urlscan.io logo urlscan.io
SecurityTrails logo

checkout3.nwfdailynews.com Open in urlscan Pro
107.154.114.220  Public Scan

Go To Rescan Add Verdict Report
URL: https://checkout3.nwfdailynews.com/
Submission Tags: 7397758
Submission: On December 29 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 28 IPs in 4 countries across 25 domains to perform 87 HTTP transactions. The main IP is 107.154.114.220, located in United States and belongs to INCAPSULA, US. The main domain is checkout3.nwfdailynews.com.
TLS certificate: Issued by DigiCert EV RSA CA G2 on July 9th 2020. Valid for: 2 years.
This is the only time checkout3.nwfdailynews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
17 107.154.114.220 19551 (INCAPSULA)
1 151.101.2.62 54113 (FASTLY)
3 8 151.101.130.62 54113 (FASTLY)
6 2606:2800:233... 15133 (EDGECAST)
2 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:800... 54113 (FASTLY)
1 143.204.103.127 16509 (AMAZON-02)
1 5 143.204.98.86 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
5 151.101.2.133 54113 (FASTLY)
1 143.204.98.37 16509 (AMAZON-02)
3 151.101.65.44 54113 (FASTLY)
2 54.144.144.142 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
2 151.101.130.133 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
1 52.214.30.104 16509 (AMAZON-02)
3 2a03:2880:f02... 32934 (FACEBOOK)
1 34.250.6.2 16509 (AMAZON-02)
2 54.144.19.55 14618 (AMAZON-AES)
2 142.250.185.66 15169 (GOOGLE)
4 2a03:2880:f12... 32934 (FACEBOOK)
1 2a00:1450:400... 15169 (GOOGLE)
1 199.204.136.5 33070 (RMH-14)
1 13.82.152.48 8075 (MICROSOFT...)
87 28
17    107.154.114.220 (United States)

ASN19551 (INCAPSULA, US)
PTR: 107.154.114.220.ip.incapdns.net
checkout3.nwfdailynews.com
1    151.101.2.62 (United States)

ASN54113 (FASTLY, US)
staticassets.gannettdigital.com
8    151.101.130.62 (United States)

ASN54113 (FASTLY, US)
www.gannett-cdn.com
login.nwfdailynews.com
eu.nwfdailynews.com
user.nwfdailynews.com
6    2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)
loader-cdn.azureedge.net
cdn.sbgsodufuosmmvsdf.info
az416426.vo.msecnd.net
g2insights-cdn.azureedge.net
fp-cdn.azureedge.net
2    2a00:1450:4001:80f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2a00:1450:4001:809::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    2a04:4e42:800::282 (United States)

ASN54113 (FASTLY, US)
polyfill.io
1    143.204.103.127 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-103-127.fra50.r.cloudfront.net
cdn.parsely.com
5    143.204.98.86 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-86.fra50.r.cloudfront.net
sb.scorecardresearch.com
6    2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    151.101.2.133 (United States)

ASN54113 (FASTLY, US)
cdn.krxd.net
1    143.204.98.37 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-37.fra50.r.cloudfront.net
sc-static.net
3    151.101.65.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
2    54.144.144.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-144-142.compute-1.amazonaws.com
p1.parsely.com
1    2a00:1450:400c:c08::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
2    2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    151.101.130.133 (United States)

ASN54113 (FASTLY, US)
consumer.krxd.net
2    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    52.214.30.104 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-30-104.eu-west-1.compute.amazonaws.com
beacon.krxd.net
3    2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    34.250.6.2 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-250-6-2.eu-west-1.compute.amazonaws.com
resources.xg4ken.com
2    54.144.19.55 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-19-55.compute-1.amazonaws.com
10870841.collect.igodigital.com
nova.collect.igodigital.com
2    142.250.185.66 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s48-in-f2.1e100.net
pubads.g.doubleclick.net
www.googleadservices.com
4    2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    199.204.136.5 (United States)

ASN33070 (RMH-14, US)
edgilpayway.net
1    13.82.152.48 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
prodmg2.blob.core.windows.net
Domain Requested by
17 checkout3.nwfdailynews.com checkout3.nwfdailynews.com
6 www.google-analytics.com www.gannett-cdn.com
www.google-analytics.com
www.googletagmanager.com
6 www.google.com checkout3.nwfdailynews.com
www.gstatic.com
www.google.com
5 cdn.krxd.net www.gannett-cdn.com
cdn.krxd.net
5 sb.scorecardresearch.com 1 redirects www.gannett-cdn.com
checkout3.nwfdailynews.com
4 www.facebook.com
4 www.gstatic.com www.google.com
www.gstatic.com
3 connect.facebook.net www.gannett-cdn.com
connect.facebook.net
3 eu.nwfdailynews.com 2 redirects checkout3.nwfdailynews.com
3 www.gannett-cdn.com checkout3.nwfdailynews.com
www.gannett-cdn.com
2 trc.taboola.com cdn.taboola.com
2 az416426.vo.msecnd.net loader-cdn.azureedge.net
www.googletagmanager.com
2 www.google.de checkout3.nwfdailynews.com
2 consumer.krxd.net cdn.krxd.net
2 fonts.gstatic.com www.google.com
2 p1.parsely.com checkout3.nwfdailynews.com
2 www.googletagmanager.com checkout3.nwfdailynews.com
1 prodmg2.blob.core.windows.net edgilpayway.net
1 edgilpayway.net checkout3.nwfdailynews.com
1 googleads.g.doubleclick.net www.googleadservices.com
1 www.googleadservices.com www.googletagmanager.com
1 nova.collect.igodigital.com
1 pubads.g.doubleclick.net
1 10870841.collect.igodigital.com www.gannett-cdn.com
1 resources.xg4ken.com www.gannett-cdn.com
1 beacon.krxd.net cdn.krxd.net
1 fp-cdn.azureedge.net checkout3.nwfdailynews.com
1 g2insights-cdn.azureedge.net checkout3.nwfdailynews.com
1 stats.g.doubleclick.net www.google-analytics.com
1 cdn.taboola.com www.gannett-cdn.com
1 sc-static.net www.gannett-cdn.com
1 cdn.parsely.com www.gannett-cdn.com
1 cdn.sbgsodufuosmmvsdf.info checkout3.nwfdailynews.com
1 polyfill.io checkout3.nwfdailynews.com
1 user.nwfdailynews.com checkout3.nwfdailynews.com
1 login.nwfdailynews.com 1 redirects
1 loader-cdn.azureedge.net checkout3.nwfdailynews.com
1 staticassets.gannettdigital.com checkout3.nwfdailynews.com
87 38

This site contains links to these domains. Also see Links.

Domain
www.nwfdailynews.com
cm.nwfdailynews.com
Subject Issuer Validity Valid
*.usatodaynetwork.com
DigiCert EV RSA CA G2		 2020-07-09 -
2022-05-16		 2 years crt.sh
usatoday.com
R3		 2021-12-10 -
2022-03-10		 3 months crt.sh
sni22a5dgl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-08 -
2022-10-09		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
www.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
nwfdailynews.com
R3		 2021-12-02 -
2022-03-02		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
polyfill.io
GlobalSign Atlas R3 DV TLS CA 2020		 2021-06-04 -
2022-07-06		 a year crt.sh
sni22a5egl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-08 -
2022-10-09		 a year crt.sh
*.parsely.com
Amazon		 2021-07-05 -
2022-08-03		 a year crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
cdn.krxd.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2021-02-08 -
2022-02-07		 a year crt.sh
sc-static.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-11 -
2022-02-15		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
consumer.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-13 -
2022-07-12		 a year crt.sh
www.google.de
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
sni1e6ffgl.wpc.edgecastcdn.net
DigiCert SHA2 Secure Server CA		 2020-04-16 -
2022-04-21		 2 years crt.sh
sni1ad03gl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-01 -
2022-11-01		 a year crt.sh
sni1ad09gl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-01 -
2022-11-01		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-03 -
2022-11-02		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-10-07 -
2022-01-05		 3 months crt.sh
*.xg4ken.com
Go Daddy Secure Certificate Authority - G2		 2021-09-17 -
2022-10-19		 a year crt.sh
*.collect.igodigital.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-01-25 -
2022-02-25		 a year crt.sh
*.google.de
GTS CA 1C3		 2021-11-29 -
2022-02-21		 3 months crt.sh
www.edgilpayway.net
GlobalSign GCC R3 DV TLS CA 2020		 2021-12-07 -
2023-01-08		 a year crt.sh
*.blob.core.windows.net
Microsoft RSA TLS CA 01		 2021-11-14 -
2022-11-14		 a year crt.sh

This page contains 4 frames:

Primary Page: https://checkout3.nwfdailynews.com/
Frame ID: C8979A38DBD35DCEAFAC7FF75CF01988
Requests: 73 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld427EZAAAAAIST_XzqFouDtUAYT5TNNX0P2AVY&co=aHR0cHM6Ly9jaGVja291dDMubndmZGFpbHluZXdzLmNvbTo0NDM.&hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP&size=invisible&badge=bottomleft&cb=ndywclstrep8
Frame ID: 165299149D8C3FA2905CE8E7F997D09E
Requests: 8 HTTP requests in this frame

Frame: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Frame ID: 5D44FFCF69D57F9D1B8650A568C31648
Requests: 4 HTTP requests in this frame

Frame: https://edgilpayway.net/pw_web/hosted_page_load.jsp?requestID=1826986087&replyURL=https://checkout3.nwfdailynews.com/payment/validateEdgil
Frame ID: 55268A5EA84D5C9AE7FBD63129ACE60B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Subscribe to The Northwest Florida Daily News

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • /_Incapsula_Resource
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

87
Requests

98 %
HTTPS

43 %
IPv6

25
Domains

38
Subdomains

28
IPs

4
Countries

1733 kB
Transfer

6166 kB
Size

29
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 13
  • https://login.nwfdailynews.com/resources/kit/js/jqnoconflict.common.min.js HTTP 302
  • https://eu.nwfdailynews.com/resources/kit/js/jqnoconflict.common.min.js HTTP 303
  • https://eu.nwfdailynews.com/resources/kit/js/jqnoconflict.common.min.js/ HTTP 302
  • https://eu.nwfdailynews.com/
Request Chain 32
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035223&ns__t=1640750864845&ns_c=UTF-8&cv=3.5&c8=Subscribe%20to%20The%20Northwest%20Florida%20Daily%20News&c7=https%3A%2F%2Fcheckout3.nwfdailynews.com%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035223&ns__t=1640750864845&ns_c=UTF-8&cv=3.5&c8=Subscribe%20to%20The%20Northwest%20Florida%20Daily%20News&c7=https%3A%2F%2Fcheckout3.nwfdailynews.com%2F&c9=

87 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
checkout3.nwfdailynews.com/ 		445 KB
51 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://checkout3.nwfdailynews.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.154.114.220 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.114.220.ip.incapdns.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
0aef9db3456291ff296a27a5aab5ed6bb0fafee6b48fb336461447a739b74fff
Security Headers
Name Value
Content-Security-Policy frame-ancestors *.subconadmin.com https://*.subconadmin.com *.mg2cms.com https://*.mg2cms.com

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Wed, 29 Dec 2021 04:07:44 GMT
Content-Type
text/html; charset=utf-8
Transfer-Encoding
chunked
Connection
keep-alive
Content-Encoding
gzip
Vary
Accept-Encoding
Server
Microsoft-IIS/10.0
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET,PUT,POST,DELETE
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
X-SP-Host-Name
AWSTEKWEB13
Content-Security-Policy
frame-ancestors *.subconadmin.com https://*.subconadmin.com *.mg2cms.com https://*.mg2cms.com
X-Powered-By
ASP.NET
X-Host-Name
AWSTEKWEB13
X-CDN
Imperva
X-Iinfo
1012-160792116-160792132 NNNN CT(90 193 0) RT(1640750863165 56) q(0 0 3 4) r(4 4) U5
flatpickr.min.css
checkout3.nwfdailynews.com/styles/ 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://checkout3.nwfdailynews.com/styles/flatpickr.min.css
Requested by
Host: checkout3.nwfdailynews.com
URL: https://checkout3.nwfdailynews.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.154.114.220 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.114.220.ip.incapdns.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
8de1252af1f9de4f2c30be2cea5a2a94db91aadb6cf6d0da24c962c9bc07279f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://checkout3.nwfdailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 29 Dec 2021 04:07:44 GMT
Content-Encoding
gzip
X-CDN
Imperva
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
X-Iinfo
14-211826448-211826452 NNNN CT(86 177 0) RT(1640750863657 7) q(0 0 3 -1) r(4 4) U5
Last-Modified
Thu, 09 Sep 2021 19:24:42 GMT
Connection
keep-alive
X-SP-Host-Name
AWSTEKWEB13
Server
Microsoft-IIS/10.0
ETag
W/"4346-17bcc04f490"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,PUT,POST,DELETE
Content-Type
text/css; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=2592000
X-Host-Name
AWSTEKWEB13
Accept-Ranges
bytes
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
alertify.min.css
checkout3.nwfdailynews.com/styles/ 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://checkout3.nwfdailynews.com/styles/alertify.min.css
Requested by
Host: checkout3.nwfdailynews.com
URL: https://checkout3.nwfdailynews.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.154.114.220 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.114.220.ip.incapdns.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b16536ac8f4dc22595142244daba17fd653cbeb18ab213d5e73a07df55f78264

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://checkout3.nwfdailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 29 Dec 2021 04:07:44 GMT
Content-Encoding
gzip
X-CDN
Imperva
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
X-Iinfo
12-160792240-160792242 NNNN CT(86 175 0) RT(1640750863657 8) q(0 0 3 -1) r(4 4) U5
Last-Modified
Thu, 09 Sep 2021 19:24:42 GMT
Connection
keep-alive
X-SP-Host-Name
AWSTEKWEB13
Server
Microsoft-IIS/10.0
ETag
W/"509f-17bcc04f490"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,PUT,POST,DELETE
Content-Type
text/css; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=2592000
X-Host-Name
AWSTEKWEB13
Accept-Ranges
bytes
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
bootstrap.css
checkout3.nwfdailynews.com/styles/ 		118 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://checkout3.nwfdailynews.com/styles/bootstrap.css
Requested by
Host: checkout3.nwfdailynews.com
URL: https://checkout3.nwfdailynews.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.154.114.220 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.114.220.ip.incapdns.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
09cff25adf02e25fcdaac9140d0cfcf36060315f16e71031056b5570c6551a03

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://checkout3.nwfdailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 29 Dec 2021 04:07:44 GMT
Content-Encoding
gzip
X-CDN
Imperva
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
X-Iinfo
12-160792241-160792246 NNNN CT(89 181 0) RT(1640750863657 19) q(0 0 3 -1) r(4 4) U5
Last-Modified
Wed, 15 Dec 2021 19:03:08 GMT
Connection
keep-alive
X-SP-Host-Name
AWSTEKWEB13
Server
Microsoft-IIS/10.0
ETag
W/"1d6c9-17dbf7a11e0"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,PUT,POST,DELETE
Content-Type
text/css; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=2592000
X-Host-Name
AWSTEKWEB13
Accept-Ranges
bytes
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
style_simple.css
checkout3.nwfdailynews.com/styles/ 		142 KB
23 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://checkout3.nwfdailynews.com/styles/style_simple.css?dateStamp=1639594952000
Requested by
Host: checkout3.nwfdailynews.com
URL: https://checkout3.nwfdailynews.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.154.114.220 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.114.220.ip.incapdns.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f14a64e77d82222c7b9bc2d6a834e32b54e5481a7bd2f5a8659377eb63b88e89

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://checkout3.nwfdailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 29 Dec 2021 04:07:44 GMT
Content-Encoding
gzip
X-CDN
Imperva
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
X-Iinfo
11-104289776-104289777 NNNN CT(85 174 0) RT(1640750863658 18) q(0 0 3 -1) r(4 4) U5
Last-Modified
Wed, 15 Dec 2021 19:03:10 GMT
Connection
keep-alive
X-SP-Host-Name
AWSTEKWEB13
Server
Microsoft-IIS/10.0
ETag
W/"239ea-17dbf7a19b0"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,PUT,POST,DELETE
Content-Type
text/css; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=2592000
X-Host-Name
AWSTEKWEB13
Accept-Ranges
bytes
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
checkout.css
staticassets.gannettdigital.com/gci-static-assets/assets/global/mg2/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://staticassets.gannettdigital.com/gci-static-assets/assets/global/mg2/checkout.css
Requested by
Host: checkout3.nwfdailynews.com
URL: https://checkout3.nwfdailynews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
cfa61520f1762d1cd02a31b46a17a9a8c0e27a473ee65daefee2717489ad7fff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://checkout3.nwfdailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 04:07:44 GMT
content-encoding
gzip
age
545752
x-amz-meta-goog-reserved-file-mtime
1631212412
x-guploader-uploadid
ADPycdtkJI07REONxjVJXBymtpatis22tPHu7_sdC2hdcyZ5j61dL-BtE_7-ED5ycYxrFv9WTNWhmM3Es-iz7R7AtXo
x-cache
HIT
x-goog-storage-class
MULTI_REGIONAL
content-length
2308
via
1.1 varnish
x-served-by
cache-hhn4054-HHN
x-clacks-overhead
GNU Terry Pratchett
last-modified
Thu, 09 Sep 2021 18:33:52 GMT
server
UploadServer
x-timer
S1640750864.214095,VS0,VE2
etag
"3c754ad1f32234a26348fd6090652b78"
vary
Accept-Encoding
x-goog-hash
crc32c=PqqTDA==, md5=PHVK0fMiNKJjSP1gkGUreA==
content-type
text/css
access-control-allow-origin
*
expires
Wed, 22 Dec 2021 20:31:51 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
x-cache-hits
1
gciAnalytics.js
www.gannett-cdn.com/dc/ 		143 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gannett-cdn.com/dc/gciAnalytics.js
Requested by
Host: checkout3.nwfdailynews.com
URL: https://checkout3.nwfdailynews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
7fa4aa0ac8c3337c88e8f7e01bf4abbd53807b22d7e406e0e40338905e67d605
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://checkout3.nwfdailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=huvcNQ==, md5=20i5mwPXqrVIHJ9XC+MThg==
date
Wed, 29 Dec 2021 04:07:44 GMT
content-encoding
gzip
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age
222
x-amz-meta-goog-reserved-file-mtime
1639491922
x-guploader-uploadid
ADPycdsGW7SzE1mZmZWUQV5HG1AusCXsbu77WNKhBBGAb6NZ3Jk500V-3mJvu8U95MrzsnVxN7MEB_yHbQoX4p7gyx4
x-cache
HIT, HIT
x-goog-storage-class
MULTI_REGIONAL
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
45329
via
1.1 varnish, 1.1 varnish
x-served-by
cache-iad-kcgs7200071-IAD, cache-hhn4052-HHN
vcl_data
4teo2sTrkRpe2BJzz4IyqE.258_19-2a6eb4392662bbc1dde86df2248f53a4
last-modified
Tue, 14 Dec 2021 14:25:40 GMT
server
UploadServer
x-timer
S1640750864.212585,VS0,VE1
etag
"db48b99b03d7aab5481c9f570be31386"
vary
Accept-Encoding
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
application/javascript
access-control-allow-origin
*
expires
Wed, 29 Dec 2021 03:34:00 GMT
cache-control
max-age=300
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1, 1
build.js
checkout3.nwfdailynews.com/build/ 		874 KB
209 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://checkout3.nwfdailynews.com/build/build.js?dateStamp=1639594952000
Requested by
Host: checkout3.nwfdailynews.com
URL: https://checkout3.nwfdailynews.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.154.114.220 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.114.220.ip.incapdns.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
23ef397827526f19d2b7a5f1a687d0015166eaf81e52e452d30512d994398903

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://checkout3.nwfdailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 29 Dec 2021 04:07:44 GMT
Content-Encoding
gzip
X-CDN
Imperva
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
X-Iinfo
12-160792116-160792132 ENNN RT(1640750863165 581) q(0 0 0 -1) r(1 1) U5
Last-Modified
Wed, 15 Dec 2021 19:03:02 GMT
Connection
keep-alive
X-SP-Host-Name
AWSTEKWEB13
Server
Microsoft-IIS/10.0
ETag
W/"da744-17dbf79fa70"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,PUT,POST,DELETE
Content-Type
application/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=2592000
X-Host-Name
AWSTEKWEB13
Accept-Ranges
bytes
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
loader.min.js
loader-cdn.azureedge.net/prod/gci/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://loader-cdn.azureedge.net/prod/gci/loader.min.js
Requested by
Host: checkout3.nwfdailynews.com
URL: https://checkout3.nwfdailynews.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
0fff64b24d14126e3d1b49686356363716f8f522188262df97a3c4b4d6c07813

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://checkout3.nwfdailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 29 Dec 2021 04:07:43 GMT
content-encoding
gzip
content-md5
Um9O+1snvu4obE41gYLXfQ==
content-length
6195
x-ms-lease-status
unlocked
last-modified
Mon, 01 Mar 2021 12:20:09 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D8DCAC5B3E9C41
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
fa5e4cea-101e-00d3-4769-fc99da000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
_Incapsula_Resource
checkout3.nwfdailynews.com/ 		143 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://checkout3.nwfdailynews.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=389635924
Requested by
Host: checkout3.nwfdailynews.com
URL: https://checkout3.nwfdailynews.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.154.114.220 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.114.220.ip.incapdns.net
Software
/
Resource Hash
3ee5f9fb00ec99c9f746a37213033a19d82260a5c2fea95583275542bb60ab97

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://checkout3.nwfdailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Content-Encoding
gzip
Cache-Control
no-cache, no-store
X-Robots-Tag
noindex
Content-Length
20468
Content-Type
application/javascript
NNWF-TEALIUM-DTIC.json
www.gannett-cdn.com/dcc/prod/ 		38 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.gannett-cdn.com/dcc/prod/NNWF-TEALIUM-DTIC.json
Requested by
Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/dc/gciAnalytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
0dbd29316c5c622b5e51ba50deb2f5de43196507c01ecd81bf2bec340ce220a3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://checkout3.nwfdailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=mPk2yQ==, md5=VY+Rw+I4XresmM5Rzb+iKg==
content-security-policy
upgrade-insecure-requests
content-encoding
gzip
etag
"558f91c3e2385eb7ac98ce51cdbfa22a"
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age
0
x-amz-meta-goog-reserved-file-mtime
1639603211
x-guploader-uploadid
ADPycdvo35WuZEiOW2nHPHXGncVQftZcjmyyUpl7SPYbMuzZTEojnuTHEyDNKPp4WRK0v0UvVm9BJecLnvZFSvPUDM4
x-cache
HIT, MISS
x-goog-storage-class
MULTI_REGIONAL
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
6239
via
1.1 varnish, 1.1 varnish
x-served-by
cache-iad-kjyo7100066-IAD, cache-cdg20767-CDG
vcl_data
4teo2sTrkRpe2BJzz4IyqE.258_19-2a6eb4392662bbc1dde86df2248f53a4
last-modified
Wed, 15 Dec 2021 21:35:16 GMT
server
UploadServer
x-timer
S1640750865.643850,VS0,VE118
date
Wed, 29 Dec 2021 04:07:44 GMT
vary
Accept-Encoding
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
application/json
access-control-allow-origin
*
expires
Wed, 29 Dec 2021 03:59:10 GMT
cache-control
max-age=300
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1, 0
gtm.js
www.googletagmanager.com/ 		74 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-MRH8RCG
Requested by
Host: checkout3.nwfdailynews.com
URL: https://checkout3.nwfdailynews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
1fe6c2d4280e3aa5f50351a218c0c6d5d921a0e367d98d9235cfe094ab269d75
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://checkout3.nwfdailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 04:07:44 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
30057
x-xss-protection
0
last-modified
Wed, 29 Dec 2021 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 29 Dec 2021 04:07:44 GMT
api.js
www.google.com/recaptcha/ 		908 B
990 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?onload=recaptchaInit&size=invisible&render=explicit
Requested by
Host: checkout3.nwfdailynews.com
URL: https://checkout3.nwfdailynews.com/build/build.js?dateStamp=1639594952000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
fbdd70a033e81218583e25de569bdf03e12fb5f72f101544ce07d317a2117293
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://checkout3.nwfdailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 04:07:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
577
x-xss-protection
1; mode=block
expires
Wed, 29 Dec 2021 04:07:44 GMT
/
checkout3.nwfdailynews.com/other/isChatAvailable/ 		214 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://checkout3.nwfdailynews.com/other/isChatAvailable/
Requested by
Host: checkout3.nwfdailynews.com
URL: https://checkout3.nwfdailynews.com/build/build.js?dateStamp=1639594952000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.154.114.220 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.114.220.ip.incapdns.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d1529eb02fbecf5907f228aeb4a6d4442920190968119407127af541dcf0c7f4

Request headers

Accept
*/*
Referer
https://checkout3.nwfdailynews.com/
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 29 Dec 2021 04:07:44 GMT
X-SP-Host-Name
AWSTEKWEB13
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,PUT,POST,DELETE
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
X-Iinfo
12-160792116-160792132 ENNN RT(1640750863165 953) q(0 0 0 -1) r(1 1) U5
Connection
keep-alive
X-Host-Name
AWSTEKWEB13
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
214
X-CDN
Imperva
/
eu.nwfdailynews.com/
Redirect Chain
  • https://login.nwfdailynews.com/resources/kit/js/jqnoconflict.common.min.js
  • https://eu.nwfdailynews.com/resources/kit/js/jqnoconflict.common.min.js
  • https://eu.nwfdailynews.com/resources/kit/js/jqnoconflict.common.min.js/
  • https://eu.nwfdailynews.com/
0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://eu.nwfdailynews.com/
Requested by
Host: checkout3.nwfdailynews.com
URL: https://checkout3.nwfdailynews.com/
Protocol
H2
Server
151.101.130.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://checkout3.nwfdailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Redirect headers

date
Wed, 29 Dec 2021 04:07:45 GMT
via
1.1 varnish, 1.1 varnish
age
44856
x-cache
HIT, HIT
gannett-debug-path-full
restarts: 0 ttl: 1200.000 shield: false server: cache-hhn11551-HHN path: region: east
content-length
0
x-served-by
cache-fra19141-FRA, cache-hhn4039-HHN
server
Varnish
x-timer
S1640750865.756156,VS0,VE358
gannett-debug-path
region: east
strict-transport-security
max-age=600
location
https://eu.nwfdailynews.com/
cache-control
max-age=10
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
x-robots-tag
noindex, nofollow
retry-after
0
x-cache-hits
0, 1
/
user.nwfdailynews.com/NNWF-GUP-DTIC/user/ 		722 B
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://user.nwfdailynews.com/NNWF-GUP-DTIC/user/?callback=jQuery22407439165626093234_1640750864619&_=1640750864620
Requested by
Host: checkout3.nwfdailynews.com
URL: https://checkout3.nwfdailynews.com/build/build.js?dateStamp=1639594952000
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
a98407acf6c69b60daef4641c493389c88c1ae8ff51366b3c0cb78937e031181
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://*.nwfdailynews.com/
X-Content-Type-Options nosniff
X-Frame-Options ALLOW-FROM https://checkout3.nwfdailynews.com/

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://checkout3.nwfdailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
frame-ancestors https://*.nwfdailynews.com/
via
1.1 varnish
x-content-type-options
nosniff
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
x-cache
MISS
x-cache-hits
0
content-length
722
x-served-by
cache-hhn4039-HHN
referrer-policy
same-origin
server
nginx
x-frame-options
ALLOW-FROM https://checkout3.nwfdailynews.com/
date
Wed, 29 Dec 2021 04:07:45 GMT
vary
Origin
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
application/javascript
cache-control
max-age=0, no-cache, no-store, must-revalidate, private
accept-ranges
bytes
expires
Wed, 29 Dec 2021 04:07:45 GMT
/
checkout3.nwfdailynews.com/other/isChatAvailable/ 		214 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://checkout3.nwfdailynews.com/other/isChatAvailable/
Requested by
Host: checkout3.nwfdailynews.com
URL: https://checkout3.nwfdailynews.com/build/build.js?dateStamp=1639594952000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.154.114.220 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.114.220.ip.incapdns.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d1529eb02fbecf5907f228aeb4a6d4442920190968119407127af541dcf0c7f4

Request headers

Accept
*/*
Referer
https://checkout3.nwfdailynews.com/
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 29 Dec 2021 04:07:44 GMT
X-SP-Host-Name
AWSTEKWEB13
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,PUT,POST,DELETE
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
X-Iinfo
12-160792241-160792246 ENNN RT(1640750863657 466) q(0 0 0 -1) r(2 2) U5
Connection
keep-alive
X-Host-Name
AWSTEKWEB13
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
214
X-CDN
Imperva
/
checkout3.nwfdailynews.com/other/isChatAvailable/ 		214 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://checkout3.nwfdailynews.com/other/isChatAvailable/
Requested by
Host: checkout3.nwfdailynews.com
URL: https://checkout3.nwfdailynews.com/build/build.js?dateStamp=1639594952000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.154.114.220 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.114.220.ip.incapdns.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d1529eb02fbecf5907f228aeb4a6d4442920190968119407127af541dcf0c7f4

Request headers

Accept
*/*
Referer
https://checkout3.nwfdailynews.com/
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 29 Dec 2021 04:07:44 GMT
X-SP-Host-Name
AWSTEKWEB13
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,PUT,POST,DELETE
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
X-Iinfo
11-104289776-104289777 ENNN RT(1640750863658 473) q(0 0 0 -1) r(1 1) U5
Connection
keep-alive
X-Host-Name
AWSTEKWEB13
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
214
X-CDN
Imperva
US
checkout3.nwfdailynews.com/address/getStates/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://checkout3.nwfdailynews.com/address/getStates/US
Requested by
Host: checkout3.nwfdailynews.com
URL: https://checkout3.nwfdailynews.com/build/build.js?dateStamp=1639594952000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.154.114.220 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.114.220.ip.incapdns.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ca1f76f3e333116f0ed5ae78dbce5c9c407d50d21530beb81e9cc0db1fa4cfac

Request headers

Accept
*/*
Referer
https://checkout3.nwfdailynews.com/
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 29 Dec 2021 04:07:44 GMT
Content-Encoding
gzip
X-CDN
Imperva
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
X-Iinfo
14-211826448-211826452 ENNN RT(1640750863657 478) q(0 0 0 -1) r(1 1) U5
Connection
keep-alive
X-SP-Host-Name
AWSTEKWEB13
Server
Microsoft-IIS/10.0
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,PUT,POST,DELETE
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=2592000
X-Host-Name
AWSTEKWEB13
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
/
checkout3.nwfdailynews.com/offer/getOffers/ 		8 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://checkout3.nwfdailynews.com/offer/getOffers/
Requested by
Host: checkout3.nwfdailynews.com
URL: https://checkout3.nwfdailynews.com/build/build.js?dateStamp=1639594952000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.154.114.220 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.114.220.ip.incapdns.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
f5a937efb57a72f2a9601f6b313fe83b83f0a3c9615027073fecbd31b1c8d1e3

Request headers

Accept
*/*
Referer
https://checkout3.nwfdailynews.com/
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Wed, 29 Dec 2021 04:07:46 GMT
Content-Encoding
gzip
X-SP-Host-Name
AWSTEKWEB13
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,PUT,POST,DELETE
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
X-Iinfo
12-160792240-160792242 ENNN RT(1640750863657 479) q(0 0 0 -1) r(19 19) U5
Transfer-Encoding
chunked
Connection
keep-alive
X-Host-Name
AWSTEKWEB13
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
X-CDN
Imperva
recaptcha__de.js
www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/ 		348 KB
137 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=recaptchaInit&size=invisible&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
295409307a58f3d19608932eac3c022cff1cacc8671dd26b5614a28f7e25e0b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://checkout3.nwfdailynews.com/
Origin
https://checkout3.nwfdailynews.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 02:16:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6660
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
139097
x-xss-protection
0
last-modified
Mon, 13 Dec 2021 05:04:24 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Thu, 29 Dec 2022 02:16:44 GMT
polyfill.min.js
polyfill.io/v3/ 		101 B
589 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?flags=gated&features=es5%2CCustomEvent%2CArray.from%2CArray.isArray%2CArray.prototype.filter%2CArray.prototype.find%2CArray.prototype.findIndex%2CArray.prototype.forEach%2CArray.prototype.indexOf%2CArray.prototype.keys%2CArray.prototype.lastIndexOf%2CArray.prototype.map%2CArray.prototype.reduce%2CDate.prototype.toISOString%2CDocumentFragment%2CDocumentFragment.prototype.append%2CDocumentFragment.prototype.prepend%2CElement%2CElement.prototype.after%2CElement.prototype.append%2CElement.prototype.before%2CElement.prototype.classList%2CElement.prototype.cloneNode%2CElement.prototype.closest%2CElement.prototype.dataset%2CElement.prototype.matches%2CElement.prototype.placeholder%2CElement.prototype.prepend%2CElement.prototype.remove%2CElement.prototype.replaceWith%2CElement.prototype.toggleAttribute%2CEvent%2CJSON%2CMap%2CNumber.parseInt%2CNumber.parseFloat%2CObject.assign%2CObject.create%2CObject.defineProperties%2CObject.defineProperty%2CObject.entries%2CObject.getOwnPropertyDescriptor%2CObject.getOwnPropertyNames%2CObject.is%2CObject.keys%2CObject.values%2CPromise%2CPromise.prototype.finally%2CSet%2CString.prototype.trim%2CXMLHttpRequest%2Cdocument.getElementsByClassName%2Cdocument.currentScript%2Cdocument.querySelector%2Cfetch%2CgetComputedStyle%2ClocalStorage%2CArray.prototype.some%2CDate.now%2CEvent.focusin%2CEventSource%2CFunction.prototype.bind%2CFunction.prototype.name%2CHTMLDocument%2CNodeList.prototype.forEach%2CNodeList.prototype.%40%40iterator%2CNode.prototype.contains%2CObject.getPrototypeOf%2CObject.setPrototypeOf%2CRegExp.prototype.flags%2CString.prototype.%40%40iterator%2CString.prototype.startsWith%2Cconsole%2Cconsole.debug%2Cconsole.error%2Cconsole.info%2Cconsole.log%2Cdocument%2Cdocument.head%2Cdocument.visibilityState%2Clocation.origin%2CrequestIdleCallback%2Cscreen.orientation%2CmatchMedia%2CURL
Requested by
Host: checkout3.nwfdailynews.com
URL: https://checkout3.nwfdailynews.com/build/build.js?dateStamp=1639594952000
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:800::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
dd1b5e04d54c4420fe3e8e6abe2875fc7f13a3cd6384b6c2afc1a35e302dd846
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://checkout3.nwfdailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
content-type
text/javascript; charset=utf-8
age
3736849
detected-user-agent
Chrome/96.0.4664
server-timing
HIT, fastly;desc="Edge time";dur=0, HIT-CLUSTER, fastly;desc="Edge time";dur=1
content-length
101
referrer-policy
origin-when-cross-origin
last-modified
Mon, 15 Nov 2021 17:04:18 GMT
date
Wed, 29 Dec 2021 04:07:44 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/96.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
_Incapsula_Resource
checkout3.nwfdailynews.com/ 		1 B
123 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://checkout3.nwfdailynews.com/_Incapsula_Resource?SWKMTFSR=1&e=0.8843200146916639
Requested by
Host: checkout3.nwfdailynews.com
URL: https://checkout3.nwfdailynews.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.154.114.220 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.114.220.ip.incapdns.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://checkout3.nwfdailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Cache-Control
no-cache, no-store
X-Robots-Tag
noindex
Content-Length
1
Content-Type
text/plain
loader-config.json
cdn.sbgsodufuosmmvsdf.info/prod/gci/ 		946 B
823 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.sbgsodufuosmmvsdf.info/prod/gci/loader-config.json?_=1640750864621
Requested by
Host: checkout3.nwfdailynews.com
URL: https://checkout3.nwfdailynews.com/build/build.js?dateStamp=1639594952000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
66ffa32d9d4262031bdfdf5e92ab1ce7e2f4c1ab29f6f9a44d1ae833ec135dd1

Request headers

Accept
*/*
Referer
https://checkout3.nwfdailynews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 29 Dec 2021 04:07:45 GMT
content-encoding
gzip
content-md5
NjT42e/Q1m2ZTJSBh8K2kQ==
content-length
442
x-ms-lease-status
unlocked
last-modified
Mon, 01 Mar 2021 12:20:09 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D8DCAC5B34125C
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
8156921c-e01e-010e-0869-fc8c21000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
anchor
www.google.com/recaptcha/api2/ Frame 1652 		39 KB
20 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld427EZAAAAAIST_XzqFouDtUAYT5TNNX0P2AVY&co=aHR0cHM6Ly9jaGVja291dDMubndmZGFpbHluZXdzLmNvbTo0NDM.&hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP&size=invisible&badge=bottomleft&cb=ndywclstrep8
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/recaptcha__de.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
24e9df242f4805f1b336979369fb5269206e83758c8d271eb13ce847a3eaee23
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-CqAj5cu4GQO3xB1mwGVSpQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://checkout3.nwfdailynews.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
pragma
no-cache
expires
Mon, 01 Jan 1990 00:00:00 GMT
date
Wed, 29 Dec 2021 04:07:44 GMT
content-security-policy
script-src 'report-sample' 'nonce-CqAj5cu4GQO3xB1mwGVSpQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
20269
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
p.js
cdn.parsely.com/keys/nwfdailynews.com/ 		71 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.parsely.com/keys/nwfdailynews.com/p.js
Requested by
Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/dc/gciAnalytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.103.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-103-127.fra50.r.cloudfront.net
Software
nginx /
Resource Hash
909fdd3e93d161ff293b947acfa2ab65636e6a2f9e7748a1b2f052dacd4eb109

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://checkout3.nwfdailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
public
date
Wed, 29 Dec 2021 04:07:44 GMT
content-encoding
gzip
last-modified
Tue, 16 Feb 2021 16:44:18 GMT
server
nginx
x-amz-cf-pop
FRA50-C1
etag
W/"602bf662-11dab"
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 5d8c59c4e33ff30f6610982ac8ad0232.cloudfront.net (CloudFront)
cache-control
max-age=86400, public
x-amz-cf-id
vFzM2HD1vsxVPvbj0Vt_MiuVgUMvVG5Bm1wxp_FYJYBhPD8ubgANOA==
expires
Thu, 30 Dec 2021 02:13:04 GMT
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/dc/gciAnalytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-86.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://checkout3.nwfdailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 06:14:14 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
78811
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
CqvO-t0fCOM1DIwzFlQrcKF-4EYlxk83mvJGmm0hUKnZlgjqCAPZgg==
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/dc/gciAnalytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://checkout3.nwfdailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
3998
date
Wed, 29 Dec 2021 03:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 29 Dec 2021 05:01:06 GMT
vdkub424m.js
cdn.krxd.net/controltag/ 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/controltag/vdkub424m.js
Requested by
Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/dc/gciAnalytics.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2f14b7f124d10add261a20a9941f901b9d925519c9aeeef0e7d59e5f69c717c5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://checkout3.nwfdailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date
Wed, 29 Dec 2021 04:07:44 GMT
via
1.1 varnish, 1.1 varnish
age
859
x-cache
MISS, HIT, HIT
x-app-cache
HIT
x-age
0
content-encoding
gzip
content-length
10979
x-served-by
config-service-a006-ash-prod.krxd.net, cache-iad-kcgs7200063-IAD, cache-hhn4054-HHN
x-response-time
0
x-do-esi
esi
x-timer
S1640750865.850196,VS0,VE1
etag
"1b6d224499e7d75de06ff8b7d2dae31a56d84455"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=1200
accept-ranges
bytes
x-cache-hits
0, 1, 1
scevent.min.js
sc-static.net/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sc-static.net/scevent.min.js
Requested by
Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/dc/gciAnalytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.37 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-37.fra50.r.cloudfront.net
Software
CloudFront /
Resource Hash
86cef2add30bc2d72060cfa9bac755d279fbab4894012fac0db3aed74ef96dd4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://checkout3.nwfdailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 04:07:44 GMT
content-encoding
gzip
server
CloudFront
x-amz-cf-pop
FRA50-C1
x-cache
LambdaGeneratedResponse from cloudfront
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
cache-control
private, s-maxage=0, max-age=600
access-control-allow-headers
Content-Type
content-length
6867
via
1.1 5ad96647558bd4911f05189f8afefd98.cloudfront.net (CloudFront)
x-amz-cf-id
S3FCz97haLJ45Atqt9bR6_zVd8DwYIejQApGcaEBlbvVdP_Rs8y3Ow==
tfa.js
cdn.taboola.com/libtrc/unip/1261185/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/unip/1261185/tfa.js
Requested by
Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/dc/gciAnalytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
162b21aef63e14217b6fcae0bdb93a5fc7840fd5b9037138b15a01624b6c773f

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://checkout3.nwfdailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-amz-version-id
pgX9n70aLDDRkWruduWZorrISkPdb5LX
content-encoding
gzip
etag
"c9f6356577c6c08410797ee9e858761d"
age
0
x-cache
HIT
x-amz-replication-status
COMPLETED
fastly-restarts
1
x-amz-id-2
ZPR3IFujHoqiT/HOVSGokETPYKv/QXSpVp7ILeqf8KPVY8NJHAUtSR9Hm0cBr+r7zZ623hmSPPo=
x-served-by
cache-hhn4023-HHN
accept-ranges
bytes
last-modified
Tue, 28 Dec 2021 14:51:23 GMT
server
AmazonS3
x-timer
S1640750865.839078,VS0,VE208
date
Wed, 29 Dec 2021 04:07:45 GMT
vary
Accept-Encoding
x-amz-request-id
9WCZ0WH7YMC1N6QF
via
1.1 varnish
cache-control
private,max-age=14401
content-length
16987
content-type
application/javascript; charset=utf-8
abp
41
x-cache-hits
362
styles__ltr.css
www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/ Frame 1652 		51 KB
51 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/styles__ltr.css
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld427EZAAAAAIST_XzqFouDtUAYT5TNNX0P2AVY&co=aHR0cHM6Ly9jaGVja291dDMubndmZGFpbHluZXdzLmNvbTo0NDM.&hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP&size=invisible&badge=bottomleft&cb=ndywclstrep8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f1ac5bc2d2f0c446b2d5bc135db7414a2662ade7b701bc199456d05f51bfc261
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 13:00:20 GMT
x-content-type-options
nosniff
age
54444
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
52473
x-xss-protection
0
last-modified
Mon, 13 Dec 2021 05:04:24 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Wed, 28 Dec 2022 13:00:20 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/ Frame 1652 		348 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld427EZAAAAAIST_XzqFouDtUAYT5TNNX0P2AVY&co=aHR0cHM6Ly9jaGVja291dDMubndmZGFpbHluZXdzLmNvbTo0NDM.&hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP&size=invisible&badge=bottomleft&cb=ndywclstrep8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
295409307a58f3d19608932eac3c022cff1cacc8671dd26b5614a28f7e25e0b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 02:16:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
6660
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
139097
x-xss-protection
0
last-modified
Mon, 13 Dec 2021 05:04:24 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Thu, 29 Dec 2022 02:16:44 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=6035223&ns__t=1640750864845&ns_c=UTF-8&cv=3.5&c8=Subscribe%20to%20The%20Northwest%20Florida%20Daily%20News&c7=https%3A%2F%2Fcheckout3.nwfdailynews.com%2F&c9=
  • https://sb.scorecardresearch.com/b2?c1=2&c2=6035223&ns__t=1640750864845&ns_c=UTF-8&cv=3.5&c8=Subscribe%20to%20The%20Northwest%20Florida%20Daily%20News&c7=https%3A%2F%2Fcheckout3.nwfdailynews.com%2F...
0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=6035223&ns__t=1640750864845&ns_c=UTF-8&cv=3.5&c8=Subscribe%20to%20The%20Northwest%20Florida%20Daily%20News&c7=https%3A%2F%2Fcheckout3.nwfdailynews.com%2F&c9=
Requested by
Host: checkout3.nwfdailynews.com
URL: https://checkout3.nwfdailynews.com/
Protocol
H2
Server
143.204.98.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-86.fra50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://checkout3.nwfdailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 04:07:44 GMT
via
1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id
OyXjI2mevpBCNPuXk-gu2pXCUPlrh6iddiI636Dn-sjO-RRQtkocsw==
x-cache
Miss from cloudfront

Redirect headers

date
Wed, 29 Dec 2021 04:07:44 GMT
via
1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=6035223&ns__t=1640750864845&ns_c=UTF-8&cv=3.5&c8=Subscribe%20to%20The%20Northwest%20Florida%20Daily%20News&c7=https%3A%2F%2Fcheckout3.nwfdailynews.com%2F&c9=
content-length
223
x-amz-cf-id
LL7tF6idiUv9OLszKEbJ0qcUgwnIPZ7bbFJheJvEhdhnoUc9H0N2Mg==
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=754692473&t=pageview&_s=1&dl=https%3A%2F%2Fcheckout3.nwfdailynews.com%2F&ul=en-us&de=UTF-8&dt=Subscribe%20to%20The%20Northwest%20Florida%20Daily%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KHBAAEABEAAAAC~&jid=1180337531&gjid=1143977386&cid=1758886786.1640750865&tid=UA-166840762-18&_gid=2022113791.1640750865&_r=1&_slc=1&cd166=1&cd5=4%3A00%20am&cd6=0&cd58=&cd62=null&cd64=null&cd63=null&cd1=pageview&cd72=&cd159=&cd2=gciAnalytics%3Aprod%3A0.186.1%3ANNWF-TEALIUM-DTIC&cd3=0.186.1&cd49=DTIC&cd77=NNWF-E&cd95=Fort%20Walton%20Beach%2C%20FL&cd68=FL&cd67=florida&cd28=NNWF&cd99=GateHouse&cd162=3&cd79=NNWF-TEALIUM-DTIC&cd32=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.93%20Safari%2F537.36&cd4=6fbf9b31-764c-467f-b064-73d61cb5b46e&cd41=NA&cd40=1&cd160=null&cd42=null&cd90=0&cd33=na&cd7=1758886786.1640750865.68186104&cd44=1758886786.1640750865&z=1327158525
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://checkout3.nwfdailynews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 29 Dec 2021 04:07:44 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://checkout3.nwfdailynews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
controltag.js.a1705c5ac5f06cf0c202ff70908fc042
cdn.krxd.net/ctjs/ 		259 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/vdkub424m.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://checkout3.nwfdailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date
Wed, 29 Dec 2021 04:07:44 GMT
content-encoding
gzip
age
2522787
x-amz-server-side-encryption
AES256
x-cache
HIT
x-cache-hits
4226989
content-length
84509
x-served-by
cache-hhn4054-HHN
last-modified
Mon, 02 Aug 2021 12:06:17 GMT
x-timer
S1640750865.873947,VS0,VE0
etag
"a1705c5ac5f06cf0c202ff70908fc042"
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=315360000
accept-ranges
bytes
expires
Thu, 31 Jul 2031 12:06:16 GMT
/
p1.parsely.com/plogger/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1640750864897&plid=10421222&idsite=nwfdailynews.com&url=https%3A%2F%2Fcheckout3.nwfdailynews.com%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22userType%22%3A%22na%22%2C%22sevenDayReturn%22%3Afalse%7D&tagManager=gciAnalytics%3Aprod%3A0.186.1%3ANNWF-TEALIUM-DTIC&sid=1&surl=https%3A%2F%2Fcheckout3.nwfdailynews.com%2F&sref=&sts=1640750864886&slts=0&title=Subscribe+to+The+Northwest+Florida+Daily+News&date=Wed+Dec+29+2021+04%3A07%3A44+GMT%2B0000+(GMT)&action=pageview&js=1&pvid=90521485&u=pid%3Dba5495f8f596802b4e27841edc22d085
Requested by
Host: checkout3.nwfdailynews.com
URL: https://checkout3.nwfdailynews.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.144.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-144-142.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://checkout3.nwfdailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 29 Dec 2021 04:07:45 GMT
Cache-Control
no-cache
Last-Modified
Wednesday, 29-Dec-2021 04:07:45 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
collect
stats.g.doubleclick.net/j/ 		4 B
450 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-166840762-18&cid=1758886786.1640750865&jid=1180337531&gjid=1143977386&_gid=2022113791.1640750865&_u=KHBAAEAAEAAAAC~&z=559646790
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c08::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://checkout3.nwfdailynews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 29 Dec 2021 04:07:45 GMT
content-type
text/plain
access-control-allow-origin
https://checkout3.nwfdailynews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
proxy.3d2100fd7107262ecb55ce6847f01fa5.html
cdn.krxd.net/partnerjs/xdi/ Frame 5D44 		805 B
849 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://checkout3.nwfdailynews.com/

Response headers

last-modified
Tue, 21 Feb 2017 17:50:54 GMT
etag
"3d2100fd7107262ecb55ce6847f01fa5"
cache-control
public, max-age=315360000
expires
Fri, 19 Feb 2027 17:50:50 GMT
content-type
text/html
x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3
content-encoding
gzip
accept-ranges
bytes
date
Wed, 29 Dec 2021 04:07:45 GMT
via
1.1 varnish
age
3556014
x-served-by
cache-hhn4054-HHN
x-cache
HIT
x-cache-hits
969012
x-timer
S1640750865.205166,VS0,VE0
vary
Accept-Encoding
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
content-length
525
logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 1652 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gstatic.com/recaptcha/api2/logo_48.png
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/styles__ltr.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/styles__ltr.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 07:03:19 GMT
x-content-type-options
nosniff
age
421466
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2228
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin-allow-popups; report-to="recaptcha"
expires
Fri, 31 Dec 2021 07:03:19 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1652 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld427EZAAAAAIST_XzqFouDtUAYT5TNNX0P2AVY&co=aHR0cHM6Ly9jaGVja291dDMubndmZGFpbHluZXdzLmNvbTo0NDM.&hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP&size=invisible&badge=bottomleft&cb=ndywclstrep8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Tue, 28 Dec 2021 11:18:05 GMT
x-content-type-options
nosniff
age
60580
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15344
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:32:55 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 28 Dec 2022 11:18:05 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 1652 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld427EZAAAAAIST_XzqFouDtUAYT5TNNX0P2AVY&co=aHR0cHM6Ly9jaGVja291dDMubndmZGFpbHluZXdzLmNvbTo0NDM.&hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP&size=invisible&badge=bottomleft&cb=ndywclstrep8
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.google.com/
Origin
https://www.google.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Fri, 24 Dec 2021 06:37:08 GMT
x-content-type-options
nosniff
age
423037
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15552
x-xss-protection
0
last-modified
Mon, 16 Oct 2017 17:33:02 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 24 Dec 2022 06:37:08 GMT
webworker.js
www.google.com/recaptcha/api2/ Frame 1652 		102 B
134 B 		Other
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld427EZAAAAAIST_XzqFouDtUAYT5TNNX0P2AVY&co=aHR0cHM6Ly9jaGVja291dDMubndmZGFpbHluZXdzLmNvbTo0NDM.&hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP&size=invisible&badge=bottomleft&cb=ndywclstrep8
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
6644e1c59baf705e99dacc5acb0a1eae7687b5ba94e66a1cdb74959837d17a63
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld427EZAAAAAIST_XzqFouDtUAYT5TNNX0P2AVY&co=aHR0cHM6Ly9jaGVja291dDMubndmZGFpbHluZXdzLmNvbTo0NDM.&hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP&size=invisible&badge=bottomleft&cb=ndywclstrep8
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 04:07:45 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
cross-origin-embedder-policy
require-corp
x-frame-options
SAMEORIGIN
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112
x-xss-protection
1; mode=block
expires
Wed, 29 Dec 2021 04:07:45 GMT
e88225a2-3b7b-45e3-9cc2-a3130b91f0db
consumer.krxd.net/consent/get/ 		235 B
427 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consumer.krxd.net/consent/get/e88225a2-3b7b-45e3-9cc2-a3130b91f0db?idt=device&dt=kxcookie&callback=Krux.ns.gannett.kxjsonp_consent_get_0
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
60e7f625414deaf6c019dddf9f1cdc61c01f77dea957f476b7ad2f907378bdb9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://checkout3.nwfdailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 04:07:45 GMT
via
1.1 varnish
age
0
x-served-by
consumer-a004-dub-prod.krxd.net, cache-hhn4026-HHN
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
content-encoding
gzip
cache-control
max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1640750865.266230,VS0,VE26
content-length
188
x-cache-hits
0, 0
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-166840762-18&cid=1758886786.1640750865&jid=1180337531&_u=KHBAAEAAEAAAAC~&z=2002456867
Requested by
Host: checkout3.nwfdailynews.com
URL: https://checkout3.nwfdailynews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://checkout3.nwfdailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Dec 2021 04:07:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-166840762-18&cid=1758886786.1640750865&jid=1180337531&_u=KHBAAEAAEAAAAC~&z=2002456867
Requested by
Host: checkout3.nwfdailynews.com
URL: https://checkout3.nwfdailynews.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://checkout3.nwfdailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Dec 2021 04:07:45 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
vdkub424m.js
cdn.krxd.net/controltag/ Frame 5D44 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/controltag/vdkub424m.js
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2f14b7f124d10add261a20a9941f901b9d925519c9aeeef0e7d59e5f69c717c5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date
Wed, 29 Dec 2021 04:07:45 GMT
via
1.1 varnish, 1.1 varnish
age
859
x-cache
MISS, HIT, HIT
x-app-cache
HIT
x-age
0
content-encoding
gzip
content-length
10979
x-served-by
config-service-a006-ash-prod.krxd.net, cache-iad-kcgs7200063-IAD, cache-hhn4054-HHN
x-response-time
0
x-do-esi
esi
x-timer
S1640750865.320114,VS0,VE0
etag
"1b6d224499e7d75de06ff8b7d2dae31a56d84455"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
public, max-age=1200
accept-ranges
bytes
x-cache-hits
0, 1, 2
controltag.js.a1705c5ac5f06cf0c202ff70908fc042
cdn.krxd.net/ctjs/ Frame 5D44 		259 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/vdkub424m.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-cdn-backend
4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date
Wed, 29 Dec 2021 04:07:45 GMT
content-encoding
gzip
age
2522788
x-amz-server-side-encryption
AES256
x-cache
HIT
x-cache-hits
4226991
content-length
84509
x-served-by
cache-hhn4054-HHN
last-modified
Mon, 02 Aug 2021 12:06:17 GMT
x-timer
S1640750865.330659,VS0,VE0
etag
"a1705c5ac5f06cf0c202ff70908fc042"
content-type
application/javascript
via
1.1 varnish
cache-control
public, max-age=315360000
accept-ranges
bytes
expires
Thu, 31 Jul 2031 12:06:16 GMT
e88225a2-3b7b-45e3-9cc2-a3130b91f0db
consumer.krxd.net/consent/get/ Frame 5D44 		220 B
277 B 		Script
General
Check archive.org
Download Go to
Full URL
https://consumer.krxd.net/consent/get/e88225a2-3b7b-45e3-9cc2-a3130b91f0db?idt=device&dt=kxcookie&callback=Krux.ns.gannett.kxjsonp_consent_get_0
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.130.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
88d24471a4e082ccedabeedf5b518ce82921564a323a42b0878a275cfc8177f4

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://cdn.krxd.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 04:07:45 GMT
via
1.1 varnish
age
0
x-served-by
consumer-a009-dub-prod.krxd.net, cache-hhn4026-HHN
vary
Accept-Encoding
x-cache
MISS, MISS
content-type
text/javascript; charset=UTF-8
content-encoding
gzip
cache-control
max-age=1800
x-age
0
accept-ranges
bytes
x-timer
S1640750866.753080,VS0,VE29
content-length
177
x-cache-hits
0, 0
ai.0.js
az416426.vo.msecnd.net/scripts/a/ 		94 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/gci/loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FA5) /
Resource Hash
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://checkout3.nwfdailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 29 Dec 2021 04:07:45 GMT
content-encoding
gzip
x-ms-meta-lastmodified
2020-10-01 19:31:04
content-md5
HdY95yzx9wIyQkVEGES+Ew==
age
1407
x-cache
HIT
content-length
22495
x-ms-lease-status
unlocked
last-modified
Thu, 11 Mar 2021 07:46:59 GMT
server
ECAcc (frc/8FA5)
etag
0x8D8E461DA1A5889
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
2870ddc7-a01e-004c-6b66-fc7845000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
expires
Wed, 29 Dec 2021 04:37:45 GMT
g2insights.min.js
g2insights-cdn.azureedge.net/prod/gci/ 		1 MB
217 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://g2insights-cdn.azureedge.net/prod/gci/g2insights.min.js?
Requested by
Host: checkout3.nwfdailynews.com
URL: https://checkout3.nwfdailynews.com/build/build.js?dateStamp=1639594952000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
943411727fc38e74fd17f142167318e8e4a7413687da62a7d7231d4be2bac273

Request headers

Accept
*/*
Referer
https://checkout3.nwfdailynews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 29 Dec 2021 04:07:45 GMT
content-encoding
gzip
content-md5
ZcMTMRjvDroGZi8m89C1xQ==
content-length
221901
x-ms-lease-status
unlocked
last-modified
Tue, 29 Dec 2020 10:08:36 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D8ABE1B4B4937C
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
5753457c-901e-0128-7369-fc1795000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
fp.min.js
fp-cdn.azureedge.net/prod/gci/ 		59 KB
20 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fp-cdn.azureedge.net/prod/gci/fp.min.js?
Requested by
Host: checkout3.nwfdailynews.com
URL: https://checkout3.nwfdailynews.com/build/build.js?dateStamp=1639594952000
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
9d7ae5b7196c72a8c09f3a766e06e61b2ef1d6192076016838b479136435b678

Request headers

Accept
*/*
Referer
https://checkout3.nwfdailynews.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 29 Dec 2021 04:07:46 GMT
content-encoding
gzip
content-md5
I+TRQO5bVyRNfhz04pv14Q==
content-length
19745
x-ms-lease-status
unlocked
last-modified
Thu, 24 Dec 2020 09:00:43 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
etag
0x8D8A7EA654DE3DC
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
a9f1c84e-401e-00cb-1269-fcb44f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
optout_check
beacon.krxd.net/ 		80 B
240 B 		Script
General
Check archive.org
Download Go to
Full URL
https://beacon.krxd.net/optout_check?callback=Krux.ns.gannett.kxjsonp_optOutCheck
Requested by
Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.a1705c5ac5f06cf0c202ff70908fc042
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.30.104 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-30-104.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
15e832ed66b2aab44d55caf6fd1e5acd9b3b76ce67d2608df77333169193c102

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://checkout3.nwfdailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 04:07:45 GMT
cache-control
private, max-age=0, s-max-age=0
x-request-time
D=49 t=1640750865
x-served-by
beacon-n001-dub-prod.krxd.net
content-type
text/javascript
gtm.js
www.googletagmanager.com/ 		162 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PTQ2FRX&l=MG2DL
Requested by
Host: checkout3.nwfdailynews.com
URL: https://checkout3.nwfdailynews.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f771ebbe1c9a22b529d1903c8b10b5523f8f66fc289bf9ac0c18c5569e6b5a9d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://checkout3.nwfdailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 04:07:46 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54334
x-xss-protection
0
last-modified
Wed, 29 Dec 2021 03:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 29 Dec 2021 04:07:46 GMT
/
checkout3.nwfdailynews.com/other/mg2Tracking/ 		102 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://checkout3.nwfdailynews.com/other/mg2Tracking/
Requested by
Host: checkout3.nwfdailynews.com
URL: https://checkout3.nwfdailynews.com/build/build.js?dateStamp=1639594952000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.154.114.220 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.114.220.ip.incapdns.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e5d749d80f1b80091764639f1e57ce4144431559a3060335f1bf39d38a10336e

Request headers

Accept
*/*
Referer
https://checkout3.nwfdailynews.com/
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Wed, 29 Dec 2021 04:07:48 GMT
X-SP-Host-Name
AWSTEKWEB13
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,PUT,POST,DELETE
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
X-Iinfo
12-160792240-160792242 ENNN RT(1640750863657 2443) q(0 0 0 -1) r(14 14) U5
Connection
keep-alive
X-Host-Name
AWSTEKWEB13
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
102
X-CDN
Imperva
getSubscriptionCost
checkout3.nwfdailynews.com/subscription/ 		95 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://checkout3.nwfdailynews.com/subscription/getSubscriptionCost
Requested by
Host: checkout3.nwfdailynews.com
URL: https://checkout3.nwfdailynews.com/build/build.js?dateStamp=1639594952000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.154.114.220 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.114.220.ip.incapdns.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e8fa17907f1d3d4991ec1c260af9cdb72ee838da4b4b2e2de9d23eda2932fe42

Request headers

Accept
*/*
Referer
https://checkout3.nwfdailynews.com/
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Wed, 29 Dec 2021 04:07:48 GMT
X-SP-Host-Name
AWSTEKWEB13
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,PUT,POST,DELETE
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
X-Iinfo
12-160792241-160792246 ENNN RT(1640750863657 2453) q(0 0 0 -1) r(14 14) U5
Connection
keep-alive
X-Host-Name
AWSTEKWEB13
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
95
X-CDN
Imperva
futura_today_bold.woff
checkout3.nwfdailynews.com/fonts/ 		36 KB
37 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://checkout3.nwfdailynews.com/fonts/futura_today_bold.woff
Requested by
Host: checkout3.nwfdailynews.com
URL: https://checkout3.nwfdailynews.com/styles/style_simple.css?dateStamp=1639594952000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.154.114.220 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.114.220.ip.incapdns.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
960e999a771307e0509e94791b6b2d5945517d5b807b61dba554d02efb401a18

Request headers

Referer
https://checkout3.nwfdailynews.com/styles/style_simple.css?dateStamp=1639594952000
Origin
https://checkout3.nwfdailynews.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 29 Dec 2021 04:07:46 GMT
X-CDN
Imperva
X-Powered-By
ASP.NET
X-Iinfo
14-211826448-211826452 ENNN RT(1640750863657 2489) q(0 0 0 -1) r(1 1) U5
Last-Modified
Thu, 09 Sep 2021 19:24:34 GMT
Connection
keep-alive
Content-Length
37062
X-SP-Host-Name
AWSTEKWEB13
Server
Microsoft-IIS/10.0
ETag
W/"90c6-17bcc04d550"
Access-Control-Allow-Methods
GET,PUT,POST,DELETE
Content-Type
font/woff
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=2592000
X-Host-Name
AWSTEKWEB13
Accept-Ranges
bytes
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/dc/gciAnalytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://checkout3.nwfdailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
25965
x-xss-protection
0
pragma
public
x-fb-debug
X1TB0iSF4m4IYDdnyDmyjU4SC+aDE1sc9uCL8PkL4lgU4W5lTIdQ1kKdY5Jt2XqOsMylz/VUUJAnowkxhtiqGA==
x-fb-trip-id
917726464
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Wed, 29 Dec 2021 04:07:46 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
ec.js
www.google-analytics.com/plugins/ua/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/ec.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://checkout3.nwfdailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 03:09:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3506
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1306
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 29 Dec 2021 04:09:20 GMT
ktag.js
resources.xg4ken.com/js/v2/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.xg4ken.com/js/v2/ktag.js?tid=KT%E2%80%90N2B92%E2%80%903EB
Requested by
Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/dc/gciAnalytics.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.250.6.2 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-250-6-2.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
9d2e57536cb3270004cf7d04d06e14ee00d4959da5385699b75eee5ddd02f3c1
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://checkout3.nwfdailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 29 Dec 2021 04:07:46 GMT
Content-Encoding
gzip
Last-Modified
Mon, 06 Dec 2021 07:20:07 GMT
Server
nginx
ETag
"61adb9a7-dd8"
Content-Type
text/plain
Cache-Control
max-age=86400, public
Connection
keep-alive
Content-Length
3544
X-XSS-Protection
1; mode=block
Expires
Thu, 30 Dec 2021 04:07:46 GMT
collect.js
10870841.collect.igodigital.com/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://10870841.collect.igodigital.com/collect.js
Requested by
Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/dc/gciAnalytics.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.19.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-19-55.compute-1.amazonaws.com
Software
/
Resource Hash
4611c34378b1bbbee8890a472c6390137ce8841041a646f0bdc58cf9180eb18a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://checkout3.nwfdailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 04:07:47 GMT
content-encoding
gzip
last-modified
Fri, 24 Dec 2021 16:13:28 GMT
vary
Accept-Encoding
content-type
application/javascript
site-nav-logo-dark@2x.png
www.gannett-cdn.com/sites/nwfdailynews/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.gannett-cdn.com/sites/nwfdailynews/images/site-nav-logo-dark@2x.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
01258ae25088fa1b0f4f062a671e9b16b9c303c37c1f8d3b7d43b915533466e6
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://checkout3.nwfdailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-goog-hash
crc32c=Btec6Q==, md5=pGzGYQGEwWzj18ZoLB0M3g==
date
Wed, 29 Dec 2021 04:07:46 GMT
via
1.1 varnish, 1.1 varnish, 1.1 varnish
nel
{"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age
2982453
x-guploader-uploadid
ADPycdsgKUnFMoVMdg0Y0h4bDOqeJI0YsYFqgKVOMyrdN4cxeTApEjyGyg-5sYWfWY1TzMkCqagn8H2L1ltaU4tTNVNRx5LXDA
x-cache
HIT, HIT, HIT
fastly-io-info
ifsz=6131 idim=420x80 ifmt=png ofsz=3008 odim=420x80 ofmt=webp
x-goog-storage-class
NEARLINE
fastly-stats
io=1
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-length
3008
x-served-by
cache-bwi5136-BWI, cache-iad-kiad7000043-IAD, cache-hhn4052-HHN
vcl_data
4teo2sTrkRpe2BJzz4IyqE.258_19-2a6eb4392662bbc1dde86df2248f53a4
server
UploadServer
x-timer
S1640750867.785036,VS0,VE1
etag
"I4XryZtzb43Fs/xU1+vKbdyr/d13vLhmzRGPKS0XRGg"
vary
Accept
report-to
{"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type
image/webp
access-control-allow-origin
*
expires
Wed, 24 Nov 2021 15:40:13 GMT
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
x-cache-hits
1, 1, 1
b
sb.scorecardresearch.com/ 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=6035223&ns__t=1640750866746&ns_c=UTF-8&cv=3.5&c8=Subscribe%20to%20The%20Northwest%20Florida%20Daily%20News&c7=https%3A%2F%2Fcheckout3.nwfdailynews.com%2F&c9=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-86.fra50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://checkout3.nwfdailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 04:07:46 GMT
via
1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id
RxYglxZT1UThRNe6fq0vLwbBhmwJNe7crMFsi4zo18P4nw7y61G7SQ==
x-cache
Miss from cloudfront
activity;xsp=4391520;ord=NNWF
pubads.g.doubleclick.net/ 		42 B
635 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/activity;xsp=4391520;ord=NNWF?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://checkout3.nwfdailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Dec 2021 04:07:46 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
p1.parsely.com/plogger/ 		43 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://p1.parsely.com/plogger/?rand=1640750866750&plid=10421222&idsite=nwfdailynews.com&url=https%3A%2F%2Fcheckout3.nwfdailynews.com%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22userType%22%3A%22na%22%2C%22sevenDayReturn%22%3Afalse%2C%22_conversion_type%22%3A%22custom%22%2C%22_conversion_label%22%3A%22Offer+Views%22%7D&tagManager=gciAnalytics%3Aprod%3A0.186.1%3ANNWF-TEALIUM-DTIC&sid=1&surl=https%3A%2F%2Fcheckout3.nwfdailynews.com%2F&sref=&sts=1640750864886&slts=0&title=Subscribe+to+The+Northwest+Florida+Daily+News&date=Wed+Dec+29+2021+04%3A07%3A46+GMT%2B0000+(GMT)&action=conversion&pvid=90521485&u=pid%3Dba5495f8f596802b4e27841edc22d085
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.144.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-144-142.compute-1.amazonaws.com
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://checkout3.nwfdailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

Date
Wed, 29 Dec 2021 04:07:46 GMT
Cache-Control
no-cache
Last-Modified
Wednesday, 29-Dec-2021 04:07:46 GMT
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
b
sb.scorecardresearch.com/ 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=6035223&ns__t=1640750866769&ns_c=UTF-8&cv=3.5&c8=Subscribe%20to%20The%20Northwest%20Florida%20Daily%20News&c7=https%3A%2F%2Fcheckout3.nwfdailynews.com%2F&c9=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.98.86 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-98-86.fra50.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://checkout3.nwfdailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 04:07:46 GMT
via
1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA50-C1
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id
437ffodnr5U186P7TgSY6Gzcr1LPrk20tCFWhcadtzEVymRNLUF5fQ==
x-cache
Miss from cloudfront
unip
trc.taboola.com/1261185/log/3/ 		0
294 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1261185/log/3/unip?en=pre_d_eng_tb&tos=1589&scd=100&ssd=1&est=1640750865287&ver=35&isls=true&src=i&invt=1500&tim=1640750866875&mrir=u&vi=1640750865285&ref=null&cv=UNKNOWN
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1261185/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://checkout3.nwfdailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Wed, 29 Dec 2021 04:07:46 GMT
via
1.1 varnish
server
nginx
x-timer
S1640750867.889976,VS0,VE9
x-served-by
cache-hhn4023-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://checkout3.nwfdailynews.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0
reload
www.google.com/recaptcha/api2/ Frame 1652 		29 KB
16 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/reload?k=6Ld427EZAAAAAIST_XzqFouDtUAYT5TNNX0P2AVY
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/VZKEDW9wslPbEc9RmzMqaOAP/recaptcha__de.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
4c0b8144acbffe6d0d7eeb520513aa9c0b73e50e326d4e5703d4b5026aa58140
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Ld427EZAAAAAIST_XzqFouDtUAYT5TNNX0P2AVY&co=aHR0cHM6Ly9jaGVja291dDMubndmZGFpbHluZXdzLmNvbTo0NDM.&hl=de&v=VZKEDW9wslPbEc9RmzMqaOAP&size=invisible&badge=bottomleft&cb=ndywclstrep8
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/x-protobuffer

Response headers

date
Wed, 29 Dec 2021 04:07:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
application/json; charset=utf-8
cache-control
private, max-age=0
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16457
x-xss-protection
1; mode=block
expires
Wed, 29 Dec 2021 04:07:46 GMT
ai.0.js
az416426.vo.msecnd.net/scripts/a/ 		94 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PTQ2FRX&l=MG2DL
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/8FA5) /
Resource Hash
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://checkout3.nwfdailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 29 Dec 2021 04:07:46 GMT
content-encoding
gzip
x-ms-meta-lastmodified
2020-10-01 19:31:04
content-md5
HdY95yzx9wIyQkVEGES+Ew==
age
1408
x-cache
HIT
content-length
22495
x-ms-lease-status
unlocked
last-modified
Thu, 11 Mar 2021 07:46:59 GMT
server
ECAcc (frc/8FA5)
etag
0x8D8E461DA1A5889
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
2870ddc7-a01e-004c-6b66-fc7845000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
expires
Wed, 29 Dec 2021 04:37:46 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=754692473&t=event&ni=0&_s=2&dl=https%3A%2F%2Fcheckout3.nwfdailynews.com%2F&ul=en-us&de=UTF-8&dt=Subscribe%20to%20The%20Northwest%20Florida%20Daily%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=subscribe&ea=subscription%20impression&el=from%3A%20%2F&_u=aHBAAEIJEAAAAC~&jid=&gjid=&cid=1758886786.1640750865&tid=UA-166840762-18&_gid=2022113791.1640750865&cd166=1&cd5=4%3A00%20am&cd6=0&cd58=&cd62=null&cd64=null&cd63=null&cd1=product-view&cd72=&cd159=&cd2=gciAnalytics%3Aprod%3A0.186.1%3ANNWF-TEALIUM-DTIC&cd3=0.186.1&cd49=DTIC&cd77=NNWF-E&cd95=Fort%20Walton%20Beach%2C%20FL&cd68=FL&cd67=florida&cd28=NNWF&cd99=GateHouse&cd162=3&cd79=NNWF-TEALIUM-DTIC&cd32=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.93%20Safari%2F537.36&cd4=e049c396-685c-11ec-9c6f-d60c5f329b16&cd41=NA&cd40=1&cd160=null&cd42=null&cd90=0&cd33=na&cd7=1758886786.1640750865.72455624&cd44=1758886786.1640750865&pa=detail&il1pi1id=Digital%3Aundefined%3A&il1pi1nm=Digital%3Aundefined%3A&il1pi1br=The%20Northwest%20Florida%20Daily%20News&il1pi1cd166=1&il1pi1cd5=4%3A00%20am&il1pi1cd6=0&il1pi1cd58=&il1pi1cd62=null&il1pi1cd64=null&il1pi1cd63=null&il1pi1cd1=product-view&il1pi1cd72=&il1pi1cd159=&il1pi1cd2=gciAnalytics%3Aprod%3A0.186.1%3ANNWF-TEALIUM-DTIC&il1pi1cd3=0.186.1&il1pi1cd49=DTIC&il1pi1cd77=NNWF-E&il1pi1cd95=Fort%20Walton%20Beach%2C%20FL&il1pi1cd68=FL&il1pi1cd67=florida&il1pi1cd28=NNWF&il1pi1cd99=GateHouse&il1pi1cd162=3&il1pi1cd79=NNWF-TEALIUM-DTIC&il1pi1cd32=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.93%20Safari%2F537.36&il1pi1cd4=e049c396-685c-11ec-9c6f-d60c5f329b16&il1pi1cd41=NA&il1pi1cd40=1&il1pi1cd160=null&il1pi1cd42=null&il1pi1cd90=0&il1pi1cd33=na&il1pi1cd7=1758886786.1640750865.72455624&il1pi1cd44=1758886786.1640750865&z=2051745327
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://checkout3.nwfdailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Dec 2021 23:18:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
17346
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=754692473&t=event&ni=0&_s=3&dl=https%3A%2F%2Fcheckout3.nwfdailynews.com%2F&ul=en-us&de=UTF-8&dt=Subscribe%20to%20The%20Northwest%20Florida%20Daily%20News&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=subscribe&ea=add%20to%20cart&el=DigitalPrint%3Aundefined%3A100328&_u=aHBAAEIJEAAAAC~&jid=&gjid=&cid=1758886786.1640750865&tid=UA-166840762-18&_gid=2022113791.1640750865&cd166=1&cd5=4%3A00%20am&cd6=0&cd58=&cd62=null&cd64=null&cd63=null&cd1=product-add&cd72=&cd159=&cd2=gciAnalytics%3Aprod%3A0.186.1%3ANNWF-TEALIUM-DTIC&cd3=0.186.1&cd49=DTIC&cd77=NNWF-E&cd95=Fort%20Walton%20Beach%2C%20FL&cd68=FL&cd67=florida&cd28=NNWF&cd99=GateHouse&cd162=3&cd79=NNWF-TEALIUM-DTIC&cd32=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.93%20Safari%2F537.36&cd4=e049c396-685c-11ec-9c6f-d60c5f329b16&cd41=NA&cd40=1&cd160=null&cd42=null&cd90=0&cd33=na&cd7=1758886786.1640750865.42310548&cd44=1758886786.1640750865&pa=add&pr1id=DigitalPrint%3Aundefined%3A100328&pr1nm=DigitalPrint%3Aundefined%3A100328&pr1br=The%20Northwest%20Florida%20Daily%20News&pr1cd166=1&pr1cd5=4%3A00%20am&pr1cd6=0&pr1cd58=&pr1cd62=null&pr1cd64=null&pr1cd63=null&pr1cd1=product-add&pr1cd72=&pr1cd159=&pr1cd2=gciAnalytics%3Aprod%3A0.186.1%3ANNWF-TEALIUM-DTIC&pr1cd3=0.186.1&pr1cd49=DTIC&pr1cd77=NNWF-E&pr1cd95=Fort%20Walton%20Beach%2C%20FL&pr1cd68=FL&pr1cd67=florida&pr1cd28=NNWF&pr1cd99=GateHouse&pr1cd162=3&pr1cd79=NNWF-TEALIUM-DTIC&pr1cd32=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.93%20Safari%2F537.36&pr1cd4=e049c396-685c-11ec-9c6f-d60c5f329b16&pr1cd41=NA&pr1cd40=1&pr1cd160=null&pr1cd42=null&pr1cd90=0&pr1cd33=na&pr1cd7=1758886786.1640750865.42310548&pr1cd44=1758886786.1640750865&z=1783200357
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://checkout3.nwfdailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 28 Dec 2021 23:18:40 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
17346
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
709555869617475
connect.facebook.net/signals/config/ 		305 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/709555869617475?v=2.9.48&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
644e5f7543d20e519f25aa27954fb3739605b8d52990d019acf114aa869a6f8f
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://checkout3.nwfdailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
V9odCE+DSMc5K3Zl0yukwsV0nj3AFOT3qYiBaeKTOM0s599BmxsSrakcwCO/0EzeQ/0QYmmSSAwhru60X9TKAg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 29 Dec 2021 04:07:46 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
getEdgilSession
checkout3.nwfdailynews.com/payment/ 		50 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://checkout3.nwfdailynews.com/payment/getEdgilSession
Requested by
Host: checkout3.nwfdailynews.com
URL: https://checkout3.nwfdailynews.com/build/build.js?dateStamp=1639594952000
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
107.154.114.220 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.114.220.ip.incapdns.net
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
81c6161073048cab5ff78e87061efa6843bf98b691885cf1453c544f4cb3f593

Request headers

Accept
*/*
Referer
https://checkout3.nwfdailynews.com/
X-Requested-With
XMLHttpRequest
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

Date
Wed, 29 Dec 2021 04:07:47 GMT
X-SP-Host-Name
AWSTEKWEB13
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET,PUT,POST,DELETE
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
X-Iinfo
14-211826448-211826452 ENNN RT(1640750863657 2790) q(0 0 0 -1) r(7 7) U5
Connection
keep-alive
X-Host-Name
AWSTEKWEB13
Access-Control-Allow-Headers
Origin, X-Requested-With, Content-Type, Accept
Content-Length
50
X-CDN
Imperva
444277530343501
connect.facebook.net/signals/config/ 		306 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/444277530343501?v=2.9.48&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5149bf07c5a6e5b80ac40cc2517efc4d8d7c74177d23b0991f7689fc33435970
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://checkout3.nwfdailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
89195
x-xss-protection
0
pragma
public
x-fb-debug
/lUj4kXG/U1BgDDThPsWZQC0POvjx5qsBRj4Im1okRR1rKu4usc6kCp4chhs17fHvsEDaBfyBbY2TY1frmK0eA==
x-frame-options
DENY
date
Wed, 29 Dec 2021 04:07:47 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=709555869617475&ev=ViewContent&dl=https%3A%2F%2Fcheckout3.nwfdailynews.com%2F&rl=&if=false&ts=1640750867017&cd[currency]=USD&cd[contents]=%5B%7B%22id%22%3A%22Digital%3Aundefined%3A%22%7D%5D&cd[content_type]=product&cd[fbp]=&cd[external_id]=e049c396-685c-11ec-9c6f-d60c5f329b16&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1640750867016.2012716370&it=1640750866920&coo=false&eid=product-view-68b69d46-859d-4eb5-97cb-387cb96b1914&tm=1&exp=p0&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://checkout3.nwfdailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 04:07:47 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length
44
expires
Wed, 29 Dec 2021 04:07:47 GMT
/
www.facebook.com/tr/ 		44 B
91 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=444277530343501&ev=Universal_ViewContent&dl=https%3A%2F%2Fcheckout3.nwfdailynews.com%2F&rl=&if=false&ts=1640750867046&cd[currency]=USD&cd[contents]=%5B%7B%22id%22%3A%22Digital%3Aundefined%3A%22%7D%5D&cd[content_type]=product&cd[fbp]=&cd[external_id]=e049c396-685c-11ec-9c6f-d60c5f329b16&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1640750867016.2012716370&it=1640750866920&coo=false&eid=product-view-68b69d46-859d-4eb5-97cb-387cb96b1914&tm=1&exp=p0&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://checkout3.nwfdailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 04:07:47 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Wed, 29 Dec 2021 04:07:47 GMT
track_page_view
nova.collect.igodigital.com/c2/10870841/ 		43 B
713 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://nova.collect.igodigital.com/c2/10870841/track_page_view?payload=%7B%22item%22%3A%226738NF%3ADigitalPrint%3Aundefined%3A100328%22%2C%22title%22%3A%22Subscribe%20to%20The%20Northwest%20Florida%20Daily%20News%22%2C%22url%22%3A%22https%3A%2F%2Fcheckout3.nwfdailynews.com%2F%22%2C%22referrer%22%3A%22%22%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.144.19.55 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-144-19-55.compute-1.amazonaws.com
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://checkout3.nwfdailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-runtime
0.007374
date
Wed, 29 Dec 2021 04:07:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
etag
W/"98b3d9d20e032f90aca49e9b116225d5"
x-frame-options
SAMEORIGIN
content-type
image/gif
cache-control
private
content-transfer-encoding
binary
content-disposition
inline
vary
Accept-Encoding
x-xss-protection
1; mode=block
x-request-id
8e4b5d76-3432-4ca2-9993-47023a09e04b
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=709555869617475&ev=Microdata&dl=https%3A%2F%2Fcheckout3.nwfdailynews.com%2F&rl=&if=false&ts=1640750867520&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Subscribe%20to%20The%20Northwest%20Florida%20Daily%20News%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fcheckout3.nwfdailynews.com%2F%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1640750867016.2012716370&it=1640750866920&coo=false&es=automatic&tm=3&exp=p0&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://checkout3.nwfdailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 04:07:47 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Wed, 29 Dec 2021 04:07:47 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PTQ2FRX&l=MG2DL
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://checkout3.nwfdailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
4001
date
Wed, 29 Dec 2021 03:01:06 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Wed, 29 Dec 2021 05:01:06 GMT
conversion_async.js
www.googleadservices.com/pagead/ 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PTQ2FRX&l=MG2DL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.66 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s48-in-f2.1e100.net
Software
cafe /
Resource Hash
9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://checkout3.nwfdailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 04:07:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
14328
x-xss-protection
0
server
cafe
etag
12503521247758841375
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 29 Dec 2021 04:07:47 GMT
/
www.facebook.com/tr/ 		44 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=444277530343501&ev=Microdata&dl=https%3A%2F%2Fcheckout3.nwfdailynews.com%2F&rl=&if=false&ts=1640750867557&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Subscribe%20to%20The%20Northwest%20Florida%20Daily%20News%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fcheckout3.nwfdailynews.com%2F%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1640750867016.2012716370&it=1640750866920&coo=false&es=automatic&tm=3&exp=p0&rqm=GET
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://checkout3.nwfdailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

date
Wed, 29 Dec 2021 04:07:47 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
content-length
44
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority
u=3,i
expires
Wed, 29 Dec 2021 04:07:47 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/748571383/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/748571383/?random=1640750867583&cv=9&fst=1640750867583&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fcheckout3.nwfdailynews.com%2F&tiba=Subscribe%20to%20The%20Northwest%20Florida%20Daily%20News&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9c01767474c4158acbbdaa10fe7a5ef500b794ebeb1e99cddee80fddd39a18b2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://checkout3.nwfdailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Dec 2021 04:07:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1028
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/748571383/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/748571383/?random=1640750867583&cv=9&fst=1640750400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fcheckout3.nwfdailynews.com%2F&tiba=Subscribe%20to%20The%20Northwest%20Florida%20Daily%20News&async=1&fmt=3&is_vtc=1&random=1902305510&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://checkout3.nwfdailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Dec 2021 04:07:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.de/pagead/1p-user-list/748571383/ 		42 B
64 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/pagead/1p-user-list/748571383/?random=1640750867583&cv=9&fst=1640750400000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wgc10&sendb=1&frm=0&url=https%3A%2F%2Fcheckout3.nwfdailynews.com%2F&tiba=Subscribe%20to%20The%20Northwest%20Florida%20Daily%20News&async=1&fmt=3&is_vtc=1&random=1902305510&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://checkout3.nwfdailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 29 Dec 2021 04:07:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
hosted_page_load.jsp
edgilpayway.net/pw_web/ Frame 5526 		12 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://edgilpayway.net/pw_web/hosted_page_load.jsp?requestID=1826986087&replyURL=https://checkout3.nwfdailynews.com/payment/validateEdgil
Requested by
Host: checkout3.nwfdailynews.com
URL: https://checkout3.nwfdailynews.com/build/build.js?dateStamp=1639594952000
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
199.204.136.5 , United States, ASN33070 (RMH-14, US),
Reverse DNS
Software
/
Resource Hash
6799939d47143550efe0f023be096759892994f6b0149b42ef44361fb460ad6a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://checkout3.nwfdailynews.com/

Response headers

Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Access-Control-Allow-Origin,Access-Control-Allow-Credentials
Content-Type
text/html;charset=ISO-8859-1
Transfer-Encoding
chunked
Date
Wed, 29 Dec 2021 04:07:47 GMT
Keep-Alive
timeout=60
Connection
keep-alive
style_edgil_cc_simple.css
prodmg2.blob.core.windows.net/edgil/mg2/ Frame 5526 		2 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://prodmg2.blob.core.windows.net/edgil/mg2/style_edgil_cc_simple.css
Requested by
Host: edgilpayway.net
URL: https://edgilpayway.net/pw_web/hosted_page_load.jsp?requestID=1826986087&replyURL=https://checkout3.nwfdailynews.com/payment/validateEdgil
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.82.152.48 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
6fe4517c3fc6a94e5cb3c58ac34645e0095f8478303783e880042fa650a7384e

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://edgilpayway.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
BlockBlob
Date
Wed, 29 Dec 2021 04:07:48 GMT
Last-Modified
Thu, 14 Feb 2019 15:13:02 GMT
Server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
Content-MD5
nOEat2z5E6w+YlA5knlwzw==
ETag
0x8D6928EE9B49787
Content-Type
text/css
Access-Control-Allow-Origin
*
x-ms-request-id
dcc44231-e01e-0105-6f69-fc9455000000
Access-Control-Expose-Headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
Content-Length
2300
unip
trc.taboola.com/1261185/log/3/ 		0
79 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/1261185/log/3/unip?en=pre_d_eng_tb&tos=4590&scd=100&ssd=1&est=1640750865287&ver=35&isls=true&src=i&invt=3000&tim=1640750869877&mrir=u&vi=1640750865285&ref=null&cv=UNKNOWN
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/unip/1261185/tfa.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://checkout3.nwfdailynews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36

Response headers

x-vcl-time-ms
9
pragma
no-cache
date
Wed, 29 Dec 2021 04:07:49 GMT
via
1.1 varnish
server
nginx
x-timer
S1640750870.881883,VS0,VE9
x-served-by
cache-hhn4023-HHN
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin
https://checkout3.nwfdailynews.com
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
content-type
image/gif
x-cache-hits
0

Verdicts & Comments Add Verdict or Comment

142 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| viewParameters object| config string| gciAnalyticsUAID object| __core-js_shared__ object| core object| gciDataPiano object| gciDataKnockoutPostbox object| gciDataGCIAS function| snaptr object| gciData object| gciDataQueue object| gciAnalytics object| dataLayer object| $jscomp function| FlatpickrInstance function| _flatpickr function| flatpickr function| _extends function| _typeof function| $ function| jQuery object| alertify object| ko function| Constants function| PageMetaDataHandler function| Utils function| ComponentsNames object| ComponentStates function| ComponentTemplateNames function| FilterTypes function| PaymentOptionsCodes function| OfferService function| GigyaUserProvider function| MG2UserProvider function| LandingAlignedImage function| LandingFullscreen function| LandingHorizontal function| LandingTabbed function| LandingTiles function| LandingZipFirst function| OfferSelectorApplePay function| OfferSelectorCheckBox function| OfferSelectorCSR function| OfferSelectorDropDown function| OfferSelectorHorizontal function| OfferSelectorSmallTiles function| OfferSelectorTiles function| Page function| PromotionDigital function| PromotionLinkOnly function| PromotionUpsell function| PromotionZipCode function| Step object| cartAbandonment object| tracker object| userProvider function| resetCaptcha function| recaptchaInit function| edgileProcessResponse object| viewModel object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| google_tag_manager function| PluginInitOverride object| MG2Loader string| loaderVersion string| loaderBuild string| configSiteCode object| plugins object| deferredResources object| recaptcha object| closure_lm_463351 object| gciAnalyticsConfig object| PARSELY object| gciKruxData object| gciDataTaboola object| _taboola object| _tfa function| udm_ object| _comscore object| COMSCORE object| ns_p object| google_tag_data function| ga object| gaplugins object| gaGlobal object| gaData object| gciDataGoogleAnalytics boolean| triedToSendCookieToNative object| WebJSBridge function| Krux object| TRC number| taboola_view_id object| TRCImpl function| __trcError object| LoaderConfig object| appInsights object| AI object| Microsoft function| __extends function| _endsWith object| g2ExtendInits object| G2Analytics object| G2Insights object| MG2Insights string| fpVersion string| fpBuild object| DeviceDetector object| Fingerprint object| MG2DL object| include object| exclude function| fbq function| _fbq function| ktag function| sha256 function| sha224 object| snippet object| init object| g2iAppInsights object| Ktag_Constants object| Ktag_Toggles object| Ktag_Amp_Helpers object| Ktag_Helpers object| Ktag_Functions function| setup object| _etmc object| _etmc_temp string| func_name object| args string| collect_url string| GoogleAnalyticsObject function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO

29 Cookies

Domain/Path Name / Value
sc-static.net/scevent.min.js Name: X-AB
Value: 0d6e407936704bd380072f5891d28b0e
www.google.com/recaptcha Name: _GRECAPTCHA
Value: 09ABBMTcP2sBSv10QRa2JDzh5jamclTmHee8QeyPexilixKT9LEGMbLksFK6_HyOIvs85Lbj2K4HcjejYJManQyyc
checkout3.nwfdailynews.com/ Name: connect.sid
Value: s%3Aw2e80qZf-8FmBGx6vkcXr0A7S1zjIkDk.0EVEx5WlypeToCDpRTnp2gAVkyq18m8Hf80rrcZsE9Q
.nwfdailynews.com/ Name: visid_incap_2418937
Value: BI0vYpegQ0OGpainPOQGrw/fy2EAAAAAQUIPAAAAAACZa/hU/z/9VSwoQM4iYRnm
.nwfdailynews.com/ Name: nlbi_2418937
Value: icvzCxQ1hVMlmkAE1R2XGgAAAABRlNGKdy3V66gpw8wgkiNC
.nwfdailynews.com/ Name: incap_ses_1368_2418937
Value: FUZ6CBlWrH55TZC9CB38Eg/fy2EAAAAAEmQookRKN7NqCC9HjJuYlQ==
.nwfdailynews.com/ Name: gnt_eu
Value: true
.nwfdailynews.com/ Name: _ga
Value: GA1.2.1758886786.1640750865
.nwfdailynews.com/ Name: _gid
Value: GA1.2.2022113791.1640750865
.nwfdailynews.com/ Name: _gat_gciAnalytics
Value: 1
.scorecardresearch.com/ Name: UID
Value: 1LL7TF6IDIUV9OLSZKEBJ0g1640750865
.nwfdailynews.com/ Name: _parsely_session
Value: {%22sid%22:1%2C%22surl%22:%22https://checkout3.nwfdailynews.com/%22%2C%22sref%22:%22%22%2C%22sts%22:1640750864886%2C%22slts%22:0}
.nwfdailynews.com/ Name: _parsely_visitor
Value: {%22id%22:%22pid=ba5495f8f596802b4e27841edc22d085%22%2C%22session_count%22:1%2C%22last_session_ts%22:1640750864886}
.nwfdailynews.com/ Name: gup_lng
Value: %7B%22ret-usr%22%3A%20false%2C%20%22ret-sub%22%3A%20false%2C%20%22auth%22%3A%20false%2C%20%22name%22%3A%20%22%22%2C%20%22hma%22%3A%20false%2C%20%22lic%22%3A%20%22none%22%2C%20%22lpf%22%3A%20false%2C%20%22pjwt%22%3A%20null%2C%20%22updated%22%3A%201640750865%2C%20%223PID%22%3A%20null%2C%20%22ips%22%3A%20false%7D
.nwfdailynews.com/ Name: gup_anonid
Value: e049c396-685c-11ec-9c6f-d60c5f329b16
.nwfdailynews.com/ Name: gup_clientid
Value: e04b67d2-685c-11ec-9c6f-d60c5f329b16
.krxd.net/ Name: _kuid_
Value: OkakxjOD
checkout3.nwfdailynews.com/ Name: ai_user
Value: 57xuD|2021-12-29T04:07:45.797Z
.nwfdailynews.com/ Name: gnt_CA
Value: eyJDQV9wbmFtZSI6IkRpZ2l0YWwiLCJDQV90cyI6MTY0MDc1MDg2Njc3N30=
.nwfdailynews.com/ Name: anonDeviceId
Value: fc429d9de8d0d4ec0e5fcb8967abe7a3
.nwfdailynews.com/ Name: _fbp
Value: fb.1.1640750867016.2012716370
.facebook.com/ Name: fr
Value: 0m85WNL4JJRO1rvQL..Bhy98T...1.0.Bhy98T.
.igodigital.com/ Name: igodigitaltc2
Value: e1817e8e-685c-11ec-954c-8a56bd188c06
.igodigital.com/ Name: igodigitalst_10870841
Value: e18185c8-685c-11ec-954c-8a56bd188c06
.igodigital.com/ Name: igodigitalstdomain
Value: 24765
checkout3.nwfdailynews.com/ Name: ai_session
Value: 1SBrm|1640750867537.9|1640750867537.9
.doubleclick.net/ Name: IDE
Value: AHWqTUlmAThWjvAfSNbA9DwnMJySC3HulBXiEHA2TJWRwHWIdxWYiMUXJb5S-m5c
checkout3.nwfdailynews.com/ Name: AWSALB
Value: enyw5qEQKjvNEYT7yOKTX5d6AdmN48I9d/EC5nJ/+NHi5Bt9UigiEz+j2PBYMO/cjQfLdUOXUE//rYNobZLJ9xFjjkqYHY4jUy+pnusrkadhhzYesmm1oRo5nkOl
checkout3.nwfdailynews.com/ Name: AWSALBCORS
Value: enyw5qEQKjvNEYT7yOKTX5d6AdmN48I9d/EC5nJ/+NHi5Bt9UigiEz+j2PBYMO/cjQfLdUOXUE//rYNobZLJ9xFjjkqYHY4jUy+pnusrkadhhzYesmm1oRo5nkOl

3 Console Messages

Source Level URL
Text
network error URL: https://checkout3.nwfdailynews.com/other/isChatAvailable/
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://checkout3.nwfdailynews.com/other/isChatAvailable/
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://checkout3.nwfdailynews.com/other/isChatAvailable/
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy frame-ancestors *.subconadmin.com https://*.subconadmin.com *.mg2cms.com https://*.mg2cms.com

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10870841.collect.igodigital.com
az416426.vo.msecnd.net
beacon.krxd.net
cdn.krxd.net
cdn.parsely.com
cdn.sbgsodufuosmmvsdf.info
cdn.taboola.com
checkout3.nwfdailynews.com
connect.facebook.net
consumer.krxd.net
edgilpayway.net
eu.nwfdailynews.com
fonts.gstatic.com
fp-cdn.azureedge.net
g2insights-cdn.azureedge.net
googleads.g.doubleclick.net
loader-cdn.azureedge.net
login.nwfdailynews.com
nova.collect.igodigital.com
p1.parsely.com
polyfill.io
prodmg2.blob.core.windows.net
pubads.g.doubleclick.net
resources.xg4ken.com
sb.scorecardresearch.com
sc-static.net
staticassets.gannettdigital.com
stats.g.doubleclick.net
trc.taboola.com
user.nwfdailynews.com
www.facebook.com
www.gannett-cdn.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
107.154.114.220
13.82.152.48
142.250.185.66
143.204.103.127
143.204.98.37
143.204.98.86
151.101.130.133
151.101.130.62
151.101.2.133
151.101.2.62
151.101.65.44
199.204.136.5
2606:2800:233:1cb7:261b:1f9c:2074:3c
2a00:1450:4001:809::2003
2a00:1450:4001:80f::2008
2a00:1450:4001:810::2003
2a00:1450:4001:811::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2004
2a00:1450:400c:c08::9c
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:800::282
34.250.6.2
52.214.30.104
54.144.144.142
54.144.19.55
01258ae25088fa1b0f4f062a671e9b16b9c303c37c1f8d3b7d43b915533466e6
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
09cff25adf02e25fcdaac9140d0cfcf36060315f16e71031056b5570c6551a03
0aef9db3456291ff296a27a5aab5ed6bb0fafee6b48fb336461447a739b74fff
0dbd29316c5c622b5e51ba50deb2f5de43196507c01ecd81bf2bec340ce220a3
0fff64b24d14126e3d1b49686356363716f8f522188262df97a3c4b4d6c07813
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
15e832ed66b2aab44d55caf6fd1e5acd9b3b76ce67d2608df77333169193c102
162b21aef63e14217b6fcae0bdb93a5fc7840fd5b9037138b15a01624b6c773f
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1fe6c2d4280e3aa5f50351a218c0c6d5d921a0e367d98d9235cfe094ab269d75
23ef397827526f19d2b7a5f1a687d0015166eaf81e52e452d30512d994398903
24e9df242f4805f1b336979369fb5269206e83758c8d271eb13ce847a3eaee23
295409307a58f3d19608932eac3c022cff1cacc8671dd26b5614a28f7e25e0b0
2f14b7f124d10add261a20a9941f901b9d925519c9aeeef0e7d59e5f69c717c5
3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
3ee5f9fb00ec99c9f746a37213033a19d82260a5c2fea95583275542bb60ab97
4611c34378b1bbbee8890a472c6390137ce8841041a646f0bdc58cf9180eb18a
4c0b8144acbffe6d0d7eeb520513aa9c0b73e50e326d4e5703d4b5026aa58140
5149bf07c5a6e5b80ac40cc2517efc4d8d7c74177d23b0991f7689fc33435970
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
58d6350da5588a52d6baa4efc27a3362b4ee69dba3504fc762f934d7bb5d0bc4
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
60e7f625414deaf6c019dddf9f1cdc61c01f77dea957f476b7ad2f907378bdb9
644e5f7543d20e519f25aa27954fb3739605b8d52990d019acf114aa869a6f8f
6644e1c59baf705e99dacc5acb0a1eae7687b5ba94e66a1cdb74959837d17a63
66ffa32d9d4262031bdfdf5e92ab1ce7e2f4c1ab29f6f9a44d1ae833ec135dd1
6799939d47143550efe0f023be096759892994f6b0149b42ef44361fb460ad6a
6fe4517c3fc6a94e5cb3c58ac34645e0095f8478303783e880042fa650a7384e
7fa4aa0ac8c3337c88e8f7e01bf4abbd53807b22d7e406e0e40338905e67d605
81c6161073048cab5ff78e87061efa6843bf98b691885cf1453c544f4cb3f593
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86cef2add30bc2d72060cfa9bac755d279fbab4894012fac0db3aed74ef96dd4
88d24471a4e082ccedabeedf5b518ce82921564a323a42b0878a275cfc8177f4
8de1252af1f9de4f2c30be2cea5a2a94db91aadb6cf6d0da24c962c9bc07279f
909fdd3e93d161ff293b947acfa2ab65636e6a2f9e7748a1b2f052dacd4eb109
943411727fc38e74fd17f142167318e8e4a7413687da62a7d7231d4be2bac273
960e999a771307e0509e94791b6b2d5945517d5b807b61dba554d02efb401a18
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9c01767474c4158acbbdaa10fe7a5ef500b794ebeb1e99cddee80fddd39a18b2
9d2e57536cb3270004cf7d04d06e14ee00d4959da5385699b75eee5ddd02f3c1
9d7ae5b7196c72a8c09f3a766e06e61b2ef1d6192076016838b479136435b678
9f4922667f15ec47709504b75c4433e7145f96078261bc9a11e386ca52fa18bb
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a98407acf6c69b60daef4641c493389c88c1ae8ff51366b3c0cb78937e031181
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b16536ac8f4dc22595142244daba17fd653cbeb18ab213d5e73a07df55f78264
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
ca1f76f3e333116f0ed5ae78dbce5c9c407d50d21530beb81e9cc0db1fa4cfac
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfa61520f1762d1cd02a31b46a17a9a8c0e27a473ee65daefee2717489ad7fff
d1529eb02fbecf5907f228aeb4a6d4442920190968119407127af541dcf0c7f4
dd1b5e04d54c4420fe3e8e6abe2875fc7f13a3cd6384b6c2afc1a35e302dd846
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5d749d80f1b80091764639f1e57ce4144431559a3060335f1bf39d38a10336e
e8fa17907f1d3d4991ec1c260af9cdb72ee838da4b4b2e2de9d23eda2932fe42
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f14a64e77d82222c7b9bc2d6a834e32b54e5481a7bd2f5a8659377eb63b88e89
f1ac5bc2d2f0c446b2d5bc135db7414a2662ade7b701bc199456d05f51bfc261
f5a937efb57a72f2a9601f6b313fe83b83f0a3c9615027073fecbd31b1c8d1e3
f771ebbe1c9a22b529d1903c8b10b5523f8f66fc289bf9ac0c18c5569e6b5a9d
fbdd70a033e81218583e25de569bdf03e12fb5f72f101544ce07d317a2117293