- https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid&r=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%24%7BUID%7D HTTP 302
- https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%24%7BUID%7D&us_privacy=pbs-newspassid&ox_sc=1 HTTP 302
- https://bidder.newspassid.com/setuid?bidder=openx&uid=62b62e71-f849-4577-be55-598f40373d10
- https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
- https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
- https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5981166460470537656
- https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
- https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5108559729057072238
- https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=A829490D-D662-46D4-823B-37E5C272B770&redir=true&gdpr=0&gdpr_consent= HTTP 302
- https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=A829490D-D662-46D4-823B-37E5C272B770&redir=true&gdpr=0&gdpr_consent=&dcc=t
- https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
- https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=jdpbRt7ZDkaW3AtCid4VFIncXUKW2Q1EjY2Pn9ac
- https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=qClJDdZiRtSCOzflwnK3cA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=qClJDdZiRtSCOzflwnK3cA%3D%3D&gdpr=0&gdpr_consent=&google_tc= HTTP 302
- https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
- https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 307
- https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=&bounce=1&random=3193051440 HTTP 302
- https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
- https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=A829490D-D662-46D4-823B-37E5C272B770
- https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=A829490D-D662-46D4-823B-37E5C272B770 HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=bDQ4R0dWb2ZCTFdTb08wd2Z4a1VHNnhJUQ==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
- https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
- https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
- https://a.audrte.com/a?adform_uid=4644798953273452710&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
- https://a.audrte.com/p
- https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTgyOTQ5MEQtRDY2Mi00NkQ0LTgyM0ItMzdFNUMyNzJCNzcw&gdpr=0&gdpr_consent= HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTgyOTQ5MEQtRDY2Mi00NkQ0LTgyM0ItMzdFNUMyNzJCNzcw&gdpr=0&gdpr_consent=&google_tc= HTTP 302
- https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
- https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
- https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
- https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEHqMocDiACpqrqnsMEFwjjU&google_cver=1
- https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
- https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
- https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4644798953273452710
- https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid&r=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%24%7BUID%7D HTTP 302
- https://bidder.newspassid.com/setuid?bidder=openx&uid=62b62e71-f849-4577-be55-598f40373d10
- https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 303
- https://bidder.newspassid.com/setuid?bidder=adform&gdpr=0&gdpr_consent=&uid=4644798953273452710
- https://x.bidswitch.net/check_uuid/https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid HTTP 302
- https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid HTTP 302
- https://bidder.newspassid.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=c6aeace6-e0f6-4f71-bfbf-1e2d7637a483
- https://ad2.360yield.com/server_match?r=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D HTTP 302
- https://ad2.360yield.com/ul_cb/server_match?r=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D HTTP 302
- https://bidder.newspassid.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=b06aeaf9-c7f2-4b5f-9faa-7e6d632bc837
- https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=pbs-newspassid&redir=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
- https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=pbs-newspassid&redir=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
- https://bidder.newspassid.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=4127531310359498368473
- https://ib.adnxs.com/getuid?https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 307
- https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fbidder.newspassid.com%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D0%2526gdpr_consent%253D%2526uid%253D%2524UID HTTP 302
- https://bidder.newspassid.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=6360828485597305842
- https://ad2.360yield.com/server_match?r=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D HTTP 302
- https://bidder.newspassid.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=b06aeaf9-c7f2-4b5f-9faa-7e6d632bc837
- https://ssum.casalemedia.com/usermatchredir?us_privacy=pbs-newspassid&gdpr=0&gdpr_consent=&s=189937&cb=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-newspassid%26uid%3D HTTP 302
- https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-newspassid%26uid%3D&gdpr=0&gdpr_consent=&s=189937&us_privacy=pbs-newspassid&C=1 HTTP 302
- https://bidder.newspassid.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid&uid=ZMrna31ufRycnquZYVsrdwAA%263396
- https://x.bidswitch.net/check_uuid/https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid HTTP 302
- https://bidder.newspassid.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=c6aeace6-e0f6-4f71-bfbf-1e2d7637a483
- https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=pbs-newspassid&redir=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
- https://bidder.newspassid.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=4127531310359498368473
- https://ib.adnxs.com/getuid?https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
- https://bidder.newspassid.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=6360828485597305842
- https://ssum.casalemedia.com/usermatchredir?us_privacy=pbs-newspassid&gdpr=0&gdpr_consent=&s=189937&cb=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-newspassid%26uid%3D HTTP 302
- https://bidder.newspassid.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-newspassid&uid=ZMrna31ufRycnquZYVsrdwAA%263396
151 HTTP transactions
Method Protocol |
Resource Path |
Size x-fer |
Type MIME-Type |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
GET H2 |
Primary Request
/
helenair.com/ Redirect Chain
|
529 KB 60 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
jquery.min.d6d18fcf88750a16d256e72626e676a6.js
bloximages.chicago2.vip.townnews.com/helenair.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/ |
98 KB 34 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
user.js
helenair.com/shared-content/art/tncms/user/ |
3 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js
bloximages.chicago2.vip.townnews.com/helenair.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/ |
39 KB 11 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
common.08a61544f369cc43bf02e71b2d10d49f.js
bloximages.chicago2.vip.townnews.com/helenair.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ |
32 KB 12 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tnt.b36ccd6c63f37a5c53e27315d402bd25.js
bloximages.chicago2.vip.townnews.com/helenair.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ |
23 KB 6 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
application.3c64d611e594b45dd35b935162e79d85.js
bloximages.chicago2.vip.townnews.com/helenair.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ |
4 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js
bloximages.chicago2.vip.townnews.com/helenair.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ |
2 KB 946 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bootstrap.min.87df60d54091cf1e8f8173c2e568260c.css
bloximages.chicago2.vip.townnews.com/helenair.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/ |
107 KB 18 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
layout.c16df073a4f45c16eb2b8a91ceb7b785.css
bloximages.chicago2.vip.townnews.com/helenair.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/ |
154 KB 28 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lee.ds.css
bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/styles/ |
96 KB 17 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
flex-notification-controls.e115619c5ab5d4eb38fbd29cc0d2ea9b.css
bloximages.chicago2.vip.townnews.com/helenair.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/ |
6 KB 2 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owl.carousel.d631cca58a0d014854c4a6c1815f1da3.css
bloximages.chicago2.vip.townnews.com/helenair.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/styles/ |
5 KB 1 KB |
Stylesheet
text/css |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
access.js
helenair.com/shared-content/art/tncms/api/ |
87 KB 35 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
osano.js
cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/ |
333 KB 76 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
apstag.js
c.amazon-adsystem.com/aax2/ |
246 KB 60 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
helenair.com.js
bloximages.chicago2.vip.townnews.com/leetemplates.com/content/tncms/live/global/resources/scripts/falcon/ |
9 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
video.continue.a2b66a5f72b8916750786031ff004f58.js
bloximages.chicago2.vip.townnews.com/helenair.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/ |
3 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
owl.carousel.50dc41fa734414148ce4b489fd904c5f.js
bloximages.chicago2.vip.townnews.com/helenair.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ |
40 KB 11 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tnt.notify.a814fe612f2dcba9061edc229aeaf90b.js
bloximages.chicago2.vip.townnews.com/helenair.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ |
3 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tnt.notify.panel.bacbeac9a1ca6ee75b79b21a0e2e99f2.js
bloximages.chicago2.vip.townnews.com/helenair.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ |
7 KB 2 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
firebase-app.js
www.gstatic.com/firebasejs/6.6.2/ |
11 KB 4 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
firebase-messaging.js
www.gstatic.com/firebasejs/6.6.2/ |
31 KB 9 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
messaging.js
helenair.com/shared-content/art/tncms/api/ |
2 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js
bloximages.chicago2.vip.townnews.com/helenair.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/ |
200 B 253 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tracking.js
helenair.com/shared-content/art/tncms/ |
3 KB 1 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
prebid7.9.0.js
bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/live/libraries/flex/components/ads_dfp/resources/scripts/ |
197 KB 61 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
lee.common.js
bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/scripts/ |
9 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
fontawesome.b2419fcc3201a1f4e3293248c643da08.js
bloximages.chicago2.vip.townnews.com/helenair.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ |
268 KB 97 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tracker.js
helenair.com/shared-content/art/stats/common/ |
9 KB 3 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dc6da7aa-374d-11ec-896b-1b0788d30aba.png
bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/custom/image/ |
4 KB 4 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
user_no_avatar.82c8fc38eb25dca10493a994ca1bfb90.png
bloximages.chicago2.vip.townnews.com/helenair.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/images/ |
978 B 1 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
logo-tagline.png
bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/images/ |
5 KB 5 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
op.js
tagan.adlightning.com/leeenterprises/ |
48 KB 19 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
helenair.com.js
bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/live/libraries/flex/components/ads_dfp/resources/scripts/pb-config/ |
1 KB 425 B |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dfp.lazy.pbjs.js
bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/live/libraries/flex/components/ads_dfp/resources/scripts/ |
17 KB 5 KB |
Script
application/x-javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
221 KB 75 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
21ab861f-8ad7-4ddf-b8fe-37476aa0ef8d
https://helenair.com/ |
390 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ |
6 KB 3 KB |
XHR
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
config
c.amazon-adsystem.com/cdn/prod/ |
621 B 974 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gpt.js
securepubads.g.doubleclick.net/tag/js/ |
82 KB 28 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
tracker.gif
helenair.com/shared-content/art/stats/common/ |
0 145 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
542 KB 131 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
75 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
serif-ds.woff2
bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/images/ |
26 KB 26 KB |
Font
application/font-woff2 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
64cac49cc97e5.preview.jpg
bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/assets/v3/editorial/7/22/722afdf4-492e-5739-989f-0cc416d74a30/ |
45 KB 45 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
64cac8fee6115.preview.jpg
bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/assets/v3/editorial/5/65/5650ee46-2bea-11ee-b8e3-ebf02b156491/ |
18 KB 18 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
64ca8edd5b913.preview.jpg
bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/assets/v3/editorial/8/7c/87c4f230-30c0-11ee-b913-a3443397b495/ |
16 KB 16 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
64ca7c31a63e9.preview.jpg
bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/assets/v3/editorial/e/3d/e3da7ca8-314b-11ee-88e7-673d5d61bb65/ |
10 KB 10 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
64ca676e637b4.preview.jpg
bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/assets/v3/editorial/d/62/d62fc5f6-313f-11ee-be33-0f389bc61441/ |
13 KB 13 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
64ca8287ad8e0.preview.jpg
bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/assets/v3/editorial/5/9f/59fd4ea2-30d3-11ee-972a-93a3bd760488/ |
8 KB 8 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
64c984196c7dc.preview.jpg
bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/assets/v3/editorial/e/78/e7828b46-f8c6-5733-b2e9-97ec11a31c44/ |
5 KB 5 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
64c9813edb785.preview.jpg
bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/assets/v3/editorial/5/86/5863ff76-30ad-11ee-a0a8-4b74344b579a/ |
44 KB 45 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
64c67b59aba80.image.jpg
bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/assets/v3/editorial/0/04/0047eb50-2eea-11ee-a710-2fe308de0d16/ |
6 KB 6 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
64c949b192352.preview.jpg
bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/assets/v3/editorial/d/29/d2980628-3082-11ee-aee9-97be8615678a/ |
10 KB 10 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET DATA |
truncated
/ |
73 B 0 |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
dc6da7aa-374d-11ec-896b-1b0788d30aba.png
bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/custom/image/ |
4 KB 4 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
b-e09f10f-fd9abb4c.js
tagan.adlightning.com/leeenterprises/ |
84 KB 31 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bl-2b7a4f9-b19a83ac.js
tagan.adlightning.com/leeenterprises/ |
81 KB 34 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
iframe
d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/ Frame 7C8C Redirect Chain
|
138 B 667 B |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
d562f9c4-87a6-42a4-8fc7-c41c7741c76f
https://helenair.com/ |
390 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
6c21e3d2-f0a7-4910-a3e5-73dddd93044d
https://helenair.com/ |
390 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
6a35a04e-7d6d-42a9-b23a-522247d8c8fb
https://helenair.com/ |
390 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
9c5a1c22-0485-45e5-85a9-faf0470928f4
https://helenair.com/ |
390 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
07dd471a-9be1-4bb9-a8b6-6acc8fb8bb60
https://helenair.com/ |
390 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
6dcf7455-f875-4b52-ba22-4da9707c2143
https://helenair.com/ |
390 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
562eb010-1035-43ab-9ef3-d2e6d174a9a6
https://helenair.com/ |
390 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202307310101/ |
398 KB 126 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
cmp.osano.com/ Frame D01A |
4 KB 1 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
OPTIONS H2 |
de.json
cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/ Frame |
0 0 |
Preflight
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
osano-ui.js
cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/ |
96 KB 24 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
de.json
cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/ |
21 KB 7 KB |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
2b3a6cf5-7507-4798-92c5-a900b1754f50
https://helenair.com/ |
390 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
170 KB 61 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.js
www.google-analytics.com/ |
52 KB 21 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
gtm.js
www.googletagmanager.com/ |
188 KB 64 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%223266%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidError%22%2C%22feat%22%3...
aax.amazon-adsystem.com/x/px/p/PH/ |
43 B 416 B |
Fetch
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bid
aax.amazon-adsystem.com/e/dtb/ |
64 B 501 B |
XHR
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
bid
aax.amazon-adsystem.com/e/dtb/ |
64 B 500 B |
XHR
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js
www.googletagmanager.com/gtag/ |
251 KB 85 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
64ca8edd5b913.preview.jpg
bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/assets/v3/editorial/8/7c/87c4f230-30c0-11ee-b913-a3443397b495/ |
25 KB 26 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
64ca8287ad8e0.preview.jpg
bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/assets/v3/editorial/5/9f/59fd4ea2-30d3-11ee-972a-93a3bd760488/ |
13 KB 13 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
64c2f07a1d5f9.image.jpg
bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/assets/v3/editorial/9/ec/9ec1073c-2c00-5495-948a-37e01d184add/ |
7 KB 8 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
/
insight.adsrvr.org/track/pxl/ Frame 7C8C |
70 B 260 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js
www.googletagmanager.com/gtag/ |
248 KB 84 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
publisher:getClientId
ampcid.google.com/v1/ |
74 B 436 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
851877a4-b4a3-471d-b508-26daa360a235
https://helenair.com/ |
390 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
3d8e5db8-0a0f-4503-9476-4af28677a6d1
https://helenair.com/ |
390 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET BLOB |
0e8e9e4c-3b7a-4c92-97dc-c7f895f2479d
https://helenair.com/ |
390 B 0 |
Other
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H3 |
js
www.googletagmanager.com/gtag/ |
246 KB 84 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
linkid.js
www.google-analytics.com/plugins/ua/ |
2 KB 1 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
analytics.min.js
cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/ |
105 KB 29 KB |
Script
text/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
auction
bidder.newspassid.com/openrtb2/ |
136 B 764 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
auction
bidder.newspassid.com/openrtb2/ |
136 B 764 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
64cac77525b5c.preview.jpg
bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/assets/v3/editorial/0/4c/04c36806-8398-5f52-8690-25faa1deb644/ |
10 KB 10 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
64cacae205bea.image.jpg
bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/assets/v3/editorial/3/38/338e302d-ae56-55bc-b51c-cff3b19034db/ |
27 KB 27 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
64cab72de02d8.preview.jpg
bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/assets/v3/editorial/8/f1/8f169a68-e3f9-5a22-bab9-20fdace56d23/ |
22 KB 23 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
64cacadf800c4.image.jpg
bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/assets/v3/editorial/5/54/554ab58c-7ebb-5e1a-95a6-402dfcba8436/ |
25 KB 26 KB |
Image
image/jpeg |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
publisher:getClientId
ampcid.google.de/v1/ |
3 B 365 B |
XHR
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
settings
cdn.segment.com/v1/projects/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/ |
2 KB 1 KB |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ajs-destination.bundle.0f003b5e4b03680982b4.js
cdn.segment.com/analytics-next/bundles/ |
9 KB 3 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
schemaFilter.bundle.f63551a29dc1697f71b6.js
cdn.segment.com/analytics-next/bundles/ |
2 KB 1 KB |
Script
application/javascript |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
p
api.segment.io/v1/ |
21 B 171 B |
Fetch
application/json |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
64c0a94ff1ff3.image.png
bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/assets/v3/editorial/0/82/08222a76-b260-5a4c-8701-53681de61971/ |
15 KB 15 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
6487ff3284373.image.png
bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/assets/v3/editorial/1/fa/1fa4e618-4d06-55c0-91d0-6852fb511cd7/ |
19 KB 20 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
64c0abff9ef68.image.jpg
bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/assets/v3/editorial/5/f5/5f571ae8-45a5-5b26-a350-c84bfa11763f/ |
7 KB 7 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
64c0ac03b7092.image.jpg
bloximages.chicago2.vip.townnews.com/helenair.com/content/tncms/assets/v3/editorial/e/41/e419e320-dd37-5cf1-a78f-b5f435ac4abc/ |
9 KB 9 KB |
Image
image/webp |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
helenair.com/tncms/tracking/classifieds/featured/ |
0 147 B |
Ping
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
/
helenair.com/tncms/tracking/business/block/ |
0 147 B |
Ping
application/octet-stream |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
load-cookie.html
bidder.newspassid.com/static/ Frame 671D |
12 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
load-cookie.html
bidder.newspassid.com/static/ Frame DAEF |
12 KB 13 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
cookie_sync
bidder.newspassid.com/ Frame 671D |
3 KB 4 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
POST H2 |
cookie_sync
bidder.newspassid.com/ Frame DAEF |
3 KB 4 KB |
XHR
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
cookie
cm.adform.net/ Frame 671D |
43 B 106 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v1
match.sharethrough.com/universal/ Frame DAEF |
0 35 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pixel
ap.lijit.com/ Frame 671D |
0 277 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
pixel
ap.lijit.com/ Frame DAEF |
0 277 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 44A8 |
15 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame AA95 |
15 KB 6 KB |
Document
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
getuid
ads.avct.cloud/ Frame DAEF Redirect Chain
|
0 0 |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headersRedirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
setuid
bidder.newspassid.com/ Frame 671D Redirect Chain
|
0 796 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
PugMaster
image6.pubmatic.com/AdServer/ Frame AA95 |
2 KB 3 KB |
Script
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Pug
image2.pubmatic.com/AdServer/ Frame 8232 Redirect Chain
|
42 B 424 B |
Document
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
usersync.aspx
dis.criteo.com/dis/ Frame 4EE3 |
43 B 363 B |
Document
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Pug
image2.pubmatic.com/AdServer/ Frame 904E Redirect Chain
|
42 B 194 B |
Document
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
dcm
aax-eu.amazon-adsystem.com/s/ Frame 07B9 Redirect Chain
|
43 B 855 B |
Document
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Pug
image2.pubmatic.com/AdServer/ Frame 7D5D Redirect Chain
|
42 B 416 B |
Document
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
setuid
bidder.newspassid.com/ Frame 4023 |
0 803 B |
Document
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame AA95 Redirect Chain
|
15 KB 15 KB |
Image
text/html |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
qmap
sync.crwdcntrl.net/ Frame AA95 |
49 B 265 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
ids
idsync.frontend.weborama.fr/ Frame AA95 Redirect Chain
|
0 284 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
p
a.audrte.com/ Frame AA95 Redirect Chain
|
68 B 424 B |
Image
image/png |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Pug
image2.pubmatic.com/AdServer/ Frame AA95 Redirect Chain
|
42 B 95 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Pug
image2.pubmatic.com/AdServer/ Frame AA95 Redirect Chain
|
42 B 267 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
pubmatic
um.simpli.fi/ Frame AA95 |
43 B 610 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
Pug
simage2.pubmatic.com/AdServer/ Frame AA95 Redirect Chain
|
42 B 472 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
generic
match.adsrvr.org/track/cmf/ Frame AA95 |
70 B 264 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
setuid
bidder.newspassid.com/ Frame DAEF Redirect Chain
|
0 793 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
getuid
ads.avct.cloud/ Frame 671D |
0 0 |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
setuid
bidder.newspassid.com/ Frame DAEF Redirect Chain
|
0 909 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
v1
match.sharethrough.com/universal/ Frame 671D |
0 34 B |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sync.php
pixel.rubiconproject.com/exchange/ Frame 671D |
0 239 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
setuid
bidder.newspassid.com/ Frame DAEF Redirect Chain
|
0 1 KB |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
setuid
bidder.newspassid.com/ Frame 671D Redirect Chain
|
0 1 KB |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
setuid
bidder.newspassid.com/ Frame DAEF Redirect Chain
|
0 1 KB |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
setuid
bidder.newspassid.com/ Frame 671D Redirect Chain
|
0 1 KB |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
setuid
bidder.newspassid.com/ Frame DAEF Redirect Chain
|
0 1 KB |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H/1.1 |
sync.php
pixel.rubiconproject.com/exchange/ Frame DAEF |
0 239 B |
Image
image/gif |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
setuid
bidder.newspassid.com/ Frame DAEF Redirect Chain
|
0 1 KB |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
setuid
bidder.newspassid.com/ Frame 671D Redirect Chain
|
0 1 KB |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
setuid
bidder.newspassid.com/ Frame 671D Redirect Chain
|
0 1 KB |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
setuid
bidder.newspassid.com/ Frame DAEF Redirect Chain
|
0 1 KB |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
GET H2 |
setuid
bidder.newspassid.com/ Frame 671D Redirect Chain
|
0 1 KB |
Image
text/plain |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
General
Request headers
Response headers
Redirect headers
|
Verdicts & Comments Add Verdict or Comment
102 JavaScript Global Variables
These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.
object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| dataLayer boolean| tncms_access_control_sync boolean| LEE_DS_V3 object| webpackChunk_osano_cmp_consent_manager function| Osano function| __gpp function| __tcfapi function| __uspapi function| $ function| jQuery object| TNCMS function| originalLeave function| objectFitImages function| Cookies object| picturefillCFG function| picturefill object| lazySizesConfig object| lazySizes function| onYouTubeIframeAPIReady object| __tnt object| obj object| eb.platform object| o function| tnSaveAsset object| googletag object| PBJS_dfp_ads object| _aps boolean| apstagLOADED object| apstag undefined| amzHash undefined| amzToken object| APS_dfp_ads object| apscustom object| leeMembershipPackages object| pbjsChunk object| pbjs object| _pbjsGlobals function| throttleFunction function| lee_trkLinkSrc function| resizeIframe function| randomizeChildren function| getUserToken boolean| sUserUUID function| TNStats_Tracker object| TNTracker object| sUserPPID undefined| falcon_sub_name undefined| lee_clus undefined| lee_ulli undefined| lee_ulld_iso8601 object| lee_glus undefined| lee_glusIE object| sub_last_login_iso8601 boolean| creativeVendorLibraryLoaded object| juGLFK2 function| juGLFK3 object| xop object| -rke0plxv400 object| -1cbccf8hg16o object| google_tag_manager object| google_tag_data function| messagingCallback object| PBJS_config string| PBJS_site string| GoogleAnalyticsObject function| ga function| __LEE object| d object| pl function| fbq function| _fbq object| ggeac object| google_js_reporting_queue object| firebase object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome object| oFeaturedPackage object| card_carousel_2112027 object| OS9Ieo function| OS9IeP object| xblacklist object| u9vdhL2 function| u9vdhL3 function| xblocker undefined| google_measure_js_timing object| litHtmlVersions object| analytics object| gaplugins object| gaGlobal object| webpackChunk_segment_analytics_next string| analyticsWriteKey object| __SEGMENT_INSPECTOR__ object| AnalyticsNext object| gaData string| sUserId6 Cookies
Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.
Domain/Path | Expires | Name / Value |
---|---|---|
helenair.com/ | Name: _pbjs_userid_consent_data Value: 3524755945110770 |
|
.helenair.com/ | Name: AMP_TOKEN Value: %24NOT_FOUND |
|
helenair.com/ | Name: ajs_anonymous_id Value: 3ec0b753-d3e6-46eb-8f89-670c327fde1d |
|
.bidder.newspassid.com/ | Name: newspassid_uid Value: 2TRwHTBTglrIPPYv9HlS0q2X0qx |
|
bidder.newspassid.com/ | Name: AWSALBTGCORS Value: XptHkGXR26J+vivy8wpCvWMM7LKSyO0LVtGZxuFFV0ZvlilQhatBm35pPlcmP28iW+rUMd4TbOctw731V4PchIo2kn5C4wWZuJbmYYvA1flctNp24WE80A/CtQBsx+mbdEVGNQI0kXk9e10SMAyitZZMCccKXg/FwUQsEKDc9BU/xaEQg2I= |
|
bidder.newspassid.com/ | Name: newspassid_uid Value: 2TRwHTBTglrIPPYv9HlS0q2X0qx |
1 Console Messages
A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.
Source | Level | URL Text |
---|
Security Headers
This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page
Header | Value |
---|---|
Content-Security-Policy | upgrade-insecure-requests |
Strict-Transport-Security | max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options | nosniff |
X-Frame-Options | SAMEORIGIN |
X-Xss-Protection | 1; mode=block |
Indicators
This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.
a.audrte.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
ad2.360yield.com
ads.avct.cloud
ads.pubmatic.com
ampcid.google.com
ampcid.google.de
ap.lijit.com
api.segment.io
bidder.newspassid.com
bloximages.chicago2.vip.townnews.com
c.amazon-adsystem.com
c1.adform.net
cdn.segment.com
cm.adform.net
cm.g.doubleclick.net
cmp.osano.com
cms.quantserve.com
cr.frontend.weborama.fr
d1eoo1tco6rr5e.cloudfront.net
d5p.de17a.com
dis.criteo.com
dmp.adform.net
eb2.3lift.com
email.mail.helenair.com
helenair.com
ib.adnxs.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image6.pubmatic.com
insight.adsrvr.org
match.adsrvr.org
match.sharethrough.com
p.rfihub.com
pixel.rubiconproject.com
rtb.openx.net
securepubads.g.doubleclick.net
simage2.pubmatic.com
ssum.casalemedia.com
sync.crwdcntrl.net
tagan.adlightning.com
um.simpli.fi
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
x.bidswitch.net
104.16.132.24
108.138.1.25
13.225.83.200
13.248.245.213
178.250.7.11
18.197.22.161
184.30.16.195
185.64.191.210
185.80.39.216
185.89.210.20
192.104.182.109
193.0.160.130
198.47.127.19
198.47.127.205
213.155.156.169
216.52.2.16
216.58.206.34
2600:9000:214f:e00:6:4d4d:1ec0:93a1
2600:9000:223c:ec00:3:b7e:8940:93a1
2620:116:800d:21:e365:4988:e8a7:3270
2a00:1450:4001:800::2003
2a00:1450:4001:806::200e
2a00:1450:4001:812::2002
2a00:1450:4001:812::200e
2a00:1450:4001:82b::200e
2a00:1450:4001:830::2008
3.125.84.164
3.208.247.56
3.33.220.150
34.111.129.221
34.111.131.239
34.224.44.34
35.186.253.211
35.204.74.118
37.157.2.229
37.157.5.133
44.240.52.117
52.222.239.116
52.49.58.171
54.72.199.212
54.75.72.251
65.9.66.117
67.220.226.233
69.173.144.139
99.86.8.175
04da122e70371bba47c7c58135bfed4f21d1545c72ba51d8cbc0d43276f834f9
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
076f281a9257ad662f34badb12393195fdca0dc2fde9acd1f1628b9674a96aee
087466b06f57f691ce94f2058889ebd7c3f22b33d511fcdbd78aea93f4378edd
0ac4a1580edb443420c38896152a03c80c8fa8e5f1f09853896b810d87309a80
0e1c1892d76e1774533e99b3eb8b8dd89fb39d874f610a770eede24459c35728
0f43f4ee69c1e53622d634119250c9ecc2b189983c3e9dcf6bca4c59523b2b4e
1159da37936b60dcfd628bd7ed8f5d16a667d937272695048f5e1838c5e5156e
116631545056d499bb13ee28434ce2c599cb75b07ffdb9ee6fe48938b6162939
1221d94d81c042e0b76da94272d8157249e27efd7cab257639c88b288cf9ef2a
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
15c5217bab15791da899bebeec1b32e57bcd02d20f8847c6440f47ededcdf625
1794ab1a330fa566f4f21116012908a58001e21fb254959ac7cbcd41b25bba34
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
1e9c3fe0bb7e27e1fef2af1cae6a8924b40d3240418da5d484c65c00dae8f10a
1ed6e515306e10c1d49cf997679100ae4552a23c13ad93d6e3fc40ad03b8c262
202b65f7735476b526548db88f43f49a959907ed4078132204f0cb1c4503f9e2
2377b90f743bb76c628b097e80618965383f32ff8cf3864c8174e79646041ce1
240ba45f09154352c61c79884a4662a0bc6c74282798088571f5271cd290361d
247a528791cab0c77307d95a698b3a792c81d92e2e843b8478eb7d33aa9c0389
296ffff5be5fa17a541df8e925d24e473ced64d535f543542bebc15759b761fd
29baf3e1130b89042083be405d1abd158cb8d2401b8083fbef9c1b3afb8a9658
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
310d432a76453ffee38836d09823b98d7293f2e4fddef9b09627b54f3dfe56ec
3278dd5328ee5b87157934a4523397d9f2005c2d08c55dd4c7ab903de5bbb22c
362ff3e0d81ce31e9f3f9a460ddfc63f4c6b2bdb270419f239339ef6ba41a1e5
389f438844f7135c2be70a4a9f6654443a8c76482f1f0fbbea73b903c0d5cfad
38a8c69764cb608dd9ab1a715c2bcc582d8ffdf33ea486a8926234bf68d5733c
39df800392d4f192ff9937d3a9268ff4eb5c39da367c87cd12bf42c6a395c7ca
3b6854831be14d28fdfdb1758ebebe2893bf8e5be5f176b8d3e1b1b0f874d90e
3c01c1e199879f8b72679cc4d402684ba9e88c21b633547adbae6ba03a617fdc
3e2bce089186ecc5310b103ce3056fce92ce32e1db3d5e2db4c1dab4fa87c175
3f2df867173ea47bd079f028886dd64fdb1302f7e707d72e7c448832f7fa029d
3f7d4fce911e0a58ed4224b9f65d90a98d8bb7b76d25ad2610485b9baaa1d447
4ab89d60b9e1ab39a76e26342c169564caa51443a06bc44d8341916ad47c8bbf
4b4e3423b6c80dfd16292d71e3715ec153a3b2b1820f3d9de6fb26b17dfdaf83
4ca040a19bbe00774fc26a8874e4fc652d79e998bf4e64688a9061b97d8d13e6
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ef0cb2e94b5b79911d8647651823f8c4a39b0f1192bf85b2caa9ce9db3fd7e1
4efb2ad69caa4b19b5e550b07eaf7607a0911d2e8edcc92baf8b123366934e90
55931ca507c060139977a9011dcdaadfa5a6ada494e7ac26928c79acd09562fb
6b96eb73da5fe3c20e4507bf752917f6d7978be8881c1dea934db282b028407d
6d49ba3df631d3bad38e0a881637670859adc22ca85ba407621cafd712d5bd43
75845ddd51e5f375f7b7aa868937566eb92118d0ee118cd3154db1a95d7b8dd0
77b109dd53ec2921d47af5eedcf39cbea8bc92bf8b59a970aa104c5ed2d5b3c0
81addc1d55ef288e41a066f367d40163e9b6be960291c93e5c8f3f7987d545d8
85f0031ea468bbd0348d091f5712b620056184103b6c1607af24ba4e7c49fb38
889f22c89985d5d524e22a4a3ba00effd6d587d1598c027e2c942f29df388a34
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8db22950b3f47f686f4bad6b6d21386f03a4b0b24320c6715436424e41dcda09
906cf7cfa93b1ab7d9c6f1775e47b97d2c6e0b223a8c7409d7884eb8700d90eb
90f12440261787faf6d33c267b1a572654b50f6017a844b0173947dba2bad8c9
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
955becd6590ca9099279669e95771cf8d4d519ff8643dc8c398b6daaba6061a8
96bed4c8966020005f3394a56c5c3640550a16fb324eb04c328f1b9ee8a8bc48
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9e47e00148a2eca9d85ec65e0ecaf7152ebae17983045ba0f266e662047ec7f4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a166af634acd4e7a5873ebe3ba44e420d4f9a42eaba304b172f7d6e22bcecec1
a48b96eb4dbabdf7d10b4a7667062cd55b7c1f9aab381f05c916798ec4308f68
a6d7e25ae53e0b1f65d699e6e59b4b893ae2828b986d0cfbd84484a2c1006b83
a9daff662cfa71544c74f70ba92e483dbcb7e6ec6c566036bca3af21987b7697
aa4391f03da55de95caebed478d3e1183fb01a3e8f1c5891a48e75717ed2bed9
aa59d2979c85d4fec938c960a0c4e7138cd122db113331b2974113869007dc46
adfa39b53589a91e67b4d82766750bee32371b51438f41dfbd6da0764719370e
b10a075758097bb0578287af03c76a9fcd82fa4607587109ae41fe2d24756600
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b22f589cbe2561d1ed2ebf23f6c2f226b2320cd4924c875e8515323599f534c8
b79a43a28dc356d07de97ee365a01d714812e2eb02b15397cefb226d2a019a83
bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332
bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938
c2008966819bb51e24bb6cbf82ef28efeb4d678e20c3b61fc02bb5d45b45e74e
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c69e234502c71f71ae8dae2cd509cdb1c2b1b3596ba0373cb7025625a3efe6db
c6e6da77dacb153a6384cca89b97bef3a39bd73cb3f3b997d0002ff0c1c4dc86
c7fe6da239be5e83a3d053138d413293ac50686169f09bade4ac60edf7f60120
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca9c8092c229b5091819ab44def89b7516273c15e5e38f16dea9cd8594f679a6
cb673ec43c2fd7fee7f9e43b737a4d979875f4cb4a9838fc5b64d657ecf3f866
cb7b54f1586a19c3934864d77d1fba23f358934c8df8bb8aef757aef1ada9385
cb95d13c11006168b7525e0561a99d610dd904736f152bacf9f11bd553413f5d
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf9752fe43509bd2072dd696b8f95ac2eaeba6a24e518a46c6da111c90d52288
d1a3f8fcd676841bc6f12be31b8726566d05c667c176740cb94189fcaf4763e2
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d47fd83f5c43bb6d7fdca85c85ddb95ee3a47e4f33516aeefc29ea637a44edd4
d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f
ddd1991e3d8ce67431989f8cca95743706d110f064ed2b3609041a3f20e50d2c
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de529d9e0025d0a69e98d944b98d033e1afb5028dcfafa15fffb8739f42874c2
e025b604746bcce862b6c15ee615dea7633099df2ec4083531d022d18050c205
e31c42447e764b1195ff393437950867800ce2465dd3724c95640f4f5b34487c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e57f767964cb40ebbd939cc53d36a2a0c0a67e3d59ee5db8d303dccf38018d57
e6aa225d7ce068253a4e766cbfc8fa662c2d49c954cbb10fdf05ed90936340ec
e6b491447f833e97148f9648142bcd93e13975200b60ea4a3c2152dcf48b398f
e7d93223cc8f9edca3311714776098451b535f2201f407b29cd936f9228cdf4e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5e55a21dfa3a20ceb298737c8f4c517a83d7960468c7f53b3f33c567bacff3c
f65079c7844584bf156ebb99949a883280f65cc817eab327c170d766c2a4fa5f
f98e8196d88bff2a006872a05d79c2d695f6dda36e0aecdd0ace020207809f40
f9dc8ba95030b07f9375ed35eece4f0313751afc8e54784314307e40d477ba9b
fd72af68e3fe455ae746ed0416917e83028cd0007e10c96d50f2d7d4bde33130
fe85acb9cab923c7d16be5d393669cbed93b5a520549138b8829cab4674eb41f