offers.theadvertiser.com Open in urlscan Pro
34.227.44.62 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://cl.exct.net/?qs=557ea4dd6d35efd519db2bd36622fec67814dd60b14e811f54ca161950fc1fb2ed12bf3259397280f5816a58b980...
Effective URL:
https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
Submission: On May 12 via api (May 12th 2020, 8:40:16 pm UTC) from US

Summary HTTP 62 Redirects Links 5 Behaviour Indicators

Summary

This website contacted 25 IPs in 7 countries across 22 domains to perform 62 HTTP transactions. The main IP is 34.227.44.62, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is offers.theadvertiser.com.
TLS certificate: Issued by DigiCert SHA2 High Assurance Server CA on February 26th 2020. Valid for: a year.

This is the only time offers.theadvertiser.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2a02:26f0:64:... 2a02:26f0:64:39c::416d	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 13	34.227.44.62 34.227.44.62	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
1	2001:4de0:ac1... 2001:4de0:ac19::1:b:1a	20446 (HIGHWINDS3) (HIGHWINDS3)
3	151.101.114.62 151.101.114.62	54113 (FASTLY) (FASTLY)
8	2600:9000:21f... 2600:9000:21f3:da00:15:a92b:8a80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:85e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
1 3	18.200.161.109 18.200.161.109	16509 (AMAZON-02) (AMAZON-02)
4	151.101.114.133 151.101.114.133	54113 (FASTLY) (FASTLY)
1	54.230.180.67 54.230.180.67	16509 (AMAZON-02) (AMAZON-02)
1 3	2.16.105.54 2.16.105.54	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
1 5	23.210.249.113 23.210.249.113	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	54.171.36.70 54.171.36.70	16509 (AMAZON-02) (AMAZON-02)
1	34.201.234.122 34.201.234.122	14618 (AMAZON-AES) (AMAZON-AES)
1	172.217.22.98 172.217.22.98	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:816::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c07::5c	15169 (GOOGLE) (GOOGLE)
1	34.241.125.133 34.241.125.133	16509 (AMAZON-02) (AMAZON-02)
2	15.188.105.205 15.188.105.205	16509 (AMAZON-02) (AMAZON-02)
1 1	66.117.28.86 66.117.28.86	15224 (OMNITURE) (OMNITURE)
1	104.244.42.200 104.244.42.200	13414 (TWITTER) (TWITTER)
1	52.212.164.200 52.212.164.200	16509 (AMAZON-02) (AMAZON-02)
62	25

1 2a02:26f0:64:39c::416d (Ascension Island) 1 redirects

ASN20940 (AKAMAI-ASN1, EU)

cl.exct.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 34.227.44.62 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-227-44-62.compute-1.amazonaws.com

offers.theadvertiser.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4de0:ac19::1:b:1a (Netherlands)

ASN20446 (HIGHWINDS3, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.114.62 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

www.gannett-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:21f3:da00:15:a92b:8a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

iuploads.scribblecdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:85e5 (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.200.161.109 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-200-161-109.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.114.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
consumer.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.230.180.67 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-180-67.ham50.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.16.105.54 (Ascension Island) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-16-105-54.deploy.static.akamaitechnologies.com

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

news.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 23.210.249.113 (Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-249-113.deploy.static.akamaitechnologies.com

pixel.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.171.36.70 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-36-70.eu-west-1.compute.amazonaws.com

resources.xg4ken.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.201.234.122 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-201-234-122.compute-1.amazonaws.com

10870841.collect.igodigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.22.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s18-in-f98.1e100.net

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f11c:8183:face:b00c:0:25de (Ireland)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:816::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c07::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

pay.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.241.125.133 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-241-125-133.eu-west-1.compute.amazonaws.com

gannett.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.188.105.205 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-105-205.eu-west-3.compute.amazonaws.com

srepdata.montgomeryadvertiser.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 66.117.28.86 (United States) 1 redirects

ASN15224 (OMNITURE, US)

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.200 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.212.164.200 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-164-200.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	theadvertiser.com 1 redirects offers.theadvertiser.com	179 KB
8	scribblecdn.net iuploads.scribblecdn.net	415 KB
5	mathtag.com 1 redirects pixel.mathtag.com	5 KB
5	krxd.net cdn.krxd.net consumer.krxd.net beacon.krxd.net	91 KB
5	twitter.com platform.twitter.com syndication.twitter.com	32 KB
4	demdex.net 1 redirects dpm.demdex.net gannett.demdex.net	3 KB
3	facebook.com www.facebook.com	478 B
3	google.com news.google.com pay.google.com	44 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com	2 KB
3	gannett-cdn.com www.gannett-cdn.com	75 KB
3	googleapis.com fonts.googleapis.com ajax.googleapis.com	34 KB
2	montgomeryadvertiser.com srepdata.montgomeryadvertiser.com	716 B
2	facebook.net connect.facebook.net	151 KB
1	everesttech.net 1 redirects cm.everesttech.net	554 B
1	doubleclick.net pubads.g.doubleclick.net	650 B
1	igodigital.com 10870841.collect.igodigital.com	2 KB
1	xg4ken.com resources.xg4ken.com	4 KB
1	parsely.com cdn.parsely.com	20 KB
1	cloudflare.com cdnjs.cloudflare.com	3 KB
1	jquery.com code.jquery.com	33 KB
1	exct.net 1 redirects cl.exct.net	403 B
0	twimg.com Failed widgets.twimg.com Failed
62	22

	Domain	Requested by
13	offers.theadvertiser.com	1 redirects offers.theadvertiser.com
8	iuploads.scribblecdn.net	offers.theadvertiser.com
5	pixel.mathtag.com	1 redirects offers.theadvertiser.com pixel.mathtag.com
4	platform.twitter.com	offers.theadvertiser.com platform.twitter.com
3	www.facebook.com	code.jquery.com offers.theadvertiser.com
3	sb.scorecardresearch.com	1 redirects www.gannett-cdn.com offers.theadvertiser.com
3	cdn.krxd.net	www.gannett-cdn.com cdn.krxd.net
3	dpm.demdex.net	1 redirects offers.theadvertiser.com
3	www.gannett-cdn.com	offers.theadvertiser.com www.gannett-cdn.com
2	srepdata.montgomeryadvertiser.com	www.gannett-cdn.com
2	connect.facebook.net	www.gannett-cdn.com connect.facebook.net
2	news.google.com	www.gannett-cdn.com news.google.com
2	fonts.googleapis.com	offers.theadvertiser.com
1	beacon.krxd.net	cdn.krxd.net
1	consumer.krxd.net	cdn.krxd.net
1	syndication.twitter.com	offers.theadvertiser.com
1	cm.everesttech.net	1 redirects
1	gannett.demdex.net	www.gannett-cdn.com
1	pay.google.com	news.google.com
1	ajax.googleapis.com	cdnjs.cloudflare.com
1	pubads.g.doubleclick.net	offers.theadvertiser.com
1	10870841.collect.igodigital.com	www.gannett-cdn.com
1	resources.xg4ken.com	www.gannett-cdn.com
1	cdn.parsely.com	www.gannett-cdn.com
1	cdnjs.cloudflare.com	offers.theadvertiser.com
1	code.jquery.com	offers.theadvertiser.com
1	cl.exct.net	1 redirects
0	widgets.twimg.com Failed	offers.theadvertiser.com
62	28

This site contains links to these domains. Also see Links.

Domain
www.theadvertiser.com
cm.theadvertiser.com

Subject Issuer	Validity	Valid
offers.usatoday.com DigiCert SHA2 High Assurance Server CA	`2020-02-26` - `2021-03-02`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh
jquery.org COMODO RSA Domain Validation Secure Server CA	`2018-10-17` - `2020-10-16`	2 years	crt.sh
gannett.com DigiCert SHA2 High Assurance Server CA	`2020-04-13` - `2022-06-21`	2 years	crt.sh
*.scribblecdn.net Amazon	`2020-03-27` - `2021-04-27`	a year	crt.sh
cloudflare.com CloudFlare Inc ECC CA-2	`2020-01-07` - `2020-10-09`	9 months	crt.sh
*.twimg.com DigiCert SHA2 High Assurance Server CA	`2019-11-12` - `2020-11-18`	a year	crt.sh
*.demdex.net DigiCert SHA2 High Assurance Server CA	`2018-01-09` - `2021-02-12`	3 years	crt.sh
cdn.krxd.net DigiCert SHA2 Secure Server CA	`2020-03-05` - `2021-03-06`	a year	crt.sh
*.parsely.com Amazon	`2019-08-30` - `2020-09-30`	a year	crt.sh
*.scorecardresearch.com Sectigo RSA Organization Validation Secure Server CA	`2019-12-16` - `2020-12-25`	a year	crt.sh
*.news.google.com GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh
pixel.mathtag.com DigiCert SHA2 Secure Server CA	`2020-04-15` - `2021-07-15`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-04-15` - `2020-07-14`	3 months	crt.sh
*.xg4ken.com Go Daddy Secure Certificate Authority - G2	`2017-12-17` - `2020-12-17`	3 years	crt.sh
*.collect.igodigital.com DigiCert SHA2 Secure Server CA	`2020-02-14` - `2021-02-18`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2020-04-15` - `2020-07-08`	3 months	crt.sh
*.google.com GTS CA 1O1	`2020-04-28` - `2020-07-21`	3 months	crt.sh
srepdata.montgomeryadvertiser.com DigiCert SHA2 High Assurance Server CA	`2019-05-26` - `2020-08-28`	a year	crt.sh
syndication.twitter.com DigiCert SHA2 High Assurance Server CA	`2020-03-05` - `2021-03-02`	a year	crt.sh
consumer.krxd.net DigiCert SHA2 Secure Server CA	`2020-03-26` - `2021-03-27`	a year	crt.sh
beacon.krxd.net DigiCert SHA2 Secure Server CA	`2020-01-30` - `2021-01-30`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
Frame ID: F063BCD265C615194A22461F8D98AF87
Requests: 56 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/subscribe.php?&href=https%3A%2F%2Fwww.facebook.com%2Fdailyadvertiser&layout=standard&width=450&show_faces=false&colorscheme=light&font=
Frame ID: 92719882EC4FD47D014A9F5991D83AD9
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2a008290075125adde2d7b849b06a0bb.html?origin=https%3A%2F%2Foffers.theadvertiser.com
Frame ID: B4EEF3AAFEE0ABEE4C103D324421586F
Requests: 1 HTTP requests in this frame

Frame: https://pay.google.com/gp/p/ui/payframe?origin=https://offers.theadvertiser.com&mid=%{merchantId}
Frame ID: E73B08057897845D9BFA246F5CE21E15
Requests: 1 HTTP requests in this frame

Frame: https://gannett.demdex.net/dest5.html?d_nsid=0
Frame ID: 7EEC2C6F5B9819E13A0056D0FBFEA80F
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/follow_button.2a008290075125adde2d7b849b06a0bb.en.html
Frame ID: 85570B47E3312B4273D905E8EB24F594
Requests: 1 HTTP requests in this frame

Frame: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Frame ID: FCB0AAA76AEDDC196D4C167B908172D9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://cl.exct.net/?qs=557ea4dd6d35efd519db2bd36622fec67814dd60b14e811f54ca161950fc1fb2ed12bf32... HTTP 302
http://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget... HTTP 302
https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget... Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/platform\.twitter\.com\/widgets\.js/i

comScore (Analytics) Expand

Overall confidence: 100%
Detected patterns

html /<iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i
script /\.scorecardresearch\.com\/beacon\.js|COMSCORE\.beacon/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

62
Requests

98 %
HTTPS

42 %
IPv6

22
Domains

28
Subdomains

25
IPs

7
Countries

1094 kB
Transfer

2704 kB
Size

18
Cookies

5 Outgoing links

These are links going to different origins than the main page.

URL: http://www.theadvertiser.com/

Search URL Search Domain Scan URL

URL: http://cm.theadvertiser.com/terms
Title: Terms of Service

Search URL Search Domain Scan URL

URL: http://cm.theadvertiser.com/cookie-policy
Title: Do Not Sell My Info / Cookie Policy

Search URL Search Domain Scan URL

URL: http://cm.theadvertiser.com/privacy-policy
Title: Your California Rights / Privacy Policy

Search URL Search Domain Scan URL

URL: http://cm.theadvertiser.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://cl.exct.net/?qs=557ea4dd6d35efd519db2bd36622fec67814dd60b14e811f54ca161950fc1fb2ed12bf3259397280f5816a58b9803d4499bb28fb62e825de7f8279a34a3d35f6 HTTP 302
http://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE HTTP 302
https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28

https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=CF4957F555EE9B727F000101%40AdobeOrg&d_nsid=0&ts=1589316000042 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=CF4957F555EE9B727F000101%40AdobeOrg&d_nsid=0&ts=1589316000042

Request Chain 33

https://pixel.mathtag.com/event/js?mt_pp=1&mt_adid=114093 HTTP 302
https://pixel.mathtag.com/event/js?mt_pp=1&mt_adid=114093&mm_bnc&mm_bct&UUID=ce255ebb-09a0-4a00-a715-a6ed89cb0b47

Request Chain 47

https://cm.everesttech.net/cm/dd?d_uuid=40818800515138387500749638251443808852 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=XrsJoAAAAYsEWhTJ

Request Chain 49

https://sb.scorecardresearch.com/b?c1=2&name=https%3A%2F%2Foffers.theadvertiser.com%2Fspecialoffer-ln%3Fgps-source%3DEXEMLGNWE%26utm_medium%3Demail%26utm_source%3Dexacttarget%26utm_campaign%3DEXEMLGNWE&c2=6035223&ns__t=1589316000267&ns_c=UTF-8&cv=3.5&c8=The%20Daily%20Advertiser%20%7C%20theadvertiser.com&c7=https%3A%2F%2Foffers.theadvertiser.com%2Fspecialoffer-ln%3Fgps-source%3DEXEMLGNWE%26utm_medium%3Demail%26utm_source%3Dexacttarget%26utm_campaign%3DEXEMLGNWE&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c1=2&name=https%3A%2F%2Foffers.theadvertiser.com%2Fspecialoffer-ln%3Fgps-source%3DEXEMLGNWE%26utm_medium%3Demail%26utm_source%3Dexacttarget%26utm_campaign%3DEXEMLGNWE&c2=6035223&ns__t=1589316000267&ns_c=UTF-8&cv=3.5&c8=The%20Daily%20Advertiser%20%7C%20theadvertiser.com&c7=https%3A%2F%2Foffers.theadvertiser.com%2Fspecialoffer-ln%3Fgps-source%3DEXEMLGNWE%26utm_medium%3Demail%26utm_source%3Dexacttarget%26utm_campaign%3DEXEMLGNWE&c9=

62 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request specialoffer-ln Show response
offers.theadvertiser.com/
Redirect Chain

https://cl.exct.net/?qs=557ea4dd6d35efd519db2bd36622fec67814dd60b14e811f54ca161950fc1fb2ed12bf3259397280f5816a58b9803d4499bb28fb62e825de7f8279a34a3d35f6
http://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE

61 KB
19 KB

685ms
432ms

Document
text/html

34.227.44.62
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.227.44.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-227-44-62.compute-1.amazonaws.com
Software: /
Resource Hash: 524ceff5aaef70cfe86c0c9c6ca166b1eb0299a0850a9e5613ee749e634ca564

Request headers

:method: GET
:authority: offers.theadvertiser.com
:scheme: https
:path: /specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: ASP.NET_SessionId=s1k55zg5a2ssjkha2uru11fq
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
cache-control: no-cache
pragma: no-cache
content-type: text/html; charset=utf-8
content-encoding: gzip
expires: -1
vary: Accept-Encoding
set-cookie: ASP.NET_SessionId=; path=/; secure; HttpOnly LiveBall=uid=208490111&uky=WLFYD2VR&rid=221373913; domain=theadvertiser.com; expires=Wed, 12-May-2021 05:00:00 GMT; path=/; secure;SameSite=none;Secure=true
x-request-id: fd6b2fed-f811-4523-83fa-19006345c22c
date: Tue, 12 May 2020 20:39:58 GMT
content-length: 18911

Redirect headers

Cache-Control: private
Content-Type: text/html; charset=utf-8
Location: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
Set-Cookie: ASP.NET_SessionId=s1k55zg5a2ssjkha2uru11fq; path=/; HttpOnly
x-request-id: 23014e14-73ca-41aa-92c7-32be4d6472c5
Date: Tue, 12 May 2020 20:39:58 GMT
Content-Length: 261

GET
H2 200 css
fonts.googleapis.com/ 7 KB
791 B 19ms
16ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,600,700

Requested by

Host: offers.theadvertiser.com
URL: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d00255a582d67e7d1061097b97f939b3d4e4bd48c31e6e0fd1cdf3d2f271ab63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 12 May 2020 20:39:59 GMT
server: ESF
date: Tue, 12 May 2020 20:39:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 12 May 2020 20:39:59 GMT

GET
H2 200 css
fonts.googleapis.com/ 372 B
398 B 18ms
15ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Ovo

Requested by

Host: offers.theadvertiser.com
URL: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f17e60d77c02256a7c452b811447dc38de2da26e1016aa4a7fdf074d8ecefd9a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 12 May 2020 20:39:59 GMT
server: ESF
date: Tue, 12 May 2020 20:39:59 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 12 May 2020 20:39:59 GMT

GET
H2 200 ixp-runtime.min.js Show response
offers.theadvertiser.com/Scripts/ 47 KB
17 KB 137ms
134ms Script
application/javascript 34.227.44.62
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://offers.theadvertiser.com/Scripts/ixp-runtime.min.js?r=80.7418
Requested by: Host: offers.theadvertiser.com
URL: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.227.44.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-227-44-62.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 /
Resource Hash: 1a3a934d90549c670e4d6be1925c2ecd36ed991ba397d50ddc637e7a25f2d33a

Request headers

Referer: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 12 May 2020 20:39:58 GMT
content-encoding: gzip
last-modified: Thu, 23 Apr 2020 14:16:08 GMT
server: Microsoft-IIS/10.0
etag: "08469bb7919d61:0"
vary: Accept-Encoding
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 17304

GET
H2 200 liveball_api.js Show response
offers.theadvertiser.com/Javascript/ 4 KB
1 KB 243ms
239ms Script
application/javascript 34.227.44.62
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://offers.theadvertiser.com/Javascript/liveball_api.js
Requested by: Host: offers.theadvertiser.com
URL: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.227.44.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-227-44-62.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 /
Resource Hash: 0c9596e1cfcf93d9046009d87afee3a19a655f1fbb35ff605ea0b67643ad731f

Request headers

Referer: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 12 May 2020 20:39:58 GMT
content-encoding: gzip
last-modified: Thu, 23 Apr 2020 14:14:46 GMT
server: Microsoft-IIS/10.0
etag: "04f898a7919d61:0"
vary: Accept-Encoding
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 1014

GET
H2 200 liveball-ui.js Show response
offers.theadvertiser.com/Scripts/ 3 KB
987 B 131ms
128ms Script
application/javascript 34.227.44.62
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://offers.theadvertiser.com/Scripts/liveball-ui.js?r=80.7418
Requested by: Host: offers.theadvertiser.com
URL: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.227.44.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-227-44-62.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 /
Resource Hash: 693e17c8231fa1c3a1832a2f0e1d89a7e09d2a6c94969a9404110acacf7783bd

Request headers

Referer: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 12 May 2020 20:39:58 GMT
content-encoding: gzip
last-modified: Thu, 23 Apr 2020 14:14:50 GMT
server: Microsoft-IIS/10.0
etag: "0a9eb8c7919d61:0"
vary: Accept-Encoding
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 872

GET
H/1.1 200
OK jquery-1.11.1.min.js Show response
code.jquery.com/ 94 KB
33 KB 32ms
6ms Script
application/javascript 2001:4de0:ac19::1:b:1a
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.11.1.min.js
Requested by: Host: offers.theadvertiser.com
URL: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2001:4de0:ac19::1:b:1a , Netherlands, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: nginx /
Resource Hash: 540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Request headers

Referer: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 12 May 2020 20:39:59 GMT
Content-Encoding: gzip
Last-Modified: Fri, 24 Oct 2014 00:16:07 GMT
Server: nginx
ETag: W/"54499a47-1762a"
Vary: Accept-Encoding
X-HW: 1589315999.dop051.fr8.t,1589315999.cds145.fr8.shn,1589315999.cds145.fr8.c
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=315360000, public
Connection: Keep-Alive
Accept-Ranges: bytes
Content-Length: 33202

GET
H2 200 liveball-ui-facebook.min.js Show response
offers.theadvertiser.com/Global/UxPlugins/facebook_flex/js/ 9 KB
2 KB 241ms
239ms Script
application/javascript 34.227.44.62
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://offers.theadvertiser.com/Global/UxPlugins/facebook_flex/js/liveball-ui-facebook.min.js?r=80.7418
Requested by: Host: offers.theadvertiser.com
URL: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.227.44.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-227-44-62.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 /
Resource Hash: ac58f841fd9b1de0ae4ba48f22ac7e876b0ffdd3573318d29db20daf03c3c6a4

Request headers

Referer: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 12 May 2020 20:39:58 GMT
content-encoding: gzip
last-modified: Mon, 15 Jul 2019 17:29:56 GMT
server: Microsoft-IIS/10.0
etag: "04256eb323bd51:0"
vary: Accept-Encoding
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 2014

GET widget.js
widgets.twimg.com/j/2/ 0
0

GET
H2 200 liveball-ui-twitter.min.js Show response
offers.theadvertiser.com/Global/UxPlugins/twitter_flex/js/ 7 KB
2 KB 145ms
142ms Script
application/javascript 34.227.44.62
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://offers.theadvertiser.com/Global/UxPlugins/twitter_flex/js/liveball-ui-twitter.min.js?r=80.7418
Requested by: Host: offers.theadvertiser.com
URL: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.227.44.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-227-44-62.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 /
Resource Hash: 0c2e1658ba427cead8bd5deb44839c9b904dbb0093e36394cb789bcc9512bbd6

Request headers

Referer: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 12 May 2020 20:39:58 GMT
content-encoding: gzip
last-modified: Mon, 15 Jul 2019 17:30:46 GMT
server: Microsoft-IIS/10.0
etag: "0a7239333bd51:0"
vary: Accept-Encoding
content-type: application/javascript
status: 200
accept-ranges: bytes
content-length: 2082

GET
H2 200 ixp-microthemes.min.css
offers.theadvertiser.com/Templates/ 187 KB
12 KB 240ms
238ms Stylesheet
text/css 34.227.44.62
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://offers.theadvertiser.com/Templates/ixp-microthemes.min.css?r=80.7418
Requested by: Host: offers.theadvertiser.com
URL: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.227.44.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-227-44-62.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 /
Resource Hash: 699ed516861cc6e9abb0e8cc6e1c3354c33c1b17602fabbdfb726a12afec019a

Request headers

Referer: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 12 May 2020 20:39:58 GMT
content-encoding: gzip
last-modified: Thu, 23 Apr 2020 14:16:36 GMT
server: Microsoft-IIS/10.0
etag: "0fa19cc7919d61:0"
vary: Accept-Encoding
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 11858

GET
H2 200 theme.css
offers.theadvertiser.com/Templates/ion/ion_Framework_v4.0/themes/IndyStar_Theme_Kit/ 204 KB
14 KB 143ms
141ms Stylesheet
text/css 34.227.44.62
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://offers.theadvertiser.com/Templates/ion/ion_Framework_v4.0/themes/IndyStar_Theme_Kit/theme.css
Requested by: Host: offers.theadvertiser.com
URL: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.227.44.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-227-44-62.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 /
Resource Hash: 81420fcc92a4155e39b78a3b06cc87266a3fe13b229f44e3fac0cfd8080880ea

Request headers

Referer: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 12 May 2020 20:39:58 GMT
content-encoding: gzip
last-modified: Tue, 19 Mar 2019 15:23:29 GMT
server: Microsoft-IIS/10.0
etag: "806e63b467ded41:0"
vary: Accept-Encoding
content-type: text/css
status: 200
accept-ranges: bytes
content-length: 14522

GET
H2 200 gciAnalytics.js Show response
www.gannett-cdn.com/dc/ 192 KB
62 KB 159ms
39ms Script
application/javascript 151.101.114.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gannett-cdn.com/dc/gciAnalytics.js
Requested by: Host: offers.theadvertiser.com
URL: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: c8a015b0a6c17d0601591acc2bba30e2c08e4fb5918ee8a90af14ac33555c5ea

Request headers

Referer: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 12 May 2020 20:39:59 GMT
content-encoding: gzip
age: 217
x-amz-meta-goog-reserved-file-mtime: 1589311808
x-guploader-uploadid: AAANsUncnrETPqzXnBdzE-4DNhZggfHIy1wi21HVzclNt19fYlpCLoBDEGcATrlJsKP-PYt8kNguMCeg61nyOj0w2Nk
x-cache: HIT, HIT
x-goog-storage-class: MULTI_REGIONAL
status: 200
content-length: 63134
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-bwi5138-BWI, cache-hhn4023-HHN
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.220_19-7da5c074959cc2f595031e9f648f0488
last-modified: Tue, 12 May 2020 19:31:19 GMT
server: UploadServer
x-timer: S1589316000.670098,VS0,VE1
etag: "3c385ff5b743b9cec71116d1c22750fc"
vary: Accept-Encoding
x-goog-hash: crc32c=BNAMpw==, md5=PDhf9bdDuc7HERbRwidQ/A==
content-type: application/javascript
access-control-allow-origin: *
expires: Tue, 12 May 2020 19:31:21 GMT
cache-control: max-age=300
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3, 1

GET
H2 200 site-masthead-logo@2x.png
www.gannett-cdn.com/sites/theadvertiser/images/ 8 KB
8 KB 37ms
37ms Image
image/webp 151.101.114.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gannett-cdn.com/sites/theadvertiser/images/site-masthead-logo@2x.png
Requested by: Host: offers.theadvertiser.com
URL: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: a5dc65eda551046bc0e37effb1678b1968dd8313ff98390e7f22ee5cfeec3c63

Request headers

Referer: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 12 May 2020 20:39:59 GMT
via: 1.1 varnish, 1.1 varnish
age: 2288665
x-amz-meta-goog-reserved-file-mtime: 1498503698
x-goog-storage-class: NEARLINE
x-cache: HIT, HIT
fastly-io-info: ifsz=15776 idim=718x160 ifmt=png ofsz=7974 odim=718x160 ofmt=webp
status: 200
x-guploader-uploadid: AEnB2Uo1_bD30O5REDlyer2B0uNKwjx5WaoO8ZSztZGjBbNipGo1-cRq3WiZrTECWtyQYrNC1ZMBxop1GHSY82KIOx0ji6wjrg
fastly-stats: io=1
content-length: 7974
x-served-by: cache-bwi5132-BWI, cache-hhn4023-HHN
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.220_19-7da5c074959cc2f595031e9f648f0488
server: UploadServer
x-timer: S1589316000.792659,VS0,VE1
etag: "4gfc96X1YTe4JoIT6c0b7YE8h1VSF19wwTVHG0tRZKc"
content-language: en
vary: Accept
x-goog-hash: crc32c=gQcT1g==, md5=dNN5vTxqGAhrPdfbJ7LHiA==
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 16 Apr 2020 08:55:34 GMT
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 1

GET
H2 200 digital_clipart_lockup_2018-57a433a4c670d23e41b8dbc641af9a2713e76827.png
iuploads.scribblecdn.net/fba62d87-0ffb-4552-a401-91f9a16eef78/global/imagelib/uncategorized/ 6 KB
6 KB 53ms
11ms Image
image/png 2600:9000:21f3:da00:15:a92b:8a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iuploads.scribblecdn.net/fba62d87-0ffb-4552-a401-91f9a16eef78/global/imagelib/uncategorized/digital_clipart_lockup_2018-57a433a4c670d23e41b8dbc641af9a2713e76827.png
Requested by: Host: offers.theadvertiser.com
URL: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:da00:15:a92b:8a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7298c3e67b2e75b9a7b884d5356fdec39218fd94e6b877f916c71a12e30dcb43

Request headers

Referer: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 12 May 2020 20:36:26 GMT
via: 1.1 90cf045072373c2c671297de3161846f.cloudfront.net (CloudFront)
last-modified: Tue, 10 Mar 2020 02:21:40 GMT
server: AmazonS3
age: 214
etag: "db1caf626f4b0ffd436129ba1ca842cb"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=300
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 6173
x-amz-cf-id: LyTc5-x1DLLiRB0c8XOOzA-okcTiYmfwBsfMw1Ea0L8W06PAZHDGUQ==

GET
H2 200 printdigital_clipart_lockup_2018-57a433a4c670d23e41b8dbc641af9a2713e76827.png
iuploads.scribblecdn.net/fba62d87-0ffb-4552-a401-91f9a16eef78/global/imagelib/uncategorized/ 7 KB
8 KB 51ms
9ms Image
image/png 2600:9000:21f3:da00:15:a92b:8a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iuploads.scribblecdn.net/fba62d87-0ffb-4552-a401-91f9a16eef78/global/imagelib/uncategorized/printdigital_clipart_lockup_2018-57a433a4c670d23e41b8dbc641af9a2713e76827.png
Requested by: Host: offers.theadvertiser.com
URL: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:da00:15:a92b:8a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 79759fba4324b44884086263b681262191ccd9dc6634022db6f0c4b23e90c6ad

Request headers

Referer: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 12 May 2020 20:36:26 GMT
via: 1.1 90cf045072373c2c671297de3161846f.cloudfront.net (CloudFront)
last-modified: Tue, 10 Mar 2020 02:21:40 GMT
server: AmazonS3
age: 214
etag: "c701e540ac8ce92a3742996fc2c284ea"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=300
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 7618
x-amz-cf-id: lh-TjcwL8a59wgdasc2lH6PMS6YzekXJTo1dW3kNlGe6M6yXQHamJQ==

GET
H2 200 circle_ipad_1-d9dc388e54efe72f62e5a5e10d118a5d0feedcd4.png
iuploads.scribblecdn.net/fba62d87-0ffb-4552-a401-91f9a16eef78/global/imagelib/tennessean/ 92 KB
93 KB 54ms
12ms Image
image/png 2600:9000:21f3:da00:15:a92b:8a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iuploads.scribblecdn.net/fba62d87-0ffb-4552-a401-91f9a16eef78/global/imagelib/tennessean/circle_ipad_1-d9dc388e54efe72f62e5a5e10d118a5d0feedcd4.png
Requested by: Host: offers.theadvertiser.com
URL: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:da00:15:a92b:8a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b514b2e543e3f70e05deb7bc17d21a7648a949efccb822b468899677a6ab2807

Request headers

Referer: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 12 May 2020 20:36:26 GMT
via: 1.1 90cf045072373c2c671297de3161846f.cloudfront.net (CloudFront)
last-modified: Tue, 10 Mar 2020 02:04:12 GMT
server: AmazonS3
age: 214
etag: "20dee11c5986f37797416deb96568fb3"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=300
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 94483
x-amz-cf-id: dnI9kROs8suTFnhtZhHF8lsFgxaXqzrReHrRZ6yXDJl3DBUTZg02PQ==

GET
H2 200 circle_iphone_1-d9dc388e54efe72f62e5a5e10d118a5d0feedcd4.png
iuploads.scribblecdn.net/fba62d87-0ffb-4552-a401-91f9a16eef78/global/imagelib/tennessean/ 89 KB
89 KB 67ms
25ms Image
image/png 2600:9000:21f3:da00:15:a92b:8a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iuploads.scribblecdn.net/fba62d87-0ffb-4552-a401-91f9a16eef78/global/imagelib/tennessean/circle_iphone_1-d9dc388e54efe72f62e5a5e10d118a5d0feedcd4.png
Requested by: Host: offers.theadvertiser.com
URL: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:da00:15:a92b:8a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f2bfde2e7589a765a3ea64c97e51e3ca8757593c860daafde22200923fb76754

Request headers

Referer: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 12 May 2020 20:36:25 GMT
via: 1.1 90cf045072373c2c671297de3161846f.cloudfront.net (CloudFront)
last-modified: Tue, 10 Mar 2020 02:04:13 GMT
server: AmazonS3
age: 214
etag: "f596960ca41d84b531907cb3db623561"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=300
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 90636
x-amz-cf-id: QBGbwFfpC6EQZbhMCXhdLlVQx_fpNYhP1e6LEHs7QvZ3tMmXVF4GwQ==

GET
H2 200 circle_ipad_4-d9dc388e54efe72f62e5a5e10d118a5d0feedcd4.png
iuploads.scribblecdn.net/fba62d87-0ffb-4552-a401-91f9a16eef78/global/imagelib/tennessean/ 80 KB
81 KB 70ms
28ms Image
image/png 2600:9000:21f3:da00:15:a92b:8a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iuploads.scribblecdn.net/fba62d87-0ffb-4552-a401-91f9a16eef78/global/imagelib/tennessean/circle_ipad_4-d9dc388e54efe72f62e5a5e10d118a5d0feedcd4.png
Requested by: Host: offers.theadvertiser.com
URL: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:da00:15:a92b:8a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d57b8fdf0c2fe9e2b05a355183f4514ca01ac959c63c5006a9211ad85c5a580e

Request headers

Referer: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 12 May 2020 20:36:25 GMT
via: 1.1 90cf045072373c2c671297de3161846f.cloudfront.net (CloudFront)
last-modified: Tue, 10 Mar 2020 02:04:12 GMT
server: AmazonS3
age: 214
etag: "68bf6109c76f441541c2e037365cfe6a"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=300
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 82011
x-amz-cf-id: 3Cq_LKF7srIySbs86mRuH3BEQAipVfkmUlR-PmJnLlTICQdVWjXQpA==

GET
H2 200 circle_iphone_3-d9dc388e54efe72f62e5a5e10d118a5d0feedcd4.png
iuploads.scribblecdn.net/fba62d87-0ffb-4552-a401-91f9a16eef78/global/imagelib/tennessean/ 84 KB
85 KB 63ms
21ms Image
image/png 2600:9000:21f3:da00:15:a92b:8a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iuploads.scribblecdn.net/fba62d87-0ffb-4552-a401-91f9a16eef78/global/imagelib/tennessean/circle_iphone_3-d9dc388e54efe72f62e5a5e10d118a5d0feedcd4.png
Requested by: Host: offers.theadvertiser.com
URL: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:da00:15:a92b:8a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 31ee3daa595cf3dee0380cf39ddd17bb383f2b7d37e5024578d7c08f2e7dbf51

Request headers

Referer: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 12 May 2020 20:36:26 GMT
via: 1.1 90cf045072373c2c671297de3161846f.cloudfront.net (CloudFront)
last-modified: Tue, 10 Mar 2020 02:04:13 GMT
server: AmazonS3
age: 214
etag: "10b738fadc82cfa1afe0dbe033a13a48"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=300
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 86454
x-amz-cf-id: PDi6TKxFSNcCeDJWHgNjsEAFZXVRBG7VxrCgno8A6ntwLplSmAhQKg==

GET
H2 200 get-help.png
iuploads.scribblecdn.net/fba62d87-0ffb-4552-a401-91f9a16eef78/global/imagelib/shreveport/ 3 KB
4 KB 20ms
19ms Image
image/png 2600:9000:21f3:da00:15:a92b:8a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iuploads.scribblecdn.net/fba62d87-0ffb-4552-a401-91f9a16eef78/global/imagelib/shreveport/get-help.png
Requested by: Host: offers.theadvertiser.com
URL: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:da00:15:a92b:8a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5597a90c8d59debd9c8836178aab3a59d998bcd5c3ab72e666a1eb593d572ff1

Request headers

Referer: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 12 May 2020 20:36:26 GMT
via: 1.1 90cf045072373c2c671297de3161846f.cloudfront.net (CloudFront)
last-modified: Tue, 10 Mar 2020 02:02:11 GMT
server: AmazonS3
age: 214
etag: "122ab2bc2ab516dab4a44a9ffd6df6e2"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=300
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 3340
x-amz-cf-id: 3gyxU6os3E9NoP34uWJf_KOdlYpaat5Q80QZWOZuQqE_Awx9UYYm0w==

GET
H2 200 LAB.min.js Show response
cdnjs.cloudflare.com/ajax/libs/labjs/2.0.3/ 5 KB
3 KB 39ms
18ms Script
application/javascript 2606:4700::6810:85e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/labjs/2.0.3/LAB.min.js

Requested by

Host: offers.theadvertiser.com
URL: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:85e5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf1fce150ff945b16370d23bed230287f97d36a1b0a13f62abeb89c2ca3f61e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 12 May 2020 20:39:59 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 16797932
status: 200
alt-svc: h3-27=":443"; ma=86400, h3-25=":443"; ma=86400, h3-24=":443"; ma=86400, h3-23=":443"; ma=86400
cf-request-id: 02ac36b032000006058cbed200000001
served-in-seconds: 0.001
timing-allow-origin: *
last-modified: Thu, 17 May 2018 09:21:06 GMT
server: cloudflare
etag: W/"5afd4982-1572"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 5926f3c6ba060605-FRA
expires: Sun, 02 May 2021 20:39:59 GMT

GET
H2 200 KeyGrip.ashx
offers.theadvertiser.com/ 70 B
215 B 131ms
130ms Image
image/gif 34.227.44.62
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://offers.theadvertiser.com/KeyGrip.ashx?lb3id=208490111$WLFYD2VR$221373913
Requested by: Host: offers.theadvertiser.com
URL: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.227.44.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-227-44-62.compute-1.amazonaws.com
Software: /
Resource Hash: 96be21393ffdc9129af65365ccbd7dd7458c1eaac7982a02e3697e08566edf3d

Request headers

Referer: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 May 2020 20:39:59 GMT
content-type: image/gif
status: 200
cache-control: no-cache
content-length: 70
x-request-id: 4f2d87fd-f964-4f2e-af71-c6008e87dd12
expires: -1

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 96 KB
29 KB 28ms
7ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: offers.theadvertiser.com
URL: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/4188) /
Resource Hash: cb88bf7a67ba917b5ee7b4a1cc593d8bfe94cf2670cb24df338308ec8a573ec3

Request headers

Referer: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 12 May 2020 20:39:59 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 May 2020 17:25:55 GMT
Server: ECS (fcn/4188)
Age: 1023
Etag: "580310dcde7e145486d79be6e5257680+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 29223

GET
H2 200 PMOY-TEALIUM-ION.json Show response
www.gannett-cdn.com/dcc/prod/ 38 KB
5 KB 205ms
131ms XHR
application/json 151.101.114.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://www.gannett-cdn.com/dcc/prod/PMOY-TEALIUM-ION.json
Requested by: Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/dc/gciAnalytics.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.62 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: c452f6881d9f308f0fe743d47830fd35a67f18088be7212651b8c00e827053d4

Request headers

Referer: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 12 May 2020 20:39:59 GMT
content-encoding: gzip
age: 70
x-amz-meta-goog-reserved-file-mtime: 1589311843
x-guploader-uploadid: AAANsUkhPVR12TeYKmN2E0nnjof9WgH0ycU-qTDu9m8dgHYOS3zZtCEUQqMjl6yDHZrqka5RUGkYIPUMqjNE3Brh2n0
x-cache: HIT, MISS
x-goog-storage-class: MULTI_REGIONAL
status: 200
content-length: 4317
via: 1.1 varnish, 1.1 varnish
x-served-by: cache-bwi5147-BWI, cache-hhn4053-HHN
vcl_data: 4teo2sTrkRpe2BJzz4IyqE.220_19-7da5c074959cc2f595031e9f648f0488
last-modified: Tue, 12 May 2020 19:44:39 GMT
server: UploadServer
x-timer: S1589316000.892753,VS0,VE91
etag: "698b0545b1947752fc18e66adcc37877"
vary: Accept-Encoding
x-goog-hash: crc32c=Hf0kwg==, md5=aYsFRbGUd1L8GOZq3MN4dw==
content-type: application/json
access-control-allow-origin: *
expires: Tue, 12 May 2020 20:38:49 GMT
cache-control: max-age=300
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 1, 0

GET
H2 200 dark_gannett_map-646d0f988155a55f62ea12720d5a0b4fabf3d1d8.png
iuploads.scribblecdn.net/fba62d87-0ffb-4552-a401-91f9a16eef78/global/imagelib/uncategorized/ 50 KB
50 KB 20ms
20ms Image
image/png 2600:9000:21f3:da00:15:a92b:8a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iuploads.scribblecdn.net/fba62d87-0ffb-4552-a401-91f9a16eef78/global/imagelib/uncategorized/dark_gannett_map-646d0f988155a55f62ea12720d5a0b4fabf3d1d8.png
Requested by: Host: offers.theadvertiser.com
URL: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:21f3:da00:15:a92b:8a80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 32e6d17b4dc09aa26d207c87820b41045c37dc268c8e2fedd7221267cdca6c0d

Request headers

Referer: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 12 May 2020 20:36:26 GMT
via: 1.1 90cf045072373c2c671297de3161846f.cloudfront.net (CloudFront)
last-modified: Tue, 10 Mar 2020 02:20:31 GMT
server: AmazonS3
age: 214
etag: "d4706905a658027456562d97b2a1c989"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=300
x-amz-cf-pop: FRA2-C2
accept-ranges: bytes
content-length: 50779
x-amz-cf-id: ir4bh55qukHt4tNfd_rMnqqDYRYwRA_3FwWOxw3YdBynI6tOrFsCjw==

GET
H2 200 futura_today_bold.woff
offers.theadvertiser.com/Templates/ion/ion_Framework_v4.0/themes/IndyStar_Theme_Kit/ 36 KB
36 KB 140ms
140ms Font
application/x-font-woff 34.227.44.62
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://offers.theadvertiser.com/Templates/ion/ion_Framework_v4.0/themes/IndyStar_Theme_Kit/futura_today_bold.woff
Requested by: Host: offers.theadvertiser.com
URL: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.227.44.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-227-44-62.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 /
Resource Hash: 960e999a771307e0509e94791b6b2d5945517d5b807b61dba554d02efb401a18

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://offers.theadvertiser.com/Templates/ion/ion_Framework_v4.0/themes/IndyStar_Theme_Kit/theme.css
Origin: https://offers.theadvertiser.com

Response headers

date: Tue, 12 May 2020 20:39:59 GMT
last-modified: Mon, 18 Aug 2014 20:23:40 GMT
server: Microsoft-IIS/10.0
etag: "af75b4c22bbcf1:0"
content-type: application/x-font-woff
status: 200
accept-ranges: bytes
content-length: 37062

GET
H2 200 futura_today.woff
offers.theadvertiser.com/Templates/ion/ion_Framework_v4.0/themes/IndyStar_Theme_Kit/ 37 KB
37 KB 129ms
129ms Font
application/x-font-woff 34.227.44.62
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://offers.theadvertiser.com/Templates/ion/ion_Framework_v4.0/themes/IndyStar_Theme_Kit/futura_today.woff
Requested by: Host: offers.theadvertiser.com
URL: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.227.44.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-227-44-62.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 /
Resource Hash: 5dbb36b00cc77f4fe8efd685b65e57a5e8bec9595d1b37fa0dd70b935a267fa9

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://offers.theadvertiser.com/Templates/ion/ion_Framework_v4.0/themes/IndyStar_Theme_Kit/theme.css
Origin: https://offers.theadvertiser.com

Response headers

date: Tue, 12 May 2020 20:39:59 GMT
last-modified: Mon, 18 Aug 2014 20:23:40 GMT
server: Microsoft-IIS/10.0
etag: "c10504c22bbcf1:0"
content-type: application/x-font-woff
status: 200
accept-ranges: bytes
content-length: 37722

GET
H2 200 futura_today_demi_bold.woff
offers.theadvertiser.com/Templates/ion/ion_Framework_v4.0/themes/IndyStar_Theme_Kit/ 37 KB
37 KB 229ms
227ms Font
application/x-font-woff 34.227.44.62
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://offers.theadvertiser.com/Templates/ion/ion_Framework_v4.0/themes/IndyStar_Theme_Kit/futura_today_demi_bold.woff
Requested by: Host: offers.theadvertiser.com
URL: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 34.227.44.62 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-227-44-62.compute-1.amazonaws.com
Software: Microsoft-IIS/10.0 /
Resource Hash: fde43be5ba09c040a25f97f2f42dac6b282b15e971c4712f8ead4b93555a4953

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://offers.theadvertiser.com/Templates/ion/ion_Framework_v4.0/themes/IndyStar_Theme_Kit/theme.css
Origin: https://offers.theadvertiser.com

Response headers

date: Tue, 12 May 2020 20:39:59 GMT
last-modified: Mon, 18 Aug 2014 20:23:39 GMT
server: Microsoft-IIS/10.0
etag: "acf9294c22bbcf1:0"
content-type: application/x-font-woff
status: 200
accept-ranges: bytes
content-length: 37918

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=CF4957F555EE9B727F000101%40AdobeOrg&d_nsid=0&ts=1589316000042
https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=CF4957F555EE9B727F000101%40AdobeOrg&d_nsid=0&ts=1589316000042

2 KB
2 KB

60ms
60ms

XHR
application/json

18.200.161.109
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=CF4957F555EE9B727F000101%40AdobeOrg&d_nsid=0&ts=1589316000042

Requested by

Host: offers.theadvertiser.com
URL: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.200.161.109 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-200-161-109.eu-west-1.compute.amazonaws.com

Software

Resource Hash

aa6cd463886cdf2aa6acd5d44335441c21d95b6c93bb64f9644cd08fe79521c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v068-0f39b0fe6.edge-irl1.demdex.com 5.70.0.20200507125324 3ms (+0ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Encoding: gzip
X-TID: XNrVVI9TRe0=
Vary: Origin, Accept-Encoding, User-Agent
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://offers.theadvertiser.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=utf-8
Content-Length: 698
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Access-Control-Allow-Origin: https://offers.theadvertiser.com
X-TID: dOFfO1EzRBI=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/id/rd?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=CF4957F555EE9B727F000101%40AdobeOrg&d_nsid=0&ts=1589316000042
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 suudv45fg.js Show response
cdn.krxd.net/controltag/ 38 KB
11 KB 109ms
36ms Script
text/javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/suudv45fg.js
Requested by: Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/dc/gciAnalytics.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f6747131b6f4cbfab31e8c0b3dec455c5ac0191c1bf65db44db65053f3071bcd

Request headers

Referer: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Tue, 12 May 2020 20:40:00 GMT
content-encoding: gzip
age: 1084
x-cache: MISS, HIT, HIT
status: 200
x-app-cache: HIT
x-age: 0
content-length: 10837
x-served-by: config-service-a004-ash-prod.krxd.net, cache-bwi5147-BWI, cache-hhn4025-HHN
x-response-time: 1
x-do-esi: esi
x-timer: S1589316000.159271,VS0,VE1
etag: "af6f9b688e07591a32b991d0846b8212646667e3"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 4, 1

GET
H2 200 p.js Show response
cdn.parsely.com/keys/offers.theadvertiser.com/ 52 KB
20 KB 157ms
65ms Script
application/x-javascript 54.230.180.67
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/offers.theadvertiser.com/p.js
Requested by: Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/dc/gciAnalytics.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.230.180.67 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-54-230-180-67.ham50.r.cloudfront.net
Software: nginx /
Resource Hash: 004873741130c4c0aec4692ddf6ac8f57442ab746004efded91e189228c5daf8

Request headers

Referer: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 12 May 2020 12:56:20 GMT
content-encoding: gzip
last-modified: Thu, 02 Apr 2020 01:01:04 GMT
server: nginx
age: 27814
etag: W/"5e853950-d0b1"
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
x-amz-cf-pop: HAM50-C3
x-amz-cf-id: CPcEupVM286EVWwsDgRRaJOFdzZGQoLo_Xp7jaEwT5Spkf8hCNorFQ==
via: 1.1 017544a774b4ea14958963973ae360f0.cloudfront.net (CloudFront)

GET
H/1.1 200
OK beacon.js Show response
sb.scorecardresearch.com/ 1 KB
1 KB 123ms
33ms Script
application/x-javascript 2.16.105.54
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/beacon.js
Requested by: Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/dc/gciAnalytics.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.16.105.54 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-105-54.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Referer: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 12 May 2020 20:40:00 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/x-javascript
Cache-Control: private, no-transform, max-age=86400
Connection: keep-alive
Content-Length: 884
Expires: Wed, 13 May 2020 20:40:00 GMT

GET
H2 200 swg.js Show response
news.google.com/swg/js/v1/ 128 KB
38 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg.js

Requested by

Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/dc/gciAnalytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e5c70429bafad33fe2f1a58148546aea188a4f5e856ea3d3677808bae6a58ca5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 12 May 2020 20:12:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 27 Apr 2020 16:57:45 GMT
server: sffe
age: 1671
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3000
accept-ranges: bytes
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38650
x-xss-protection: 0
expires: Tue, 12 May 2020 21:02:09 GMT

GET
H/1.1

200
OK

js Show response
pixel.mathtag.com/event/
Redirect Chain

https://pixel.mathtag.com/event/js?mt_pp=1&mt_adid=114093
https://pixel.mathtag.com/event/js?mt_pp=1&mt_adid=114093&mm_bnc&mm_bct&UUID=ce255ebb-09a0-4a00-a715-a6ed89cb0b47

2 KB
3 KB

74ms
73ms

Script
text/javascript

23.210.249.113
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_pp=1&mt_adid=114093&mm_bnc&mm_bct&UUID=ce255ebb-09a0-4a00-a715-a6ed89cb0b47
Requested by: Host: offers.theadvertiser.com
URL: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.113 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-113.deploy.static.akamaitechnologies.com
Software: MT3 2425 11889ed master cdg-pixel-x10 /
Resource Hash: f9b9addb5e771b6b1f78aaaf3fbe4a660af03768e9e622701b511b17784169c4

Request headers

Referer: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 12 May 2020 20:40:00 GMT
Server: MT3 2425 11889ed master cdg-pixel-x10
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 2554
Expires: Tue, 12 May 2020 20:39:59 GMT

Redirect headers

Date: Tue, 12 May 2020 20:40:00 GMT
Server: MT3 2334 83311f9 master cdg-pixel-x14
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://pixel.mathtag.com/event/js?mt_pp=1&mt_adid=114093&mm_bnc&mm_bct&UUID=ce255ebb-09a0-4a00-a715-a6ed89cb0b47
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 0
Expires: Tue, 12 May 2020 20:39:59 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 131 KB
31 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/dc/gciAnalytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4cb61e44bf63a9e090e666898cd04d382e4c33b55b62cc5e9ff7dab055fbf787

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
content-length: 31766
x-xss-protection: 0
pragma: public
x-fb-debug: V+xMc69u6MMC3wIz58Q3RIFlE1irgZTndXSWXzZNr/JErKz68BZEzLSnK9mqiZhUVSfSv9CUH412dR7VnNopAA==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Tue, 12 May 2020 20:40:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK ktag.js Show response
resources.xg4ken.com/js/v2/ 11 KB
4 KB 249ms
62ms Script
text/plain 54.171.36.70
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://resources.xg4ken.com/js/v2/ktag.js?tid=KT%E2%80%90N2B92%E2%80%903EB

Requested by

Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/dc/gciAnalytics.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.171.36.70 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-171-36-70.eu-west-1.compute.amazonaws.com

Software

nginx /

Resource Hash

aee7a08524963039531cea18c1e2627893a24569ade53c8546db108c28fc1ecc

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 12 May 2020 20:40:00 GMT
Content-Encoding: gzip
Last-Modified: Sun, 29 Mar 2020 14:11:13 GMT
Server: nginx
ETag: "5e80ac81-1085"
Content-Type: text/plain
Cache-Control: max-age=86400, public
Connection: keep-alive
Content-Length: 4229
X-XSS-Protection: 1; mode=block
Expires: Wed, 13 May 2020 20:40:00 GMT

GET
H2 200 collect.js Show response
10870841.collect.igodigital.com/ 9 KB
2 KB 422ms
127ms Script
application/javascript 34.201.234.122
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://10870841.collect.igodigital.com/collect.js
Requested by: Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/dc/gciAnalytics.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.201.234.122 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-201-234-122.compute-1.amazonaws.com
Software: /
Resource Hash: 4a63ccc41b6e27c88fca243efd1030d401bc83bd3ae22aaff2b0d1354ba25703

Request headers

Referer: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Tue, 12 May 2020 20:40:00 GMT
content-encoding: gzip
last-modified: Tue, 12 May 2020 16:22:28 GMT
vary: Accept-Encoding
content-type: application/javascript

GET
H2 200 activity;xsp=4391520;ord=PMOY
pubads.g.doubleclick.net/ 42 B
650 B 185ms
88ms Image
image/gif 172.217.22.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/activity;xsp=4391520;ord=PMOY?

Requested by

Host: offers.theadvertiser.com
URL: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s18-in-f98.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 12 May 2020 20:40:00 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-type: image/gif
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 subscribe.php
www.facebook.com/plugins/ Frame 9271 0
0 36ms
36ms Document
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/subscribe.php?&href=https%3A%2F%2Fwww.facebook.com%2Fdailyadvertiser&layout=standard&width=450&show_faces=false&colorscheme=light&font=

Requested by

Host: code.jquery.com
URL: https://code.jquery.com/jquery-1.11.1.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/subscribe.php?&href=https%3A%2F%2Fwww.facebook.com%2Fdailyadvertiser&layout=standard&width=450&show_faces=false&colorscheme=light&font=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE

Response headers

status: 200
cache-control: private, no-cache, no-store, must-revalidate
pragma: no-cache
strict-transport-security: max-age=15552000; preload
content-encoding: br
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-type: text/html; charset="utf-8"
x-fb-debug: 22OeaeavsFXpigN+BLKKBDFT4K6AXRZhSvYMRFlcNaqUs8vPfw33rsXYm3FnR53RpsKqopbFIxNAhJiTkFpNwA==
date: Tue, 12 May 2020 20:40:00 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.11.0/ 94 KB
33 KB 25ms
6ms Script
text/javascript 2a00:1450:4001:816::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.11.0/jquery.min.js

Requested by

Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/labjs/2.0.3/LAB.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:816::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 14 Apr 2020 21:00:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2417949
status: 200
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33576
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Apr 2021 21:00:51 GMT

GET
H/1.1 200
OK widget_iframe.2a008290075125adde2d7b849b06a0bb.html
platform.twitter.com/widgets/ Frame B4EE 0
0 24ms
23ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2a008290075125adde2d7b849b06a0bb.html?origin=https%3A%2F%2Foffers.theadvertiser.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/418E) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 11517
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Tue, 12 May 2020 20:40:00 GMT
Etag: "9fa476ae827f556d5b037fe43632370d+gzip"
Last-Modified: Tue, 12 May 2020 17:24:25 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/418E)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 5825

GET
H2 200 167311730410202 Show response
connect.facebook.net/signals/config/ 475 KB
120 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/167311730410202?v=2.9.18&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

dea5761dc4921ad7ac4a1af6eb72f872df9a66a75681c542bdd64b5b61d95f60

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
content-length: 122299
x-xss-protection: 0
pragma: public
x-fb-debug: GwBqsbSDSKOOi8B9o2C2QC1aPmSZxu4GLNc5SwaxbiBtLla1GQ1wri0dLUkYv9GFNJPh5tipLWnxWy1c2C43rw==
x-fb-trip-id: 664085054
x-frame-options: DENY
date: Tue, 12 May 2020 20:40:00 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 payframe
pay.google.com/gp/p/ui/ Frame E73B 0
0 252ms
216ms Document
text/html 2a00:1450:400c:c07::5c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pay.google.com/gp/p/ui/payframe?origin=https://offers.theadvertiser.com&mid=%{merchantId}

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::5c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-a8EZZ+YhZ1NbXz78N1c1XQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-a8EZZ+YhZ1NbXz78N1c1XQ' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: pay.google.com
:scheme: https
:path: /gp/p/ui/payframe?origin=https://offers.theadvertiser.com&mid=%{merchantId}
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE

Response headers

status: 200
content-type: text/html; charset=utf-8
x-ua-compatible: IE=edge
expires: Tue, 12 May 2020 20:40:00 GMT
date: Tue, 12 May 2020 20:40:00 GMT
cache-control: private, max-age=3600
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy: script-src 'report-sample' 'nonce-a8EZZ+YhZ1NbXz78N1c1XQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport;worker-src 'self' script-src 'nonce-a8EZZ+YhZ1NbXz78N1c1XQ' 'self' 'unsafe-eval' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendBuyflowPayframeUi/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=204=DGbOHpD2POouOtIuEC5kL92R6s65yZU0MXcfX2lmVdJ277lVktYwpv-3aZ5qnHyAc5TnxZfHnexAiPuTzUPqVukFU48uz3IQhJqE1I2lleDbtJzFUIJVMfCjmKP36iIzBdjYnZcfAXrcGSAsaN7UyJs1yFGIvDKRiS97ucYgIRI; expires=Wed, 11-Nov-2020 20:40:00 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 swg-button.css
news.google.com/swg/js/v1/ 19 KB
6 KB 6ms
5ms Stylesheet
text/css 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://news.google.com/swg/js/v1/swg-button.css

Requested by

Host: news.google.com
URL: https://news.google.com/swg/js/v1/swg.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92a0a734cfe4f5aee530b12ee966e272f0ce41f44e0f2c89e8ee6d4a156f4789

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 12 May 2020 20:08:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 18 Sep 2019 18:02:27 GMT
server: sffe
age: 1867
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: public, max-age=3000
accept-ranges: bytes
alt-svc: h3-27=":443"; ma=2592000,h3-25=":443"; ma=2592000,h3-T050=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5809
x-xss-protection: 0
expires: Tue, 12 May 2020 20:58:53 GMT

GET
H/1.1 200
OK button.a9e51eea566eab199c00950f37200d0b.js Show response
platform.twitter.com/js/ 7 KB
3 KB 7ms
6ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/js/button.a9e51eea566eab199c00950f37200d0b.js
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/4188) /
Resource Hash: 592e35a583c401384ba6166b860a346ea7853f17287296c6a7c0c2468567330c

Request headers

Referer: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 12 May 2020 20:40:00 GMT
Content-Encoding: gzip
Last-Modified: Tue, 12 May 2020 17:24:15 GMT
Server: ECS (fcn/4188)
Age: 11523
Etag: "92aacddeeb64a7dc76de732a636030f4+gzip"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=315360000
X-Cache: HIT
Content-Type: application/javascript; charset=utf-8
Content-Length: 2297

GET
H/1.1 200
OK Cookie set dest5.html
gannett.demdex.net/ Frame 7EEC 0
0 279ms
59ms Document
text/html 34.241.125.133
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://gannett.demdex.net/dest5.html?d_nsid=0

Requested by

Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/dc/gciAnalytics.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.241.125.133 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-241-125-133.eu-west-1.compute.amazonaws.com

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Host: gannett.demdex.net
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: demdex=40818800515138387500749638251443808852
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE

Response headers

Accept-Ranges: bytes
Cache-Control: max-age=21600
Content-Encoding: gzip
Content-Type: text/html
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Last-Modified: Thu, 07 May 2020 14:20:20 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Set-Cookie: demdex=40818800515138387500749638251443808852;Path=/;Domain=.demdex.net;Expires=Sun, 08-Nov-2020 20:40:00 GMT;Max-Age=15552000;Secure;SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Accept-Encoding, User-Agent
X-TID: NPPxOmbHTxs=
Content-Length: 2785
Connection: keep-alive

GET
H2 200 id Show response
srepdata.montgomeryadvertiser.com/ 48 B
497 B 178ms
43ms XHR
application/x-javascript 15.188.105.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://srepdata.montgomeryadvertiser.com/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=CF4957F555EE9B727F000101%40AdobeOrg&mid=41005384494131876500732549336935468680&ts=1589316000210

Requested by

Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/dc/gciAnalytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.105.205 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-105-205.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

02c138a31e56bf61cfa2af47e29082639dd0768d1bc9fb8b6bd183d9f970a577

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

status: 200
date: Tue, 12 May 2020 20:40:00 GMT
x-content-type-options: nosniff
server: jag
xserver: anedge-65fb49f79-2fhft
vary: Origin
x-c: master-1221.I0e927e.M0-376
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://offers.theadvertiser.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-type: application/x-javascript;charset=utf-8
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=XrsJoAAAAYsEWhTJ
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=40818800515138387500749638251443808852
https://dpm.demdex.net/ibs:dpid=411&dpuuid=XrsJoAAAAYsEWhTJ

42 B
915 B

59ms
59ms

Image
image/gif

18.200.161.109
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=XrsJoAAAAYsEWhTJ

Requested by

Host: offers.theadvertiser.com
URL: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.200.161.109 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-200-161-109.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v068-0d1af4a87.edge-irl1.demdex.com 5.70.0.20200507125324 0ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: coAJ+Dv1ToU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Tue, 12 May 2020 20:40:00 GMT
Server: AMO-cookiemap/1.1
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=XrsJoAAAAYsEWhTJ
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=15,max=100
Content-Length: 0

GET
H2 200 controltag.js.e4cdf7ad64ebac73f207c1ce55cc1727 Show response
cdn.krxd.net/ctjs/ 249 KB
80 KB 35ms
35ms Script
application/javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.e4cdf7ad64ebac73f207c1ce55cc1727
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/suudv45fg.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3c9c46bb150b2ed41f5dd685ff25b03747e5b29eac72b1baa63a6e54a4a1bccb

Request headers

Referer: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Tue, 12 May 2020 20:40:00 GMT
content-encoding: gzip
age: 5377365
x-amz-server-side-encryption: AES256
x-cache: HIT
status: 200
x-cache-hits: 5100215
content-length: 81295
x-served-by: cache-hhn4025-HHN
last-modified: Wed, 11 Mar 2020 14:15:55 GMT
x-timer: S1589316000.283568,VS0,VE0
etag: "e4cdf7ad64ebac73f207c1ce55cc1727"
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Sat, 09 Mar 2030 14:15:54 GMT

GET
H/1.1

204
No Content

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c1=2&name=https%3A%2F%2Foffers.theadvertiser.com%2Fspecialoffer-ln%3Fgps-source%3DEXEMLGNWE%26utm_medium%3Demail%26utm_source%3Dexacttarget%26utm_campaign%3DEXEML...
https://sb.scorecardresearch.com/b2?c1=2&name=https%3A%2F%2Foffers.theadvertiser.com%2Fspecialoffer-ln%3Fgps-source%3DEXEMLGNWE%26utm_medium%3Demail%26utm_source%3Dexacttarget%26utm_campaign%3DEXEM...

0
248 B

32ms
32ms

Image
text/plain

2.16.105.54
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&name=https%3A%2F%2Foffers.theadvertiser.com%2Fspecialoffer-ln%3Fgps-source%3DEXEMLGNWE%26utm_medium%3Demail%26utm_source%3Dexacttarget%26utm_campaign%3DEXEMLGNWE&c2=6035223&ns__t=1589316000267&ns_c=UTF-8&cv=3.5&c8=The%20Daily%20Advertiser%20%7C%20theadvertiser.com&c7=https%3A%2F%2Foffers.theadvertiser.com%2Fspecialoffer-ln%3Fgps-source%3DEXEMLGNWE%26utm_medium%3Demail%26utm_source%3Dexacttarget%26utm_campaign%3DEXEMLGNWE&c9=
Requested by: Host: offers.theadvertiser.com
URL: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.16.105.54 , Ascension Island, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-16-105-54.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 12 May 2020 20:40:00 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://sb.scorecardresearch.com/b2?c1=2&name=https%3A%2F%2Foffers.theadvertiser.com%2Fspecialoffer-ln%3Fgps-source%3DEXEMLGNWE%26utm_medium%3Demail%26utm_source%3Dexacttarget%26utm_campaign%3DEXEMLGNWE&c2=6035223&ns__t=1589316000267&ns_c=UTF-8&cv=3.5&c8=The%20Daily%20Advertiser%20%7C%20theadvertiser.com&c7=https%3A%2F%2Foffers.theadvertiser.com%2Fspecialoffer-ln%3Fgps-source%3DEXEMLGNWE%26utm_medium%3Demail%26utm_source%3Dexacttarget%26utm_campaign%3DEXEMLGNWE&c9=
Pragma: no-cache
Date: Tue, 12 May 2020 20:40:00 GMT
Cache-Control: private, no-cache, no-cache=Set-Cookie, no-store, proxy-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
227 B 8ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=167311730410202&ev=ViewContent&dl=https%3A%2F%2Foffers.theadvertiser.com%2Fspecialoffer-ln%3Fgps-source%3DEXEMLGNWE%26utm_medium%3Demail%26utm_source%3Dexacttarget%26utm_campaign%3DEXEMLGNWE&rl=&if=false&ts=1589316000286&cd[currency]=USD&cd[eventType]=%5B%22ViewContent%22%5D&sw=1600&sh=1200&v=2.9.18&r=stable&ec=0&o=30&fbp=fb.1.1589316000285.657862460&it=1589316000181&coo=false&rqm=GET

Requested by

Host: offers.theadvertiser.com
URL: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 12 May 2020 20:40:00 GMT, Tue, 12 May 2020 20:40:00 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Tue, 12 May 2020 20:40:00 GMT

GET
H/1.1 200
OK follow_button.2a008290075125adde2d7b849b06a0bb.en.html
platform.twitter.com/widgets/ Frame 8557 0
0 7ms
6ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/follow_button.2a008290075125adde2d7b849b06a0bb.en.html
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (fcn/4188) /
Resource Hash

Request headers

Host: platform.twitter.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE

Response headers

Content-Encoding: gzip
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 11518
Cache-Control: public, max-age=315360000
Content-Type: text/html; charset=utf-8
Date: Tue, 12 May 2020 20:40:00 GMT
Etag: "0321d224c5360427715636498f46fd30+gzip"
Last-Modified: Tue, 12 May 2020 17:24:17 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (fcn/4188)
Vary: Accept-Encoding
X-Cache: HIT
Content-Length: 13814

GET
H2 200 proxy.3d2100fd7107262ecb55ce6847f01fa5.html
cdn.krxd.net/partnerjs/xdi/ Frame FCB0 0
0 38ms
38ms Document
text/html 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.e4cdf7ad64ebac73f207c1ce55cc1727
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash

Request headers

:method: GET
:authority: cdn.krxd.net
:scheme: https
:path: /partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE

Response headers

status: 200
last-modified: Tue, 21 Feb 2017 17:50:54 GMT
etag: "3d2100fd7107262ecb55ce6847f01fa5"
cache-control: public, max-age=315360000
expires: Fri, 19 Feb 2027 17:50:50 GMT
content-type: text/html
x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3
content-encoding: gzip
accept-ranges: bytes
date: Tue, 12 May 2020 20:40:00 GMT
via: 1.1 varnish
age: 27810762
x-served-by: cache-hhn4025-HHN
x-cache: HIT
x-cache-hits: 1613527
x-timer: S1589316000.384509,VS0,VE0
vary: Accept-Encoding
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
content-length: 525

GET
H/1.1 200
OK js Show response
pixel.mathtag.com/event/ 597 B
921 B 73ms
73ms Script
text/javascript 23.210.249.113
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.mathtag.com/event/js?mt_pp=2&version=1.1&delimiter=%2C&industry=Media&product_name=The%20Daily%20Advertiser%20%7C%20theadvertiser.com&product_brand=offers.theadvertiser.com&mt_adid=114093&page_name=%2Fspecialoffer-ln&currency=USD&mt_lim=20&language=en-US&UUID=ce255ebb-09a0-4a00-a715-a6ed89cb0b47&document_title=The%20Daily%20Advertiser%20%7C%20theadvertiser.com&location=https%3A%2F%2Foffers.theadvertiser.com%2Fspecialoffer-ln%3Fgps-source%3DEXEMLGNWE%26utm_medium%3Demail%26utm_source%3Dexacttarget%26utm_campaign%3DEXEMLGNWE&document_path=%2Fspecialoffer-ln&v2=USD&mt_cb=1589316000386
Requested by: Host: pixel.mathtag.com
URL: https://pixel.mathtag.com/event/js?mt_pp=1&mt_adid=114093&mm_bnc&mm_bct&UUID=ce255ebb-09a0-4a00-a715-a6ed89cb0b47
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.113 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-113.deploy.static.akamaitechnologies.com
Software: MT3 2334 83311f9 master cdg-pixel-x22 /
Resource Hash: acfa1f03ac087fc08ca7389b23f01c47b31c6d00d412a21d9342af3c070fff57

Request headers

Referer: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 12 May 2020 20:40:00 GMT
Server: MT3 2334 83311f9 master cdg-pixel-x22
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: text/javascript
Content-Length: 597
Expires: Tue, 12 May 2020 20:39:59 GMT

POST
H2 200 s8323069250464 Show response
srepdata.montgomeryadvertiser.com/b/ss/globaldesktopmobilesite/1/JS-2.17.0/ 43 B
219 B 45ms
45ms XHR
image/gif 15.188.105.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://srepdata.montgomeryadvertiser.com/b/ss/globaldesktopmobilesite/1/JS-2.17.0/s8323069250464

Requested by

Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/dc/gciAnalytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.188.105.205 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-188-105-205.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 12 May 2020 20:40:00 GMT
x-content-type-options: nosniff
x-c: master-1221.I0e927e.M0-376
p3p: CP="This is not a P3P policy"
status: 200
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
last-modified: Wed, 13 May 2020 20:40:00 GMT
server: jag
xserver: anedge-65fb49f79-96t69
etag: 3413030121590063104-4617960686068583209
vary: *
content-type: image/gif;charset=utf-8
access-control-allow-origin: https://offers.theadvertiser.com
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
expires: Mon, 11 May 2020 20:40:00 GMT

GET
H2 200 jot
syndication.twitter.com/i/ 43 B
338 B 166ms
166ms Image
image/gif 104.244.42.200
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://syndication.twitter.com/i/jot?l=%7B%22widget_origin%22%3A%22https%3A%2F%2Foffers.theadvertiser.com%2Fspecialoffer-ln%3Fgps-source%3DEXEMLGNWE%26utm_medium%3Demail%26utm_source%3Dexacttarget%26utm_campaign%3DEXEMLGNWE%22%2C%22widget_frame%22%3Afalse%2C%22language%22%3A%22en%22%2C%22message%22%3A%22m%3Awithcount%3A%22%2C%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1589316000442%2C%22dnt%22%3Afalse%2C%22client_version%22%3A%22c4096c4b%3A1589303485003%22%2C%22format_version%22%3A1%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22button%22%2C%22section%22%3A%22follow%22%2C%22action%22%3A%22impression%22%7D%7D

Requested by

Host: offers.theadvertiser.com
URL: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.200 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 12 May 2020 20:40:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200, 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 119
pragma: no-cache
last-modified: Tue, 12 May 2020 20:40:00 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: f883904154fe94b2b5175f2fb74312fb
x-transaction: 0096fa6100df34f6
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 e88225a2-3b7b-45e3-9cc2-a3130b91f0db Show response
consumer.krxd.net/consent/get/ 220 B
419 B 131ms
64ms Script
text/javascript 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/e88225a2-3b7b-45e3-9cc2-a3130b91f0db?idt=device&dt=kxcookie&callback=Krux.ns.gannett.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.e4cdf7ad64ebac73f207c1ce55cc1727
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2017bcbe795290328908858ee6945f39b659d6cc8bba2bc5b0b7133f78a7c89b

Request headers

Referer: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 12 May 2020 20:40:00 GMT
content-encoding: gzip
age: 0
x-served-by: consumer-a006-dub-prod.krxd.net, cache-hhn4022-HHN
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
status: 200
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1589316001.546790,VS0,VE28
content-length: 180
via: 1.1 varnish
x-cache-hits: 0, 0

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ 43 B
480 B 69ms
68ms Image
image/gif 23.210.249.113
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=0
Requested by: Host: offers.theadvertiser.com
URL: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.113 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-113.deploy.static.akamaitechnologies.com
Software: MT3 2425 11889ed master cdg-pixel-x10 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 12 May 2020 20:40:00 GMT
Server: MT3 2425 11889ed master cdg-pixel-x10
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 12 May 2020 20:39:59 GMT

GET
H2 200 optout_check Show response
beacon.krxd.net/ 80 B
238 B 180ms
60ms Script
text/javascript 52.212.164.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/optout_check?callback=Krux.ns.gannett.kxjsonp_optOutCheck
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.e4cdf7ad64ebac73f207c1ce55cc1727
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.164.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-164-200.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: bac250b4e17d69b4bda7b05b987cf5a238c85abd11117b1a54317dab88e3aafd

Request headers

Referer: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Tue, 12 May 2020 20:40:00 GMT
cache-control: private, max-age=0, s-max-age=0
x-request-time: D=40 t=1589316000
content-type: text/javascript
x-served-by: beacon-n012-dub-prod.krxd.net

GET
H2 200 /
www.facebook.com/tr/ 44 B
251 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=167311730410202&ev=Microdata&dl=https%3A%2F%2Foffers.theadvertiser.com%2Fspecialoffer-ln%3Fgps-source%3DEXEMLGNWE%26utm_medium%3Demail%26utm_source%3Dexacttarget%26utm_campaign%3DEXEMLGNWE&rl=&if=false&ts=1589316001790&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22The%20Daily%20Advertiser%20%7C%20theadvertiser.com%22%2C%22meta%3Adescription%22%3A%22The%20Daily%20Advertiser%20Local%20News%2C%20Sports%2C%20Weather%2C%20Classifieds.%22%2C%22meta%3Akeywords%22%3A%22The%20Daily%20Advertiser%20Local%20News%2C%20Sports%2C%20Weather%2C%20Classifieds.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.18&r=stable&ec=1&o=30&fbp=fb.1.1589316001789.941363075&it=1589316000181&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Tue, 12 May 2020 20:40:01 GMT, Tue, 12 May 2020 20:40:01 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Tue, 12 May 2020 20:40:01 GMT

GET
H/1.1 200
OK img
pixel.mathtag.com/misc/ 43 B
634 B 103ms
102ms Image
image/gif 23.210.249.113
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.mathtag.com/misc/img?mm_bnc&bcdv=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.210.249.113 , Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-210-249-113.deploy.static.akamaitechnologies.com
Software: MT3 2284 a4a3c58 master cdg-pixel-x5 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Tue, 12 May 2020 20:40:10 GMT
Server: MT3 2284 a4a3c58 master cdg-pixel-x5
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 12 May 2020 20:40:01 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: widgets.twimg.com
URL: https://widgets.twimg.com/j/2/widget.js

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

18 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.demdex.net/	1970-01-19 13:47:48	Name: dextp Value: 3-1-1589316000501\|477-1-1589316000602
.demdex.net/	1970-01-19 13:47:48	Name: demdex Value: 40818800515138387500749638251443808852
pay.google.com/	1970-01-19 10:11:48	Name: OTZ Value: 5450200_48_52_123900_48_436380
.pay.google.com/	1970-01-19 09:30:02	Name: _gid Value: GA1.3.573451018.1589316001
.theadvertiser.com/	1970-01-19 18:14:12	Name: gup_clientid Value: a89a2f63-3e8f-46bb-bd10-e6152ebb2db2
.facebook.com/	1970-01-19 11:38:12	Name: fr Value: 0XRNLKraNBThrqfBI..Beuwmg...1.0.Beuwmg.
.krxd.net/	1970-01-19 13:47:48	Name: _kuid_ Value: NZkVFjNa
.pay.google.com/	1970-01-20 02:59:48	Name: _ga Value: GA1.3.218785801.1589316001
.theadvertiser.com/	1970-01-19 18:13:15	Name: LiveBall Value: uid=208490111&uky=WLFYD2VR&rid=221373913
.theadvertiser.com/	1970-01-19 09:28:37	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://offers.theadvertiser.com/specialoffer-ln?gps-source=EXEMLGNWE&utm_medium=email&utm_source=exacttarget&utm_campaign=EXEMLGNWE%22%2C%22sref%22:%22%22%2C%22sts%22:1589316000306%2C%22slts%22:0}
.theadvertiser.com/	1969-12-31 23:59:59	Name: AMCVS_CF4957F555EE9B727F000101%40AdobeOrg Value: 1
.theadvertiser.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.theadvertiser.com/	1970-01-20 02:59:48	Name: AMCV_CF4957F555EE9B727F000101%40AdobeOrg Value: 1585540135%7CMCIDTS%7C18395%7CMCMID%7C41005384494131876500732549336935468680%7CMCAAMLH-1589920800%7C6%7CMCAAMB-1589920800%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1589323200s%7CNONE%7CMCSYNCSOP%7C411-18402%7CMCAID%7CNONE%7CvVersion%7C4.4.0
.google.com/	1970-01-19 13:52:07	Name: NID Value: 204=DGbOHpD2POouOtIuEC5kL92R6s65yZU0MXcfX2lmVdJ277lVktYwpv-3aZ5qnHyAc5TnxZfHnexAiPuTzUPqVukFU48uz3IQhJqE1I2lleDbtJzFUIJVMfCjmKP36iIzBdjYnZcfAXrcGSAsaN7UyJs1yFGIvDKRiS97ucYgIRI
.pay.google.com/	1970-01-19 09:28:36	Name: _gat_UA1168580691 Value: 1
.theadvertiser.com/	1970-01-19 11:38:12	Name: _fbp Value: fb.1.1589316000285.657862460
.theadvertiser.com/	1970-01-19 18:14:12	Name: gup_anonid Value: 2da00d1d-1cb4-46e9-bb3c-740fcc8fe170
offers.theadvertiser.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: vjj505ok2nuosm40bjnrfeqc

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://news.google.com/swg/js/v1/swg.js(Line 29) Message: Subscriptions Runtime: 0.1.22.103

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

10870841.collect.igodigital.com
ajax.googleapis.com
beacon.krxd.net
cdn.krxd.net
cdn.parsely.com
cdnjs.cloudflare.com
cl.exct.net
cm.everesttech.net
code.jquery.com
connect.facebook.net
consumer.krxd.net
dpm.demdex.net
fonts.googleapis.com
gannett.demdex.net
iuploads.scribblecdn.net
news.google.com
offers.theadvertiser.com
pay.google.com
pixel.mathtag.com
platform.twitter.com
pubads.g.doubleclick.net
resources.xg4ken.com
sb.scorecardresearch.com
srepdata.montgomeryadvertiser.com
syndication.twitter.com
widgets.twimg.com
www.facebook.com
www.gannett-cdn.com
widgets.twimg.com
104.244.42.200
15.188.105.205
151.101.114.133
151.101.114.62
172.217.22.98
18.200.161.109
2.16.105.54
2001:4de0:ac19::1:b:1a
23.210.249.113
2600:9000:21f3:da00:15:a92b:8a80:93a1
2606:2800:234:59:254c:406:2366:268c
2606:4700::6810:85e5
2a00:1450:4001:800::200e
2a00:1450:4001:80b::200a
2a00:1450:4001:816::200a
2a00:1450:400c:c07::5c
2a02:26f0:64:39c::416d
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.201.234.122
34.227.44.62
34.241.125.133
52.212.164.200
54.171.36.70
54.230.180.67
66.117.28.86
004873741130c4c0aec4692ddf6ac8f57442ab746004efded91e189228c5daf8
02c138a31e56bf61cfa2af47e29082639dd0768d1bc9fb8b6bd183d9f970a577
0c2e1658ba427cead8bd5deb44839c9b904dbb0093e36394cb789bcc9512bbd6
0c9596e1cfcf93d9046009d87afee3a19a655f1fbb35ff605ea0b67643ad731f
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1a3a934d90549c670e4d6be1925c2ecd36ed991ba397d50ddc637e7a25f2d33a
2017bcbe795290328908858ee6945f39b659d6cc8bba2bc5b0b7133f78a7c89b
31ee3daa595cf3dee0380cf39ddd17bb383f2b7d37e5024578d7c08f2e7dbf51
32e6d17b4dc09aa26d207c87820b41045c37dc268c8e2fedd7221267cdca6c0d
3c9c46bb150b2ed41f5dd685ff25b03747e5b29eac72b1baa63a6e54a4a1bccb
4a63ccc41b6e27c88fca243efd1030d401bc83bd3ae22aaff2b0d1354ba25703
4cb61e44bf63a9e090e666898cd04d382e4c33b55b62cc5e9ff7dab055fbf787
524ceff5aaef70cfe86c0c9c6ca166b1eb0299a0850a9e5613ee749e634ca564
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
5597a90c8d59debd9c8836178aab3a59d998bcd5c3ab72e666a1eb593d572ff1
55c9d2f019f9d7ddfd69b2ad0351c5617338a222362aebb02b3b98a4dbc18486
592e35a583c401384ba6166b860a346ea7853f17287296c6a7c0c2468567330c
5dbb36b00cc77f4fe8efd685b65e57a5e8bec9595d1b37fa0dd70b935a267fa9
693e17c8231fa1c3a1832a2f0e1d89a7e09d2a6c94969a9404110acacf7783bd
699ed516861cc6e9abb0e8cc6e1c3354c33c1b17602fabbdfb726a12afec019a
7298c3e67b2e75b9a7b884d5356fdec39218fd94e6b877f916c71a12e30dcb43
79759fba4324b44884086263b681262191ccd9dc6634022db6f0c4b23e90c6ad
81420fcc92a4155e39b78a3b06cc87266a3fe13b229f44e3fac0cfd8080880ea
92a0a734cfe4f5aee530b12ee966e272f0ce41f44e0f2c89e8ee6d4a156f4789
960e999a771307e0509e94791b6b2d5945517d5b807b61dba554d02efb401a18
96be21393ffdc9129af65365ccbd7dd7458c1eaac7982a02e3697e08566edf3d
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a5dc65eda551046bc0e37effb1678b1968dd8313ff98390e7f22ee5cfeec3c63
aa6cd463886cdf2aa6acd5d44335441c21d95b6c93bb64f9644cd08fe79521c0
ac58f841fd9b1de0ae4ba48f22ac7e876b0ffdd3573318d29db20daf03c3c6a4
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
acfa1f03ac087fc08ca7389b23f01c47b31c6d00d412a21d9342af3c070fff57
aee7a08524963039531cea18c1e2627893a24569ade53c8546db108c28fc1ecc
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b294e973896f8f874e90a8eb1a8908ac790980d034c4c4bdf0fc3d37b8abf682
b514b2e543e3f70e05deb7bc17d21a7648a949efccb822b468899677a6ab2807
bac250b4e17d69b4bda7b05b987cf5a238c85abd11117b1a54317dab88e3aafd
bf1fce150ff945b16370d23bed230287f97d36a1b0a13f62abeb89c2ca3f61e7
c452f6881d9f308f0fe743d47830fd35a67f18088be7212651b8c00e827053d4
c8a015b0a6c17d0601591acc2bba30e2c08e4fb5918ee8a90af14ac33555c5ea
cb88bf7a67ba917b5ee7b4a1cc593d8bfe94cf2670cb24df338308ec8a573ec3
d00255a582d67e7d1061097b97f939b3d4e4bd48c31e6e0fd1cdf3d2f271ab63
d57b8fdf0c2fe9e2b05a355183f4514ca01ac959c63c5006a9211ad85c5a580e
dea5761dc4921ad7ac4a1af6eb72f872df9a66a75681c542bdd64b5b61d95f60
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5c70429bafad33fe2f1a58148546aea188a4f5e856ea3d3677808bae6a58ca5
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f17e60d77c02256a7c452b811447dc38de2da26e1016aa4a7fdf074d8ecefd9a
f2bfde2e7589a765a3ea64c97e51e3ca8757593c860daafde22200923fb76754
f6747131b6f4cbfab31e8c0b3dec455c5ac0191c1bf65db44db65053f3071bcd
f9b9addb5e771b6b1f78aaaf3fbe4a660af03768e9e622701b511b17784169c4
fde43be5ba09c040a25f97f2f42dac6b282b15e971c4712f8ead4b93555a4953

offers.theadvertiser.com Open in urlscan Pro 34.227.44.62 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

62 Requests

98 %HTTPS

42 %IPv6

22 Domains

28 Subdomains

25 IPs

7 Countries

1094 kBTransfer

2704 kBSize

18 Cookies

5 Outgoing links

Page URL History

Redirected requests

62 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

offers.theadvertiser.com Open in urlscan Pro
34.227.44.62 Public Scan

Screenshot
Live screenshot

Full Image

62
Requests

98 %
HTTPS

42 %
IPv6

22
Domains

28
Subdomains

25
IPs

7
Countries

1094 kB
Transfer

2704 kB
Size

18
Cookies

62 HTTP transactions
0 data transactions