urlscan.io logo urlscan.io
SecurityTrails logo

www.grandforksherald.com Open in urlscan Pro
13.32.27.124  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.grandforksherald.com/
Effective URL: https://www.grandforksherald.com/
Submission Tags: falconsandbox
Submission: On May 10 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 95 IPs in 9 countries across 73 domains to perform 359 HTTP transactions. The main IP is 13.32.27.124, located in United States and belongs to AMAZON-02, US. The main domain is www.grandforksherald.com. The Cisco Umbrella rank of the primary domain is 308099.
TLS certificate: Issued by Amazon RSA 2048 M01 on January 9th 2023. Valid for: a year.
This is the only time www.grandforksherald.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 4 13.32.27.124 16509 (AMAZON-02)
19 65.9.66.109 16509 (AMAZON-02)
1 108.138.7.42 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700::68... 13335 (CLOUDFLAR...)
1 18.165.122.104 16509 (AMAZON-02)
2 2600:9000:205... 16509 (AMAZON-02)
9 2606:2800:233... 15133 (EDGECAST)
6 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
1 4 2606:4700::68... 13335 (CLOUDFLAR...)
1 23.35.237.64 16625 (AKAMAI-AS)
17 54.197.229.45 14618 (AMAZON-AES)
7 34.96.77.232 396982 (GOOGLE-CL...)
12 161.71.1.38 14340 (SALESFORCE)
2 99.83.154.140 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
6 2a03:2880:f08... 32934 (FACEBOOK)
1 2600:9000:215... 16509 (AMAZON-02)
4 2600:1901:0:d... 15169 (GOOGLE)
2 2a04:4e42:200... 54113 (FASTLY)
3 13.224.192.181 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
12 151.101.66.114 54113 (FASTLY)
4 6 2600:9000:225... 16509 (AMAZON-02)
9 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42:400... 54113 (FASTLY)
1 54.204.238.15 14618 (AMAZON-AES)
6 2a00:1450:400... 15169 (GOOGLE)
1 2 216.58.212.166 15169 (GOOGLE)
1 146.75.116.157 54113 (FASTLY)
1 2600:9000:225... 16509 (AMAZON-02)
2 2606:4700:440... 13335 (CLOUDFLAR...)
17 2a00:1450:400... 15169 (GOOGLE)
4 54.76.232.125 16509 (AMAZON-02)
2 2001:4860:480... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
3 54.183.53.112 16509 (AMAZON-02)
1 4 35.71.131.137 16509 (AMAZON-02)
1 13.225.83.200 16509 (AMAZON-02)
1 104.244.42.69 13414 (TWITTER)
1 104.244.42.195 13414 (TWITTER)
2 11 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
5 2600:9000:223... 16509 (AMAZON-02)
1 2600:9000:223... 16509 (AMAZON-02)
5 104.18.25.185 13335 (CLOUDFLAR...)
10 2602:803:c003... 26667 (RUBICONPR...)
5 35.227.252.103 15169 (GOOGLE)
31 18.185.67.118 16509 (AMAZON-02)
1 52.222.239.116 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 2a03:2880:f17... 32934 (FACEBOOK)
1 34.217.66.45 16509 (AMAZON-02)
1 152.199.22.243 15133 (EDGECAST)
2 2a00:1450:400... 15169 (GOOGLE)
2 2606:2800:234... 15133 (EDGECAST)
3 2a00:1450:400... 15169 (GOOGLE)
1 35.244.184.131 15169 (GOOGLE)
1 1 2400:52e0:1e0... 200325 (BUNNYCDN)
1 4 2a04:4e42::485 54113 (FASTLY)
2 2606:4700:303... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2a02:2638:3::3 44788 (ASN-CRITE...)
1 65.9.66.122 16509 (AMAZON-02)
1 2600:9000:225... 16509 (AMAZON-02)
1 34.102.146.192 396982 (GOOGLE-CL...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2606:2800:133... 15133 (EDGECAST)
1 2 34.120.107.143 396982 (GOOGLE-CL...)
1 34.248.111.53 16509 (AMAZON-02)
3 2600:9000:249... 16509 (AMAZON-02)
1 141.95.98.64 16276 (OVH)
1 2 2a02:2638:d::d 44788 (ASN-CRITE...)
1 172.67.75.166 13335 (CLOUDFLAR...)
15 2a00:1450:400... 15169 (GOOGLE)
4 13.51.225.119 16509 (AMAZON-02)
16 2a00:1450:400... 15169 (GOOGLE)
1 178.250.7.13 44788 (ASN-CRITE...)
1 2600:9000:223... 16509 (AMAZON-02)
1 34.98.64.218 396982 (GOOGLE-CL...)
2 2a00:1450:400... 15169 (GOOGLE)
2 52.217.44.20 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2001:4860:480... 15169 (GOOGLE)
1 104.244.42.136 13414 (TWITTER)
1 54.173.81.117 14618 (AMAZON-AES)
3 52.11.162.50 16509 (AMAZON-02)
4 2a00:1450:400... 15169 (GOOGLE)
2 13.69.106.90 8075 (MICROSOFT...)
2 13.110.58.222 14340 (SALESFORCE)
1 23.36.162.199 20940 (AKAMAI-ASN1)
2 13.110.41.224 14340 (SALESFORCE)
2 104.44.128.13 8075 (MICROSOFT...)
359 95
4    13.32.27.124 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-27-124.fra56.r.cloudfront.net
www.grandforksherald.com
19    65.9.66.109 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-109.fra56.r.cloudfront.net
cdn.forumcomm.com
1    108.138.7.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-42.fra56.r.cloudfront.net
static.forumcomm.com
2    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
3    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
1    18.165.122.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-122-104.hel51.r.cloudfront.net
ak.sail-horizon.com
2    2600:9000:2057:9e00:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
9    2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)
loader-cdn.azureedge.net
cdn.wgchrrammzv.com
cdn.mircheigeshoa.com
cdn.godiciardstia.com
cdn.pranmcpkx.com
6    2a02:26f0:6c00:1a4::3282 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
widgets-lts.media.weather.com
widgets-green.media.weather.com
api.weather.com
4    2606:4700::6810:7eaf (United States)

ASN13335 (CLOUDFLARENET, US)
unpkg.com
1    23.35.237.64 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-64.deploy.static.akamaitechnologies.com
s.ntv.io
17    54.197.229.45 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-197-229-45.compute-1.amazonaws.com
embed-981930.secondstreetapp.com
7    34.96.77.232 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 232.77.96.34.bc.googleusercontent.com
origami.secure.ownlocal.com
12    161.71.1.38 (London, United Kingdom)

ASN14340 (SALESFORCE, US)
PTR: dcl3-ncg0-lhr3.um4-lo2.force.com
service.force.com
2    99.83.154.140 (United States)

ASN16509 (AMAZON-02, US)
PTR: aa7557bb34ea5624b.awsglobalaccelerator.com
api.sail-personalize.com
3    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
6    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2600:9000:2156:4e00:1b:e643:4ac0:93a1 (United States)

ASN16509 (AMAZON-02, US)
scripts.attributionapp.com
4    2600:1901:0:d733::1 (Kansas City, United States)

ASN15169 (GOOGLE, US)
stereotypedsugar.com
2    2a04:4e42:200::282 (United States)

ASN54113 (FASTLY, US)
polyfill.io
cdn.polyfill.io
3    13.224.192.181 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-192-181.fra2.r.cloudfront.net
c.amazon-adsystem.com
6    2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
12    151.101.66.114 (United States)

ASN54113 (FASTLY, US)
ssl.p.jwpcdn.com
assets-jpcust.jwpsrv.com
prd.jwpltx.com
6    2600:9000:225e:9a00:1:a3fa:7cc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.jwplayer.com
9    2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a04:4e42:400::714 (United States)

ASN54113 (FASTLY, US)
mab.chartbeat.com
1    54.204.238.15 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-204-238-15.compute-1.amazonaws.com
track.attributionapp.com
6    2a00:1450:4001:808::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    216.58.212.166 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f166.1e100.net
8975227.fls.doubleclick.net
1    146.75.116.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
1    2600:9000:225e:2a00:7:e536:8b00:93a1 (United States)

ASN16509 (AMAZON-02, US)
tag.brandcdn.com
2    2606:4700:4400::ac40:99f6 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.confiant-integrations.net
17    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
adservice.google.com
4    54.76.232.125 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-232-125.eu-west-1.compute.amazonaws.com
jadserve.postrelease.com
2    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
4    2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    54.183.53.112 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-183-53-112.us-west-1.compute.amazonaws.com
adservices.brandcdn.com
4    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
insight.adsrvr.org
1    13.225.83.200 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-83-200.fra2.r.cloudfront.net
d1eoo1tco6rr5e.cloudfront.net
1    104.244.42.69 (United States)

ASN13414 (TWITTER, US)
t.co
1    104.244.42.195 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
11    2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
4    2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
5    2600:9000:223c:8c00:1d:9060:10c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
widgets.jobshq.com
1    2600:9000:223f:3c00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
5    104.18.25.185 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
10    2602:803:c003:200::41 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
5    35.227.252.103 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com
rtb.openx.net
31    18.185.67.118 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-67-118.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
1    52.222.239.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-239-116.fra56.r.cloudfront.net
aax.amazon-adsystem.com
2    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pubads.g.doubleclick.net
1    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
2c10b09c2f0b1833eecb56a5cc8b9664.safeframe.googlesyndication.com
4    2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
1    34.217.66.45 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-217-66-45.us-west-2.compute.amazonaws.com
capig.inforum.com
1    152.199.22.243 (United States)

ASN15133 (EDGECAST, US)
entitlements.jwplayer.com
2    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
2    2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
3    2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
1    35.244.184.131 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 131.184.244.35.bc.googleusercontent.com
snowplow.ownlocal.com
1    2400:52e0:1e00::1077:1 (Germany)

ASN200325 (BUNNYCDN, SI)
cdn.materialdesignicons.com
4    2a04:4e42::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
2    2606:4700:3038::6815:e9e1 (United States)

ASN13335 (CLOUDFLARENET, US)
rsms.me
1    2606:4700:10::6816:3456 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
1    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
1    65.9.66.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-122.fra56.r.cloudfront.net
tags.crwdcntrl.net
1    2600:9000:2250:9000:a:e047:752:b361 (United States)

ASN16509 (AMAZON-02, US)
cdn.prod.uidapi.com
1    34.102.146.192 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 192.146.102.34.bc.googleusercontent.com
oa.openxcdn.net
1    2a00:1450:4001:80b::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)
az416426.vo.msecnd.net
2    34.120.107.143 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 143.107.120.34.bc.googleusercontent.com
oajs.openx.net
1    34.248.111.53 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-111-53.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
3    2600:9000:2491:3800:2:cecb:23c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
videos-cloudfront-usp.jwpsrv.com
1    141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu
id5-sync.com
2    2a02:2638:d::d (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
1    172.67.75.166 (United States)

ASN13335 (CLOUDFLARENET, US)
api-mg2.db-ip.com
15    2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
4    13.51.225.119 (Stockholm, Sweden)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-51-225-119.eu-north-1.compute.amazonaws.com
protected-by.clarium.io
16    2a00:1450:4001:82b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
1    178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    2600:9000:223c:f400:14:d64b:ab80:93a1 (United States)

ASN16509 (AMAZON-02, US)
api.jobshq.com
1    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
google-bidout-d.openx.net
2    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    52.217.44.20 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
paywall-ad-bucket.s3.amazonaws.com
2    2a00:1450:4001:82a::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
1    2001:4860:4802:36::36 (United States)

ASN15169 (GOOGLE, US)
us-central1-kube-ownlocal.cloudfunctions.net
1    104.244.42.136 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
1    54.173.81.117 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-173-81-117.compute-1.amazonaws.com
ping.chartbeat.net
3    52.11.162.50 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-11-162-50.us-west-2.compute.amazonaws.com
api.amplitude.com
4    2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    13.69.106.90 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com
2    13.110.58.222 (United States)

ASN14340 (SALESFORCE, US)
PTR: dcl3-ncg1-c5-iad4.la4-c1-ia4.salesforceliveagent.com
d.la4-c1-ia4.salesforceliveagent.com
1    23.36.162.199 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-162-199.deploy.static.akamaitechnologies.com
c1.sfdcstatic.com
2    13.110.41.224 (United States)

ASN14340 (SALESFORCE, US)
PTR: dcl10-ncg1-c6-iad5.la4-c2-ia5.salesforceliveagent.com
d.la4-c2-ia5.salesforceliveagent.com
2    104.44.128.13 (San Antonio, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
prod-forum-proxy-connext.azurewebsites.net
Apex Domain
Subdomains		 Transfer
31 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1090
5 KB
24 doubleclick.net
8975227.fls.doubleclick.net — Cisco Umbrella Rank: 173553
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 205
stats.g.doubleclick.net — Cisco Umbrella Rank: 91
pubads.g.doubleclick.net — Cisco Umbrella Rank: 425
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
194 KB
21 googlesyndication.com
2c10b09c2f0b1833eecb56a5cc8b9664.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 143
pagead2.googlesyndication.com — Cisco Umbrella Rank: 107
106 KB
20 forumcomm.com
cdn.forumcomm.com — Cisco Umbrella Rank: 90285
static.forumcomm.com — Cisco Umbrella Rank: 128062
769 KB
17 secondstreetapp.com
embed-981930.secondstreetapp.com — Cisco Umbrella Rank: 846983
685 KB
15 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 375
326 KB
13 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 83
2 KB
12 gstatic.com
fonts.gstatic.com
www.gstatic.com
178 KB
12 force.com
service.force.com — Cisco Umbrella Rank: 3622
42 KB
10 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 491
5 KB
10 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 50
imasdk.googleapis.com — Cisco Umbrella Rank: 468
storage.googleapis.com — Cisco Umbrella Rank: 393
463 KB
8 openx.net
rtb.openx.net — Cisco Umbrella Rank: 1307
oajs.openx.net — Cisco Umbrella Rank: 2527
google-bidout-d.openx.net — Cisco Umbrella Rank: 2780
1 KB
8 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 39
region1.google-analytics.com — Cisco Umbrella Rank: 2495
42 KB
8 ownlocal.com
origami.secure.ownlocal.com — Cisco Umbrella Rank: 73081
snowplow.ownlocal.com — Cisco Umbrella Rank: 110302
99 KB
7 jwpsrv.com
assets-jpcust.jwpsrv.com — Cisco Umbrella Rank: 3799
videos-cloudfront-usp.jwpsrv.com — Cisco Umbrella Rank: 7036
399 KB
7 jwplayer.com
cdn.jwplayer.com — Cisco Umbrella Rank: 2736
entitlements.jwplayer.com — Cisco Umbrella Rank: 3691
4 KB
6 jobshq.com
widgets.jobshq.com — Cisco Umbrella Rank: 168064
api.jobshq.com — Cisco Umbrella Rank: 181222
9 KB
6 google.de
www.google.de — Cisco Umbrella Rank: 5171
adservice.google.de — Cisco Umbrella Rank: 7680
2 KB
6 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 161
353 KB
6 weather.com
widgets-lts.media.weather.com — Cisco Umbrella Rank: 63391
widgets-green.media.weather.com — Cisco Umbrella Rank: 22703
api.weather.com — Cisco Umbrella Rank: 1432
326 KB
5 pranmcpkx.com
cdn.pranmcpkx.com — Cisco Umbrella Rank: 32020
2 MB
5 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 525
2 KB
5 jwpcdn.com
ssl.p.jwpcdn.com — Cisco Umbrella Rank: 2727
245 KB
4 salesforceliveagent.com
d.la4-c1-ia4.salesforceliveagent.com — Cisco Umbrella Rank: 16152
d.la4-c2-ia5.salesforceliveagent.com — Cisco Umbrella Rank: 11900
6 KB
4 clarium.io
protected-by.clarium.io — Cisco Umbrella Rank: 1443
973 B
4 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 379
292 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 108
239 B
4 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 690
platform.twitter.com — Cisco Umbrella Rank: 916
syndication.twitter.com — Cisco Umbrella Rank: 1167
133 KB
4 adsrvr.org
insight.adsrvr.org — Cisco Umbrella Rank: 571
927 B
4 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1256
2 KB
4 brandcdn.com
tag.brandcdn.com — Cisco Umbrella Rank: 15562
adservices.brandcdn.com — Cisco Umbrella Rank: 11210
5 KB
4 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 310
aax.amazon-adsystem.com — Cisco Umbrella Rank: 406
61 KB
4 stereotypedsugar.com
stereotypedsugar.com — Cisco Umbrella Rank: 121994
27 KB
4 unpkg.com
unpkg.com — Cisco Umbrella Rank: 930
50 KB
4 grandforksherald.com
www.grandforksherald.com — Cisco Umbrella Rank: 308099
107 KB
3 jwpltx.com
prd.jwpltx.com — Cisco Umbrella Rank: 3069
144 B
3 amplitude.com
api.amplitude.com — Cisco Umbrella Rank: 1544
616 B
3 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 429
mug.criteo.com — Cisco Umbrella Rank: 2429
7 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
218 KB
3 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1680
mab.chartbeat.com — Cisco Umbrella Rank: 2526
25 KB
3 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 231
42 KB
2 azurewebsites.net
prod-forum-proxy-connext.azurewebsites.net — Cisco Umbrella Rank: 142435
1 KB
2 visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 892
281 B
2 amazonaws.com
paywall-ad-bucket.s3.amazonaws.com — Cisco Umbrella Rank: 41938
2 KB
2 crwdcntrl.net
tags.crwdcntrl.net — Cisco Umbrella Rank: 1195
bcp.crwdcntrl.net — Cisco Umbrella Rank: 1013
12 KB
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1008
id5-sync.com — Cisco Umbrella Rank: 444
18 KB
2 rsms.me
rsms.me — Cisco Umbrella Rank: 13987
224 KB
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 1424
96 KB
2 polyfill.io
polyfill.io — Cisco Umbrella Rank: 1592
cdn.polyfill.io — Cisco Umbrella Rank: 2980
869 B
2 attributionapp.com
scripts.attributionapp.com — Cisco Umbrella Rank: 96260
track.attributionapp.com — Cisco Umbrella Rank: 73528
50 KB
2 sail-personalize.com
api.sail-personalize.com — Cisco Umbrella Rank: 3014
495 B
2 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 192
78 KB
1 sfdcstatic.com
c1.sfdcstatic.com — Cisco Umbrella Rank: 28226
34 KB
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1299
201 B
1 cloudfunctions.net
us-central1-kube-ownlocal.cloudfunctions.net — Cisco Umbrella Rank: 107060
282 B
1 db-ip.com
api-mg2.db-ip.com — Cisco Umbrella Rank: 26350
776 B
1 godiciardstia.com
cdn.godiciardstia.com — Cisco Umbrella Rank: 103606
48 KB
1 mircheigeshoa.com
cdn.mircheigeshoa.com — Cisco Umbrella Rank: 53734
23 KB
1 msecnd.net
az416426.vo.msecnd.net — Cisco Umbrella Rank: 2516
22 KB
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 311
17 KB
1 openxcdn.net
oa.openxcdn.net — Cisco Umbrella Rank: 2696
8 KB
1 uidapi.com
cdn.prod.uidapi.com — Cisco Umbrella Rank: 2999
2 KB
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 664
13 KB
1 wgchrrammzv.com
cdn.wgchrrammzv.com — Cisco Umbrella Rank: 45042
2 KB
1 materialdesignicons.com
cdn.materialdesignicons.com — Cisco Umbrella Rank: 47734
711 B
1 inforum.com
capig.inforum.com — Cisco Umbrella Rank: 144169
314 B
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 631
481 B
1 t.co
t.co — Cisco Umbrella Rank: 510
375 B
1 cloudfront.net
d1eoo1tco6rr5e.cloudfront.net
667 B
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 718
15 KB
1 ntv.io
s.ntv.io — Cisco Umbrella Rank: 3682
159 KB
1 azureedge.net
loader-cdn.azureedge.net — Cisco Umbrella Rank: 29810
12 KB
1 sail-horizon.com
ak.sail-horizon.com — Cisco Umbrella Rank: 3074
33 KB
359 73
Domain Requested by
31 btlr.sharethrough.com cdn.forumcomm.com
cdnjs.cloudflare.com
19 cdn.forumcomm.com www.grandforksherald.com
17 embed-981930.secondstreetapp.com www.grandforksherald.com
embed-981930.secondstreetapp.com
16 tpc.googlesyndication.com www.grandforksherald.com
cdn.ampproject.org
cdn.confiant-integrations.net
securepubads.g.doubleclick.net
tpc.googlesyndication.com
15 cdn.ampproject.org cdn.confiant-integrations.net
15 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
www.grandforksherald.com
12 service.force.com www.grandforksherald.com
service.force.com
11 www.google.com 2 redirects www.grandforksherald.com
tpc.googlesyndication.com
10 fastlane.rubiconproject.com cdn.forumcomm.com
cdnjs.cloudflare.com
9 fonts.gstatic.com fonts.googleapis.com
7 origami.secure.ownlocal.com www.grandforksherald.com
origami.secure.ownlocal.com
cdnjs.cloudflare.com
6 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.grandforksherald.com
cdnjs.cloudflare.com
6 cdn.jwplayer.com 4 redirects www.grandforksherald.com
cdnjs.cloudflare.com
6 fonts.googleapis.com www.grandforksherald.com
embed-981930.secondstreetapp.com
origami.secure.ownlocal.com
cdn.confiant-integrations.net
6 connect.facebook.net www.grandforksherald.com
connect.facebook.net
embed-981930.secondstreetapp.com
5 cdn.pranmcpkx.com loader-cdn.azureedge.net
cdn.pranmcpkx.com
cdnjs.cloudflare.com
5 rtb.openx.net cdn.forumcomm.com
cdnjs.cloudflare.com
5 htlb.casalemedia.com cdn.forumcomm.com
cdnjs.cloudflare.com
5 widgets.jobshq.com www.grandforksherald.com
widgets.jobshq.com
5 ssl.p.jwpcdn.com www.grandforksherald.com
4 pagead2.googlesyndication.com cdnjs.cloudflare.com
tpc.googlesyndication.com
4 protected-by.clarium.io www.grandforksherald.com
4 cdn.jsdelivr.net 1 redirects origami.secure.ownlocal.com
securepubads.g.doubleclick.net
cdn.jsdelivr.net
4 assets-jpcust.jwpsrv.com www.grandforksherald.com
4 www.facebook.com connect.facebook.net
www.grandforksherald.com
4 www.google.de www.grandforksherald.com
4 insight.adsrvr.org 1 redirects www.grandforksherald.com
d1eoo1tco6rr5e.cloudfront.net
4 stats.g.doubleclick.net www.google-analytics.com
cdnjs.cloudflare.com
4 jadserve.postrelease.com s.ntv.io
www.grandforksherald.com
4 stereotypedsugar.com www.grandforksherald.com
cdnjs.cloudflare.com
4 unpkg.com 1 redirects www.grandforksherald.com
origami.secure.ownlocal.com
4 www.grandforksherald.com 1 redirects cdn.forumcomm.com
3 prd.jwpltx.com
3 widgets-green.media.weather.com widgets-lts.media.weather.com
3 api.amplitude.com cdnjs.cloudflare.com
3 videos-cloudfront-usp.jwpsrv.com cdnjs.cloudflare.com
3 www.gstatic.com www.grandforksherald.com
www.gstatic.com
3 adservices.brandcdn.com tag.brandcdn.com
adservices.brandcdn.com
3 c.amazon-adsystem.com www.grandforksherald.com
c.amazon-adsystem.com
3 www.googletagmanager.com www.grandforksherald.com
www.googletagmanager.com
cdn.godiciardstia.com
3 cdnjs.cloudflare.com www.grandforksherald.com
origami.secure.ownlocal.com
2 prod-forum-proxy-connext.azurewebsites.net cdnjs.cloudflare.com
2 api.weather.com cdnjs.cloudflare.com
2 d.la4-c2-ia5.salesforceliveagent.com service.force.com
2 d.la4-c1-ia4.salesforceliveagent.com service.force.com
2 dc.services.visualstudio.com cdnjs.cloudflare.com
2 storage.googleapis.com www.grandforksherald.com
2 paywall-ad-bucket.s3.amazonaws.com www.grandforksherald.com
cdn.pranmcpkx.com
2 googleads.g.doubleclick.net www.grandforksherald.com
2 gum.criteo.com 1 redirects static.criteo.net
2 oajs.openx.net 1 redirects www.grandforksherald.com
2 rsms.me origami.secure.ownlocal.com
rsms.me
2 platform.twitter.com embed-981930.secondstreetapp.com
platform.twitter.com
2 imasdk.googleapis.com www.grandforksherald.com
imasdk.googleapis.com
2 adservice.google.de securepubads.g.doubleclick.net
adservice.google.com
2 adservice.google.com 8975227.fls.doubleclick.net
securepubads.g.doubleclick.net
2 region1.google-analytics.com www.googletagmanager.com
2 cdn.confiant-integrations.net www.googletagmanager.com
cdn.confiant-integrations.net
2 8975227.fls.doubleclick.net 1 redirects www.googletagmanager.com
2 api.sail-personalize.com ak.sail-horizon.com
2 static.chartbeat.com www.grandforksherald.com
2 www.googletagservices.com www.grandforksherald.com
1 c1.sfdcstatic.com
1 ping.chartbeat.net www.grandforksherald.com
1 syndication.twitter.com platform.twitter.com
1 us-central1-kube-ownlocal.cloudfunctions.net www.grandforksherald.com
1 google-bidout-d.openx.net oa.openxcdn.net
1 api.jobshq.com widgets.jobshq.com
1 mug.criteo.com www.grandforksherald.com
1 api-mg2.db-ip.com cdnjs.cloudflare.com
1 id5-sync.com cdnjs.cloudflare.com
1 bcp.crwdcntrl.net cdnjs.cloudflare.com
1 cdn.godiciardstia.com loader-cdn.azureedge.net
1 cdn.mircheigeshoa.com loader-cdn.azureedge.net
1 az416426.vo.msecnd.net loader-cdn.azureedge.net
1 s0.2mdn.net imasdk.googleapis.com
1 oa.openxcdn.net securepubads.g.doubleclick.net
1 cdn.prod.uidapi.com securepubads.g.doubleclick.net
1 tags.crwdcntrl.net securepubads.g.doubleclick.net
1 static.criteo.net securepubads.g.doubleclick.net
1 cdn.id5-sync.com securepubads.g.doubleclick.net
1 cdn.wgchrrammzv.com cdnjs.cloudflare.com
1 cdn.materialdesignicons.com 1 redirects
1 cdn.polyfill.io origami.secure.ownlocal.com
1 snowplow.ownlocal.com www.grandforksherald.com
1 entitlements.jwplayer.com cdnjs.cloudflare.com
1 capig.inforum.com connect.facebook.net
1 2c10b09c2f0b1833eecb56a5cc8b9664.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 pubads.g.doubleclick.net www.grandforksherald.com
1 aax.amazon-adsystem.com c.amazon-adsystem.com
1 static.adsafeprotected.com www.grandforksherald.com
1 analytics.twitter.com www.grandforksherald.com
1 t.co www.grandforksherald.com
1 d1eoo1tco6rr5e.cloudfront.net tag.brandcdn.com
1 tag.brandcdn.com www.googletagmanager.com
1 static.ads-twitter.com www.googletagmanager.com
1 track.attributionapp.com scripts.attributionapp.com
1 mab.chartbeat.com static.chartbeat.com
1 polyfill.io loader-cdn.azureedge.net
1 scripts.attributionapp.com www.grandforksherald.com
1 s.ntv.io www.grandforksherald.com
1 widgets-lts.media.weather.com www.grandforksherald.com
1 loader-cdn.azureedge.net www.grandforksherald.com
1 ak.sail-horizon.com www.grandforksherald.com
1 static.forumcomm.com www.grandforksherald.com
359 105
Subject Issuer Validity Valid
web.production.forum-communications.brightspot.cloud
Amazon RSA 2048 M01		 2023-01-09 -
2024-02-07		 a year crt.sh
static.web.production.forum-communications.brightspot.cloud
Amazon RSA 2048 M01		 2023-02-23 -
2023-11-10		 9 months crt.sh
static.forumcomm.com
Amazon RSA 2048 M01		 2023-02-28 -
2023-12-13		 9 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
ak.sail-horizon.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-01-16		 a year crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2022-05-06 -
2023-06-03		 a year crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2022-10-25 -
2023-10-25		 a year crt.sh
www.weather.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-19 -
2023-12-21		 a year crt.sh
*.ntv.io
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-24 -
2023-10-26		 a year crt.sh
*.secondstreetapp.com
Sectigo RSA Domain Validation Secure Server CA		 2022-07-16 -
2023-07-23		 a year crt.sh
widget.secure.ownlocal.com
GTS CA 1D4		 2023-04-19 -
2023-07-18		 3 months crt.sh
*.um4.force.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-05 -
2024-01-04		 a year crt.sh
api.sail-personalize.com
Amazon RSA 2048 M01		 2023-04-25 -
2024-05-23		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-02-17 -
2023-05-18		 3 months crt.sh
*.attributionapp.com
Sectigo ECC Domain Validation Secure Server CA		 2023-03-01 -
2024-03-17		 a year crt.sh
stereotypedsugar.com
R3		 2023-04-15 -
2023-07-14		 3 months crt.sh
polyfill.io
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-10 -
2024-01-11		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.jwplayer.com
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-11-26 -
2023-12-28		 a year crt.sh
jwplayer.com
Amazon RSA 2048 M02		 2023-03-01 -
2023-12-25		 10 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
track.attributionapp.com
R3		 2023-03-15 -
2023-06-13		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-07-22 -
2023-08-22		 a year crt.sh
*.brandcdn.com
Amazon RSA 2048 M01		 2023-02-23 -
2023-09-30		 7 months crt.sh
*.confiant-integrations.net
GTS CA 1P5		 2023-03-27 -
2023-06-25		 3 months crt.sh
*.postrelease.com
Amazon RSA 2048 M01		 2023-02-09 -
2024-02-16		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
t.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-05 -
2024-02-05		 a year crt.sh
*.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-05 -
2024-02-05		 a year crt.sh
www.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
www.google.de
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
widgets.jobshq.com
Amazon RSA 2048 M02		 2022-10-12 -
2023-11-10		 a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M01		 2023-02-24 -
2023-09-04		 6 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M02		 2023-02-10 -
2023-08-12		 6 months crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
*.google.de
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
capig.inforum.com
R3		 2023-05-07 -
2023-08-05		 3 months crt.sh
entitlements.jwplayer.com
GeoTrust TLS RSA CA G1		 2023-04-11 -
2024-05-11		 a year crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-06 -
2023-11-06		 a year crt.sh
snowplow.ownlocal.com
GTS CA 1D4		 2023-03-31 -
2023-06-29		 3 months crt.sh
rsms.me
E1		 2023-05-07 -
2023-08-05		 3 months crt.sh
sni2bf2bgl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-31 -
2023-11-02		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-24 -
2023-06-18		 3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
cdn.prod.uidapi.com
R3		 2023-02-25 -
2023-05-26		 3 months crt.sh
oa.openxcdn.net
GTS CA 1D4		 2023-03-30 -
2023-06-28		 3 months crt.sh
sni2bf2fgl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-31 -
2023-11-02		 a year crt.sh
sni2bf2egl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-31 -
2023-11-02		 a year crt.sh
sni2bf2agl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-31 -
2023-11-02		 a year crt.sh
jwpsrv.com
Amazon RSA 2048 M02		 2023-03-20 -
2024-04-16		 a year crt.sh
*.id5-sync.com
R3		 2023-04-18 -
2023-07-17		 3 months crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-09 -
2023-06-03		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
protected-by.clarium.io
Amazon RSA 2048 M01		 2022-12-16 -
2024-01-14		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
api.jobshq.com
Amazon RSA 2048 M01		 2022-10-12 -
2023-11-10		 a year crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01		 2023-03-21 -
2023-12-19		 9 months crt.sh
storage.googleapis.com
GTS CA 1C3		 2023-04-17 -
2023-07-10		 3 months crt.sh
misc.google.com
GTS CA 1C3		 2023-04-17 -
2023-07-10		 3 months crt.sh
syndication.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-05 -
2024-02-05		 a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2022-12-19 -
2023-12-30		 a year crt.sh
*.amplitude.com
COMODO RSA Domain Validation Secure Server CA		 2023-01-23 -
2024-02-14		 a year crt.sh
in.applicationinsights.azure.com
Microsoft Azure TLS Issuing CA 05		 2023-04-20 -
2024-04-14		 a year crt.sh
la4-c1-ia4.salesforceliveagent.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-13 -
2023-09-12		 a year crt.sh
c1.sfdcstatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-26 -
2024-03-24		 a year crt.sh
la4-c2-ia5.salesforceliveagent.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-07 -
2023-09-07		 a year crt.sh
*.azurewebsites.net
Microsoft Azure TLS Issuing CA 02		 2023-03-10 -
2024-03-04		 a year crt.sh

This page contains 22 frames:

Primary Page: https://www.grandforksherald.com/
Frame ID: F3E70691A6ACF38887C0240C8BE3358D
Requests: 245 HTTP requests in this frame

Frame: https://8975227.fls.doubleclick.net/activityi;dc_pre=CPSD0fPI6_4CFQeXmgodvOYOuA;src=8975227;type=invmedia;cat=grand0;ord=9789840719750;gtm=45He3580;auiddc=2068016473.1683749829;~oref=https%3A%2F%2Fwww.grandforksherald.com%2F
Frame ID: 5D8FB14977B108529C9D553386EC6A17
Requests: 1 HTTP requests in this frame

Frame: https://d1eoo1tco6rr5e.cloudfront.net/c8hchs6/56sogo3/iframe
Frame ID: 87ACAFB05A98A2509EE6E4F648A1617F
Requests: 2 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CPSD0fPI6_4CFQeXmgodvOYOuA;src=8975227;type=invmedia;cat=grand0;ord=9789840719750;gtm=45He3580;auiddc=2068016473.1683749829;~oref=https%3A%2F%2Fwww.grandforksherald.com%2F
Frame ID: FC54BF5A4482D89AD6D264EFDFA6C87E
Requests: 1 HTTP requests in this frame

Frame: https://embed-981930.secondstreetapp.com/embed/5695610b-a9ae-4766-808d-43bdb662c615/
Frame ID: 38124594038000FD1E3DFB1355D9C4AD
Requests: 22 HTTP requests in this frame

Frame: https://2c10b09c2f0b1833eecb56a5cc8b9664.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 6D6298B87E43F93B8617CECC97BF086D
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CPSD0fPI6_4CFQeXmgodvOYOuA;src=8975227;type=invmedia;cat=grand0;ord=9789840719750;gtm=45He3580;auiddc=2068016473.1683749829;~oref=https%3A%2F%2Fwww.grandforksherald.com%2F
Frame ID: 3AEC4472C47AB0D269CB46CBAD4A4DB6
Requests: 1 HTTP requests in this frame

Frame: https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css.gz
Frame ID: E0FD6EA9755EEEA187BF7FF2C46C17A2
Requests: 17 HTTP requests in this frame

Frame: https://widgets.jobshq.com//dist/list/index.html?property=12
Frame ID: F53C5057AA89521A97D18548AF4A585B
Requests: 5 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Frame ID: 74D876EAD4491A2B98A412879417321F
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 83110F3F6D74EBBF77E51736419C3791
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.grandforksherald.com
Frame ID: CB6CC68F35D6E680B2476DC2231CC82E
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012304262219000/amp4ads-v0.mjs
Frame ID: 475932DD13D23284FB2B79850EE1247E
Requests: 17 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvPD_99d70R-3B1RhboIfrtvPXXRD5jzJaV4dftwG_D3G6vROzUFR8IV7joLAWOxvAbCDnbfZShhTEvMoOE862NbPHQVXb6bP1lxiNCEBbDFNafjR9VkH5U9hsKtix7_SgApbl0WYv20lJ6iCCHbFJb8W0N7glDwQ_KIT-3q_7WdphfrcH9PF1iGHJKSD4Ec2bz0qXcYjLTRCtQgqhdqAMAHR53CdsuJozCogRACn8rd8Mej5Y6BFYD-mRBuNpPMIV59OCuo4dJgYmEDa2OI1ydHiKATzW_uTt7kV_DL2LQUATSwEe1UlO3vSTLetsB5NoSWCPefp5yRoJtZmPQd51RYqz_QR2DUXXX4Thn&sai=AMfl-YRHpFMavUaRgjAcqE0aYKI6vdNVvOGLb4ezVp6AOz5nM1gaWE7tRCNEAeKCXCj0HqSkbdnlJf7ZX40NmNZrZgOnt9q3vTVBOymLsP7dwgGA6hLzz7605o_GQJZtw0zFMj86IdTnUzyeAcK28wjm4g&sig=Cg0ArKJSzKwAqmMRCx3rEAE&uach_m=[UACH]&adurl=
Frame ID: 87CD49FF49DA32A1F513B3A46B15651D
Requests: 8 HTTP requests in this frame

Frame: https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Frame ID: 39B897E9EE69823BBC86D22590391ABD
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012304262219000/amp4ads-v0.mjs
Frame ID: 7D22C881081C62CA14B5916EBAE2D259
Requests: 12 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012304262219000/amp4ads-v0.mjs
Frame ID: C6947056C07C41A9762A7114BB1A2859
Requests: 16 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fembed-981930.secondstreetapp.com
Frame ID: 283714C398E8D2B7208300BDF93BC075
Requests: 2 HTTP requests in this frame

Frame: https://adservices.brandcdn.com/pixel/cv?aid=333755&cv_ck=3be42fba-e2fa-491f-8c8b-2ad6647e9ac2&m=www.grandforksherald.com&r=
Frame ID: 6FF9483040C83956234DCF75BB4F20C7
Requests: 2 HTTP requests in this frame

Frame: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.grandforksherald.com/
Frame ID: D5BE74D455045C61F45AF6C06826D001
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 24903DAAB949F774F9388C6C4951C171
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: B3E278792F606E3CAC93FBDBF2932BD2
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Grand Forks Herald | Grand Forks, East Grand Forks news, weather & sportsbarsbincheckedcloseclouddown-chevrondownexpandexternal-linkfast-forwardfog01101112131415161718192202122232425262728293303132333435363738394404142434445464756789closenafuture-twcicekeylayersleft-chevronlocationminus-thinminusfullMoonfirstQuarterlastQuarternewMoonwaningCrescentwaningGibbouswaxingCrescentwaxingGibbousnext-buttonpause-buttonpause-iconpause-twcplay-buttonplay-icon-engageplay-iconplay-twcplus-thinpluspoolprecipRainprecipMixprecipRainprecipSnowprev-buttonright-chevronsearchsettingsshowershrinkstar-emptystar-fullstop-buttonsunrisesunsettogglesup-chevronvolumewarningwind

Page URL History Show full URLs

  1. http://www.grandforksherald.com/ HTTP 301
    https://www.grandforksherald.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /etc/clientlibs/
Overall confidence: 100%
Detected patterns
  • rollbar\.js/([0-9.]+)
Overall confidence: 100%
Detected patterns
  • service\.force\.com
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • /flickity(?:\.pkgd)?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

359
Requests

97 %
HTTPS

53 %
IPv6

73
Domains

105
Subdomains

95
IPs

9
Countries

7995 kB
Transfer

20176 kB
Size

50
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.grandforksherald.com/ HTTP 301
    https://www.grandforksherald.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • https://unpkg.com/flickity@2/dist/flickity.pkgd.min.js HTTP 302
  • https://unpkg.com/flickity@2.3.0/dist/flickity.pkgd.min.js
Request Chain 49
  • https://8975227.fls.doubleclick.net/activityi;src=8975227;type=invmedia;cat=grand0;ord=9789840719750;gtm=45He3580;auiddc=2068016473.1683749829;~oref=https%3A%2F%2Fwww.grandforksherald.com%2F HTTP 302
  • https://8975227.fls.doubleclick.net/activityi;dc_pre=CPSD0fPI6_4CFQeXmgodvOYOuA;src=8975227;type=invmedia;cat=grand0;ord=9789840719750;gtm=45He3580;auiddc=2068016473.1683749829;~oref=https%3A%2F%2Fwww.grandforksherald.com%2F
Request Chain 67
  • https://insight.adsrvr.org/tags/c8hchs6/56sogo3/iframe HTTP 303
  • https://d1eoo1tco6rr5e.cloudfront.net/c8hchs6/56sogo3/iframe
Request Chain 141
  • https://cdn.jwplayer.com/strips/8gjfX5FU-120.vtt HTTP 301
  • https://assets-jpcust.jwpsrv.com/strips/8gjfX5FU-120.vtt
Request Chain 144
  • https://cdn.jwplayer.com/v2/media/8gjfX5FU/poster.jpg?width=720 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/s7sckd1u-720.jpg
Request Chain 145
  • https://cdn.jwplayer.com/v2/media/8gjfX5FU/poster.jpg?width=480 HTTP 302
  • https://assets-jpcust.jwpsrv.com/thumbnails/s7sckd1u-480.jpg
Request Chain 177
  • https://cdn.jwplayer.com/strips/8gjfX5FU-120.vtt HTTP 301
  • https://assets-jpcust.jwpsrv.com/strips/8gjfX5FU-120.vtt
Request Chain 179
  • https://cdn.materialdesignicons.com/4.5.95/css/materialdesignicons.min.css HTTP 301
  • https://cdn.jsdelivr.net/mdi/4.5.95/css/materialdesignicons.min.css HTTP 301
  • https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
Request Chain 210
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.grandforksherald.com%2F&rid=esp HTTP 302
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.grandforksherald.com%2F&rid=esp&cc=1
Request Chain 255
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=grandforksherald.com&sn=ChromeSyncframe&so=0&topUrl=www.grandforksherald.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=9svIhnxjTjVrQTFNeGZPSVB1clpqUklIS3RqU0p1RnBqQUR6OWJ5dkNJc0lrWVhFN21vR0pVQm4vUW1EY2dYR0UyTUdQUUw1RmFKbCt6cUNPcXBXMWlvSExWZTU3eSt6aUlOR09TanJ3SjJKbitJbEJNbG1nNXJNT3RtTUdrYjUxWVhIdkhYK3pDbllWU215S1ducVBiN05yczNVellMazJMZGQ5Zm12K2dhd1g0aWw4ek1xUjNNVlhhMXFSdmszVEsyTk1zVkRXd2pldUhFRGRZNG9GSGtOclM4cFpGZU1uYnk2WC9mRVZtTFJIc3hDZ1plSUZibkxoTi9KNDA2YTdjRWRNZTFORlVVK2pON2RGd3lBOFZNMFJVSmxkSWVxY05sb2RZdTJ3ZEsyQis4Zz18&cppv=2
Request Chain 278
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 302
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

359 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.grandforksherald.com/
Redirect Chain
  • http://www.grandforksherald.com/
  • https://www.grandforksherald.com/
463 KB
95 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-124.fra56.r.cloudfront.net
Software
istio-envoy / Brightspot
Resource Hash
69df6878865b81a88b50d9f371abc7c3fcf13775ee6b7a9dbd5840719d0c5507
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Wed, 10 May 2023 20:17:08 GMT
server
istio-envoy
strict-transport-security
max-age=31536000; includeSubDomains
vary
Accept-Encoding
via
1.1 b25bc331cb2e5e7e25d9488f5ecdc940.cloudfront.net (CloudFront)
x-amz-cf-id
8iT9Q-1jjgUpQLVvBf2eZgguD4rJazwyemTns5tBbZDdDtC7WgGFzg==
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
x-envoy-decorator-operation
brightspot-frontend-verify.web.svc.cluster.local:80/*
x-envoy-upstream-service-time
2015
x-powered-by
Brightspot

Redirect headers

Connection
keep-alive
Content-Length
167
Content-Type
text/html
Date
Wed, 10 May 2023 20:17:05 GMT
Location
https://www.grandforksherald.com/
Server
CloudFront
Via
1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
X-Amz-Cf-Id
aOkJkE6KU756nkMjkDjTQjelzPE6Ub8kFYX5s3FcZM3nZkXudUcRqA==
X-Amz-Cf-Pop
FRA56-C2
X-Cache
Redirect from cloudfront
All.min.5ec38dbbb88e91aa880ffb7fe4daf1b7.gz.css
cdn.forumcomm.com/resource/0000017b-5a43-de16-ab7f-ffcfc2a20000/styleguide/ 		316 KB
40 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.forumcomm.com/resource/0000017b-5a43-de16-ab7f-ffcfc2a20000/styleguide/All.min.5ec38dbbb88e91aa880ffb7fe4daf1b7.gz.css
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-109.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
706207ca4f59d7aa6899f7f54bd9a3c7b50c82dde7b043c4a84658fb79902ab9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 04 May 2023 18:23:22 GMT
content-encoding
gzip
via
1.1 120ade321ed0e3697c81eb1eb19b5f62.cloudfront.net (CloudFront)
last-modified
Thu, 04 May 2023 18:23:08 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
525227
etag
"4a6d7f4b543d0418109f99f087551cd7"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
text/css
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
40637
x-amz-cf-id
0Gk8Rn9qQWvdPPqReWdEE4pq46WrfvUPcL7dWnbI5oGKc54TFLn-7Q==
all.css
static.forumcomm.com/css/ 		102 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://static.forumcomm.com/css/all.css
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-42.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1cee87ecea5f99dce79483ee4d0f2bb1aa48b726bab80074ddac3fda062e7b40

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 04:35:34 GMT
content-encoding
gzip
via
1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
last-modified
Tue, 25 Jun 2019 21:22:06 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P6
age
56495
etag
W/"223184abec7096dbf32d54b6bd749901"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
x-amz-cf-id
tiI2i_YFnPgo--8mFWBVVrNYhITx7j4xVUWuU7TzMgFH-1k6GGT3mg==
webcomponents-loader.266c0bb4f707570dca3c59bb04633dc0.gz.js
cdn.forumcomm.com/resource/0000017b-5a43-de16-ab7f-ffcfc2a20000/styleguide/webcomponents-loader/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forumcomm.com/resource/0000017b-5a43-de16-ab7f-ffcfc2a20000/styleguide/webcomponents-loader/webcomponents-loader.266c0bb4f707570dca3c59bb04633dc0.gz.js
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-109.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
028ddd0cf27c55dff07fa9232f63251cda3cbd811e2f2bc383c9349e39cd4bb6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 28 Apr 2023 00:09:46 GMT
content-encoding
gzip
via
1.1 120ade321ed0e3697c81eb1eb19b5f62.cloudfront.net (CloudFront)
last-modified
Thu, 30 Sep 2021 15:36:27 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
1109243
etag
"8771ad6d93cb1761c69e6457af1b0fd1"
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
2079
x-amz-cf-id
tlnQJgzTH8eqQz0U4m8E6trE--x6HmTSxSGxZuZ0pCs6_t34QLbUrA==
All.min.0cde6cc48a245c8dff9631b8743a7f1d.gz.js
cdn.forumcomm.com/resource/0000017b-5a43-de16-ab7f-ffcfc2a20000/styleguide/ 		517 KB
149 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forumcomm.com/resource/0000017b-5a43-de16-ab7f-ffcfc2a20000/styleguide/All.min.0cde6cc48a245c8dff9631b8743a7f1d.gz.js
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-109.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d82a9f3f9a4913012f1585db86d3ebf48087df5fe7b50e9daada0ef7e3d5edc8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 15:34:18 GMT
content-encoding
gzip
via
1.1 120ade321ed0e3697c81eb1eb19b5f62.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
1831371
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
content-length
152493
last-modified
Wed, 12 Apr 2023 15:45:33 GMT
server
AmazonS3
etag
"4144323e36de9db09384dfe925d6ad3b"
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
x-amz-cf-id
rsfEDtD7tgii7uIbjc6fvMona2nqjjfan3uQhAesaAn7za3Ln90bgg==
gpt.js
www.googletagservices.com/tag/js/ 		74 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
57ea188e56203b50ec90dbc86954c4970b5461c1600ee0b87f1a2006c1748bfd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 20:17:08 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
25204
x-xss-protection
0
server
cafe
etag
96 / 19487 / m202305040101 / config-hash: 11353076564403421735
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Wed, 10 May 2023 20:17:08 GMT
iframeResizer.js
cdnjs.cloudflare.com/ajax/libs/iframe-resizer/4.2.10/ 		36 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/iframe-resizer/4.2.10/iframeResizer.js
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
14cd740cfb34a149d34ebbcfe5391e044d5b1d2a5a1e4c4a5aa6e44c6914abf4
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 20:17:08 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
778310
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
7882
last-modified
Mon, 04 May 2020 16:11:11 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e9f-8e6f"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2PT%2BsyRdHIbywQ35zFljRyjkvP%2FCGNY4JwStBEoMvhjxcnp9hHptYKr8RlxLRFqLTHLrdnzKPPdqDB2dspZY2bww5kjaS%2FU2BK8aj%2BS9UDQ5IMZhDJVNYYZLWRMReyr3Y2VK%2FCSlmrcTEG1cjPTI0B5p"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7c54dd2cc88abbb3-FRA
expires
Mon, 29 Apr 2024 20:17:08 GMT
spm.v1.min.js
ak.sail-horizon.com/spm/ 		98 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ak.sail-horizon.com/spm/spm.v1.min.js
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.122.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-122-104.hel51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
dc5f18223b1a8a5c768d7e1a6e61e1f6c724d385921f6353ba01ff9ef19d59e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 20:16:04 GMT
content-encoding
gzip
via
1.1 9377b96f1272b9f00f2e31a5ddf342ca.cloudfront.net (CloudFront)
last-modified
Wed, 11 Jan 2023 16:08:40 GMT
server
AmazonS3
x-amz-cf-pop
HEL51-P2
age
65
x-amz-server-side-encryption
AES256
etag
W/"be0aea74754407f0a826a84e140dd5ea"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=600; must-revalidate
x-amz-cf-id
UTaGAgqYmX04Fj5KXhJ2UklQXjw28K-Gio8YeNaLSPQhTtfX2L6GbA==
chartbeat_mab.js
static.chartbeat.com/js/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:9e00:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 01:13:31 GMT
content-encoding
gzip
via
1.1 89c822bb1ce1445a7be6d1057088cfbe.cloudfront.net (CloudFront)
last-modified
Wed, 20 Jul 2022 00:57:56 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
age
68617
etag
W/"62d75314-5d6b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
zk4GX1SabKPW2KN5PHJYbnQeVQkGdpjYDIdZqVaFBS7FDrc-6-cs0A==
expires
Thu, 11 May 2023 01:13:31 GMT
loader.min.js
loader-cdn.azureedge.net/prod/forum/ 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://loader-cdn.azureedge.net/prod/forum/loader.min.js
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CD4) /
Resource Hash
406e93678105af49a6da804035838fe531f4b4e60d84223d31892b4c19439b2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 10 May 2023 20:17:08 GMT
content-encoding
gzip
content-md5
Y1vsVxxxFY5jCu3PLZru9A==
age
2978
x-cache
HIT
content-length
11505
x-ms-lease-status
unlocked
last-modified
Tue, 31 Jan 2023 05:15:58 GMT
server
ECAcc (frc/4CD4)
etag
0x8DB034A3C932F7C
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
02a45365-501e-0071-3075-831195000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
prebid7.45.0.e067eae7d46b6ecf457f3dc95c9116ed.gz.js
cdn.forumcomm.com/resource/0000017b-5a43-de16-ab7f-ffcfc2a20000/staticjs/ 		250 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forumcomm.com/resource/0000017b-5a43-de16-ab7f-ffcfc2a20000/staticjs/prebid7.45.0.e067eae7d46b6ecf457f3dc95c9116ed.gz.js
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-109.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
545153a3dcdbb881de9d7bed7385b8ae8c6ff955f0864aa143f4cd0307cea575

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 24 Apr 2023 15:50:26 GMT
content-encoding
gzip
via
1.1 120ade321ed0e3697c81eb1eb19b5f62.cloudfront.net (CloudFront)
last-modified
Mon, 24 Apr 2023 15:50:04 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
1398403
etag
"4b77305c7dcd411ef9e9e2d5f08d7bd8"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
80660
x-amz-cf-id
fzmj_5GEAd0EBOyPEqI4RMEeWcDyvjdJvf7qruCROzK_advDGqttfw==
wxwidget.loader.js
widgets-lts.media.weather.com/ 		552 KB
130 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets-lts.media.weather.com/wxwidget.loader.js?cid=315354512
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1a4::3282 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx / Express
Resource Hash
5b2dca118abfd1898078b18d42cc27b2a8d72316607478214bb349e3d9005c2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Wed, 10 May 2023 20:17:08 GMT
server
nginx
x-powered-by
Express
etag
W/"8a0d9-NRtZHlIsnjEDKhOWgQ1e6oOdHds"
x-cache-status
EXPIRED
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=40119
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
132196
expires
Thu, 11 May 2023 07:25:47 GMT
flickity.pkgd.min.js
unpkg.com/flickity@2.3.0/dist/
Redirect Chain
  • https://unpkg.com/flickity@2/dist/flickity.pkgd.min.js
  • https://unpkg.com/flickity@2.3.0/dist/flickity.pkgd.min.js
56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/flickity@2.3.0/dist/flickity.pkgd.min.js
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Server
2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3aa6d58d974d052d6bad494e15bff103c518e148e59054c006564610b41103d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 20:17:08 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
1260249
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01GYY335Q8Z1FX1VQYPPPAFY09-fra
server
cloudflare
etag
W/"e136-ppFLVfsImDkhRKQGmGrAD36fhGA"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7c54dd2cfcf618bb-FRA

Redirect headers

date
Wed, 10 May 2023 20:17:08 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
fly-request-id
01H03MJQTAH95GX2M141AJZTY0-fra
server
cloudflare
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
399
vary
Accept, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
/flickity@2.3.0/dist/flickity.pkgd.min.js
cache-control
public, s-maxage=600, max-age=60
cf-ray
7c54dd2cccb418bb-FRA
load.js
s.ntv.io/serve/ 		586 KB
159 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.64 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-64.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
14068c1ca71484d52089cfb826306e65faa23fbb6daf451979201572d1cad4f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Wed, 10 May 2023 20:17:08 GMT
Content-Encoding
gzip
x-amz-request-id
XSY5KBBSNKW4CMG9
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
SWeCVPVCOgpOu0pW6KMp2Jge83TpsgTG3dGyPH7n5j5wFmxl99lP7Q265ds/PrmsZ3PCFfVyuEk=
Last-Modified
Wed, 03 May 2023 21:25:36 GMT
Server
AmazonS3
ETag
"325c72fc0f067d505d8f1f5fa2b06f3e"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
/
cdn.forumcomm.com/dims4/default/29fee9d/2147483647/strip/true/crop/620x220+0+0/resize/225x80!/quality/90/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.forumcomm.com/dims4/default/29fee9d/2147483647/strip/true/crop/620x220+0+0/resize/225x80!/quality/90/?url=https%3A%2F%2Fforum-communications-production-web.s3.us-west-2.amazonaws.com%2Fbrightspot%2Fc8%2F79%2Fb175fdc147b8b3c561ae890c1a0e%2Fgrandforksherald.png
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-109.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
63f2170fac8aa98fb5f23cf2ee3998f1f384d53cf252e6c8d9267c6519c93152

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 06 Apr 2023 01:01:09 GMT
x-envoy-decorator-operation
brightspot-dims-verify.web.svc.cluster.local:80/*
via
1.1 120ade321ed0e3697c81eb1eb19b5f62.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-C1
age
3006959
etag
ca7d0fb1424fe3770324b7631c4f381e
x-cache
Hit from cloudfront
content-type
image/png
edge-control
downstream-ttl=31536000
cache-control
max-age=31536000, public
x-envoy-upstream-service-time
73
content-length
7259
x-amz-cf-id
XxyYoc8j2SuY2_lmq6r5QkVdZcxFhee_xbkLp-XfPUaQ2e0ykcjVJQ==
expires
Fri, 05 Apr 2024 01:01:09 GMT
embed.js
embed-981930.secondstreetapp.com/Scripts/dist/ 		66 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed-981930.secondstreetapp.com/Scripts/dist/embed.js
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.197.229.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-197-229-45.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
aabfa6cbe5168fa68dc898138c30503e8a9d29c8ad9882cdc79f887c1b2f2ae7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Wed, 10 May 2023 20:17:08 GMT
Content-Encoding
br
Last-Modified
Wed, 10 May 2023 18:22:08 GMT
Server
Microsoft-IIS/10.0
ETag
W/"0c868546c83d91:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
X-SS
106
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
16600
origami-widget.js
origami.secure.ownlocal.com/ 		13 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/origami-widget.js
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
d6a5789ddcefcde65aca42763fdf458a4df543f92f13d903aab39e05918971cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 20:02:47 GMT
age
861
x-guploader-uploadid
ADPycdsPo_mPvzmY8TzBSHxv9myWIVpYUCqMj5bHrP8aTLmWkrUMC_PODhaTek6GkQWvl-nwceki6cw_3XSj8y__ffGmqA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13289
last-modified
Wed, 12 Apr 2023 15:43:30 GMT
server
UploadServer
etag
"f5183a07384a657e61aaaeba0fc72448"
x-goog-generation
1681314210016704
x-goog-hash
crc32c=FHVKdg==, md5=9Rg6BzhKZX5hqq66D8ckSA==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=86400
x-goog-stored-content-length
13289
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 11 May 2023 20:02:47 GMT
/
cdn.forumcomm.com/dims4/default/c3ea5fd/2147483647/strip/true/crop/741x493+7+0/resize/490x326!/format/webp/quality/90/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.forumcomm.com/dims4/default/c3ea5fd/2147483647/strip/true/crop/741x493+7+0/resize/490x326!/format/webp/quality/90/?url=https%3A%2F%2Fforum-communications-production-web.s3.us-west-2.amazonaws.com%2Fbrightspot%2Fe9%2F8f%2F65fb22e04b24993c9a766ea96e57%2Fprairie-business-logo-2.png
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-109.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
01e50d160f9632529f4d453e0b5ee8a18af04ae08dd7249951bf84c59a0a92b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 26 Apr 2023 17:23:56 GMT
x-envoy-decorator-operation
brightspot-dims-verify.web.svc.cluster.local:80/*
via
1.1 120ade321ed0e3697c81eb1eb19b5f62.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-C1
age
1219992
etag
460adb1b98ed0ef9173696df9b69a6ae
x-cache
Hit from cloudfront
content-type
image/webp
edge-control
downstream-ttl=31536000
cache-control
max-age=31536000, public
x-envoy-upstream-service-time
293
content-length
7190
x-amz-cf-id
_D1l_NpI94oUTYPxazcnRWgsUho_8IccqGvigrjrAsD9FODoV5vmXA==
expires
Thu, 25 Apr 2024 17:23:56 GMT
/
cdn.forumcomm.com/dims4/default/d41ae85/2147483647/strip/true/crop/620x412+0+90/resize/490x326!/format/webp/quality/90/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.forumcomm.com/dims4/default/d41ae85/2147483647/strip/true/crop/620x412+0+90/resize/490x326!/format/webp/quality/90/?url=https%3A%2F%2Fforum-communications-production-web.s3.us-west-2.amazonaws.com%2Fbrightspot%2F8f%2F48%2Fdd6189a149f1ae49feeeafc57ab6%2Fagweek-logo-squared.png
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-109.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
f80bfae8f1ef2c434dc6ae09f1aaed16abe8ab5b495825014097825b47838c4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 21:08:06 GMT
x-envoy-decorator-operation
brightspot-dims-verify.web.svc.cluster.local:80/*
via
1.1 120ade321ed0e3697c81eb1eb19b5f62.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-C1
age
3193742
etag
54c3d79e8186da6da243d34a0a470e2b
x-cache
Hit from cloudfront
content-type
image/webp
edge-control
downstream-ttl=31536000
cache-control
max-age=31536000, public
x-envoy-upstream-service-time
103
content-length
9700
x-amz-cf-id
Z3VNHjVewuw0pKFM-xM6mNjBQszynf-MXIII97joifiTF-7BwEPcQg==
expires
Tue, 02 Apr 2024 21:08:06 GMT
/
cdn.forumcomm.com/dims4/default/b5e0fcf/2147483647/strip/true/crop/1200x798+0+26/resize/490x326!/format/webp/quality/90/ 		47 KB
47 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.forumcomm.com/dims4/default/b5e0fcf/2147483647/strip/true/crop/1200x798+0+26/resize/490x326!/format/webp/quality/90/?url=https%3A%2F%2Ffcc-cue-exports-brightspot.s3.us-west-2.amazonaws.com%2Finforum%2Fbinary%2Fdakota%20spotlight%20featured%20content%20preview_binary_6678373.jpg
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-109.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
61649ea126405e25d62d1c5aa3e41a5f5dc29c11d0a3cb1df5e723f217964661

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 06 Apr 2023 09:19:17 GMT
x-envoy-decorator-operation
brightspot-dims-verify.web.svc.cluster.local:80/*
via
1.1 120ade321ed0e3697c81eb1eb19b5f62.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-C1
age
2977071
etag
de04fc922ce0c0f3652614591b3e95b9
x-cache
Hit from cloudfront
content-type
image/webp
edge-control
downstream-ttl=31536000
cache-control
max-age=31536000, public
x-envoy-upstream-service-time
129
content-length
47756
x-amz-cf-id
Gfy8LaIef-n_y-xbahd_Fs6D4oLjnAQSemN1NTPn-mCtCjepcv1Fqg==
expires
Fri, 05 Apr 2024 09:19:17 GMT
/
cdn.forumcomm.com/dims4/default/5f2f022/2147483647/strip/true/crop/1400x931+0+234/resize/490x326!/format/webp/quality/90/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.forumcomm.com/dims4/default/5f2f022/2147483647/strip/true/crop/1400x931+0+234/resize/490x326!/format/webp/quality/90/?url=https%3A%2F%2Fssl-static.libsyn.com%2Fp%2Fassets%2Fa%2F9%2F7%2F9%2Fa97930e5bd6576b6e55e3c100dce7605%2Fthe-vault-1400x1400.jpg
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-109.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
cb08d029fc700faac06fcf389bd278990545b86d450297472e0687d5fedb95ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 04 May 2023 06:26:54 GMT
x-envoy-decorator-operation
brightspot-dims-verify.web.svc.cluster.local:80/*
via
1.1 120ade321ed0e3697c81eb1eb19b5f62.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-C1
age
568214
etag
1c7515e4e8342c1bbd1666017fda6a37
x-cache
Hit from cloudfront
content-type
image/webp
edge-control
downstream-ttl=31536000
cache-control
max-age=31536000, public
x-envoy-upstream-service-time
124
content-length
5710
x-amz-cf-id
FzhVx3o1nv1ak6PZAiK_m5d9Nl4bLDrFFTOcYcpXXKPM8R0W5F4K2g==
expires
Fri, 03 May 2024 06:26:54 GMT
esw.min.js
service.force.com/embeddedservice/5.0/ 		30 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://service.force.com/embeddedservice/5.0/esw.min.js
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.1.38 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl3-ncg0-lhr3.um4-lo2.force.com
Software
/
Resource Hash
f59d61052c742fb252334d4b9c6e0e4d85ee2f6a2881ab86b22c98b6a6ec2c30
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Wed, 10 May 2023 20:09:44 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Last-Modified
Thu, 06 Oct 2022 23:37:30 GMT
Content-Encoding
gzip
Age
444
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
8452
X-XSS-Protection
1; mode=block
Expires
Thu, 11 May 2023 20:09:44 GMT
bsp-analytics.min.3d492319d8b084de04ab3a208c32f0b5.gz.js
cdn.forumcomm.com/resource/0000017b-5a43-de16-ab7f-ffcfc2a20000/_resource/analytics/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.forumcomm.com/resource/0000017b-5a43-de16-ab7f-ffcfc2a20000/_resource/analytics/bsp-analytics.min.3d492319d8b084de04ab3a208c32f0b5.gz.js
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-109.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e4d188579bddcd83fc8d1383f60e6a50c5cc3428e4f6c32b493a8cce04bc9c87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 03 Apr 2023 08:51:10 GMT
content-encoding
gzip
via
1.1 120ade321ed0e3697c81eb1eb19b5f62.cloudfront.net (CloudFront)
last-modified
Thu, 11 Nov 2021 14:45:03 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
3237959
etag
"c066757a8992615b576ac565d39d182d"
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
3003
x-amz-cf-id
kXkL8BvSpTejsBrbXdzCJ3tgOozwLOYCuN8HLmnrTwFIL5KDL0GERA==
simple
api.sail-personalize.com/v1/personalize/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.154.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
authorization,content-type,x-lib-version,x-referring-url
Access-Control-Request-Method
GET
Origin
https://www.grandforksherald.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin,X-Lib-Version,X-Referring-URL
access-control-allow-methods
OPTIONS,GET,POST,PUT,DELETE
access-control-allow-origin
https://www.grandforksherald.com
access-control-max-age
1800
allow
HEAD,GET,OPTIONS
content-length
18
content-type
text/plain
date
Wed, 10 May 2023 20:17:09 GMT
gtm.js
www.googletagmanager.com/ 		235 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T37B4RR
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
44d2515506ef0a50a83f6dbdabcb3ff097174bf01fb34664786953872226b074
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 20:17:08 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
83491
x-xss-protection
0
last-modified
Wed, 10 May 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 10 May 2023 20:17:08 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6ee541ee385accb8454f23556c93af5bdb6c03e965bbb34ce8544fcfcb173e7b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 10 May 2023 20:17:08 GMT
content-md5
w3EfxICsfaejJR9l+vxf7w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1688
x-fb-rlafr
0
x-fb-debug
UVStGkTK+qTwKUD7dY2XeNRuKniVbLqOkQfTrGVkSHGKU1R1ixFzB268ChGQcUzPoORxPWeJV7sozTLSsD3rEw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
x-fb-content-md5
259569bc2e8cceabbcd5c00bf247c302
cross-origin-opener-policy
same-origin-allow-popups
etag
"560bb2e04e126b8da6f3303e43d2112b"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=()
x-frame-options
DENY
timing-allow-origin
*
expires
Wed, 10 May 2023 20:30:32 GMT
attribution.js
scripts.attributionapp.com/v2/ 		188 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://scripts.attributionapp.com/v2/attribution.js
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:4e00:1b:e643:4ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
106fb417f17d07a860ebd1466dd44c0f30c754560e24e4f85ce5b4b560fd6bdc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 29 Apr 2023 07:21:06 GMT
content-encoding
gzip
via
1.1 bee9d99ac2913ec4167e166e6bdb691e.cloudfront.net (CloudFront)
x-amz-version-id
RQJy8VcmP_6sFxDTdxAdYQVJJmnH7jfb
last-modified
Thu, 13 Jan 2022 13:37:19 GMT
server
AmazonS3
x-amz-cf-pop
FRA50-C1
age
996963
etag
W/"474a32856b401757baa407bb96ebb13f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
max-age=315360000, no-transform, public
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
hpd7Ty8RpEp7XwNdvV5ivBf4Lhkm9H3oelTQsVQYDhSN7bBlVy3XgQ==
simple
api.sail-personalize.com/v1/personalize/ 		288 B
495 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.sail-personalize.com/v1/personalize/simple?pageviews=1&isMobile=0
Requested by
Host: ak.sail-horizon.com
URL: https://ak.sail-horizon.com/spm/spm.v1.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.83.154.140 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
aa7557bb34ea5624b.awsglobalaccelerator.com
Software
/
Resource Hash
a2653c8d60c8bdb5019d043ba0c0c5de5eef0ff0a61d2d4453df56c1c40792b1

Request headers

x-lib-version
v1.0.1
accept-language
de-DE,de;q=0.9
authorization
Bearer 0d7127446e3b2361d3678f15db986f1f
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
content-type
application/json
accept
application/json
Referer
https://www.grandforksherald.com/
x-referring-url
https://www.grandforksherald.com/

Response headers

pragma
no-cache
date
Wed, 10 May 2023 20:17:09 GMT
content-encoding
gzip
allowedorigins
*
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
allowedmethods
GET,OPTIONS
cache-control
no-store
access-control-allow-credentials
true
allowedheaders
Content-Type,Authorization,X-Requested-With,Content-Length,Accept,Origin
content-length
194
expires
-1
v2wncsODB1vFjoTgh7WbKdub3UvyuE68D7DEr-KZQqpFRenpjEclpRLg
stereotypedsugar.com/ 		64 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stereotypedsugar.com/v2wncsODB1vFjoTgh7WbKdub3UvyuE68D7DEr-KZQqpFRenpjEclpRLg
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:d733::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
875bb6a0b46c3e1354ad266b10d685c171ae0f263d81a5db42a9a86e5658e95c
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Wed, 10 May 2023 20:17:08 GMT
x-datacenter
gce-europe-west1
etag
"1368f78c1bb4394c98d07d03b78093a34c3dc258d7d0fafbd8e4f17401874040"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-europe-west1-spot-1dhj
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
832971200
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
v2hqfzEANdvin8OCzcpVgyfqbP8krsZ0W_9GsVOi69IXWL0kDHl92Sb9pCpzf1rCU11wO1U1z
stereotypedsugar.com/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stereotypedsugar.com/v2hqfzEANdvin8OCzcpVgyfqbP8krsZ0W_9GsVOi69IXWL0kDHl92Sb9pCpzf1rCU11wO1U1z
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:d733::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
c1f7fd917113ad51a86228d740ec3e049988b0f7ff668f393688f6126bc4d94a
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
gzip
via
1.1 google
date
Wed, 10 May 2023 20:17:08 GMT
x-datacenter
gce-europe-west1
etag
"e3f7de6893fa864c03bfa2e250cdc73834686691f7e0abd9eb702f4ffa277c62"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-europe-west1-spot-1dhj
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
832971200
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
polyfill.min.js
polyfill.io/v3/ 		101 B
669 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?flags=gated&features=es5%2CCustomEvent%2CArray.from%2CArray.isArray%2CArray.prototype.filter%2CArray.prototype.find%2CArray.prototype.findIndex%2CArray.prototype.forEach%2CArray.prototype.indexOf%2CArray.prototype.keys%2CArray.prototype.lastIndexOf%2CArray.prototype.map%2CArray.prototype.reduce%2CDate.prototype.toISOString%2CDocumentFragment%2CDocumentFragment.prototype.append%2CDocumentFragment.prototype.prepend%2CElement%2CElement.prototype.after%2CElement.prototype.append%2CElement.prototype.before%2CElement.prototype.classList%2CElement.prototype.cloneNode%2CElement.prototype.closest%2CElement.prototype.dataset%2CElement.prototype.matches%2CElement.prototype.placeholder%2CElement.prototype.prepend%2CElement.prototype.remove%2CElement.prototype.replaceWith%2CElement.prototype.toggleAttribute%2CEvent%2CJSON%2CMap%2CNumber.parseInt%2CNumber.parseFloat%2CObject.assign%2CObject.create%2CObject.defineProperties%2CObject.defineProperty%2CObject.entries%2CObject.getOwnPropertyDescriptor%2CObject.getOwnPropertyNames%2CObject.is%2CObject.keys%2CObject.values%2CPromise%2CPromise.prototype.finally%2CSet%2CString.prototype.trim%2CXMLHttpRequest%2Cdocument.getElementsByClassName%2Cdocument.currentScript%2Cdocument.querySelector%2Cfetch%2CgetComputedStyle%2ClocalStorage%2CArray.prototype.some%2CDate.now%2CEvent.focusin%2CEventSource%2CFunction.prototype.bind%2CFunction.prototype.name%2CHTMLDocument%2CNodeList.prototype.forEach%2CNodeList.prototype.%40%40iterator%2CNode.prototype.contains%2CObject.getPrototypeOf%2CObject.setPrototypeOf%2CRegExp.prototype.flags%2CString.prototype.%40%40iterator%2CString.prototype.startsWith%2CString.prototype.endsWith%2Cconsole%2Cconsole.debug%2Cconsole.error%2Cconsole.info%2Cconsole.log%2Cdocument%2Cdocument.head%2Cdocument.visibilityState%2Clocation.origin%2CrequestIdleCallback%2Cscreen.orientation%2CmatchMedia%2CURL
Requested by
Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/forum/loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.grandforksherald.com/
Origin
https://www.grandforksherald.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 10 May 2023 20:17:09 GMT
age
464433
detected-user-agent
Chrome/113.0.0
useragent_normaliser
chrome/113.0.0
server-timing
HIT, fastly;desc="Edge time";dur=1
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
113
referrer-policy
origin-when-cross-origin
last-modified
Wed, 03 May 2023 00:17:37 GMT
fastly_service_version
195
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=UTF-8
normalized-user-agent
chrome/113.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
apstag.js
c.amazon-adsystem.com/aax2/ 		230 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-181.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bf5de2a37e1b850ca9cc3b1a55bccd36def2be3524d0c5acb67b61f26aac8a96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 19:36:50 GMT
content-encoding
gzip
via
1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront), 1.1 c2a926ef1bafe1ab239d4761594a8098.cloudfront.net (CloudFront)
last-modified
Wed, 10 May 2023 19:15:12 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA2-C1
age
2419
x-amz-server-side-encryption
AES256
etag
W/"e6af4658ab1a6fdde1f0066b27d5372e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
IqSJX9ZDue6ojuTyfNlnzI-_2kv1-SFzIo8CeDveV7ssvoWEflZY2A==
css
fonts.googleapis.com/ 		19 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Brygada+1918:ital,wght@0,400;0,500;0,600;0,700;1,400;1,500;1,600;1,700|Source+Sans+Pro:300,400,600,700
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5c351da5e4fc24467ac473b2ddcac467c50aeff9e2915d68ec02de9be0ce3d50
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://www.grandforksherald.com/
Origin
https://www.grandforksherald.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 10 May 2023 20:17:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 10 May 2023 20:17:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 May 2023 20:17:08 GMT
truncated
/ 		89 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
839283326c111773ab5e567624466412703746e7be1a67d12743926298533ce8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		89 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
9d7805992cf7b7a6eb820f848e9eed600cb66123bcf4a71bb94f6851ebc1eb86

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/svg+xml
googima.js
ssl.p.jwpcdn.com/player/v/8.27.0/ 		73 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.27.0/googima.js
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
778be0a20b795b24796a8bc78cad7d23ccbcf35d20d68c761527d57486605aaa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 20:17:09 GMT
content-encoding
gzip
via
1.1 varnish
age
8025
x-cache
HIT
content-length
21963
x-served-by
cache-fra-eddf8230126-FRA
last-modified
Thu, 04 May 2023 00:11:59 GMT
server
AmazonS3
x-timer
S1683749829.295943,VS0,VE0
etag
"b08808f5729ce90fddf682e101a9691b"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=86400, immutable
accept-ranges
bytes
x-cache-hits
2154
jwpsrv.js
ssl.p.jwpcdn.com/player/v/8.27.0/ 		62 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.27.0/jwpsrv.js
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
adcc812e959337ea806767e296146eae68f9abbb9f196cdb732626bb943a1c27

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 20:17:09 GMT
content-encoding
gzip
via
1.1 varnish
age
24
x-cache
HIT
content-length
19101
x-served-by
cache-fra-eddf8230126-FRA
last-modified
Tue, 02 May 2023 22:12:57 GMT
server
AmazonS3
x-timer
S1683749829.288961,VS0,VE0
etag
"091cf336ba8e3328147ba88e7a9ff40c"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=900, immutable
accept-ranges
bytes
x-cache-hits
37
jwplayer.core.controls.js
ssl.p.jwpcdn.com/player/v/8.27.0/ 		317 KB
83 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.27.0/jwplayer.core.controls.js
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9d01f0bfa64e1b1c71f849cef0de317a83cb3020bbbd9dc83cf0394e6f6dc749

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 20:17:09 GMT
content-encoding
gzip
via
1.1 varnish
age
641923
x-cache
HIT
content-length
84833
x-served-by
cache-fra-eddf8230126-FRA
last-modified
Tue, 02 May 2023 22:12:50 GMT
server
AmazonS3
x-timer
S1683749829.288292,VS0,VE0
etag
"2f4006a71b5850f0dfccfac24be2ebac"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
42324
8gjfX5FU
cdn.jwplayer.com/v2/media/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/v2/media/8gjfX5FU?recommendations_playlist_id=rVQsKIGU
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:9a00:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
5b250abf024f6ec976f6c28435f73dbe9260dbbe80f5db18cdc0f23121f9a11b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 20:17:09 GMT
content-encoding
gzip
via
1.1 18c9dea802c00b7c060142aad49f7288.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-robots-tag
noindex, indexifembedded
content-length
712
x-amz-cf-id
RtsyIL1YtAfVD_kkzPepnOKw0Nu68_80G6x2kUq8bmBpV_nQ5x7tFQ==
expires
Wed, 10 May 2023 20:20:09
weather-banner-2022-1400x140.jpeg
cdn.forumcomm.com/03/e8/8677976f4cfcb7dc6afdbb87e2d0/ 		158 KB
158 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.forumcomm.com/03/e8/8677976f4cfcb7dc6afdbb87e2d0/weather-banner-2022-1400x140.jpeg
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-109.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
da2b592b0cefd3e8cc371c7960518a403628977e282a1d7e8d1d5ed4e0a5325c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 25 Apr 2023 14:51:51 GMT
via
1.1 120ade321ed0e3697c81eb1eb19b5f62.cloudfront.net (CloudFront)
last-modified
Wed, 01 Jun 2022 16:46:15 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
1315518
etag
"9d6eaa9925191101171a4fa8de3ad2de"
x-cache
Hit from cloudfront
content-type
image/jpeg
x-amz-storage-class
INTELLIGENT_TIERING
cache-control
public, max-age=31536000
accept-ranges
bytes
content-length
161317
x-amz-cf-id
3cnckpSCFRTD_lA3uM1Nbg288zn0ik52jfZEMAFg-tv7NIyjOwDIJg==
truncated
/ 		89 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6f2050953a344452656f955b3e85621c301548f965631f75f913bd94f5ecd21a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/svg+xml
6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Brygada+1918:ital,wght@0,400;0,500;0,600;0,700;1,400;1,500;1,600;1,700|Source+Sans+Pro:300,400,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.grandforksherald.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 06 May 2023 23:02:35 GMT
x-content-type-options
nosniff
age
335673
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12924
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:02:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 May 2024 23:02:35 GMT
6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Brygada+1918:ital,wght@0,400;0,500;0,600;0,700;1,400;1,500;1,600;1,700|Source+Sans+Pro:300,400,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.grandforksherald.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 04 May 2023 17:12:56 GMT
x-content-type-options
nosniff
age
529452
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13036
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:04:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 03 May 2024 17:12:56 GMT
6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 		13 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwlxdu.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Brygada+1918:ital,wght@0,400;0,500;0,600;0,700;1,400;1,500;1,600;1,700|Source+Sans+Pro:300,400,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.grandforksherald.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 05 May 2023 03:23:58 GMT
x-content-type-options
nosniff
age
492790
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13052
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:09:03 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 04 May 2024 03:23:58 GMT
pe0pMI6eKpdGqlF5LANrM--qBP5v.woff2
fonts.gstatic.com/s/brygada1918/v21/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/brygada1918/v21/pe0pMI6eKpdGqlF5LANrM--qBP5v.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Brygada+1918:ital,wght@0,400;0,500;0,600;0,700;1,400;1,500;1,600;1,700|Source+Sans+Pro:300,400,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0f91c72136eb1b542012a4fe6d15acfb546f24a26d28ac76f5da28d446443879
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.grandforksherald.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 06 May 2023 23:49:34 GMT
x-content-type-options
nosniff
age
332854
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21248
x-xss-protection
0
last-modified
Tue, 30 Aug 2022 18:41:29 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 May 2024 23:49:34 GMT
sdk.js
connect.facebook.net/en_US/ 		306 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=f8f956b655d4435c424576ac42c7bcbd
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6db32324f58d89a117ece690f38313c6687dceef532dbeadf56b3194063fd1a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.grandforksherald.com/
Origin
https://www.grandforksherald.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 10 May 2023 20:17:08 GMT
content-md5
vmrtfAhtskLYzoW1w9VQJg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88643
x-fb-rlafr
0
x-fb-debug
wejCqD04YLplPTqpYBuYJzOPKeU9APdCkvzeLOYK6BFFI75dPw4RYEniRos8LFFrVUf4bz9oHyR7KjvKQxdEOA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
9abdc4ea94ab83f4a4be3b0f9d312cff
cross-origin-opener-policy
same-origin-allow-popups
etag
"963062a7134e2841d847066f144abcd6"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=()
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Thu, 09 May 2024 19:40:36 GMT
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		171 B
485 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=grandforksherald.com&domain=grandforksherald.com&path=%2F
Requested by
Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
ca800714e3b6d8be547d694454f907aab1f8e97a79e17855320fa6be661ca81d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-cache-hits
1
date
Wed, 10 May 2023 20:17:09 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 varnish
age
436
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
130
x-served-by
cache-gig2250050-GIG
x-timer
S1683749830.608028,VS0,VE0
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Mon, 08 May 2023 20:09:53 GMT
p
track.attributionapp.com/ 		0
345 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track.attributionapp.com/p
Requested by
Host: scripts.attributionapp.com
URL: https://scripts.attributionapp.com/v2/attribution.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.204.238.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-204-238-15.compute-1.amazonaws.com
Software
Cowboy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.grandforksherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

Date
Wed, 10 May 2023 20:17:08 GMT
Via
1.1 vegur
X-Content-Type-Options
nosniff
Server
Cowboy
Access-Control-Allow-Methods
OPTIONS, GET, POST, DELETE
Content-Type
application/json
Access-Control-Allow-Origin
*
Connection
keep-alive
Access-Control-Allow-Headers
Authorization, Content-Type
Content-Length
0
fbevents.js
connect.facebook.net/en_US/ 		106 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
8dcee59828f1423ecefd552dd353e25bd4ac38a9557ee084604ee7c2d41d9b98
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 10 May 2023 20:17:08 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27538
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
byE9Iets1yL4ZwHubN7MDRBT4V0s210hIJWmpHeTIUrakbPvxHFYaX8qIOcRkHD8C5qfURqhWMbnI9vKtNrmIA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T37B4RR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 10 May 2023 19:05:00 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
4329
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Wed, 10 May 2023 21:05:00 GMT
activityi;dc_pre=CPSD0fPI6_4CFQeXmgodvOYOuA;src=8975227;type=invmedia;cat=grand0;ord=9789840719750;gtm=45He3580;auiddc=2068016473.1683749829;~oref=https%3A%2F%2Fwww.grandforksherald.com%2F
8975227.fls.doubleclick.net/ Frame 5D8F
Redirect Chain
  • https://8975227.fls.doubleclick.net/activityi;src=8975227;type=invmedia;cat=grand0;ord=9789840719750;gtm=45He3580;auiddc=2068016473.1683749829;~oref=https%3A%2F%2Fwww.grandforksherald.com%2F?
  • https://8975227.fls.doubleclick.net/activityi;dc_pre=CPSD0fPI6_4CFQeXmgodvOYOuA;src=8975227;type=invmedia;cat=grand0;ord=9789840719750;gtm=45He3580;auiddc=2068016473.1683749829;~oref=https%3A%2F%2F...
493 B
445 B 		Document
General
Check archive.org
Download Go to
Full URL
https://8975227.fls.doubleclick.net/activityi;dc_pre=CPSD0fPI6_4CFQeXmgodvOYOuA;src=8975227;type=invmedia;cat=grand0;ord=9789840719750;gtm=45He3580;auiddc=2068016473.1683749829;~oref=https%3A%2F%2Fwww.grandforksherald.com%2F?
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T37B4RR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f166.1e100.net
Software
cafe /
Resource Hash
3d941ced27645a06d0572588ad6dcc0968dff13aec06f4c0a5ccd13ff6ee2521
Security Headers
Name Value
Strict-Transport-Security max-age=21600
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.grandforksherald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
269
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 10 May 2023 20:17:09 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 10 May 2023 20:17:09 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown
1
location
https://8975227.fls.doubleclick.net/activityi;dc_pre=CPSD0fPI6_4CFQeXmgodvOYOuA;src=8975227;type=invmedia;cat=grand0;ord=9789840719750;gtm=45He3580;auiddc=2068016473.1683749829;~oref=https%3A%2F%2Fwww.grandforksherald.com%2F?
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
cafe
strict-transport-security
max-age=21600
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
uwt.js
static.ads-twitter.com/ 		56 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T37B4RR
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.116.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 20:17:09 GMT
content-encoding
gzip
last-modified
Thu, 27 Oct 2022 16:56:53 GMT
etag
"32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary
Accept-Encoding,Host
x-cache
HIT, HIT
content-type
application/javascript; charset=utf-8
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn
FT
cache-control
no-cache
accept-ranges
bytes
content-length
15375
x-served-by
cache-iad-kjyo7100081-IAD, cache-fra-eddf8230072-FRA
Forum_Corporate_Marketing_Grand_Forks.js
tag.brandcdn.com/autoscript/forumcorporatemarketinggrandforks_vfhwtmvrntzwveu9/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.brandcdn.com/autoscript/forumcorporatemarketinggrandforks_vfhwtmvrntzwveu9/Forum_Corporate_Marketing_Grand_Forks.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T37B4RR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:2a00:7:e536:8b00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b8e2612575553a93321a90a8885f7807956cfe779304b51d0d596fdf71420c42

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
npvAmc_81ar_jXhSPzMgx5ooavOPUzAL
date
Wed, 10 May 2023 05:17:22 GMT
via
1.1 dde951f556570d42a581084479d8b0e8.cloudfront.net (CloudFront)
last-modified
Tue, 22 Nov 2022 01:02:56 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P4
age
53988
etag
"52336aa0584b21ba32aefad295c8f521"
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-replication-status
COMPLETED
accept-ranges
bytes
content-length
1092
x-amz-cf-id
4WEV0FfPYNQqGzrZpkV9xGnaZEP2XQWjX11WzbEYZ-5Pj4gYtFGJ_Q==
config.js
cdn.confiant-integrations.net/cUnQ-tYNZ95Jh3EezVQMDpKuEDk/gpt_and_prebid/ 		90 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/cUnQ-tYNZ95Jh3EezVQMDpKuEDk/gpt_and_prebid/config.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T37B4RR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:99f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a51c16d553a84214d4227dd23f3de586b78d23908f42c4b6802877e773586f59

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 20:17:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 May 2023 18:42:13 GMT
server
cloudflare
x-amz-request-id
B1DDS2TYNTHJQFVN
age
166
etag
W/"e4e9937f4c3870359920deb7e50fa0b7"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
7c54dd2f9bcf3665-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
3B3CBZu0cZiHdm4JH/hrY1T4QpKNKjIRiFycLb6dJqgcnC/xa9S3m9HJ5uLeShAfxPz3+MUI5CcVKety89xICA==
js
www.googletagmanager.com/gtag/ 		239 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-N18WFR4G74&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T37B4RR
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
a244ae0637bfd4ba5403e87779198dc659a06b35ec99b11dbf47a413a1b3d4fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 20:17:09 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
83819
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Wed, 10 May 2023 20:17:09 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/ 		403 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
77384310d4ffb3b35481ce813a3ef4f3cbcf694e8a7a58f6698c692bdf27de5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 18:32:44 GMT
content-encoding
br
x-content-type-options
nosniff
age
6265
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127480
x-xss-protection
0
server
cafe
etag
445900462459606666
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Thu, 09 May 2024 18:32:44 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		573 B
820 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.grandforksherald.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
22452f2ba903b47c8bb647a45489f042b23190b3ad064ce7fea7e12b21700920
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 20:17:09 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
277
x-xss-protection
0
expires
Wed, 10 May 2023 20:17:09 GMT
t
jadserve.postrelease.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.grandforksherald.com%2F&ntv_mvi&ntv_kv=kw*homepage,production
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.232.125 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-232-125.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
34d0271aed99f02abe21d99c0599a4ec0d40ab19fb0118d725aefe4a07f01f1d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 May 2023 20:17:09 GMT
content-encoding
gzip
server
nginx/1.12.2
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
820
expires
Mon, 1 Jan 1990 12:00:00 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		0
310 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.grandforksherald.com&pubid=59950d2e-4dfc-490d-92ee-81f8d387b7dd
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-181.fra2.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 20:17:08 GMT
via
1.1 c2a926ef1bafe1ab239d4761594a8098.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
x-cache
Miss from cloudfront
access-control-allow-origin
https://www.grandforksherald.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
uGFtMKui5jM7rmTzqva5NmPKXO9xyNavsHZ016VUTpJyG8JKuCoRbQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-181.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-amz-version-id
a.HbuOpmjkJB1GB8lMAKg2zkvv8bzRE7
content-encoding
gzip
via
1.1 c2a926ef1bafe1ab239d4761594a8098.cloudfront.net (CloudFront)
date
Wed, 10 May 2023 00:14:22 GMT
x-amz-cf-pop
FRA2-C1
age
72168
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Thu, 04 May 2023 22:07:52 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
E0rZfwQPNoeVvG4ccl_kFbzCTJsDcGheyvx0r4omzxzu7PdMPjQwow==
2395609997225387
connect.facebook.net/signals/config/ 		511 KB
148 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/2395609997225387?v=2.9.104&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
7673b8d74cf705b7e20cb15b087b257f313985e8f0fa2a31b3ceba1c2afb3332
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Wed, 10 May 2023 20:17:09 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
ijdlIBcfhRlHVxYdoZMTb3qDP+QBCtEDOVn8ma92QbSN99L/1SNlMUk4ZxH8qim+7/Wi7ejvSy0EFMo7S5xDjA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=()
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
261 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-N18WFR4G74&gtm=45je3580&_p=935751105&cid=1267645818.1683749829&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1683749829&sct=1&seg=0&dl=https%3A%2F%2Fwww.grandforksherald.com%2F&dt=Grand%20Forks%20Herald%20%7C%20Grand%20Forks%2C%20East%20Grand%20Forks%20news%2C%20weather%20%26%20sports&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N18WFR4G74&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 May 2023 20:17:09 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.grandforksherald.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
provider.hlsjs.js
ssl.p.jwpcdn.com/player/v/8.27.0/ 		384 KB
112 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.27.0/provider.hlsjs.js
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a58db5c848b6223d565ca22ff9b9904e7efa8c22a1d2f518eb49bf7bf9c0589f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 20:17:09 GMT
content-encoding
gzip
via
1.1 varnish
age
641923
x-cache
HIT
content-length
114367
x-served-by
cache-fra-eddf8230126-FRA
last-modified
Tue, 02 May 2023 22:12:53 GMT
server
AmazonS3
x-timer
S1683749829.287833,VS0,VE0
etag
"cfde86389c1ee213e6d1d44a21035faa"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
29545
collect
stats.g.doubleclick.net/j/ 		4 B
356 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-778232-37&cid=1267645818.1683749829&jid=1818819295&gjid=864194519&_gid=906386831.1683749829&_u=YCDAiEABBAAAAEAAI~&z=425588877
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.grandforksherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 10 May 2023 20:17:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.grandforksherald.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=935751105&t=pageview&_s=1&dl=https%3A%2F%2Fwww.grandforksherald.com%2F&ul=en-us&de=UTF-8&dt=Grand%20Forks%20Herald%20%7C%20Grand%20Forks%2C%20East%20Grand%20Forks%20news%2C%20weather%20%26%20sports&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAAGAAI~&jid=1351594232&gjid=735739293&cid=1267645818.1683749829&tid=UA-41542537-2&_gid=906386831.1683749829&_r=1&_slc=1&gtm=45He3580n81T37B4RR&cd28=GFH&cd29=home&cd30=homepage&cd31=&cd32=unknown&z=1738858871
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.grandforksherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 May 2023 20:17:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.grandforksherald.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		4 B
69 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=935751105&t=pageview&_s=1&dl=https%3A%2F%2Fwww.grandforksherald.com%2F&ul=en-us&de=UTF-8&dt=Grand%20Forks%20Herald%20%7C%20Grand%20Forks%2C%20East%20Grand%20Forks%20news%2C%20weather%20%26%20sports&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABBAAAAGAAI~&jid=362955491&gjid=656110990&cid=1267645818.1683749829&tid=UA-778232-77&_gid=906386831.1683749829&_r=1&_slc=1&gtm=45He3580n81T37B4RR&z=1236884738
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.grandforksherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 May 2023 20:17:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.grandforksherald.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=935751105&t=pageview&_s=1&dl=https%3A%2F%2Fwww.grandforksherald.com%2F&ul=en-us&de=UTF-8&dt=Grand%20Forks%20Herald%20%7C%20Grand%20Forks%2C%20East%20Grand%20Forks%20news%2C%20weather%20%26%20sports&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDAiEABBAAAAAAAI~&jid=1818819295&gjid=864194519&cid=1267645818.1683749829&tid=UA-778232-37&_gid=906386831.1683749829&gtm=45He3580n81T37B4RR&cd28=home&cd29=homepage&cd30=&cd31=unknown&z=150159968
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 May 2023 03:16:24 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
61245
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
cv_pixel.js
adservices.brandcdn.com/pixel/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://adservices.brandcdn.com/pixel/cv_pixel.js
Requested by
Host: tag.brandcdn.com
URL: https://tag.brandcdn.com/autoscript/forumcorporatemarketinggrandforks_vfhwtmvrntzwveu9/Forum_Corporate_Marketing_Grand_Forks.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.183.53.112 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-183-53-112.us-west-1.compute.amazonaws.com
Software
Apache/2.4.52 (Ubuntu) /
Resource Hash
bc530c3c75bb87677cb79d645697759ea411ab9ca7ba55cb28d5e040ff44f603

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 20:17:09 GMT
content-encoding
gzip
last-modified
Mon, 10 Apr 2023 18:00:27 GMT
server
Apache/2.4.52 (Ubuntu)
etag
"613-5f8ff265c97b6-gzip"
vary
Accept-Encoding
content-type
text/javascript
accept-ranges
bytes
content-length
745
iframe
d1eoo1tco6rr5e.cloudfront.net/c8hchs6/56sogo3/ Frame 87AC
Redirect Chain
  • https://insight.adsrvr.org/tags/c8hchs6/56sogo3/iframe
  • https://d1eoo1tco6rr5e.cloudfront.net/c8hchs6/56sogo3/iframe
138 B
667 B 		Document
General
Check archive.org
Download Go to
Full URL
https://d1eoo1tco6rr5e.cloudfront.net/c8hchs6/56sogo3/iframe
Requested by
Host: tag.brandcdn.com
URL: https://tag.brandcdn.com/autoscript/forumcorporatemarketinggrandforks_vfhwtmvrntzwveu9/Forum_Corporate_Marketing_Grand_Forks.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.83.200 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-83-200.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
132926f52bf738c2930b18852466f28cb92d469957a1894290aed33340470473

Request headers

Referer
https://www.grandforksherald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Age
53986
Cache-Control
max-age=86400
Connection
keep-alive
Content-Length
138
Content-Type
text/html
Date
Wed, 10 May 2023 05:17:24 GMT
ETag
"a76be8cd8b8b7f54da150f75fbad834e"
Last-Modified
Tue, 22 Nov 2022 01:02:45 GMT
Server
AmazonS3
Via
1.1 27f665df26bde4a7226480b4a2890ff8.cloudfront.net (CloudFront)
X-Amz-Cf-Id
70IjJBQk_zLc1Vw-JWRdJvhDYfvl4SJ3Uqd06daKCLwz3Li5yukGMA==
X-Amz-Cf-Pop
FRA2-C2
X-Cache
Hit from cloudfront
x-amz-server-side-encryption
AES256

Redirect headers

content-length
183
content-type
text/html; charset=UTF-8
date
Wed, 10 May 2023 20:17:09 GMT
location
https://d1eoo1tco6rr5e.cloudfront.net/c8hchs6/56sogo3/iframe
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
/
insight.adsrvr.org/track/conv/ 		70 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/track/conv/?adv=c8hchs6&ct=0:4r6xti6&fmt=3
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 10 May 2023 20:17:09 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
/
insight.adsrvr.org/track/evnt/ 		70 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/track/evnt/?adv=c8hchs6&ct=0:56sogo3&fmt=3
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 10 May 2023 20:17:09 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
adsct
t.co/1/i/ 		43 B
375 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=5dd45e95-3cfa-4b18-8fb2-cb611b2f8ec0&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=81e3a1e7-ba93-4e86-9f57-f5dde0e69cc4&tw_document_href=https%3A%2F%2Fwww.grandforksherald.com%2F&tw_iframe_status=0&txn_id=o2f7x&type=javascript&version=2.3.29
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.69 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-response-time
103
date
Wed, 10 May 2023 20:17:08 GMT
strict-transport-security
max-age=0
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
dce0ea4c5b2c113c
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
fe0dcb100665b2184ba099f2e5a43aebba5d45fce22d7e5a5ec3497cbaa56308
content-length
43
adsct
analytics.twitter.com/1/i/ 		43 B
725 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/1/i/adsct?bci=4&eci=3&event=%7B%7D&event_id=5dd45e95-3cfa-4b18-8fb2-cb611b2f8ec0&integration=gtm&p_id=Twitter&p_user_id=0&pl_id=81e3a1e7-ba93-4e86-9f57-f5dde0e69cc4&tw_document_href=https%3A%2F%2Fwww.grandforksherald.com%2F&tw_iframe_status=0&txn_id=o2f7x&type=javascript&version=2.3.29
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.195 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-response-time
109
date
Wed, 10 May 2023 20:17:08 GMT
strict-transport-security
max-age=631138519
server
tsa_o
content-type
image/gif;charset=utf-8
x-transaction-id
610975739f050e85
cache-control
no-cache, no-store, max-age=0
perf
7626143928
x-connection-hash
e917f26ab810b2340877e95fcc2da63110bec6ed0acaa4802bdb637108f3752f
content-length
43
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202305101013/ 		243 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202305101013/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/cUnQ-tYNZ95Jh3EezVQMDpKuEDk/gpt_and_prebid/config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:99f6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ea6ea3a65726c9736c6f9715f39fc113bef17e87589ee3b2c220fc21f13083af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 20:17:09 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 May 2023 14:31:54 GMT
server
cloudflare
x-amz-request-id
YEP8SYSSJB75D2A9
age
11418
etag
W/"a28928bd6d7de93a2507dee29a5cd32c"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
7c54dd307d013665-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2
PDoJsyGEyyOTdi/sHmcLZSA7KorEDn0CG9yCfOZWoZ0wUUB37iAliJ1A3y5G5NEr9g6pX7h8B+A=
collect
stats.g.doubleclick.net/j/ 		4 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-41542537-2&cid=1267645818.1683749829&jid=1351594232&gjid=735739293&_gid=906386831.1683749829&_u=YCDACEABBAAAAGAAI~&z=273985494
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.grandforksherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 10 May 2023 20:17:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.grandforksherald.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-778232-77&cid=1267645818.1683749829&jid=362955491&gjid=656110990&_gid=906386831.1683749829&_u=YCDACEABBAAAAGAAI~&z=1378760385
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.grandforksherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 10 May 2023 20:17:09 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.grandforksherald.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-778232-37&cid=1267645818.1683749829&jid=1818819295&_u=YCDAiEABBAAAAEAAI~&z=901015102
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 May 2023 20:17:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-778232-37&cid=1267645818.1683749829&jid=1818819295&_u=YCDAiEABBAAAAEAAI~&z=901015102
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 May 2023 20:17:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dc_pre=CPSD0fPI6_4CFQeXmgodvOYOuA;src=8975227;type=invmedia;cat=grand0;ord=9789840719750;gtm=45He3580;auiddc=2068016473.1683749829;~oref=https%3A%2F%2Fwww.grandforksherald.com%2F
adservice.google.com/ddm/fls/i/ Frame FC54 		492 B
644 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/ddm/fls/i/dc_pre=CPSD0fPI6_4CFQeXmgodvOYOuA;src=8975227;type=invmedia;cat=grand0;ord=9789840719750;gtm=45He3580;auiddc=2068016473.1683749829;~oref=https%3A%2F%2Fwww.grandforksherald.com%2F
Requested by
Host: 8975227.fls.doubleclick.net
URL: https://8975227.fls.doubleclick.net/activityi;dc_pre=CPSD0fPI6_4CFQeXmgodvOYOuA;src=8975227;type=invmedia;cat=grand0;ord=9789840719750;gtm=45He3580;auiddc=2068016473.1683749829;~oref=https%3A%2F%2Fwww.grandforksherald.com%2F?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
469d340f4d48d1a532f76a3a34b1473a0eb60317bb67d2f71caf6aad4a2d802f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://8975227.fls.doubleclick.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
269
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 10 May 2023 20:17:09 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma
no-cache
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
/
embed-981930.secondstreetapp.com/embed/5695610b-a9ae-4766-808d-43bdb662c615/ Frame 3812 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://embed-981930.secondstreetapp.com/embed/5695610b-a9ae-4766-808d-43bdb662c615/
Requested by
Host: embed-981930.secondstreetapp.com
URL: https://embed-981930.secondstreetapp.com/Scripts/dist/embed.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.197.229.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-197-229-45.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b9c3517ef33044cccc4fbf946cad87f8c2c47c71d26f3b9005947b6e73360815
Security Headers
Name Value
Content-Security-Policy frame-ancestors https://dl-online.com https://forumcomm.com https://www.facebook.com https://grandforksherald.com https://www.forumcomm.com http://*.secondstreetapp.com http://grandforksherald.secondstreetapp.com https://jamestownsun.com https://thedickinsonpress.com http://ForumCommunications.secondstreetapp.com https://www.superiortelegram.com https://duluthnewstribune.com http://embed.secondstreetapp.com https://echopress.com https://www.pinejournal.com https://www.duluthnewstribune.com https://*.secondstreetapp.com https://pinejournal.com http://root.secondstreetapp.com https://agweek.com https://bemidjipioneer.com https://mitchellrepublic.com http://grandforksherald.upickem.net https://brainerddispatch.com http://www.grandforksherald.com

Request headers

Referer
https://www.grandforksherald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private
Content-Encoding
gzip
Content-Length
1585
Content-Security-Policy
frame-ancestors https://dl-online.com https://forumcomm.com https://www.facebook.com https://grandforksherald.com https://www.forumcomm.com http://*.secondstreetapp.com http://grandforksherald.secondstreetapp.com https://jamestownsun.com https://thedickinsonpress.com http://ForumCommunications.secondstreetapp.com https://www.superiortelegram.com https://duluthnewstribune.com http://embed.secondstreetapp.com https://echopress.com https://www.pinejournal.com https://www.duluthnewstribune.com https://*.secondstreetapp.com https://pinejournal.com http://root.secondstreetapp.com https://agweek.com https://bemidjipioneer.com https://mitchellrepublic.com http://grandforksherald.upickem.net https://brainerddispatch.com http://www.grandforksherald.com
Content-Type
text/html; charset=utf-8
Cross-Origin-Resource-Policy
cross-origin
Date
Wed, 10 May 2023 20:17:09 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-AspNetMvc-Version
5.2
X-Powered-By
ASP.NET
X-SS
106
X-StackifyID
V2|37e9c558-a296-4828-b96d-33f643d6164f|C69601|CD67
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-41542537-2&cid=1267645818.1683749829&jid=1351594232&_u=YCDACEABBAAAAGAAI~&z=1952374431
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 May 2023 20:17:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-41542537-2&cid=1267645818.1683749829&jid=1351594232&_u=YCDACEABBAAAAGAAI~&z=1952374431
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 May 2023 20:17:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-778232-77&cid=1267645818.1683749829&jid=362955491&_u=YCDACEABBAAAAGAAI~&z=1524731487
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 May 2023 20:17:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-778232-77&cid=1267645818.1683749829&jid=362955491&_u=YCDACEABBAAAAGAAI~&z=1524731487
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 May 2023 20:17:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
loadJobsHQ.js
widgets.jobshq.com/dist/ 		1 KB
723 B 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.jobshq.com/dist/loadJobsHQ.js
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:8c00:1d:9060:10c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 / Express
Resource Hash
11ab1f88248f74604ef64741a032a3fa806feca3602872ca57ba60303211d4c2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 20:17:09 GMT
content-encoding
br
via
1.1 1f0db25765b79d244ad1fa2184395c12.cloudfront.net (CloudFront)
last-modified
Mon, 24 Apr 2023 19:22:05 GMT
server
nginx/1.22.1
x-amz-cf-pop
FRA56-P2
x-powered-by
Express
etag
W/"4ce-187b4b74f48"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
x-amz-cf-id
UwL3jgNZ_xUVSOJk84rAlV91KUWwAtI5tQkvrWq0ODyecuvBE2btlQ==
rollbar.min.js
cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/ 		61 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami-widget.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e2d476a3da7d96d989379c7fb3be5ed4595a5dcdf7164cda8b5ecf0ed9a39fe
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.grandforksherald.com/
Origin
https://www.grandforksherald.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 20:17:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
64615
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
17086
last-modified
Mon, 04 May 2020 16:16:01 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fc1-f4a1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6yZ7NdiedEaOf2SNy27yPP2hyE8VcBY3X%2BYXX2kJaugNJCIDSAORiPwhXDTWzeOUIKOvq2pVEQP8qyAawNWVGe9GRQP%2FwQl1O%2BTzbpr%2FHud6a1SnAyOwU34x2AdqiVrMi3EHmUiG7v0YS1nv8QggsKKn"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7c54dd310d3a1c22-FRA
expires
Mon, 29 Apr 2024 20:17:09 GMT
truncated
/ 		87 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
07d9cf67eb9852fdbef95e1069f17bca2fd4b9faeadbb812cd5a2a4800b4f996

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/svg+xml
common.min.js
service.force.com/embeddedservice/5.0/utils/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://service.force.com/embeddedservice/5.0/utils/common.min.js
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.1.38 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl3-ncg0-lhr3.um4-lo2.force.com
Software
/
Resource Hash
7c273510050e27ad1e0a533b0a766c6c597575710d578a104e60d4810e173648
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Wed, 10 May 2023 15:23:48 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Thu, 17 Feb 2022 23:57:30 GMT
Content-Encoding
gzip
Age
17601
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
1918
X-XSS-Protection
1; mode=block
Expires
Thu, 11 May 2023 15:23:48 GMT
truncated
/ 		88 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
70e2c48e17f030066b530cf41f5f7d726ff7736ae0875e36dc2b5ef649e1f146

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/svg+xml
_track
www.grandforksherald.com/ 		0
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.grandforksherald.com/_track
Requested by
Host: cdn.forumcomm.com
URL: https://cdn.forumcomm.com/resource/0000017b-5a43-de16-ab7f-ffcfc2a20000/_resource/analytics/bsp-analytics.min.3d492319d8b084de04ab3a208c32f0b5.gz.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-124.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.grandforksherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 10 May 2023 20:17:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-envoy-decorator-operation
brightspot-frontend-verify.web.svc.cluster.local:80/*
via
1.1 b25bc331cb2e5e7e25d9488f5ecdc940.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
2
x-amz-cf-id
zu36e5f-bRI8n1BANWE42D_QvmJUatQSCuGjZatRsBK1NaVT3jHl4Q==
pe06MI6eKpdGqlF5LANrM--qAeRhe6D4yip43qfcERwsuLuz.woff2
fonts.gstatic.com/s/brygada1918/v21/ 		12 KB
12 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/brygada1918/v21/pe06MI6eKpdGqlF5LANrM--qAeRhe6D4yip43qfcERwsuLuz.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Brygada+1918:ital,wght@0,400;0,500;0,600;0,700;1,400;1,500;1,600;1,700|Source+Sans+Pro:300,400,600,700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9200fbcf60ce201c7eaabf39ebba98246c1a806f98d9d63a8aa438ee7ba6365
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.grandforksherald.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Thu, 04 May 2023 17:13:59 GMT
x-content-type-options
nosniff
age
529390
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12140
x-xss-protection
0
last-modified
Tue, 30 Aug 2022 18:17:36 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 03 May 2024 17:13:59 GMT
skeleton.gif
static.adsafeprotected.com/ 		43 B
481 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif?adunitid=qthlqa&adnum=8756941
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:3c00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 25 Jun 2022 14:52:58 GMT
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via
1.1 0162e02b2d0212054988a68716227daa.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P5
age
27581051
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
N1nWw9sNyUxT9DsRkTGd7m1gDn2Ih62ai7nuGX5gqeeM0kfKznleZg==
0.8c3b779ec17bf77b9899.js
www.grandforksherald.com/ 		42 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.grandforksherald.com/0.8c3b779ec17bf77b9899.js
Requested by
Host: cdn.forumcomm.com
URL: https://cdn.forumcomm.com/resource/0000017b-5a43-de16-ab7f-ffcfc2a20000/styleguide/All.min.0cde6cc48a245c8dff9631b8743a7f1d.gz.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.27.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-27-124.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
db83f799f235d5e9643e8b6d541a3b504aef47610492c4074e09d664eb58582d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 12 Dec 2022 05:09:47 GMT
strict-transport-security
max-age=31536000; includeSubdomains;
content-encoding
gzip
x-envoy-decorator-operation
brightspot-frontend-verify.web.svc.cluster.local:80/*
server
istio-envoy
via
1.1 b25bc331cb2e5e7e25d9488f5ecdc940.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
age
12928042
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript;charset=UTF-8
cache-control
public, max-age=31536000
x-envoy-upstream-service-time
46
content-length
11415
x-amz-cf-id
XisXe7vQzOvQavRF9yZiWDCmpt3-153LawDV_6hNkRqGtQGwHE8ITg==
pbjs
htlb.casalemedia.com/openrtb/ 		36 B
570 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=248828
Requested by
Host: cdn.forumcomm.com
URL: https://cdn.forumcomm.com/resource/0000017b-5a43-de16-ab7f-ffcfc2a20000/staticjs/prebid7.45.0.e067eae7d46b6ecf457f3dc95c9116ed.gz.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e823bf21b40e4f4b284896cf9c1ae0c10a8aab18bca4ffcf2a669cf8d7483ad

Request headers

Referer
https://www.grandforksherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 May 2023 20:17:09 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BoRphh8QDfl47rGXgP%2BCRoPkNtOmRKvme0psg8QszJvCkxJwCiqdUPfkWqulWwuZG5sH%2B3SizbWPm6sbeL4J5O2d8eQtBrGasIhAktCd9XAvrsFXzn2k9BUTbjJRAoaDGP9J4lfE"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.grandforksherald.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7c54dd326eb23a54-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
36
expires
0
fastlane.json
fastlane.rubiconproject.com/a/api/ 		373 B
947 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12144&site_id=44028&zone_id=190792&size_id=2&us_privacy=1---&rf=https%3A%2F%2Fwww.grandforksherald.com%2F&kw=GrandForks&tg_i.domain=grandforksherald.com&tg_i.page=https%3A%2F%2Fwww.grandforksherald.com%2F&tg_i.pbadslot=googleAdff516875-3f50-484a-b6a2-cd8eb564d7e7&tk_flint=pbjs_lite_v7.45.0&x_source.tid=4665dd45-4a98-4bec-b0b9-474d68e0dcb4&l_pb_bid_id=9f2f9e4a46f8e7&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=4665dd45-4a98-4bec-b0b9-474d68e0dcb4&rp_maxbids=1&slots=1&rand=0.1667788987985086
Requested by
Host: cdn.forumcomm.com
URL: https://cdn.forumcomm.com/resource/0000017b-5a43-de16-ab7f-ffcfc2a20000/staticjs/prebid7.45.0.e067eae7d46b6ecf457f3dc95c9116ed.gz.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
fe3bb4178d86004f1174e414cf2e193df519c365f9ef88d47639d59445294831

Request headers

Referer
https://www.grandforksherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 May 2023 20:17:09 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.grandforksherald.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
373
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		373 B
714 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12144&site_id=44030&zone_id=190796&size_id=2&us_privacy=1---&rf=https%3A%2F%2Fwww.grandforksherald.com%2F&kw=GrandForks&tg_i.domain=grandforksherald.com&tg_i.page=https%3A%2F%2Fwww.grandforksherald.com%2F&tg_i.pbadslot=googleAdff516875-3f50-484a-b6a2-cd8eb564d7e7&tk_flint=pbjs_lite_v7.45.0&x_source.tid=4665dd45-4a98-4bec-b0b9-474d68e0dcb4&l_pb_bid_id=1053b55c7629741&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=4665dd45-4a98-4bec-b0b9-474d68e0dcb4&rp_maxbids=1&slots=1&rand=0.6217704190708464
Requested by
Host: cdn.forumcomm.com
URL: https://cdn.forumcomm.com/resource/0000017b-5a43-de16-ab7f-ffcfc2a20000/staticjs/prebid7.45.0.e067eae7d46b6ecf457f3dc95c9116ed.gz.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
1d8924ee705dd789545282d7ba7f109ed626e9e0aaf1c430bb64858fbdadb29c

Request headers

Referer
https://www.grandforksherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 May 2023 20:17:09 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.grandforksherald.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
373
expires
Wed, 17 Sep 1975 21:32:10 GMT
prebidjs
rtb.openx.net/openrtbb/ 		53 B
265 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdn.forumcomm.com
URL: https://cdn.forumcomm.com/resource/0000017b-5a43-de16-ab7f-ffcfc2a20000/staticjs/prebid7.45.0.e067eae7d46b6ecf457f3dc95c9116ed.gz.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
36ca968841d864331acba0762ff91be0f4fac82b02585deb7be048af7558816b

Request headers

Referer
https://www.grandforksherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 May 2023 20:17:09 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.grandforksherald.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
v1
btlr.sharethrough.com/universal/ 		0
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.forumcomm.com
URL: https://cdn.forumcomm.com/resource/0000017b-5a43-de16-ab7f-ffcfc2a20000/staticjs/prebid7.45.0.e067eae7d46b6ecf457f3dc95c9116ed.gz.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.67.118 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-67-118.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.grandforksherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.grandforksherald.com
date
Wed, 10 May 2023 20:17:09 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.forumcomm.com
URL: https://cdn.forumcomm.com/resource/0000017b-5a43-de16-ab7f-ffcfc2a20000/staticjs/prebid7.45.0.e067eae7d46b6ecf457f3dc95c9116ed.gz.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.67.118 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-67-118.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.grandforksherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.grandforksherald.com
date
Wed, 10 May 2023 20:17:09 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.forumcomm.com
URL: https://cdn.forumcomm.com/resource/0000017b-5a43-de16-ab7f-ffcfc2a20000/staticjs/prebid7.45.0.e067eae7d46b6ecf457f3dc95c9116ed.gz.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.67.118 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-67-118.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.grandforksherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.grandforksherald.com
date
Wed, 10 May 2023 20:17:09 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.forumcomm.com
URL: https://cdn.forumcomm.com/resource/0000017b-5a43-de16-ab7f-ffcfc2a20000/staticjs/prebid7.45.0.e067eae7d46b6ecf457f3dc95c9116ed.gz.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.67.118 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-67-118.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.grandforksherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.grandforksherald.com
date
Wed, 10 May 2023 20:17:09 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.forumcomm.com
URL: https://cdn.forumcomm.com/resource/0000017b-5a43-de16-ab7f-ffcfc2a20000/staticjs/prebid7.45.0.e067eae7d46b6ecf457f3dc95c9116ed.gz.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.67.118 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-67-118.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.grandforksherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.grandforksherald.com
date
Wed, 10 May 2023 20:17:09 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.forumcomm.com
URL: https://cdn.forumcomm.com/resource/0000017b-5a43-de16-ab7f-ffcfc2a20000/staticjs/prebid7.45.0.e067eae7d46b6ecf457f3dc95c9116ed.gz.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.67.118 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-67-118.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.grandforksherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.grandforksherald.com
date
Wed, 10 May 2023 20:17:09 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
471 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.grandforksherald.com%2F&pid=OTBorkXqk3pqF&cb=0&ws=1600x1200&v=23.505.1627&t=2000&slots=%5B%7B%22sd%22%3A%22googleAdff516875-3f50-484a-b6a2-cd8eb564d7e7%22%2C%22s%22%3A%5B%22920x90%22%2C%22920x50%22%2C%22728x90%22%2C%22320x50%22%2C%22300x50%22%5D%2C%22sn%22%3A%22%2F7021%2Fforumcomm%2Fgrandforksherald%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22googleAdaf6cad75-0391-4f94-8aea-cd2c32035814%22%2C%22s%22%3A%5B%22970x250%22%2C%22960x200%22%2C%22930x180%22%2C%22970x90%22%2C%22970x66%22%2C%22728x90%22%2C%22300x250%22%2C%22250x250%22%2C%22320x100%22%2C%22320x50%22%2C%22300x50%22%5D%2C%22sn%22%3A%22%2F7021%2Fforumcomm%2Fgrandforksherald%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22googleAd2b3ed6a9-cefc-4a7c-9102-c8866fe732c4%22%2C%22s%22%3A%5B%22300x600%22%2C%22120x600%22%2C%22160x600%22%2C%22300x250%22%2C%22250x250%22%2C%22320x100%22%2C%22320x50%22%2C%22300x50%22%5D%2C%22sn%22%3A%22%2F7021%2Fforumcomm%2Fgrandforksherald%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22googleAd39c0d150-b574-42d5-b014-15bada5f4d60%22%2C%22s%22%3A%5B%22970x250%22%2C%22960x200%22%2C%22930x180%22%2C%22970x90%22%2C%22970x66%22%2C%22728x90%22%2C%22300x250%22%2C%22250x250%22%2C%22320x100%22%2C%22320x50%22%2C%22300x50%22%5D%2C%22sn%22%3A%22%2F7021%2Fforumcomm%2Fgrandforksherald%2Fhomepage%22%7D%2C%7B%22sd%22%3A%22googleAd1afd242c-6581-4c4a-beef-493ef943e47e%22%2C%22s%22%3A%5B%22970x250%22%2C%22960x200%22%2C%22930x180%22%2C%22970x90%22%2C%22970x66%22%2C%22728x90%22%2C%22300x250%22%2C%22250x250%22%2C%22320x100%22%2C%22320x50%22%2C%22300x50%22%5D%2C%22sn%22%3A%22%2F7021%2Fforumcomm%2Fgrandforksherald%2Fhomepage%22%7D%5D&sg=%7B%22ortb2%22%3A%7B%22device%22%3A%7B%22sua%22%3A%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22source%22%3A2%2C%22browsers%22%3A%5B%5D%7D%7D%7D%7D&pubid=59950d2e-4dfc-490d-92ee-81f8d387b7dd&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.239.116 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-239-116.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 20:17:09 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 3d34e163f3f1a0c4a397ad818b79a810.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P4
x-amz-rid
V9ZGYNGPYBVR2KKGYDV5
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.grandforksherald.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
J7VzOVy9IUUaf8C4d-C-Qoo2WmbSM3t4wyklCqYnhPQgR3EyKvRLsg==
integrator.js
adservice.google.de/adsid/ 		107 B
531 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.grandforksherald.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 20:17:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
317 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.grandforksherald.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 20:17:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
active_orders
origami.secure.ownlocal.com/api/ 		105 B
134 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/api/active_orders?owned_by=69b32431-f541-4bcc-ade4-941f8b27d6e9
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami-widget.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
nginx/1.17.2 /
Resource Hash
aea64597236978121bbf14d1dd6b4bcf37ba92dab89923ffc1cbb55fc3f2efb7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept
application/json
Referer
https://www.grandforksherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 20:17:09 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
via
1.1 google
x-permitted-cross-domain-policies
none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
1; mode=block
x-request-id
29d7412d-3167-421c-bb0f-c02334d4ca59
x-runtime
0.080017
referrer-policy
strict-origin-when-cross-origin
server
nginx/1.17.2
etag
W/"aea64597236978121bbf14d1dd6b4bcf"
x-download-options
noopen
x-frame-options
SAMEORIGIN
access-control-max-age
7200
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
cache-control
max-age=3600, public
content-type
application/json; charset=utf-8
vary
Origin
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=5889881&ntv_pl=1145438
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.232.125 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-232-125.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 May 2023 20:17:09 GMT
server
nginx/1.12.2
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=f9c28e74-47c2-4e7b-80e4-c173e2ca5178&ntv_fl=PPCOIRF2N3LMbH_5z_XiTOvqT4lKbR8soXZ5XYPOQ74I7OGbJq4Q0HIB2wPNANizV7UPDCCXloDEIK-6Zr6sDE5ljZfSX-fii0mNKgurQjqWJfZ45_K7oQDQe0qwvkhcE0viVY3ALxjEkLuiNULB6Fk6gpzdBzts-QaHK7SbygUBlI_euJbmgprKAGmGJP8uMKoifqxedHYpIoX4QdxMPLpf30Z7961n8SG91rOhfP0=&ntv_ht=xftbZAA&ntv_at=303,302&ntv_a=AAAAAAAAAAXnoRA&ord=1683749829452&ntv_it
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.232.125 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-232-125.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 May 2023 20:17:09 GMT
server
nginx/1.12.2
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
gdprConsent
jadserve.postrelease.com/ 		43 B
427 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/gdprConsent?ntv_pl=1145438&ntv_gdpr_consent=&ntv_it
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.232.125 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-232-125.eu-west-1.compute.amazonaws.com
Software
nginx/1.12.2 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 May 2023 20:17:09 GMT
server
nginx/1.12.2
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
DFPAudiencePixel;ord=9432023915612.79;dc_seg=487073367
pubads.g.doubleclick.net/activity;dc_iu=/7021/ 		42 B
668 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/activity;dc_iu=/7021/DFPAudiencePixel;ord=9432023915612.79;dc_seg=487073367?
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 May 2023 20:17:09 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		61 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3241219401962957&correlator=70656684319572&eid=31072878%2C31074368&output=ldjh&gdfp_req=1&vrg=202305040101&ptt=17&impl=fif&us_privacy=1---&iu_parts=7021%2Cforumcomm%2Cgrandforksherald%2Chomepage&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=970x250%7C960x200%7C930x180%7C970x90%7C970x66%7C728x90&ifi=1&adks=232206954&sfv=1-0-40&prev_scp=position%3Dbanner-2%26kw%3Dgrandforksherald%26userStatus%3Danonymous%26refresh%3Dtrue%26refreshed_slot%3Dfalse&cust_params=amznbid%3D0%26amznp%3D0&ppid=c159c22b555540a78b18a01862c48d8de2b9112d&sc=1&cookie_enabled=1&abxe=1&dt=1683749829502&lmt=1683749829&dlt=1683749828545&idt=654&adxs=315&adys=1615&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.grandforksherald.com%2F&frm=20&vis=1&psz=1240x-1&msz=970x-1&fws=4&ohw=1240&ga_vid=1267645818.1683749829&ga_sid=1683749830&ga_hid=935751105&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e8620488d51627bdeb03bd8e1fb09f2e8be370d05ab90324bca19c7515b31554
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 20:17:10 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13843
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.grandforksherald.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
2c10b09c2f0b1833eecb56a5cc8b9664.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 6D62 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://2c10b09c2f0b1833eecb56a5cc8b9664.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.grandforksherald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 10 May 2023 20:17:09 GMT
expires
Thu, 09 May 2024 20:17:09 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		46 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3241219401962957&correlator=70656684319572&eid=31072878%2C31074368&output=ldjh&gdfp_req=1&vrg=202305040101&ptt=17&impl=fif&us_privacy=1---&iu_parts=7021%2Cforumcomm%2Cgrandforksherald%2Chomepage&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=300x600%7C120x600%7C160x600%7C300x250%7C250x250&ifi=2&adks=1587206883&sfv=1-0-40&prev_scp=position%3Dsidebar-1%26kw%3Dgrandforksherald%26userStatus%3Danonymous%26refresh%3Dtrue%26refreshed_slot%3Dfalse&cust_params=amznbid%3D0%26amznp%3D0&ppid=c159c22b555540a78b18a01862c48d8de2b9112d&sc=1&cookie_enabled=1&abxe=1&dt=1683749829513&lmt=1683749829&dlt=1683749828545&idt=654&adxs=1110&adys=2480&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.grandforksherald.com%2F&frm=20&vis=1&psz=320x-1&msz=300x-1&fws=4&ohw=320&ga_vid=1267645818.1683749829&ga_sid=1683749830&ga_hid=935751105&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
495785dfc5653d48c336ce66d1879872f8f69628e6b046a4f978de34f5b0a2fc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 20:17:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11557
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.grandforksherald.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		33 KB
14 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3241219401962957&correlator=70656684319572&eid=31072878%2C31074368&output=ldjh&gdfp_req=1&vrg=202305040101&ptt=17&impl=fif&us_privacy=1---&iu_parts=7021%2Cforumcomm%2Cgrandforksherald%2Chomepage&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=320x50%7C300x50&ifi=3&adks=1047014183&sfv=1-0-40&prev_scp=position%3Dlatest-sponsor%26kw%3Dgrandforksherald%26userStatus%3Danonymous&cust_params=amznbid%3D0%26amznp%3D0&ppid=c159c22b555540a78b18a01862c48d8de2b9112d&sc=1&cookie_enabled=1&abxe=1&dt=1683749829516&lmt=1683749829&dlt=1683749828545&idt=654&adxs=1100&adys=970&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.grandforksherald.com%2F&frm=20&vis=1&psz=320x-1&msz=320x-1&fws=4&ohw=320&ga_vid=1267645818.1683749829&ga_sid=1683749830&ga_hid=935751105&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
33761a4292c2e63df414689af34c6675bf6fcc6e47db4d9da2ce37208663af2b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 20:17:10 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14057
x-xss-protection
0
google-lineitem-id
6261595890
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138428650490
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.grandforksherald.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
802 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3241219401962957&correlator=70656684319572&eid=31072878%2C31074368&output=ldjh&gdfp_req=1&vrg=202305040101&ptt=17&impl=fif&us_privacy=1---&iu_parts=7021%2Cforumcomm%2Cgrandforksherald%2Chomepage&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=1550x90&ifi=4&adks=3094853494&sfv=1-0-40&prev_scp=position%3Dadhesion%26kw%3Dgrandforksherald%26userStatus%3Danonymous&cust_params=amznbid%3D0%26amznp%3D0&ppid=c159c22b555540a78b18a01862c48d8de2b9112d&sc=1&cookie_enabled=1&abxe=1&dt=1683749829520&lmt=1683749829&dlt=1683749828545&idt=654&adxs=25&adys=1196&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.grandforksherald.com%2F&frm=20&vis=1&psz=1550x-1&msz=1550x-1&fws=516&ohw=1550&ga_vid=1267645818.1683749829&ga_sid=1683749830&ga_hid=935751105&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
275430d552eaabb8041704d8d685623785f36f13e9a7b44da9fc0dd895a12aec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 20:17:10 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
498
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.grandforksherald.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
805 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3241219401962957&correlator=70656684319572&eid=31072878%2C31074368&output=ldjh&gdfp_req=1&vrg=202305040101&ptt=17&impl=fif&us_privacy=1---&iu_parts=7021%2Cforumcomm%2Cgrandforksherald%2Chomepage&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=500x1100&ifi=5&adks=2930216968&sfv=1-0-40&prev_scp=position%3Dtakeover-ad-right%26kw%3Dgrandforksherald%26userStatus%3Danonymous&cust_params=amznbid%3D0%26amznp%3D0&ppid=c159c22b555540a78b18a01862c48d8de2b9112d&sc=1&cookie_enabled=1&abxe=1&dt=1683749829523&lmt=1683749829&dlt=1683749828545&idt=654&adxs=1440&adys=21&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.grandforksherald.com%2F&frm=20&vis=1&psz=500x-1&msz=500x-1&fws=516&ohw=500&ga_vid=1267645818.1683749829&ga_sid=1683749830&ga_hid=935751105&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
46defd9f9676264832c18e26def5614bad9a10342d6ddfb7dc74cee05dc62021
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 20:17:10 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
493
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.grandforksherald.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
cdn.forumcomm.com/dims4/default/655c05d/2147483647/strip/true/crop/1920x1277+0+10/resize/490x326!/format/webp/quality/90/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.forumcomm.com/dims4/default/655c05d/2147483647/strip/true/crop/1920x1277+0+10/resize/490x326!/format/webp/quality/90/?url=https%3A%2F%2Fforum-communications-production-web.s3.us-west-2.amazonaws.com%2Fbrightspot%2F90%2F62%2F7e6e0e23431db3bf25ba1fa1f35a%2Fkenny-chesney-at-grand-forks-alerus-center-may-9-2023.jpg
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-109.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
0b7ff162f763d20a96f2a87ee042f8c0a41810777eaacc7883b3379a69c1fe50

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 14:07:17 GMT
x-envoy-decorator-operation
brightspot-dims-verify.web.svc.cluster.local:80/*
via
1.1 120ade321ed0e3697c81eb1eb19b5f62.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-C1
age
22192
etag
8c4d0ae02764311fa61984310a10d9e0
x-cache
Hit from cloudfront
content-type
image/webp
edge-control
downstream-ttl=31536000
cache-control
max-age=31536000, public
x-envoy-upstream-service-time
346
content-length
22852
x-amz-cf-id
lbFoLWbOkL9N0DwFQkrxPLOGsRPusn4TC8o7C3n0DO6_V-B08c3UkQ==
expires
Thu, 09 May 2024 14:07:17 GMT
/
cdn.forumcomm.com/dims4/default/4ad8f16/2147483647/strip/true/crop/240x160+0+94/resize/840x560!/format/webp/quality/90/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.forumcomm.com/dims4/default/4ad8f16/2147483647/strip/true/crop/240x160+0+94/resize/840x560!/format/webp/quality/90/?url=https%3A%2F%2Fforum-communications-production-web.s3.us-west-2.amazonaws.com%2Fbrightspot%2F57%2F22%2F7699330c45b789d6ae90e123b7dc%2Falexander-gothberg.jpg
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-109.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
0f31c8abfb356dc3872f74226d599b498d931ef853763e4eb966875106d017f5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 17:13:22 GMT
x-envoy-decorator-operation
brightspot-dims-verify.web.svc.cluster.local:80/*
via
1.1 120ade321ed0e3697c81eb1eb19b5f62.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-C1
age
11027
etag
e50b31d5d9e9c95985e22fa71342a409
x-cache
Hit from cloudfront
content-type
image/webp
edge-control
downstream-ttl=31536000
cache-control
max-age=31536000, public
x-envoy-upstream-service-time
339
content-length
23748
x-amz-cf-id
3HCxmKlasdC_Srnyz3SVfBJgk1i5SaAipEGqFEFqOZnGXm8qLITtwg==
expires
Thu, 09 May 2024 17:13:22 GMT
/
cdn.forumcomm.com/dims4/default/637b812/2147483647/strip/true/crop/998x664+1+0/resize/490x326!/format/webp/quality/90/ 		24 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.forumcomm.com/dims4/default/637b812/2147483647/strip/true/crop/998x664+1+0/resize/490x326!/format/webp/quality/90/?url=https%3A%2F%2Ffcc-cue-exports-brightspot.s3.us-west-2.amazonaws.com%2Ffccnn%2Fbinary%2Fhandcuffs-investigation_binary_887462.jpg
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-109.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e6f81727235ec36cf5aa569816d86da9ed243bdd4a6ea70cd38591c5dee7bcfa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 15:05:23 GMT
x-envoy-decorator-operation
brightspot-dims-verify.web.svc.cluster.local:80/*
via
1.1 120ade321ed0e3697c81eb1eb19b5f62.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-C1
age
18706
etag
7069960fb392bddbcd9985c41274889c
x-cache
Hit from cloudfront
content-type
image/webp
edge-control
downstream-ttl=31536000
cache-control
max-age=31536000, public
x-envoy-upstream-service-time
280
content-length
24974
x-amz-cf-id
X7ZFlwDmoyKweS1dC5gYkx8jsc6UgL1IJm0kPyYQIaR2bFdZB3HF3A==
expires
Thu, 09 May 2024 15:05:23 GMT
/
cdn.forumcomm.com/dims4/default/b905f6e/2147483647/strip/true/crop/1000x665+0+1/resize/490x326!/format/webp/quality/90/ 		45 KB
46 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.forumcomm.com/dims4/default/b905f6e/2147483647/strip/true/crop/1000x665+0+1/resize/490x326!/format/webp/quality/90/?url=https%3A%2F%2Ffcc-cue-exports-brightspot.s3.us-west-2.amazonaws.com%2Fgrandforksherald%2Fbinary%2F1411OrTqX240h7rQE0P-jtzAUk_WoR9ki_binary_1024006.jpg
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-109.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
aaa73b3468d15f4180dc64332cd14c412dd4c8661ad85135eac773aee4511451

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 20:07:17 GMT
x-envoy-decorator-operation
brightspot-dims-verify.web.svc.cluster.local:80/*
via
1.1 120ade321ed0e3697c81eb1eb19b5f62.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-C1
age
591
etag
74ea7951a33aeaf28ed10f1192019f69
x-cache
Hit from cloudfront
content-type
image/webp
edge-control
downstream-ttl=31536000
cache-control
max-age=31536000, public
x-envoy-upstream-service-time
336
content-length
46396
x-amz-cf-id
CM6tMlBxqYioQj1k7O9IvQe0pxjYV9Zt3nl5yYkLuJqGtDckxvTbXg==
expires
Thu, 09 May 2024 20:07:17 GMT
/
cdn.forumcomm.com/dims4/default/f3f3fa7/2147483647/strip/true/crop/866x576+158+0/resize/490x326!/format/webp/quality/90/ 		25 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.forumcomm.com/dims4/default/f3f3fa7/2147483647/strip/true/crop/866x576+158+0/resize/490x326!/format/webp/quality/90/?url=https%3A%2F%2Fforum-communications-production-web.s3.us-west-2.amazonaws.com%2Fbrightspot%2F72%2Fed%2F92b5bf8a41acbaf53392e989758b%2F073ebd-20220412-homeownership04-1024.jpg
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-109.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
2c70c3aea5b37689d76ff458144b97f676ce4c383d84e93b92a2c978c8d8293c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 16:36:19 GMT
x-envoy-decorator-operation
brightspot-dims-verify.web.svc.cluster.local:80/*
via
1.1 120ade321ed0e3697c81eb1eb19b5f62.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-C1
age
13250
etag
0499e7740ec7d05d3f125e962808b68f
x-cache
Hit from cloudfront
content-type
image/webp
edge-control
downstream-ttl=31536000
cache-control
max-age=31536000, public
x-envoy-upstream-service-time
106
content-length
25812
x-amz-cf-id
2G2VFQfhnIo9rEbqpKQBD6scV2u9UMD77V3GGU5ImLa38wcYGmUUcw==
expires
Thu, 09 May 2024 16:36:19 GMT
/
cdn.forumcomm.com/dims4/default/d1e244e/2147483647/strip/true/crop/6240x4152+0+4/resize/490x326!/format/webp/quality/90/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.forumcomm.com/dims4/default/d1e244e/2147483647/strip/true/crop/6240x4152+0+4/resize/490x326!/format/webp/quality/90/?url=https%3A%2F%2Fforum-communications-production-web.s3.us-west-2.amazonaws.com%2Fbrightspot%2Faf%2Ff6%2F3e416a47470ba607931a040f304c%2Fimg-5562.JPG
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-109.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
bd3384993e8aca42906a17cf7f569f315e9898b68122390e84caca56f26e29b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 11:33:46 GMT
x-envoy-decorator-operation
brightspot-dims-verify.web.svc.cluster.local:80/*
via
1.1 120ade321ed0e3697c81eb1eb19b5f62.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-C1
age
117803
etag
87b2042bd6ed990a274e8ddc3d04912d
x-cache
Hit from cloudfront
content-type
image/webp
edge-control
downstream-ttl=31536000
cache-control
max-age=31536000, public
x-envoy-upstream-service-time
463
content-length
37862
x-amz-cf-id
p6nTUiXFnz7phdCjlub9TVyk0Apdqve7F2VxGwf1XF-bTFD4apqRDQ==
expires
Wed, 08 May 2024 11:33:46 GMT
/
cdn.forumcomm.com/dims4/default/cd0b46c/2147483647/strip/true/crop/6350x4225+0+4/resize/490x326!/format/webp/quality/90/ 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.forumcomm.com/dims4/default/cd0b46c/2147483647/strip/true/crop/6350x4225+0+4/resize/490x326!/format/webp/quality/90/?url=https%3A%2F%2Fforum-communications-production-web.s3.us-west-2.amazonaws.com%2Fbrightspot%2F2f%2F62%2F7d362e4f47c2ad517c74f7b70790%2Fxxxx23.N.FF.Diversion.06.jpg
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-109.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
bf61d2f3029bfbbb1e16f369f6884d786708f7910c4336f8e384d9039183c59c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 22:55:07 GMT
x-envoy-decorator-operation
brightspot-dims-verify.web.svc.cluster.local:80/*
via
1.1 120ade321ed0e3697c81eb1eb19b5f62.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-C1
age
76922
etag
24b37c8da6ef6de078b97d25f3041e8a
x-cache
Hit from cloudfront
content-type
image/webp
edge-control
downstream-ttl=31536000
cache-control
max-age=31536000, public
x-envoy-upstream-service-time
627
content-length
33648
x-amz-cf-id
Jet0vfIjjYjjuGJYYyR5NMXbn55L9g1x6jAVYFBQ2Xk5EZFTacYOJw==
expires
Wed, 08 May 2024 22:55:07 GMT
/
cdn.forumcomm.com/dims4/default/9526092/2147483647/strip/true/crop/902x600+49+0/resize/490x326!/format/webp/quality/90/ 		26 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.forumcomm.com/dims4/default/9526092/2147483647/strip/true/crop/902x600+49+0/resize/490x326!/format/webp/quality/90/?url=https%3A%2F%2Ffcc-cue-exports-brightspot.s3.us-west-2.amazonaws.com%2Ffccnn%2Fbinary%2Fgavel_binary_877420.jpg
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.109 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-109.fra56.r.cloudfront.net
Software
istio-envoy /
Resource Hash
39804ee9102080ae5ce7df36dbbb57c836c9ece97c07690afd22538f3e16f1c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 16:23:33 GMT
x-envoy-decorator-operation
brightspot-dims-verify.web.svc.cluster.local:80/*
via
1.1 120ade321ed0e3697c81eb1eb19b5f62.cloudfront.net (CloudFront)
server
istio-envoy
x-amz-cf-pop
FRA56-C1
age
14016
etag
7a30d19aa17fddb50c0379d8eca68cc1
x-cache
Hit from cloudfront
content-type
image/webp
edge-control
downstream-ttl=31536000
cache-control
max-age=31536000, public
x-envoy-upstream-service-time
369
content-length
27070
x-amz-cf-id
4aqptotI2DiPa4lqXthAolaAQcVGGhtJi3SqcyWsVuTwvSv1IYPFfw==
expires
Thu, 09 May 2024 16:23:33 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		1 KB
800 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3241219401962957&correlator=70656684319572&eid=31072878%2C31074368&output=ldjh&gdfp_req=1&vrg=202305040101&ptt=17&impl=fif&us_privacy=1---&iu_parts=7021%2Cforumcomm%2Cgrandforksherald%2Chomepage&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=500x1100&ifi=6&adks=131161578&sfv=1-0-40&prev_scp=position%3Dtakeover-ad-left%26kw%3Dgrandforksherald%26userStatus%3Danonymous&cust_params=amznbid%3D0%26amznp%3D0&ppid=c159c22b555540a78b18a01862c48d8de2b9112d&sc=1&cookie_enabled=1&abxe=1&dt=1683749829528&lmt=1683749829&dlt=1683749828545&idt=654&adxs=-340&adys=21&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.grandforksherald.com%2F&frm=20&vis=1&psz=500x-1&msz=500x-1&fws=516&ohw=500&ga_vid=1267645818.1683749829&ga_sid=1683749830&ga_hid=935751105&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7cd2282be168cf2abda9da81b4c69c369a9f81f6a2d48c2142dd893dcffe14ad
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 20:17:10 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
495
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.grandforksherald.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		56 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3241219401962957&correlator=70656684319572&eid=31072878%2C31074368&output=ldjh&gdfp_req=1&vrg=202305040101&ptt=17&impl=fif&us_privacy=1---&iu_parts=7021%2Cforumcomm%2Cgrandforksherald%2Chomepage&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=320x50%7C300x50&ifi=7&adks=4078536041&sfv=1-0-40&prev_scp=position%3Dforecast%26kw%3Dgrandforksherald%26userStatus%3Danonymous&cust_params=amznbid%3D0%26amznp%3D0&ppid=c159c22b555540a78b18a01862c48d8de2b9112d&sc=1&cookie_enabled=1&abxe=1&dt=1683749829533&lmt=1683749829&dlt=1683749828545&idt=654&adxs=180&adys=1909&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=7&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.grandforksherald.com%2F&frm=20&vis=1&psz=320x-1&msz=320x-1&fws=4&ohw=320&ga_vid=1267645818.1683749829&ga_sid=1683749830&ga_hid=935751105&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a1e373b622db63e2129f7ab5e8d6419d906a7ce57f10428a4d1f6ae6cfdfb26a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 20:17:10 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12262
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.grandforksherald.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		46 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=3241219401962957&correlator=70656684319572&eid=31072878%2C31074368&output=ldjh&gdfp_req=1&vrg=202305040101&ptt=17&impl=fif&us_privacy=1---&iu_parts=7021%2Cforumcomm%2Cgrandforksherald%2Chomepage&enc_prev_ius=%2F0%2F1%2F2%2F3&prev_iu_szs=728x90&ifi=8&adks=4132672560&sfv=1-0-40&prev_scp=position%3Dbanner-1%26kw%3Dgrandforksherald%26userStatus%3Danonymous%26refresh%3Dtrue%26refreshed_slot%3Dfalse&cust_params=amznbid%3D0%26amznp%3D0&ppid=c159c22b555540a78b18a01862c48d8de2b9112d&sc=1&cookie_enabled=1&abxe=1&dt=1683749829536&lmt=1683749829&dlt=1683749828545&idt=654&adxs=436&adys=222&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fwww.grandforksherald.com%2F&frm=20&vis=1&psz=1240x-1&msz=728x-1&fws=4&ohw=1240&ga_vid=1267645818.1683749829&ga_sid=1683749830&ga_hid=935751105&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
58d5ce004f72552af92a1ed7815fbbaac9998c3d3aa2689430758bbc2d27e604
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 20:17:10 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11287
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.grandforksherald.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
status
www.facebook.com/x/oauth/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?client_id=343492237148533&input_token&origin=1&redirect_uri=https%3A%2F%2Fwww.grandforksherald.com%2F&sdk=joey&wants_cookie_data=false
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=f8f956b655d4435c424576ac42c7bcbd
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
date
Wed, 10 May 2023 20:17:09 GMT
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
c2hf7+g0ePDUY8apEDUpM8GOqV2VJsPTnuXCBtSl6ITZ6A+pp7rHV0OK7t1jzjbA/ASBSCAtDZM10ZtJnd1E5A==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
fb-s
unknown
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.grandforksherald.com
origin-agent-cluster
?0
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
permissions-policy
accelerometer=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
events
capig.inforum.com/ 		0
314 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://capig.inforum.com/events
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/signals/config/2395609997225387?v=2.9.104&r=stable
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
34.217.66.45 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-217-66-45.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.grandforksherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.grandforksherald.com
date
Wed, 10 May 2023 20:17:10 GMT
strict-transport-security
max-age=15724800; includeSubDomains
access-control-allow-credentials
true
content-length
0
vary
origin
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=2395609997225387&ev=PageView&dl=https%3A%2F%2Fwww.grandforksherald.com%2F&rl=&if=false&ts=1683749829566&sw=1600&sh=1200&v=2.9.104&r=stable&ec=0&o=30&fbp=fb.1.1683749829560.1697005327&eid=ob3_plugin-set_3e7fd478acfe5b8eeae96007a1e8b703f361d8ac83a633564b59f545600277aa&cs_est=true&it=1683749829081&coo=false&rqm=GET
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Wed, 10 May 2023 20:17:09 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
css
fonts.googleapis.com/ Frame 3812 		1 KB
455 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Muli
Requested by
Host: embed-981930.secondstreetapp.com
URL: https://embed-981930.secondstreetapp.com/embed/5695610b-a9ae-4766-808d-43bdb662c615/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bc69e745842038cdf8e24211e251c7f6c23db3cdf21f5113dbb59f2a60fcfe41
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://embed-981930.secondstreetapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 10 May 2023 20:17:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 10 May 2023 18:47:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 May 2023 20:17:09 GMT
consumer_poll-9b22ccdfbfcb0644decdf80f64b2d5c5.css
embed-981930.secondstreetapp.com/assets/CSS/ Frame 3812 		81 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://embed-981930.secondstreetapp.com/assets/CSS/consumer_poll-9b22ccdfbfcb0644decdf80f64b2d5c5.css
Requested by
Host: embed-981930.secondstreetapp.com
URL: https://embed-981930.secondstreetapp.com/embed/5695610b-a9ae-4766-808d-43bdb662c615/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.197.229.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-197-229-45.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
676efe1d8cfe93ea78e3bbfa528afa7cc4c0a8b7404a90fa2d370b350938b7f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://embed-981930.secondstreetapp.com/embed/5695610b-a9ae-4766-808d-43bdb662c615/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Wed, 10 May 2023 20:17:09 GMT
Content-Encoding
br
Last-Modified
Wed, 10 May 2023 18:22:08 GMT
Server
Microsoft-IIS/10.0
ETag
W/"0c868546c83d91:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
X-SS
106
Content-Type
text/css
Accept-Ranges
bytes
Content-Length
13550
sdk.js
connect.facebook.net/en_US/ Frame 3812 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: embed-981930.secondstreetapp.com
URL: https://embed-981930.secondstreetapp.com/embed/5695610b-a9ae-4766-808d-43bdb662c615/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6ee541ee385accb8454f23556c93af5bdb6c03e965bbb34ce8544fcfcb173e7b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://embed-981930.secondstreetapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 10 May 2023 20:17:09 GMT
content-md5
w3EfxICsfaejJR9l+vxf7w==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1688
x-fb-rlafr
0
x-fb-debug
UVStGkTK+qTwKUD7dY2XeNRuKniVbLqOkQfTrGVkSHGKU1R1ixFzB268ChGQcUzPoORxPWeJV7sozTLSsD3rEw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
259569bc2e8cceabbcd5c00bf247c302
cross-origin-opener-policy
same-origin-allow-popups
etag
"560bb2e04e126b8da6f3303e43d2112b"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=()
x-frame-options
DENY
timing-allow-origin
*
priority
u=1
expires
Wed, 10 May 2023 20:30:32 GMT
vendor-4d9812eff29c08649e4bc6f11befe3d0.js
embed-981930.secondstreetapp.com/assets/ Frame 3812 		2 MB
410 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed-981930.secondstreetapp.com/assets/vendor-4d9812eff29c08649e4bc6f11befe3d0.js
Requested by
Host: embed-981930.secondstreetapp.com
URL: https://embed-981930.secondstreetapp.com/embed/5695610b-a9ae-4766-808d-43bdb662c615/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.197.229.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-197-229-45.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a7771ea45fb4c2e5c5dd5c882a087066ffe4c306d1484c1cd0caff01214b67a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://embed-981930.secondstreetapp.com/embed/5695610b-a9ae-4766-808d-43bdb662c615/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Wed, 10 May 2023 20:17:09 GMT
Content-Encoding
br
Last-Modified
Wed, 10 May 2023 18:22:06 GMT
Server
Microsoft-IIS/10.0
ETag
"09b37536c83d91:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
X-SS
106
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
419870
consumer-poll-cf3f3de0d5cdca1dc6077d2a9ad5a087.js
embed-981930.secondstreetapp.com/assets/ Frame 3812 		401 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed-981930.secondstreetapp.com/assets/consumer-poll-cf3f3de0d5cdca1dc6077d2a9ad5a087.js
Requested by
Host: embed-981930.secondstreetapp.com
URL: https://embed-981930.secondstreetapp.com/embed/5695610b-a9ae-4766-808d-43bdb662c615/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.197.229.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-197-229-45.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
2d6b2c2152331f09ba70a1704ae87f8b114c43f478b381a894f8fb265ee62f22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://embed-981930.secondstreetapp.com/embed/5695610b-a9ae-4766-808d-43bdb662c615/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Wed, 10 May 2023 20:17:09 GMT
Content-Encoding
gzip
Last-Modified
Wed, 10 May 2023 18:22:06 GMT
Server
Microsoft-IIS/10.0
ETag
W/"09b37536c83d91:0"
X-Powered-By
ASP.NET
Vary
Accept-Encoding
X-SS
102
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
70095
/
insight.adsrvr.org/track/pxl/ Frame 87AC 		70 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/track/pxl/?adv=c8hchs6&ct=0:56sogo3&fmt=3
Requested by
Host: d1eoo1tco6rr5e.cloudfront.net
URL: https://d1eoo1tco6rr5e.cloudfront.net/c8hchs6/56sogo3/iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1eoo1tco6rr5e.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 10 May 2023 20:17:09 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
dc_pre=CPSD0fPI6_4CFQeXmgodvOYOuA;src=8975227;type=invmedia;cat=grand0;ord=9789840719750;gtm=45He3580;auiddc=2068016473.1683749829;~oref=https%3A%2F%2Fwww.grandforksherald.com%2F
adservice.google.de/ddm/fls/i/ Frame 3AEC 		194 B
301 B 		Document
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/ddm/fls/i/dc_pre=CPSD0fPI6_4CFQeXmgodvOYOuA;src=8975227;type=invmedia;cat=grand0;ord=9789840719750;gtm=45He3580;auiddc=2068016473.1683749829;~oref=https%3A%2F%2Fwww.grandforksherald.com%2F
Requested by
Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CPSD0fPI6_4CFQeXmgodvOYOuA;src=8975227;type=invmedia;cat=grand0;ord=9789840719750;gtm=45He3580;auiddc=2068016473.1683749829;~oref=https%3A%2F%2Fwww.grandforksherald.com%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://adservice.google.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=0
content-encoding
br
content-length
85
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Wed, 10 May 2023 20:17:09 GMT
expires
Wed, 10 May 2023 20:17:09 GMT
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
esw.min.css
service.force.com/embeddedservice/5.0/ 		9 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://service.force.com/embeddedservice/5.0/esw.min.css
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.1.38 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl3-ncg0-lhr3.um4-lo2.force.com
Software
/
Resource Hash
721f2d2fe18f13edc2ae51c1918c1b0a2d7b668318c559310ab35fa22363fdad
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Wed, 10 May 2023 15:39:23 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Fri, 27 Aug 2021 14:11:56 GMT
Content-Encoding
gzip
Age
16666
Vary
Accept-Encoding
Content-Type
text/css
Cache-Control
public,max-age=86400
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
4027
X-XSS-Protection
1; mode=block
Expires
Thu, 11 May 2023 15:39:23 GMT
liveagent.esw.min.js
service.force.com/embeddedservice/5.0/client/ 		20 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://service.force.com/embeddedservice/5.0/client/liveagent.esw.min.js
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.1.38 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl3-ncg0-lhr3.um4-lo2.force.com
Software
/
Resource Hash
1df96aff7c1a0b4a1f03d51ec741df8d542fcf32eddee1a0295068e4a7f0017b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Wed, 10 May 2023 15:40:10 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Wed, 17 Aug 2022 20:11:18 GMT
Content-Encoding
gzip
Age
16619
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
5913
X-XSS-Protection
1; mode=block
Expires
Thu, 11 May 2023 15:40:10 GMT
asO3XEvoEeyVDMYWVUcjsw.json
entitlements.jwplayer.com/ 		70 B
250 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://entitlements.jwplayer.com/asO3XEvoEeyVDMYWVUcjsw.json
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
152.199.22.243 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frb/67FC) /
Resource Hash
58a14ba2e3e773324e8b8aeadcd988bdd177f68e6bf65c5fcdd339032e536e61

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 20:17:09 GMT
content-encoding
gzip
last-modified
Wed, 10 May 2023 18:24:15 GMT
server
ECAcc (frb/67FC)
age
6774
vary
Accept-Encoding
x-cache
HIT
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1800, s-maxage=17040
accept-ranges
bytes
content-length
80
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		360 KB
121 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f826765655e6a3e039bda8ec43370f2c9247a931e3e33129175e48ca0690b1e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 20:17:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
122883
x-xss-protection
0
expires
Wed, 10 May 2023 20:17:09 GMT
8gjfX5FU-120.vtt
assets-jpcust.jwpsrv.com/strips/
Redirect Chain
  • https://cdn.jwplayer.com/strips/8gjfX5FU-120.vtt
  • https://assets-jpcust.jwpsrv.com/strips/8gjfX5FU-120.vtt
3 KB
552 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets-jpcust.jwpsrv.com/strips/8gjfX5FU-120.vtt
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
10b9c9ca2cc02d143867e6e7919d95cad2be51ea62a85c260d9285e2a2b02f16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 20:17:10 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
160
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
480
x-served-by
cache-iad-kcgs7200050-IAD, cache-fra-eddf8230094-FRA
last-modified
Wed, 10 May 2023 16:57:15 GMT
server
nginx
x-timer
S1683749830.232944,VS0,VE94
etag
"ed8c977281042be33843593e4523ff21"
vary
Accept-Encoding
content-type
text/vtt
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
135, 2

Redirect headers

date
Wed, 10 May 2023 20:17:09 GMT
via
1.1 18c9dea802c00b7c060142aad49f7288.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
content-type
text/html
location
https://assets-jpcust.jwpsrv.com/strips/8gjfX5FU-120.vtt
access-control-allow-origin
*
x-robots-tag
noindex, indexifembedded
content-length
166
x-amz-cf-id
waCeCbK39Nw6_oR12OgNqXHe3LNk8K_y5uxlepJTjnpurWHcs5GdZA==
provider.cast.js
ssl.p.jwpcdn.com/player/v/8.27.0/ 		30 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ssl.p.jwpcdn.com/player/v/8.27.0/provider.cast.js
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b4b9a5881171f76dce531adbcdb57884b7f96aa1f5b37f49e3fadfc29a81c51d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 20:17:09 GMT
content-encoding
gzip
via
1.1 varnish
age
641923
x-cache
HIT
content-length
10085
x-served-by
cache-fra-eddf8230126-FRA
last-modified
Tue, 02 May 2023 22:12:53 GMT
server
AmazonS3
x-timer
S1683749830.709290,VS0,VE0
etag
"204f96d54070f4254e96ec9dfff9f60e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
x-cache-hits
16283
8gjfX5FU.m3u8
cdn.jwplayer.com/manifests/ 		0
0
s7sckd1u-720.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/8gjfX5FU/poster.jpg?width=720
  • https://assets-jpcust.jwpsrv.com/thumbnails/s7sckd1u-720.jpg
107 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/s7sckd1u-720.jpg
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8fc7d7b5dc1eee9785b7b9781fed417152efc00afe62378908c64c13e65d1cf1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 20:17:10 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
271
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
109398
x-served-by
cache-iad-kjyo7100121-IAD, cache-fra-eddf8230126-FRA
last-modified
Wed, 10 May 2023 16:57:15 GMT
server
nginx
x-timer
S1683749830.923979,VS0,VE90
etag
"3819213bcf99f2cd6642abd5b86f1522"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
19, 1

Redirect headers

date
Wed, 10 May 2023 20:17:09 GMT
via
1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/s7sckd1u-720.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
1QG18kVUquuyr3wbe1XhPLLnJFtrtM1W4J4vJctTNYNY5IyDjQ3zGw==
s7sckd1u-480.jpg
assets-jpcust.jwpsrv.com/thumbnails/
Redirect Chain
  • https://cdn.jwplayer.com/v2/media/8gjfX5FU/poster.jpg?width=480
  • https://assets-jpcust.jwpsrv.com/thumbnails/s7sckd1u-480.jpg
58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://assets-jpcust.jwpsrv.com/thumbnails/s7sckd1u-480.jpg
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
60fcc2cc7ccf0fa8a2d4ca7fbb23d90b20d437f382b4518cec0ca6c3dfc0ac2f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 20:17:10 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
323
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
59025
x-served-by
cache-iad-kiad7000025-IAD, cache-fra-eddf8230126-FRA
last-modified
Wed, 10 May 2023 16:57:15 GMT
server
nginx
x-timer
S1683749830.923981,VS0,VE97
etag
"47cad8d826ea8c3be9e9348af7ea0d1a"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=900
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
92, 1

Redirect headers

date
Wed, 10 May 2023 20:17:09 GMT
via
1.1 013a54c6b9caf01f403c247789c7256c.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
access-control-allow-methods
GET
content-type
image/jpeg
location
https://assets-jpcust.jwpsrv.com/thumbnails/s7sckd1u-480.jpg
access-control-allow-origin
*
cache-control
max-age=180, max-stale=180
x-cache
Miss from cloudfront
x-robots-tag
noindex, indexifembedded
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
content-length
0
x-amz-cf-id
YEJxSSOpZL1wPQf-Q5upNtT_VjZ3Q57ubbdl774eUXnzAZZswt4SmQ==
fastlane.json
fastlane.rubiconproject.com/a/api/ 		399 B
434 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12144&site_id=44028&zone_id=190792&size_id=15&alt_size_ids=2%2C38%2C55%2C57&us_privacy=1---&rf=https%3A%2F%2Fwww.grandforksherald.com%2F&kw=GrandForks&tg_i.domain=grandforksherald.com&tg_i.page=https%3A%2F%2Fwww.grandforksherald.com%2F&tg_i.pbadslot=googleAdaf6cad75-0391-4f94-8aea-cd2c32035814&tk_flint=pbjs_lite_v7.45.0&x_source.tid=06998cac-a860-428c-868f-a1f3af653a8e&l_pb_bid_id=212a2255b28ad0a&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=06998cac-a860-428c-868f-a1f3af653a8e&rp_maxbids=1&slots=1&rand=0.0768538699033412
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
6f1e786fda076b554f9f60db23a15e7256166b651f8051e2049f3df08c6ecf42

Request headers

Referer
https://www.grandforksherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 May 2023 20:17:09 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.grandforksherald.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
399
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		393 B
428 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12144&site_id=44030&zone_id=190796&size_id=15&alt_size_ids=2%2C38%2C55%2C57&us_privacy=1---&rf=https%3A%2F%2Fwww.grandforksherald.com%2F&kw=GrandForks&tg_i.domain=grandforksherald.com&tg_i.page=https%3A%2F%2Fwww.grandforksherald.com%2F&tg_i.pbadslot=googleAdaf6cad75-0391-4f94-8aea-cd2c32035814&tk_flint=pbjs_lite_v7.45.0&x_source.tid=06998cac-a860-428c-868f-a1f3af653a8e&l_pb_bid_id=222f4e288ee2a8&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=06998cac-a860-428c-868f-a1f3af653a8e&rp_maxbids=1&slots=1&rand=0.26118705462604397
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
3bfc8e25ed15e0f95e9e05967803f55701b3dca8227626604f2c25b7201aa2cc

Request headers

Referer
https://www.grandforksherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 May 2023 20:17:09 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.grandforksherald.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
393
expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
btlr.sharethrough.com/universal/ 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.67.118 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-67-118.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.grandforksherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.grandforksherald.com
date
Wed, 10 May 2023 20:17:09 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.67.118 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-67-118.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.grandforksherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.grandforksherald.com
date
Wed, 10 May 2023 20:17:09 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.67.118 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-67-118.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.grandforksherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.grandforksherald.com
date
Wed, 10 May 2023 20:17:09 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.67.118 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-67-118.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.grandforksherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.grandforksherald.com
date
Wed, 10 May 2023 20:17:09 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.67.118 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-67-118.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.grandforksherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.grandforksherald.com
date
Wed, 10 May 2023 20:17:09 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.67.118 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-67-118.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.grandforksherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.grandforksherald.com
date
Wed, 10 May 2023 20:17:09 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
312 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=248828
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2311cf98af0c3c466d302bdfc92e4c9fa74d1282bc67e8b00a22282b6b7e482

Request headers

Referer
https://www.grandforksherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 May 2023 20:17:09 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JOa9Hg%2BFsu2ucoEtGqgLeIIyScQvYLMLBjlQwJktSrx0YBe38%2FzGuB7R%2FK7sAn418g46ys1Oef7ZlUadCL9QqViltnXUoslaHbgYaRAWNwAZnxSqn8bhid7zLLZ%2BVypg2wnrEfHS"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.grandforksherald.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7c54dd33b8343a54-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
prebidjs
rtb.openx.net/openrtbb/ 		53 B
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
ad95508c2876e24f8b6df55859670686303d39668bb1cbf465922cff5a89fa6c

Request headers

Referer
https://www.grandforksherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 May 2023 20:17:09 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.grandforksherald.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
index.html
origami.secure.ownlocal.com/origami_unit/ 		13 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/origami_unit/index.html
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
5270155ff4a7e8b5f899599bed68fd18e6bc5a609ca7a451371f3ae24e2380a1

Request headers

Accept
text/html
Referer
https://www.grandforksherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 19:43:59 GMT
age
1990
x-guploader-uploadid
ADPycdsCcu2U7CXlpJSLlYm0sKfrpoY0b50mYAMlFs2DyAnAtIEHizt9PeU48eazuXcW-m1u2g2QK2upCwJGONW7ep-OnA
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-surrogate-key
ares-unit-html-production
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13741
last-modified
Thu, 19 May 2022 15:08:55 GMT
server
UploadServer
etag
"934d8a06422590627aef7e7ceaab66b9"
x-goog-generation
1652972935532544
x-goog-hash
crc32c=v7vAnw==, md5=k02KBkIlkGJ673586qtmuQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
x-goog-stored-content-length
13741
x-goog-meta-surrogate-key-control
max-age=31536000
accept-ranges
bytes
content-type
text/html
expires
Thu, 11 May 2023 19:43:59 GMT
widgets.js
platform.twitter.com/ Frame 3812 		91 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: embed-981930.secondstreetapp.com
URL: https://embed-981930.secondstreetapp.com/embed/5695610b-a9ae-4766-808d-43bdb662c615/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/668C) /
Resource Hash
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://embed-981930.secondstreetapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Wed, 10 May 2023 20:17:09 GMT
Content-Encoding
gzip
Age
1486
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
27630
Last-Modified
Tue, 24 Jan 2023 21:41:51 GMT
Server
ECS (frb/668C)
Etag
"9e99725b7a4cd730a934afba2a438bb5+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
sdk.js
connect.facebook.net/en_US/ Frame 3812 		306 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=f8f956b655d4435c424576ac42c7bcbd
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
6db32324f58d89a117ece690f38313c6687dceef532dbeadf56b3194063fd1a0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://embed-981930.secondstreetapp.com/
Origin
https://embed-981930.secondstreetapp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 10 May 2023 20:17:09 GMT
content-md5
vmrtfAhtskLYzoW1w9VQJg==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88643
x-fb-rlafr
0
x-fb-debug
wejCqD04YLplPTqpYBuYJzOPKeU9APdCkvzeLOYK6BFFI75dPw4RYEniRos8LFFrVUf4bz9oHyR7KjvKQxdEOA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
9abdc4ea94ab83f4a4be3b0f9d312cff
cross-origin-opener-policy
same-origin-allow-popups
etag
"963062a7134e2841d847066f144abcd6"
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=()
x-frame-options
DENY
timing-allow-origin
*
priority
u=3,i
expires
Thu, 09 May 2024 19:40:36 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		394 B
429 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12144&site_id=44028&zone_id=190792&size_id=15&alt_size_ids=10&us_privacy=1---&rf=https%3A%2F%2Fwww.grandforksherald.com%2F&kw=GrandForks&tg_i.domain=grandforksherald.com&tg_i.page=https%3A%2F%2Fwww.grandforksherald.com%2F&tg_i.pbadslot=googleAd2b3ed6a9-cefc-4a7c-9102-c8866fe732c4&tk_flint=pbjs_lite_v7.45.0&x_source.tid=71a5e6c9-4b5b-4a49-8f1a-dae04b275bae&l_pb_bid_id=40d8158673e9d6f&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=71a5e6c9-4b5b-4a49-8f1a-dae04b275bae&rp_maxbids=1&slots=1&rand=0.7654448415240942
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
d8fba1c77a83219514a230d614b64730e49f1bb3c244886b55b4a4255d90de3e

Request headers

Referer
https://www.grandforksherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 May 2023 20:17:09 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.grandforksherald.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
394
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		394 B
429 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12144&site_id=44030&zone_id=190796&size_id=15&alt_size_ids=10&us_privacy=1---&rf=https%3A%2F%2Fwww.grandforksherald.com%2F&kw=GrandForks&tg_i.domain=grandforksherald.com&tg_i.page=https%3A%2F%2Fwww.grandforksherald.com%2F&tg_i.pbadslot=googleAd2b3ed6a9-cefc-4a7c-9102-c8866fe732c4&tk_flint=pbjs_lite_v7.45.0&x_source.tid=71a5e6c9-4b5b-4a49-8f1a-dae04b275bae&l_pb_bid_id=41d081554374569&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=71a5e6c9-4b5b-4a49-8f1a-dae04b275bae&rp_maxbids=1&slots=1&rand=0.905621124774098
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
ce6af6b25de4f562aa2feedebd3acaf08fd337ef2535283c5344492841c8f468

Request headers

Referer
https://www.grandforksherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 May 2023 20:17:09 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.grandforksherald.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
394
expires
Wed, 17 Sep 1975 21:32:10 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
546 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=248830
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7c9d524c36d139c29177f4a8d23afec8f55c7936aa1d1d3d12d7ca74e48ebd06

Request headers

Referer
https://www.grandforksherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 May 2023 20:17:09 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7E0AHJhvsuvWmdnC2nVVULMct%2Fn3Fq%2FPrEs9ThGPWZ9MUzvmT7sXxR2psWZUtdoPAvxzXsI35C7dlQjVbYJmadwKBrrZoIkA1r4qR7dgQbxdQZxoemoXoZq3A0cW%2BfFT16r8ScuV"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.grandforksherald.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7c54dd3438bb9201-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
v1
btlr.sharethrough.com/universal/ 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.67.118 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-67-118.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.grandforksherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.grandforksherald.com
date
Wed, 10 May 2023 20:17:09 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.67.118 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-67-118.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.grandforksherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.grandforksherald.com
date
Wed, 10 May 2023 20:17:09 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.67.118 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-67-118.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.grandforksherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.grandforksherald.com
date
Wed, 10 May 2023 20:17:09 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.67.118 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-67-118.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.grandforksherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.grandforksherald.com
date
Wed, 10 May 2023 20:17:09 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.67.118 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-67-118.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.grandforksherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.grandforksherald.com
date
Wed, 10 May 2023 20:17:09 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.67.118 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-67-118.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.grandforksherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.grandforksherald.com
date
Wed, 10 May 2023 20:17:09 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.67.118 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-67-118.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.grandforksherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.grandforksherald.com
date
Wed, 10 May 2023 20:17:09 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
prebidjs
rtb.openx.net/openrtbb/ 		53 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
44088f1b95ca90b57fdbe79bf246c1873018037d7eb6b7e77e4f0eff5226f99c

Request headers

Referer
https://www.grandforksherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 May 2023 20:17:09 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.grandforksherald.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
cast_sender.js
www.gstatic.com/cv/js/sender/v1/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 20:17:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2007
x-xss-protection
0
last-modified
Tue, 16 Feb 2021 23:57:06 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview"
vary
Accept-Encoding
report-to
{"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 10 May 2023 20:17:09 GMT
ares-unit.css.gz
origami.secure.ownlocal.com/origami_unit/production/ Frame E0FD 		46 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css.gz
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
801c9f9f43b0ac567b2a38344b4208c9d38a337d2ef534c3b588a603350f78f6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 20:05:23 GMT
content-encoding
gzip
x-goog-meta-goog-reserved-file-mtime
1652972837
age
706
x-guploader-uploadid
ADPycdvnYqVTU68zTOxJRUaJSmbGuDsP588KuofDf7N3CBYnWyR5Ri417F_1IlbPq0ahU5SilWryupBrSu4NMM-46IqYog
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-surrogate-key
ares-unit-bundle-production
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7832
last-modified
Thu, 19 May 2022 15:08:57 GMT
server
UploadServer
etag
"237a4ebe61241032e24155753e2473f0"
vary
Accept-Encoding
x-goog-generation
1652972937602469
x-goog-hash
crc32c=3+hD/Q==, md5=I3pOvmEkEDLiQVV1PiRz8A==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=86400
x-goog-stored-content-length
7832
x-goog-meta-surrogate-key-control
max-age=31536000
accept-ranges
bytes
content-type
text/css
expires
Thu, 11 May 2023 20:05:23 GMT
rollbar.min.js
cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.1/ Frame E0FD 		59 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.1/rollbar.min.js
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc611cd3f2e427b4b4c098b3cd5ccbf6e46754bcaa2bf3e2445b0d2f83e78b65
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.grandforksherald.com/
Origin
https://www.grandforksherald.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 20:17:09 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
15634272
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
16344
last-modified
Mon, 04 May 2020 16:16:01 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03fc1-ea52"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RILPSIML7gtmSpf3NjhxoROt3JGQA%2F%2BujCW%2BaS3MeEau2Bvp%2F9q3UL6BzJ458q1n7gGhLjjG7vE3%2BwRlIbY5j5%2B4jxo6p6sZv8%2BOOU0IsOvNOlZvMB%2BEP8zp%2BlvnXMerm3eViBqM3gip2oQwBgaBg8xy"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7c54dd345a0e1c22-FRA
expires
Mon, 29 Apr 2024 20:17:09 GMT
sp.js.gz
snowplow.ownlocal.com/ Frame E0FD 		96 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://snowplow.ownlocal.com/sp.js.gz
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.184.131 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
131.184.244.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
9cf71774f1f1f6c394e18096287cb46b53cc4ba8e2f17af4625b2dde339f4776

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 19:27:47 GMT
content-encoding
gzip
age
2962
x-guploader-uploadid
ADPycdv2xfrST49O425ySs6uGjP47XOuHr6xqCaO8-KG5BXYKP9NqG4Ze4IWBkeHi_8brkozZ8T8qXe5NvjCfgT2BGIvSH8OsmyD
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
4
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29912
last-modified
Mon, 09 May 2022 19:34:21 GMT
server
UploadServer
etag
"e523a607826b707d5b388f1157cf0db7"
vary
Accept-Encoding
x-goog-generation
1652124861687069
x-goog-hash
crc32c=yl0zPw==, md5=5SOmB4JrcH1bOI8RV88Ntw==
content-type
application/x-javascript
cache-control
public, max-age=3600
x-goog-stored-content-length
29912
accept-ranges
bytes
expires
Wed, 10 May 2023 20:27:47 GMT
polyfill.min.js
cdn.polyfill.io/v2/ Frame E0FD 		100 B
200 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.polyfill.io/v2/polyfill.min.js?features=Promise,fetch,Set,requestAnimationFrame,Map
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami-widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
34e4e4e998d1023cadeeda959be0f4fce5abe4eaf9d241782ae404e36446ecbf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.grandforksherald.com/
Origin
https://www.grandforksherald.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 10 May 2023 20:17:09 GMT
age
440967
detected-user-agent
Chrome/113.0.0
useragent_normaliser
chrome/113.0.0
server-timing
HIT-CLUSTER, fastly;desc="Edge time";dur=1
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
113
referrer-policy
origin-when-cross-origin
last-modified
Wed, 03 May 2023 00:17:37 GMT
fastly_service_version
195
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=UTF-8
normalized-user-agent
chrome/113.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
react.production.min.js
unpkg.com/react@16.5.2/umd/ Frame E0FD 		10 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/react@16.5.2/umd/react.production.min.js
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami-widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6a526700a518d11ba17f9e4afc2fac0b2cfacda8a91a1975931bb30d6de3b479
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.grandforksherald.com/
Origin
https://www.grandforksherald.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 20:17:09 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
20713349
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01FFEFSJ4HR2CJMBEDH10TW1KC
server
cloudflare
etag
W/"28a2-zTTTPNEOyiQBmfjucbRapR63Ixw"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7c54dd34bf65997b-FRA
react-dom.production.min.js
unpkg.com/react-dom@16.5.2/umd/ Frame E0FD 		92 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://unpkg.com/react-dom@16.5.2/umd/react-dom.production.min.js
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami-widget.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf12ee84c417cbb401083f27253d0541a64dd8605c7442f8ce8a22fe3026bbad
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.grandforksherald.com/
Origin
https://www.grandforksherald.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 20:17:09 GMT
via
1.1 fly.io
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains; preload
age
6500569
last-modified
Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id
01FWP2785GXS2RD1JETRPESBHP-fra
server
cloudflare
etag
W/"170da-IPAwmE0kwddBAKa0tilJJFl1MZg"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
7c54dd34bf66997b-FRA
8gjfX5FU-120.vtt
assets-jpcust.jwpsrv.com/strips/
Redirect Chain
  • https://cdn.jwplayer.com/strips/8gjfX5FU-120.vtt
  • https://assets-jpcust.jwpsrv.com/strips/8gjfX5FU-120.vtt
3 KB
851 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://assets-jpcust.jwpsrv.com/strips/8gjfX5FU-120.vtt
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
10b9c9ca2cc02d143867e6e7919d95cad2be51ea62a85c260d9285e2a2b02f16

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 20:17:10 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
age
160
x-amz-server-side-encryption
AES256
x-cache
HIT, HIT
content-length
480
x-served-by
cache-iad-kcgs7200050-IAD, cache-fra-eddf8230094-FRA
last-modified
Wed, 10 May 2023 16:57:15 GMT
server
nginx
x-timer
S1683749830.232945,VS0,VE94
etag
"ed8c977281042be33843593e4523ff21"
vary
Accept-Encoding
content-type
text/vtt
access-control-allow-origin
*
accept-ranges
bytes
access-control-allow-headers
accept-encoding, cache-control, origin, dnt, accept-language
x-cache-hits
135, 1

Redirect headers

date
Wed, 10 May 2023 20:17:09 GMT
via
1.1 18c9dea802c00b7c060142aad49f7288.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
x-cache
Hit from cloudfront
content-type
text/html
location
https://assets-jpcust.jwpsrv.com/strips/8gjfX5FU-120.vtt
access-control-allow-origin
*
x-robots-tag
noindex, indexifembedded
content-length
166
x-amz-cf-id
g1SnVpPwdL-lV5vZTJ3LmM7Vt892xTCaBU2w0QGb78Zj4aUd5PJvfA==
8gjfX5FU.m3u8
cdn.jwplayer.com/manifests/ 		2 KB
750 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.jwplayer.com/manifests/8gjfX5FU.m3u8
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:225e:9a00:1:a3fa:7cc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
openresty /
Resource Hash
159a4348738faa6a17a4a91085572a0a1827448977e79cff09b77eb06d13a030

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 20:17:09 GMT
content-encoding
gzip
via
1.1 18c9dea802c00b7c060142aad49f7288.cloudfront.net (CloudFront)
server
openresty
x-amz-cf-pop
FRA60-P4
x-cache
Hit from cloudfront
content-type
application/vnd.apple.mpegurl; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=180
x-robots-tag
noindex, indexifembedded
content-length
400
x-amz-cf-id
vOJYByHw46p-6ufpVrbjVtoBRhB-MG13x7Anzk-pTJiRv_einrmM2g==
materialdesignicons.min.css
cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/ Frame E0FD
Redirect Chain
  • https://cdn.materialdesignicons.com/4.5.95/css/materialdesignicons.min.css
  • https://cdn.jsdelivr.net/mdi/4.5.95/css/materialdesignicons.min.css
  • https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
200 KB
34 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css.gz
Protocol
H2
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f10134f63012891e9e259c48919da02a150be23f97892cae445acec7c1e8e00f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://origami.secure.ownlocal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 10 May 2023 20:17:10 GMT
x-content-type-options
nosniff
content-encoding
br
age
3082150
x-jsd-version
4.5.95
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
34908
x-served-by
cache-fra-eddf8230060-FRA, cache-gig2250079-GIG
x-jsd-version-type
version
etag
W/"31f6f-BYur28y59QOryer8RIiplddE6Sc"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*

Redirect headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 10 May 2023 20:17:10 GMT
x-content-type-options
nosniff
age
2548742
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
111
x-served-by
cache-fra-eddf8230033-FRA, cache-gig2250079-GIG
vary
Accept-Encoding, Accept
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
location
https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
access-control-expose-headers
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
inter.css
rsms.me/inter/ Frame E0FD 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://rsms.me/inter/inter.css
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css.gz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3038::6815:e9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c14569b287795db20f175729c90108f5e756049018e48f45d6f92c11c31be884

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://origami.secure.ownlocal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-fastly-request-id
a1b385626448a174b783e884d1bee38ff0870350
date
Wed, 10 May 2023 20:17:09 GMT
via
1.1 varnish
content-encoding
br
expires
Wed, 03 May 2023 20:40:24 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
480
x-cache
HIT
x-proxy-cache
MISS
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by
cache-fra-eddf8230127-FRA
last-modified
Thu, 27 Apr 2023 15:37:02 GMT
server
cloudflare
x-github-request-id
9166:C2DF:715E98:7521BB:644A979E
x-timer
S1682657265.777797,VS0,VE2
etag
W/"644a969e-1490"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yYAA3hiZX6n2Mfb0auC7mU2CBNzeFs8illZ%2Fuf0rN6Ob8MiPkqqZPvPJJz%2B8VcSuSbsWyYMXesU5%2B1wco0Dtumsp7jQ7yF%2BjxO9O0T5cFQ9maw3pY0%2FciQahPT0zz3hkIF9XSPzB"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=14400
x-origin-cache
HIT
cf-ray
7c54dd350a22bb59-FRA
x-cache-hits
1
css2
fonts.googleapis.com/ Frame E0FD 		1 KB
475 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Frank+Ruhl+Libre:wght@500&display=swap
Requested by
Host: origami.secure.ownlocal.com
URL: https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.css.gz
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ef2864db59214510b41fd811cb68c05b4d9542a3298a56b290b02970052dbbfa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://origami.secure.ownlocal.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 10 May 2023 20:17:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/bcfae741e379a885f2ab2cf83ebe6d32
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 10 May 2023 20:17:09 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 May 2023 20:17:09 GMT
loader-config.json
cdn.wgchrrammzv.com/prod/forum/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.wgchrrammzv.com/prod/forum/loader-config.json
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4D05) /
Resource Hash
8b66f48278fb986f0f07a7827e508cdf1228e1f6a3960915ee2f8451112a256b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 10 May 2023 20:17:09 GMT
content-encoding
gzip
content-md5
7fTtE6xsd7EtSwyK6Rvr1Q==
age
2348
x-cache
HIT
content-length
1274
x-ms-lease-status
unlocked
last-modified
Tue, 31 Jan 2023 05:19:47 GMT
server
ECAcc (frc/4D05)
etag
0x8DB034AC53E306A
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
a35fcdca-201e-0054-4676-83b8e9000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
index.html
widgets.jobshq.com//dist/list/ Frame F53C 		937 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://widgets.jobshq.com//dist/list/index.html?property=12
Requested by
Host: widgets.jobshq.com
URL: https://widgets.jobshq.com/dist/loadJobsHQ.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:8c00:1d:9060:10c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 / Express
Resource Hash
d39ea8b01429409597b65e67ec77e3a76fbd01ac17882fccfdc7b5ade5b522ee

Request headers

Referer
https://www.grandforksherald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
public, max-age=0
content-length
937
content-type
text/html; charset=UTF-8
date
Wed, 10 May 2023 20:17:10 GMT
etag
W/"3a9-182ffa38210"
last-modified
Fri, 02 Sep 2022 19:18:02 GMT
server
nginx/1.22.1
via
1.1 1f0db25765b79d244ad1fa2184395c12.cloudfront.net (CloudFront)
x-amz-cf-id
XUPDKxBFi_MGn6_NYekOpFP3rrzTYWs5eAx1jbhCsNNqLjtbI6kzAA==
x-amz-cf-pop
FRA56-P2
x-cache
Miss from cloudfront
x-powered-by
Express
esp.js
cdn.id5-sync.com/api/1.0/ 		59 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:3456 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d961a31d3d2fdb93a35a4024f9878b2ed896cd86a084ceb8df6af3bc53e29125
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 20:17:09 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Thu, 06 Apr 2023 12:00:04 GMT
server
cloudflare
x-amz-request-id
QNZFRY7R9FJXK93W
age
1395
etag
W/"110f0c3c343ee36404c8a2300f4755c3"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7c54dd3549db1da6-FRA
x-amz-id-2
KKDhfGIrvMmWhKAufCzBC/nz7h+uhfzoYa3jYlHOyQKecIUrTE2oMNZPuo/P7zreNiWhD3nwINo=
pubcid.min.js
cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/ 		732 B
898 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 10 May 2023 20:17:10 GMT
x-content-type-options
nosniff
content-encoding
br
age
26216
x-jsd-version
master
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
439
x-served-by
cache-fra-eddf8230042-FRA, cache-gig2250079-GIG
x-jsd-version-type
branch
etag
W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=604800, s-maxage=43200
accept-ranges
bytes
timing-allow-origin
*
publishertag.ids.js
static.criteo.net/js/ld/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.ids.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 20:17:10 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 24 Feb 2023 07:57:32 GMT
server
nginx
etag
W/"63f86dec-9c21"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Thu, 11 May 2023 20:17:10 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16589/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16589/sync.min.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-122.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9cf4fc9350f69e442ebfdf130d4e601377e9273b642282a1ebb4f79d6116e8c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 05:55:32 GMT
content-encoding
gzip
via
1.1 6def1f0ddc805dce17407cce01d5b32c.cloudfront.net (CloudFront)
last-modified
Thu, 27 Apr 2023 00:14:05 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
51698
x-amz-server-side-encryption
AES256
etag
W/"37e703da55f96b973658b8e7aeed0e93"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
YSnpiATRG5RPotLwVSxXuSMeHhtHDBZgwQrF5PMs4CHPW4jbmm6UgA==
uid2SecureSignal.js
cdn.prod.uidapi.com/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.prod.uidapi.com/uid2SecureSignal.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2250:9000:a:e047:752:b361 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Wed, 10 May 2023 05:53:38 GMT
Via
1.1 508d9aac3b0097e502b117c1e7390bb0.cloudfront.net (CloudFront)
Last-Modified
Thu, 04 May 2023 00:14:06 GMT
Server
AmazonS3
X-Amz-Cf-Pop
FRA60-P2
Age
51812
x-amz-server-side-encryption
AES256
ETag
"4d5acbf33f4a0592ac0515db92fe88e6"
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1858
X-Amz-Cf-Id
HI1Z4Er_BPEEgtVzXmKMpkAGgvhtCRDlrEbcXzi1QxH-4upVE--Vng==
esp.js
oa.openxcdn.net/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://oa.openxcdn.net/esp.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.146.192 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
192.146.102.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 19 Apr 2023 15:58:01 GMT
content-encoding
gzip
age
1829948
x-guploader-uploadid
ADPycdsuws19q6gut2HVw5Cbtoy2R9nMFWEkfsW4j28cg71BlAh_maBVLR9J0a9wek9aI3l80Gjw2adcfLZSJ2do6Qt7pQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7927
last-modified
Thu, 27 May 2021 18:30:51 GMT
server
UploadServer
etag
"df5542b88bc0e368c6999754a5b9e2ba"
x-goog-generation
1622140251693895
x-goog-hash
crc32c=f21hYg==, md5=31VCuIvA42jGmZdUpbniug==
content-type
application/javascript
cache-control
no-transform
x-goog-stored-content-length
7927
accept-ranges
bytes
expires
Thu, 18 Apr 2024 15:58:01 GMT
v2pxwS0sHHvKTrWDBhzl2E2RlSwPangxTNPLgEXBLoaWYJxpyvKR1cgZcYIHt-_c6D3Htq7pL
stereotypedsugar.com/ 		206 B
233 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://stereotypedsugar.com/v2pxwS0sHHvKTrWDBhzl2E2RlSwPangxTNPLgEXBLoaWYJxpyvKR1cgZcYIHt-_c6D3Htq7pL
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:d733::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
fecb0283d12054716ddc0b9cb7784b3729046986359bea7ea4f02002b6e76ab8
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.grandforksherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Wed, 10 May 2023 20:17:09 GMT
via
1.1 google
x-buildnumber
832971200
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
206
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.grandforksherald.com
x-hostname
fen-hoothoot-europe-west1-spot-1dhj
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Wed, 10 May 2023 20:17:08 GMT
bridge3.572.0_en.html
imasdk.googleapis.com/js/core/ Frame 74D8 		707 KB
226 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.572.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b144069da3f1709d073fdb3895992e36a79a45b9f8db3a8bc3f52b54bc86115a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.grandforksherald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
442473
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
231061
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Fri, 05 May 2023 17:22:36 GMT
expires
Sat, 04 May 2024 17:22:36 GMT
last-modified
Thu, 04 May 2023 18:03:20 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 20:17:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 10 May 2023 20:17:10 GMT
prebidjs
rtb.openx.net/openrtbb/ 		53 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
61e37bd98083e658c6beb37a8885da81004d8645e66565f5990cd3a3e63146cb

Request headers

Referer
https://www.grandforksherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 May 2023 20:17:09 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.grandforksherald.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
v1
btlr.sharethrough.com/universal/ 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.67.118 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-67-118.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.grandforksherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.grandforksherald.com
date
Wed, 10 May 2023 20:17:09 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.67.118 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-67-118.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.grandforksherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.grandforksherald.com
date
Wed, 10 May 2023 20:17:09 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.67.118 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-67-118.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.grandforksherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.grandforksherald.com
date
Wed, 10 May 2023 20:17:09 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.67.118 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-67-118.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.grandforksherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.grandforksherald.com
date
Wed, 10 May 2023 20:17:09 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.67.118 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-67-118.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.grandforksherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.grandforksherald.com
date
Wed, 10 May 2023 20:17:09 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.67.118 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-67-118.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.grandforksherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.grandforksherald.com
date
Wed, 10 May 2023 20:17:09 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
fastlane.json
fastlane.rubiconproject.com/a/api/ 		399 B
434 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12144&site_id=44028&zone_id=190792&size_id=15&alt_size_ids=2%2C38%2C55%2C57&us_privacy=1---&rf=https%3A%2F%2Fwww.grandforksherald.com%2F&kw=GrandForks&tg_i.domain=grandforksherald.com&tg_i.page=https%3A%2F%2Fwww.grandforksherald.com%2F&tg_i.pbadslot=googleAd39c0d150-b574-42d5-b014-15bada5f4d60&tk_flint=pbjs_lite_v7.45.0&x_source.tid=18043469-86cf-42f0-a596-e0136b61c34c&l_pb_bid_id=69cb85efc871f2e&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=18043469-86cf-42f0-a596-e0136b61c34c&rp_maxbids=1&slots=1&rand=0.46074049187768273
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
339db5e6572896fca2d362454306e691191caf9de8ca91211da57b3802bb38e7

Request headers

Referer
https://www.grandforksherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 May 2023 20:17:10 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.grandforksherald.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
399
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		393 B
451 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12144&site_id=44030&zone_id=190796&size_id=15&alt_size_ids=2%2C38%2C55%2C57&us_privacy=1---&rf=https%3A%2F%2Fwww.grandforksherald.com%2F&kw=GrandForks&tg_i.domain=grandforksherald.com&tg_i.page=https%3A%2F%2Fwww.grandforksherald.com%2F&tg_i.pbadslot=googleAd39c0d150-b574-42d5-b014-15bada5f4d60&tk_flint=pbjs_lite_v7.45.0&x_source.tid=18043469-86cf-42f0-a596-e0136b61c34c&l_pb_bid_id=70d418a4a888c38&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=18043469-86cf-42f0-a596-e0136b61c34c&rp_maxbids=1&slots=1&rand=0.12752599393774866
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
07e18c8d3cb864c4237b36bdf07531404904c75307a0cabde06776d842bb2b1f

Request headers

Referer
https://www.grandforksherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 May 2023 20:17:10 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.grandforksherald.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
393
expires
Wed, 17 Sep 1975 21:32:10 GMT
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
515 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=248828
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
917315618023f6b319b724ae0fb89a9dcf5a4bf47fadab4a8031e6af996c6fcf

Request headers

Referer
https://www.grandforksherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 May 2023 20:17:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XUGTbh8mNE53VEhS3UYPnWWkvJIxbeApW9wTD3PcDX6A6uFOaLo8yRxejg%2FO84mHB6MeNb%2BKtr7Q3NPU8OGARwliyqVCzFiFbeUbAhIGpd%2FV7GtpS7YPxAN%2BjaQ2tJt%2BV%2BBtvFyI"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.grandforksherald.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7c54dd354a079201-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
cast_framework.js
www.gstatic.com/cast/sdk/libs/sender/1.0/ 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/cast/sdk/libs/sender/1.0/cast_framework.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 20:17:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12197
x-xss-protection
0
last-modified
Mon, 14 Nov 2022 23:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="chrome-dongle"
vary
Accept-Encoding
report-to
{"group":"chrome-dongle","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/chrome-dongle"}]}
content-type
text/javascript
cache-control
private, max-age=0
accept-ranges
bytes
expires
Wed, 10 May 2023 20:17:10 GMT
cast_sender.js
www.gstatic.com/eureka/clank/113/ 		51 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/eureka/clank/113/cast_sender.js
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/cv/js/sender/v1/cast_sender.js?loadCastFramework=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2a54e29a4b1f0cdf4f5cb2e77963987ff5051d96515bf7ee4cf0a17a28756539
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 05:26:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
53426
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview-release
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15228
x-xss-protection
0
last-modified
Mon, 13 Mar 2023 15:06:04 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="cloudview-release"
vary
Accept-Encoding
report-to
{"group":"cloudview-release","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview-release"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
expires
Thu, 11 May 2023 05:26:43 GMT
ai.0.js
az416426.vo.msecnd.net/scripts/a/ 		94 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/forum/loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CD6) /
Resource Hash
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 10 May 2023 20:17:10 GMT
content-encoding
gzip
x-ms-meta-lastmodified
2020-10-01 19:31:04
content-md5
HdY95yzx9wIyQkVEGES+Ew==
age
1108
x-cache
HIT
content-length
22495
x-ms-lease-status
unlocked
last-modified
Thu, 11 Mar 2021 07:46:59 GMT
server
ECAcc (frc/4CD6)
etag
0x8D8E461DA1A5889
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
551a4aaf-d01e-00cb-6e79-8339d8000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
expires
Wed, 10 May 2023 20:47:10 GMT
fp.min.js
cdn.mircheigeshoa.com/prod/forum/ 		65 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mircheigeshoa.com/prod/forum/fp.min.js?2023410
Requested by
Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/forum/loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CDA) /
Resource Hash
153b89dfb7423cdeff87d9e727356188b36bf1bdf237f07c120d809a7e64dae5

Request headers

Referer
https://www.grandforksherald.com/
Origin
https://www.grandforksherald.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 10 May 2023 20:17:10 GMT
content-encoding
gzip
content-md5
/oSHqqKQ8grSDptQYzWmoQ==
age
42390
x-cache
HIT
content-length
23476
x-ms-lease-status
unlocked
last-modified
Tue, 31 Jan 2023 05:05:47 GMT
server
ECAcc (frc/4CDA)
etag
0x8DB0348D0C4D72F
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
b383262e-801e-0000-3f19-83f7be000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
g2i.min.js
cdn.godiciardstia.com/prod/forum/ 		219 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.godiciardstia.com/prod/forum/g2i.min.js?2023410
Requested by
Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/forum/loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CEB) /
Resource Hash
80c1d95d81bc2fdee7c6b6fb798f6d27e405258d3f5116c6bce43949bfae0032

Request headers

Referer
https://www.grandforksherald.com/
Origin
https://www.grandforksherald.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 10 May 2023 20:17:10 GMT
content-encoding
gzip
content-md5
lVcZFoiG8h22PsU1aL3UxA==
age
31407
x-cache
HIT
content-length
48980
x-ms-lease-status
unlocked
last-modified
Tue, 31 Jan 2023 05:20:32 GMT
server
ECAcc (frc/4CEB)
etag
0x8DB034ADFE0EC03
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
e973f18f-c01e-0001-7f33-83a862000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
t8y9347t.min.js
cdn.pranmcpkx.com/prod/forum/ 		871 KB
204 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pranmcpkx.com/prod/forum/t8y9347t.min.js?2023410
Requested by
Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/forum/loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4C94) /
Resource Hash
b2be71d96357ea8f77245c04ce8273ac82555687ac77acbd9d5e6aba96582da6

Request headers

Referer
https://www.grandforksherald.com/
Origin
https://www.grandforksherald.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 10 May 2023 20:17:10 GMT
content-encoding
gzip
content-md5
KN14foJLXTjRihq71OBVpQ==
age
39921
x-cache
HIT
content-length
208837
x-ms-lease-status
unlocked
last-modified
Thu, 02 Feb 2023 05:25:43 GMT
server
ECAcc (frc/4C94)
etag
0x8DB04DDEE69D6D8
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
90ddaef8-c01e-00a8-6b1f-836910000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
t8y9347t.min.css
cdn.pranmcpkx.com/prod/forum/ 		386 KB
54 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.pranmcpkx.com/prod/forum/t8y9347t.min.css?2023410
Requested by
Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/forum/loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4C89) /
Resource Hash
6653d2cca03c490c0032cd74205c6c37a494ea31ac1c46aec8e55c7017c1b3f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 10 May 2023 20:17:10 GMT
content-encoding
gzip
content-md5
MrVpkxJID7vFEqfm9gnQOQ==
age
39921
x-cache
HIT
content-length
54497
x-ms-lease-status
unlocked
last-modified
Thu, 02 Feb 2023 05:25:43 GMT
server
ECAcc (frc/4C89)
etag
0x8DB04DDEE662DE7
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
05224bb7-c01e-0011-391f-836d0a000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
esp
oajs.openx.net/
Redirect Chain
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.grandforksherald.com%2F&rid=esp
  • https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.grandforksherald.com%2F&rid=esp&cc=1
85 B
203 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.grandforksherald.com%2F&rid=esp&cc=1
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Server
34.120.107.143 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
143.107.120.34.bc.googleusercontent.com
Software
/ Express
Resource Hash
d90aeda66c47178379868016b798c0035f74873ebcc6db2db1682cf5778bf60a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 20:17:10 GMT
via
1.1 google
x-powered-by
Express
etag
W/"55-MOo+4fZhKF9CHXINVu9fETsgjso"
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.grandforksherald.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
85

Redirect headers

date
Wed, 10 May 2023 20:17:10 GMT
via
1.1 google
x-powered-by
Express
vary
Origin
access-control-allow-origin
https://www.grandforksherald.com
location
/esp?url=https%3A%2F%2Fwww.grandforksherald.com%2F&rid=esp&cc=1
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
prebidjs
rtb.openx.net/openrtbb/ 		53 B
94 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.227.252.103 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
103.252.227.35.bc.googleusercontent.com
Software
/
Resource Hash
35996152a03a39eff3b0e04face1999b4f0d5726bb7da1f7c531510a7bb6dbef

Request headers

Referer
https://www.grandforksherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 10 May 2023 20:17:10 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.grandforksherald.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
pbjs
htlb.casalemedia.com/openrtb/ 		37 B
513 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=248828
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c99b52f0c8489a1b84098d5893dde6d9ffc96de4fa43be9dde349bf6fcfaa4e1

Request headers

Referer
https://www.grandforksherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 May 2023 20:17:10 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AKquGqaS1Z7CspoIugI5zn%2FPCr73fIDFtjVw0VW%2Fxcx5xKHPhxTfvemxnDzzkx7GI2wY0q4sVby0zwEa5NvnWWLwTPyrgYQRgWrdKdxJPqGanU%2F0y1UpUxVdgvuBAKzHtwF%2F4LyH"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.grandforksherald.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7c54dd35aa6d9201-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
37
expires
0
v1
btlr.sharethrough.com/universal/ 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.67.118 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-67-118.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.grandforksherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.grandforksherald.com
date
Wed, 10 May 2023 20:17:10 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.67.118 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-67-118.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.grandforksherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.grandforksherald.com
date
Wed, 10 May 2023 20:17:10 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.67.118 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-67-118.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.grandforksherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.grandforksherald.com
date
Wed, 10 May 2023 20:17:10 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.67.118 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-67-118.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.grandforksherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.grandforksherald.com
date
Wed, 10 May 2023 20:17:10 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.67.118 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-67-118.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.grandforksherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.grandforksherald.com
date
Wed, 10 May 2023 20:17:10 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
164 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.67.118 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-67-118.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.grandforksherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.grandforksherald.com
date
Wed, 10 May 2023 20:17:10 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
fastlane.json
fastlane.rubiconproject.com/a/api/ 		399 B
434 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12144&site_id=44028&zone_id=190792&size_id=15&alt_size_ids=2%2C38%2C55%2C57&us_privacy=1---&rf=https%3A%2F%2Fwww.grandforksherald.com%2F&kw=GrandForks&tg_i.domain=grandforksherald.com&tg_i.page=https%3A%2F%2Fwww.grandforksherald.com%2F&tg_i.pbadslot=googleAd1afd242c-6581-4c4a-beef-493ef943e47e&tk_flint=pbjs_lite_v7.45.0&x_source.tid=511dd075-22a7-4e81-88d1-b36db5bb9202&l_pb_bid_id=95433c9b83fd746&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=511dd075-22a7-4e81-88d1-b36db5bb9202&rp_maxbids=1&slots=1&rand=0.9209074669454382
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
0d444a81d6d7302bf1361efe4a5ce65d00d7dfce23c355ac76bdd0ebe3f6d1f8

Request headers

Referer
https://www.grandforksherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 May 2023 20:17:10 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.grandforksherald.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
399
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		393 B
428 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=12144&site_id=44030&zone_id=190796&size_id=15&alt_size_ids=2%2C38%2C55%2C57&us_privacy=1---&rf=https%3A%2F%2Fwww.grandforksherald.com%2F&kw=GrandForks&tg_i.domain=grandforksherald.com&tg_i.page=https%3A%2F%2Fwww.grandforksherald.com%2F&tg_i.pbadslot=googleAd1afd242c-6581-4c4a-beef-493ef943e47e&tk_flint=pbjs_lite_v7.45.0&x_source.tid=511dd075-22a7-4e81-88d1-b36db5bb9202&l_pb_bid_id=9636e43a317af1b&p_screen_res=1600x1200&rp_secure=1&x_imp.ext.tid=511dd075-22a7-4e81-88d1-b36db5bb9202&rp_maxbids=1&slots=1&rand=0.537500412663301
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::41 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
3b0044aec222c9896823db7c2a05b93c9cfe4000eeb96afec0a1e054f3916b1d

Request headers

Referer
https://www.grandforksherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 May 2023 20:17:10 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.grandforksherald.com
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
393
expires
Wed, 17 Sep 1975 21:32:10 GMT
map
bcp.crwdcntrl.net/6/ 		60 B
342 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.248.111.53 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-248-111-53.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
6369e763330653558817dae31c7e19d8c836e69fd314cd3eda5d41f73f97aae7

Request headers

Referer
https://www.grandforksherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 10 May 2023 20:17:10 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.grandforksherald.com
cache-control
no-cache
x-server
10.45.17.147
access-control-allow-credentials
true
content-length
60
expires
0
v2qlwuo_m_9c1JUZnmPU3dlTwa_nNkMU51mIka4X_mkXVsO23hN5aY0Sv-l9q8p-UEsaakxfk
stereotypedsugar.com/ 		3 B
27 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://stereotypedsugar.com/v2qlwuo_m_9c1JUZnmPU3dlTwa_nNkMU51mIka4X_mkXVsO23hN5aY0Sv-l9q8p-UEsaakxfk
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:d733::1 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.grandforksherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Wed, 10 May 2023 20:17:10 GMT
via
1.1 google
x-buildnumber
832971200
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
x-datacenter
gce-europe-west1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.grandforksherald.com
x-hostname
fen-hoothoot-europe-west1-spot-1dhj
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
manifest-audio_eng=112017-video_eng=339648.m3u8
videos-cloudfront-usp.jwpsrv.com/645ca485_44e7ac7a6c0d5d526df16ea261c2338749335883/site/WWavnRQ9/media/8gjfX5FU/version/8gjfX5FU/manifest.ism/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://videos-cloudfront-usp.jwpsrv.com/645ca485_44e7ac7a6c0d5d526df16ea261c2338749335883/site/WWavnRQ9/media/8gjfX5FU/version/8gjfX5FU/manifest.ism/manifest-audio_eng=112017-video_eng=339648.m3u8
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:3800:2:cecb:23c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
6d588419e60fbe47c551159a6e85b9f0655077a779d2e5ebbe78691a996f96a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 16:59:23 GMT
via
1.1 56317bf75183e752b06c880e8a1e502a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
11867
x-cache
Hit from cloudfront
content-length
2044
server
Apache
etag
"usp-122C08BE"
vary
Accept-Encoding
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
access-control-expose-headers
server,range,date,x-cdn-forward
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
origin, range, x-cdn-forward
x-amz-cf-id
ouMCAlFiaEKhZ_AETZbCRZhijJBzvm-sme1xZmA21MQc81t0CVF8ng==
increment
id5-sync.com/api/esp/ 		0
333 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/esp/increment?counter=no-config
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.grandforksherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.grandforksherald.com
date
Wed, 10 May 2023 20:17:09 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
/
www.facebook.com/tr/ Frame 8311 		0
54 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.grandforksherald.com
Referer
https://www.grandforksherald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.grandforksherald.com
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Wed, 10 May 2023 20:17:10 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
syncframe
gum.criteo.com/ Frame CB6C 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.grandforksherald.com
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.ids.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
97cf4206e208ceee4baa88c1d02f47176d84c5c84f85f63bca9d23aa9f077dc4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.grandforksherald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 10 May 2023 20:17:09 GMT
server
Kestrel
server-processing-duration-in-ticks
349095
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
ares_assets.json
origami.secure.ownlocal.com/origami_unit/production/ Frame E0FD 		168 B
200 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/origami_unit/production/ares_assets.json
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.1/rollbar.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
496db6d47cb7396e6e92ea0d527d26f700d1719a5e993a26379d927da5fd9b20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 19:44:51 GMT
x-goog-meta-goog-reserved-file-mtime
1652972837
age
1939
x-guploader-uploadid
ADPycduC7WbNFJsQKB0YKvtZk1RMqiWdui_WI_dWl1qdw8yPYdXuBsAbb9_5F7QHfefdEb961RjEDVESw8U5KXfWV5J5Hw
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-surrogate-key
ares-unit-bundle-production
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
168
last-modified
Thu, 19 May 2022 15:08:57 GMT
server
UploadServer
etag
"71690f93d8fcaf07c33c4d217bd2d1be"
x-goog-generation
1652972937647965
x-goog-hash
crc32c=nuzGdQ==, md5=cWkPk9j8rwfDPE0he9LRvg==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
x-goog-stored-content-length
168
x-goog-meta-surrogate-key-control
max-age=31536000
accept-ranges
bytes
content-type
application/json
expires
Thu, 11 May 2023 19:44:51 GMT
manifest-audio_eng=112017-video_eng=339648-1.ts
videos-cloudfront-usp.jwpsrv.com/645ca485_44e7ac7a6c0d5d526df16ea261c2338749335883/site/WWavnRQ9/media/8gjfX5FU/version/8gjfX5FU/manifest.ism/ 		227 KB
227 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://videos-cloudfront-usp.jwpsrv.com/645ca485_44e7ac7a6c0d5d526df16ea261c2338749335883/site/WWavnRQ9/media/8gjfX5FU/version/8gjfX5FU/manifest.ism/manifest-audio_eng=112017-video_eng=339648-1.ts
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:3800:2:cecb:23c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
46e7f97d31bf3ad9892b92a25a204a0a71ad7d23ddcf33dcd090705684a79eb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 16:59:24 GMT
via
1.1 56317bf75183e752b06c880e8a1e502a.cloudfront.net (CloudFront)
x-usp-info1
t=1970-01-01T00:00:00Z lookahead=2
x-amz-cf-pop
FRA56-P7
age
11866
x-cache
Hit from cloudfront
content-length
231992
server
Apache
etag
"usp-2CABB280"
content-type
video/MP2T
access-control-allow-origin
*
access-control-expose-headers
server,range,date,x-cdn-forward
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
link
<manifest-audio_eng=112017-video_eng=339648-2.ts>; rel="next"
access-control-allow-headers
origin, range, x-cdn-forward
x-amz-cf-id
tY2Ms_yVHY4RD87HllqwHpLRnTgTI6iJeYF74i0DAyFUpn43LURBlg==
style.css
widgets.jobshq.com//dist/list/ Frame F53C 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://widgets.jobshq.com//dist/list/style.css
Requested by
Host: widgets.jobshq.com
URL: https://widgets.jobshq.com//dist/list/index.html?property=12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:8c00:1d:9060:10c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 / Express
Resource Hash
9efc76ce3a66d2308182603c89a12559ec0b65e8965f3ad3e5cf3a846756e622

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.jobshq.com//dist/list/index.html?property=12
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 20:17:10 GMT
content-encoding
br
via
1.1 1f0db25765b79d244ad1fa2184395c12.cloudfront.net (CloudFront)
last-modified
Fri, 02 Sep 2022 19:18:02 GMT
server
nginx/1.22.1
x-amz-cf-pop
FRA56-P2
x-powered-by
Express
etag
W/"990-182ffa38210"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/css; charset=UTF-8
cache-control
public, max-age=0
x-amz-cf-id
xfuRs1loTmte_dRCG2dgstfpNOQdQjGDKbWRPP5PHSuzmhsy1pqh9w==
logo.png
widgets.jobshq.com//dist/images/ Frame F53C 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.jobshq.com//dist/images/logo.png
Requested by
Host: widgets.jobshq.com
URL: https://widgets.jobshq.com//dist/list/index.html?property=12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:8c00:1d:9060:10c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 / Express
Resource Hash
7826fe95a2a54d45f09eea4a374622adefb6eeab1612ffd8e4eef8de367744ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.jobshq.com//dist/list/index.html?property=12
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 20:17:10 GMT
via
1.1 1f0db25765b79d244ad1fa2184395c12.cloudfront.net (CloudFront)
last-modified
Fri, 02 Sep 2022 19:18:02 GMT
server
nginx/1.22.1
x-amz-cf-pop
FRA56-P2
x-powered-by
Express
etag
W/"99a-182ffa38210"
x-cache
Miss from cloudfront
content-type
image/png
cache-control
public, max-age=0
accept-ranges
bytes
content-length
2458
x-amz-cf-id
JNXn_GZ4VzrR9vXNdNKjTErNyWgJUgIyO0gMXfLvgRCILNIvVj5d2g==
script.js
widgets.jobshq.com//dist/list/ Frame F53C 		1022 B
820 B 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets.jobshq.com//dist/list/script.js
Requested by
Host: widgets.jobshq.com
URL: https://widgets.jobshq.com//dist/list/index.html?property=12
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:8c00:1d:9060:10c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.1 / Express
Resource Hash
abf731d1e7ef6bdb9dc5de16de86cdbcc2377b83fa3b656ce6a9aaec80af5b06

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.jobshq.com//dist/list/index.html?property=12
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 20:17:10 GMT
content-encoding
br
via
1.1 1f0db25765b79d244ad1fa2184395c12.cloudfront.net (CloudFront)
last-modified
Wed, 12 Oct 2022 19:17:06 GMT
server
nginx/1.22.1
x-amz-cf-pop
FRA56-P2
x-powered-by
Express
etag
W/"3fe-183cda10750"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
x-amz-cf-id
q42HA8pBvN54JkZenKWhr8UD7Ju4BeoV5CrNhg_Wd30wY5tj0woDjA==
self
api-mg2.db-ip.com/v2/p14891b727f063924f0d86d8a8e5063678abd2ac/ 		537 B
776 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-mg2.db-ip.com/v2/p14891b727f063924f0d86d8a8e5063678abd2ac/self?_=1683749830337
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f214bb83b00dbb7096b4e44ef9d18385e8b643b2f306c311d34233b83b20e526

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 20:17:10 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 10 May 2023 20:17:10 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=umAsfQTnIWs6TBwjePKGgVLfWzlyB%2FOOfFOefTFcp0oOPoo6zGBH2cJ2ca68u76%2FHWn0sUmP86qVdIgl%2FSjuoUUbeGRETr7WDIUgAtGnxP5mB7MoZDgSp%2F8rnxrtPfqinYTA"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1800
cf-ray
7c54dd381b1730e4-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012304262219000/ Frame 4759 		222 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304262219000/amp4ads-v0.mjs
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202305101013/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
151efe0aef9774258d30d2e65e7b1450e7d84d9965a55d0989d1d64d25484035
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 08 May 2023 19:10:26 GMT
age
176804
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61839
x-xss-protection
0
server
sffe
etag
"ccf36922213b3ec5"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 May 2024 19:10:26 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012304262219000/v0/ Frame 4759 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304262219000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202305101013/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a39d28f78d96f29523eee3db2d6657e6436565fb175a70e6c84c3106c53dde20
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 08 May 2023 19:10:26 GMT
age
176804
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5222
x-xss-protection
0
server
sffe
etag
"4fd619331b8f64df"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 May 2024 19:10:26 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012304262219000/v0/ Frame 4759 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304262219000/v0/amp-analytics-0.1.mjs
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202305101013/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
004dccc422f9d07025eb214e959cea7b998666e94fb15d5d254d7c581063d680
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 08 May 2023 19:10:26 GMT
age
176804
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28884
x-xss-protection
0
server
sffe
etag
"6451d33588c99856"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 May 2024 19:10:26 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012304262219000/v0/ Frame 4759 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304262219000/v0/amp-fit-text-0.1.mjs
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202305101013/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0fa2fafb5adcf4a630ac19299166f2db7fad934b4c00be42447afbba5c36c852
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 08 May 2023 19:10:26 GMT
age
176804
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1906
x-xss-protection
0
server
sffe
etag
"83933b769a9f5701"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 May 2024 19:10:26 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012304262219000/v0/ Frame 4759 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304262219000/v0/amp-form-0.1.mjs
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202305101013/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d5b19727f965f05638f8fbb07196eb4aaae8722e495c7d38dc1815e676178831
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 08 May 2023 19:10:26 GMT
age
176804
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12938
x-xss-protection
0
server
sffe
etag
"3f9bab308b30f46e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 May 2024 19:10:26 GMT
css
fonts.googleapis.com/ Frame 4759 		9 KB
932 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202305101013/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 10 May 2023 20:17:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 10 May 2023 18:32:03 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 May 2023 20:17:10 GMT
pixel
protected-by.clarium.io/ 		68 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_Y1VuUS10WU5aOTVKaDNFZXpWUU1EcEt1RURrLzIxMjgyMjI5OTc6OTcweDI1MA==&v=5&s=v31h03kuvne&h=www.grandforksherald.com&cb=9324880&d=eyJ3aCI6IlkxVnVVUzEwV1U1YU9UVkthRE5GWlhwV1VVMUVjRXQxUlVSckx6SXhNamd5TWpJNU9UYzZPVGN3ZURJMU1BPT0iLCJ3ZCI6eyJvIjoyMTI4MjIyOTk3LCJ3IjoiOTcwIiwiaCI6IjI1MCJ9LCJ3ciI6Mn0=&id=eyJkZnAiOnsiYWQiOjIwOTM1MTQyMSwiYyI6bnVsbCwibCI6MCwibyI6MjEyODIyMjk5NywiQSI6Ii83MDIxL2ZvcnVtY29tbS9ncmFuZGZvcmtzaGVyYWxkL2hvbWVwYWdlIiwieSI6MzY2MTQwLCJjbyI6MCwicyI6Imdvb2dsZUFkYWY2Y2FkNzUtMDM5MS00Zjk0LThhZWEtY2QyYzMyMDM1ODE0In19
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.51.225.119 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-51-225-119.eu-north-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Wed, 10 May 2023 20:17:10 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4759 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 22:44:13 GMT
x-content-type-options
nosniff
server
cafe
age
77577
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Wed, 10 May 2023 22:44:13 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4759 		295 B
399 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 21:21:48 GMT
x-content-type-options
nosniff
server
cafe
age
82522
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Wed, 10 May 2023 21:21:48 GMT
l
www.google.com/ads/measurement/ Frame 4759 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSPOWbIoPCOeeVLqkj3eZp4V4rZYTUaS9-_MQxr6-F641diq5tFVCfQQNpjRyLOKNMSvtvr
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 4759 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CpmRCxftbZPLPMpG9lgTVz4dIoquht3CH9oyFrhHkgrv7mgIQASDijfQVYJWCgICYB6AB8fTHginIAQngAgCoAwHIAwqqBKECT9Cug0h2uFNenZZYk0zCsegodMYNIO4OY1QNiDkBhfVwO3evl6Tj4oZnzyDrQcEB96VZNUv4aEuZX6XWxjcVnO3m0B31BEl0aKk0LDRmTdHbNvo7B9bP3QpT2v6fDJX2MTI3bQ2r4U1doePZX_SDJDkcSox-4kt_OufifNp_4JiZQqNxyAYf0C6iAUdvIBxV1LwoQBPSGjtZApiznLxCGXDxOmqGCyFv49vO3ODO2J9dgke-0Cb08vI4UfeWzaoErAcWaWSXo8pQG8NdyKv4wWxSwH0Mfy0QSg_UmD97Do03qn03tO2kx82DkQaN0yu6xX-O59UFCRDGPMB_6flA7C0NNFDVwIxySoSuAfahGAOjShlNuAQmK_-rY-cTYZJg1cAE6ePzmKYE4AQBkgUECAQYAZIFBAgFGASgBi6AB_GsmOIDqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ25YP0ggWCIDhgHAQARgdMgLrAjoCgEBIvf3BOoAKA8gLAdgTDdAVAZgWAYAXAbIXHgocCAASFHB1Yi05MTM2NjkzOTQ3MzA2NDQ1GJW0EA&sigh=TWoB5dSi63w&uach_m=[UACH]&cid=CAQSTQBygQiDuCVlZ-Yk6X-la9DyoL7POhF3SXSZJmR_oyMIJc3MFZt_cYJ0Dp95C7ZGIKyAB3cSnigMsjMeedqeu4AV_JQdUSs5wDQqGqriGAE&template_id=5000
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame 87CD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvPD_99d70R-3B1RhboIfrtvPXXRD5jzJaV4dftwG_D3G6vROzUFR8IV7joLAWOxvAbCDnbfZShhTEvMoOE862NbPHQVXb6bP1lxiNCEBbDFNafjR9VkH5U9hsKtix7_SgApbl0WYv20lJ6iCCHbFJb8W0N7glDwQ_KIT-3q_7WdphfrcH9PF1iGHJKSD4Ec2bz0qXcYjLTRCtQgqhdqAMAHR53CdsuJozCogRACn8rd8Mej5Y6BFYD-mRBuNpPMIV59OCuo4dJgYmEDa2OI1ydHiKATzW_uTt7kV_DL2LQUATSwEe1UlO3vSTLetsB5NoSWCPefp5yRoJtZmPQd51RYqz_QR2DUXXX4Thn&sai=AMfl-YRHpFMavUaRgjAcqE0aYKI6vdNVvOGLb4ezVp6AOz5nM1gaWE7tRCNEAeKCXCj0HqSkbdnlJf7ZX40NmNZrZgOnt9q3vTVBOymLsP7dwgGA6hLzz7605o_GQJZtw0zFMj86IdTnUzyeAcK28wjm4g&sig=Cg0ArKJSzKwAqmMRCx3rEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 20:17:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20230508/r20110914/client/ Frame 87CD 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20230508/r20110914/client/window_focus_fy2021.js
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 18:32:52 GMT
content-encoding
br
x-content-type-options
nosniff
age
6258
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Wed, 24 May 2023 18:32:52 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 87CD 		169 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8ea3b1ac8c7484427325ded6517f7ed0acc6be4cc428bbbd47cde78f1f148811
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 20:17:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
53510
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1683545318771348"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 10 May 2023 20:17:10 GMT
15033494202447716321
tpc.googlesyndication.com/simgad/ Frame 87CD 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15033494202447716321
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
41fdc9a4ce3d3824ceaa71d1be9e2d65277e841e309601a2ca9ed6c595b34f56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Mon, 08 May 2023 03:08:32 GMT
x-content-type-options
nosniff
age
234518
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7232
x-xss-protection
0
last-modified
Wed, 05 Apr 2023 15:04:22 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 07 May 2024 03:08:32 GMT
l
www.google.com/ads/measurement/ Frame 87CD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQfN2yyzQDwtBgWQqCrIh0W6noLDDEEpr6DD3jiqMXrjb5Tg-4-pW_aZF7MgXiTOyivVWGt
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers
pixel
protected-by.clarium.io/ Frame 87CD 		68 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_Y1VuUS10WU5aOTVKaDNFZXpWUU1EcEt1RURrLzMxNzgzMDE4OTY6MzAweDUw&v=5&s=v31h03kuvoq&id=eyJkZnAiOnsiYWQiOjEzODYwNzQxLCJjIjoxMzg0Mjg2NTA0OTAsImwiOjYyNjE1OTU4OTAsIm8iOjMxNzgzMDE4OTYsIkEiOiIvNzAyMS9mb3J1bWNvbW0vZ3JhbmRmb3Jrc2hlcmFsZC9ob21lcGFnZSIsInkiOjAsImNvIjowLCJzIjoiZ29vZ2xlQWQ4NGNhZDlkZi02NmMwLTRiYTEtODFjNi1hZGEyMmJjYzJhNzcifX0%3D&cb=5579011&h=www.grandforksherald.com&d=eyJ3aCI6IlkxVnVVUzEwV1U1YU9UVkthRE5GWlhwV1VVMUVjRXQxUlVSckx6TXhOemd6TURFNE9UWTZNekF3ZURVdyIsIndkIjp7Im8iOjMxNzgzMDE4OTYsInciOiIzMDAiLCJoIjoiNTAifSwid3IiOjJ9
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.51.225.119 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-51-225-119.eu-north-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Wed, 10 May 2023 20:17:10 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/10359528812483894097/ Frame 4759 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10359528812483894097/14763004658117789537?w=600&h=314
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1d83afcdc6b732315ec510266ea2fdededbeb29dc82e917e7983a56d7ccea7f9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sun, 07 May 2023 08:38:22 GMT
x-content-type-options
nosniff
age
301128
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21240
x-xss-protection
0
last-modified
Fri, 21 Apr 2023 10:12:36 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 06 May 2024 08:38:22 GMT
truncated
/ Frame 4759 		206 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 4759 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 4759 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f18b2e0a7d888b717705751708e2bdcfee1f898fbc2d959747303ecab4a8efbb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 87CD 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e77edf5939bc2d42eb1467d0bf33d5f58fe919dbc70e6b8b62460c28e26ce177

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
sid
mug.criteo.com/ Frame CB6C
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertagids&domain=grandforksherald.com&sn=ChromeSyncframe&so=0&topUrl=www.grandforksherald.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=9svIhnxjTjVrQTFNeGZPSVB1clpqUklIS3RqU0p1RnBqQUR6OWJ5dkNJc0lrWVhFN21vR0pVQm4vUW1EY2dYR0UyTUdQUUw1RmFKbCt6cUNPcXBXMWlvSExWZTU3eSt6aUlOR09TanJ3SjJKbitJbEJNbG1nNXJNT3RtTU...
449 B
673 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=9svIhnxjTjVrQTFNeGZPSVB1clpqUklIS3RqU0p1RnBqQUR6OWJ5dkNJc0lrWVhFN21vR0pVQm4vUW1EY2dYR0UyTUdQUUw1RmFKbCt6cUNPcXBXMWlvSExWZTU3eSt6aUlOR09TanJ3SjJKbitJbEJNbG1nNXJNT3RtTUdrYjUxWVhIdkhYK3pDbllWU215S1ducVBiN05yczNVellMazJMZGQ5Zm12K2dhd1g0aWw4ek1xUjNNVlhhMXFSdmszVEsyTk1zVkRXd2pldUhFRGRZNG9GSGtOclM4cFpGZU1uYnk2WC9mRVZtTFJIc3hDZ1plSUZibkxoTi9KNDA2YTdjRWRNZTFORlVVK2pON2RGd3lBOFZNMFJVSmxkSWVxY05sb2RZdTJ3ZEsyQis4Zz18&cppv=2
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
ec889b60ca5e46d4779ee2a1563781d74c5cc9424f64d6c833d3a293316fc4af
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 May 2023 20:17:10 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1652542
expires
0

Redirect headers

pragma
no-cache
date
Wed, 10 May 2023 20:17:09 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=9svIhnxjTjVrQTFNeGZPSVB1clpqUklIS3RqU0p1RnBqQUR6OWJ5dkNJc0lrWVhFN21vR0pVQm4vUW1EY2dYR0UyTUdQUUw1RmFKbCt6cUNPcXBXMWlvSExWZTU3eSt6aUlOR09TanJ3SjJKbitJbEJNbG1nNXJNT3RtTUdrYjUxWVhIdkhYK3pDbllWU215S1ducVBiN05yczNVellMazJMZGQ5Zm12K2dhd1g0aWw4ek1xUjNNVlhhMXFSdmszVEsyTk1zVkRXd2pldUhFRGRZNG9GSGtOclM4cFpGZU1uYnk2WC9mRVZtTFJIc3hDZ1plSUZibkxoTi9KNDA2YTdjRWRNZTFORlVVK2pON2RGd3lBOFZNMFJVSmxkSWVxY05sb2RZdTJ3ZEsyQis4Zz18&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
331236
content-length
0
expires
0
ares-unit.js.gz
origami.secure.ownlocal.com/origami_unit/production/ Frame E0FD 		115 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/origami_unit/production/ares-unit.js.gz
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
a15d10ee6ae48395020b55338c0384cc95c1baa147d27f4d0fe05520beb75ff1

Request headers

Referer
https://www.grandforksherald.com/
Origin
https://www.grandforksherald.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 19:44:51 GMT
content-encoding
gzip
x-goog-meta-goog-reserved-file-mtime
1652972837
age
1939
x-guploader-uploadid
ADPycdvLp_-5vnP_4hTzlWZ8-IniKCg21t_--k73j2Mw4PKgKjVj8LjYtbOQJE1nRGIN6g9Des2LeNqifHeNrx2bJmgr9Q
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-surrogate-key
ares-unit-bundle-production
x-goog-metageneration
2
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32473
last-modified
Thu, 19 May 2022 15:08:57 GMT
server
UploadServer
etag
"0447f5ed525529565dc5e920e8d77e31"
vary
Accept-Encoding
x-goog-generation
1652972937548329
x-goog-hash
crc32c=HUbaKQ==, md5=BEf17VJVKVZdxekg6Nd+MQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
x-goog-stored-content-length
32473
x-goog-meta-surrogate-key-control
max-age=31536000
accept-ranges
bytes
content-type
application/javascript
expires
Thu, 11 May 2023 19:44:51 GMT
7b16440f-ad38-47ac-8c33-f29f9e2b9c99
https://www.grandforksherald.com/ 		84 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.grandforksherald.com/7b16440f-ad38-47ac-8c33-f29f9e2b9c99
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
38e33cb66d9e6c0ebb591c68943277b0c0f243f3137490010da38c701d0304cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Length
86284
Content-Type
text/javascript
4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
fonts.gstatic.com/s/googlesans/v46/ Frame 4759 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v46/4UasrENHsxJlGDuGo1OIlJfC6l_24rlCK1Yo_Iqcsih3SAyH6cAwhX9RPjIUvQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.grandforksherald.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 06 May 2023 05:24:40 GMT
x-content-type-options
nosniff
age
399150
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29728
x-xss-protection
0
last-modified
Mon, 03 Apr 2023 16:59:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 May 2024 05:24:40 GMT
madgexWidgetJobs.php
api.jobshq.com/ Frame F53C 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://api.jobshq.com/madgexWidgetJobs.php?rows=5&propertyID=12&callback=jobsCallback
Requested by
Host: widgets.jobshq.com
URL: https://widgets.jobshq.com//dist/list/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:f400:14:d64b:ab80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.22.0 /
Resource Hash
f4383501f967cdcfd029237d3348c3d588ce998786fc7bfa8769a6aedc294c61

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://widgets.jobshq.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 20:17:10 GMT
content-encoding
gzip
via
1.1 1f0db25765b79d244ad1fa2184395c12.cloudfront.net (CloudFront)
server
nginx/1.22.0
x-amz-cf-pop
FRA56-P2
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
access-control-allow-headers
Origin
x-amz-cf-id
8AcVtzQhZYXpN7T8CRr-9eucRUjo-dTIH_gDzSpGEjtATMvUL-z-BQ==
pd
google-bidout-d.openx.net/w/1.0/ Frame 39B8 		0
176 B 		Document
General
Check archive.org
Download Go to
Full URL
https://google-bidout-d.openx.net/w/1.0/pd?plm=5
Requested by
Host: oa.openxcdn.net
URL: https://oa.openxcdn.net/esp.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.grandforksherald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Wed, 10 May 2023 20:17:10 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
latest.json
origami.secure.ownlocal.com/origami_configs/a0f2e82f-4eed-4522-9953-40a9abd0a2d8/ Frame E0FD 		3 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://origami.secure.ownlocal.com/origami_configs/a0f2e82f-4eed-4522-9953-40a9abd0a2d8/latest.json
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.1/rollbar.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.96.77.232 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
232.77.96.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
0b5471dc2876762c0689554242e543efec8e27b820603f7ae86a19e5da029a74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 20:17:10 GMT
x-guploader-uploadid
ADPycdu3aeWRqm9BMuc7OKuQu3V4JfcGmGTZhOeg4slPLq2eztk6avGQdeiz2duTUOWJBHKaWgK9956M6O1cejR0f5eF26vUvBxc
x-goog-storage-class
MULTI_REGIONAL
x-goog-meta-surrogate-key
a0f2e82f-4eed-4522-9953-40a9abd0a2d8
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2597
last-modified
Sun, 07 May 2023 21:55:59 GMT
server
UploadServer
etag
"f3c5319bb34945639472896de79d865f"
x-goog-generation
1683496559782073
content-type
application/json
access-control-allow-origin
*
x-goog-hash
crc32c=l1keEw==, md5=88Uxm7NJRWOUcolt552GXw==
access-control-expose-headers
Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=0,s-maxage=3600
x-goog-stored-content-length
2597
accept-ranges
bytes
expires
Wed, 10 May 2023 21:17:10 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 87CD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstMS0b3B9CQnHKTDDCegbBlbMbdxnsHUABzB4BWPUlOT4kNugUP0OyyrcyvGkYb8xQ6IhY09SCpY2VtNzuBSl7I04gB_8kRAxhFSZKXLtLEisMHnLzNHaYxk_KpByI5LIKxyktI8YudBkVrqt9losuktKin3wMCyzV5nvEyD0LKWmIkn2CcMyrFtYFF-lV4_U3IC1dhlxOanTIE_dFjWvlUMcls7Kh-JjLxQiQMPr3fcQsON_zPGtthj2pD3r1lEtbm2AF5DH71Xa-dw1PrJOaDKrzVgrkG03A-w-NehXQdOxY3xkY_1OaWKUffLPWpiObNkbtS1w1HtJI0XUUCpkVGd_2BwmVpcg-XdxuOdmA&sai=AMfl-YSANnvurC7Fz7VBs_EPxskljyzWNlrCsCzPSPAMvfOK9cQv6v9D99_8ybdDAfMdpg32uu1oxkv3dWIJWvU3sIlM-uPHtnQgxi6ZahkXO_x_PxPtmFrEGCXcFNGPuNVocB5eYBx4k7zKjAeAjPf2jA&sig=Cg0ArKJSzOy-qjiGzDdsEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 20:17:10 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Wed, 10 May 2023 20:17:10 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4759 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012304262219000/amp4ads-v0.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 22:44:13 GMT
x-content-type-options
nosniff
server
cafe
age
77577
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Wed, 10 May 2023 22:44:13 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 4759 		295 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012304262219000/amp4ads-v0.mjs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 21:21:48 GMT
x-content-type-options
nosniff
server
cafe
age
82522
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Wed, 10 May 2023 21:21:48 GMT
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012304262219000/ Frame 7D22 		222 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304262219000/amp4ads-v0.mjs
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202305101013/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
151efe0aef9774258d30d2e65e7b1450e7d84d9965a55d0989d1d64d25484035
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 08 May 2023 19:10:26 GMT
age
176804
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61839
x-xss-protection
0
server
sffe
etag
"ccf36922213b3ec5"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 May 2024 19:10:26 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012304262219000/v0/ Frame 7D22 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304262219000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202305101013/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a39d28f78d96f29523eee3db2d6657e6436565fb175a70e6c84c3106c53dde20
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 08 May 2023 19:10:26 GMT
age
176804
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5222
x-xss-protection
0
server
sffe
etag
"4fd619331b8f64df"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 May 2024 19:10:26 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012304262219000/v0/ Frame 7D22 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304262219000/v0/amp-analytics-0.1.mjs
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202305101013/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
004dccc422f9d07025eb214e959cea7b998666e94fb15d5d254d7c581063d680
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 08 May 2023 19:10:26 GMT
age
176804
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28884
x-xss-protection
0
server
sffe
etag
"6451d33588c99856"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 May 2024 19:10:26 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012304262219000/v0/ Frame 7D22 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304262219000/v0/amp-fit-text-0.1.mjs
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202305101013/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0fa2fafb5adcf4a630ac19299166f2db7fad934b4c00be42447afbba5c36c852
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 08 May 2023 19:10:26 GMT
age
176804
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1906
x-xss-protection
0
server
sffe
etag
"83933b769a9f5701"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 May 2024 19:10:26 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012304262219000/v0/ Frame 7D22 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304262219000/v0/amp-form-0.1.mjs
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202305101013/wrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d5b19727f965f05638f8fbb07196eb4aaae8722e495c7d38dc1815e676178831
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 08 May 2023 19:10:26 GMT
age
176804
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12938
x-xss-protection
0
server
sffe
etag
"3f9bab308b30f46e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 May 2024 19:10:26 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7D22 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202305101013/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 22:44:13 GMT
x-content-type-options
nosniff
server
cafe
age
77577
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Wed, 10 May 2023 22:44:13 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 7D22 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202305101013/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 21:21:48 GMT
x-content-type-options
nosniff
server
cafe
age
82522
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Wed, 10 May 2023 21:21:48 GMT
truncated
/ Frame 7D22 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
30672bbcaf57760c0496cc6cf57b071b78b8341e0d2465328c4f00d368b54082

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
pixel
protected-by.clarium.io/ 		68 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_Y1VuUS10WU5aOTVKaDNFZXpWUU1EcEt1RURrLzIxMjgyMjI5OTc6NzI4eDkw&v=5&s=v31h03kv014&h=www.grandforksherald.com&cb=1712269&d=eyJ3aCI6IlkxVnVVUzEwV1U1YU9UVkthRE5GWlhwV1VVMUVjRXQxUlVSckx6SXhNamd5TWpJNU9UYzZOekk0ZURrdyIsIndkIjp7Im8iOjIxMjgyMjI5OTcsInciOiI3MjgiLCJoIjoiOTAifSwid3IiOjJ9&id=eyJkZnAiOnsiYWQiOjIwOTM1MTQyMSwiYyI6bnVsbCwibCI6MCwibyI6MjEyODIyMjk5NywiQSI6Ii83MDIxL2ZvcnVtY29tbS9ncmFuZGZvcmtzaGVyYWxkL2hvbWVwYWdlIiwieSI6MzY2MTQwLCJjbyI6MCwicyI6Imdvb2dsZUFkZmY1MTY4NzUtM2Y1MC00ODRhLWI2YTItY2Q4ZWI1NjRkN2U3In19
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.51.225.119 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-51-225-119.eu-north-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Wed, 10 May 2023 20:17:10 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
6238019428579251764
tpc.googlesyndication.com/daca_images/simgad/ Frame 7D22 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/6238019428579251764
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6ed0c7fc0c9f4def57af12e53b570988cc2c8b20eaaf5c191aaca0f4917bb5e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 06 May 2023 18:05:06 GMT
x-content-type-options
nosniff
age
353524
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23475
x-xss-protection
0
last-modified
Sat, 07 Aug 2021 16:12:57 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 05 May 2024 18:05:06 GMT
l
www.google.com/ads/measurement/ Frame 7D22 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaS7-vu8QDGCiQfslW6YND_i7ip1tbyYLvYsSwJp2p2f-ABtGmz-0Yo0U_N-Gw_zwpp2-3GD
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame 7D22 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C8giQxvtbZPW8EoaYlgT5vIroAa-1ja9w-q7dlZYOvIm3-7UpEAEg4o30FWCVgoCAsAegAd3WqL8ByAECqQK4Sb-1M2eyPuACAKgDAcgDCKoEowJP0LL_YzaFMPD0DYbV4T66UN73211yrS8RcKHVMynd1xyM8aKnoePI9_S4wOmqb6AxYxQAhEsjn7eVnG1B9vnGM7xfLQ1SaJfv0yZeAOivgiEmK0fBjcPKEETn3x6M-S4PEDerK12CXGWnr_buCycJ23ei2k5qrg6tLD1W8yKK-rZj3OybwfJC54q5LnA5OcRcGSTrT4ZeFsXu-E3esZFTu_R-19P7fEGXAb03j-y8WY30_IKSBVU5i-Ou3GowklNjm0KM3mharvc6kY7QSFVLHWnJVPDejVgSDw0nPKjr-S8OuxydYyD3Y4Bwq4uOsdN7UdGRSZX32OsdrAXZmQZNUmIzTB8-dkFHY6IsJumQ0Pc00EiZeG_oA38mWIQRz6L8mLzABKidy-zKA-AEAZIFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYCgAeLqdfAAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6SjsQKoB9XJG6gHpr4b2AcB8gcDEPAu0ggWCIDhgHAQARgdMgLrAjoCgEBIvf3BOoAKA8gLAdgTDdAVAZgWAYAXAbIXHgocCAASFHB1Yi05MTM2NjkzOTQ3MzA2NDQ1GJW0EA&sigh=jh0nNLUbGJ4&uach_m=[UACH]&cid=CAQSTgBygQiDpZgbTt8YudvF14HnD28tTN93-b__Le66JAhPnQsy7WP7lkmA6OyDBKA3J3FpJ2im0NsX7nGqML0AF-Kam7g5tPLKHWBlwOWrzRgB
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers
manifest-audio_eng=112017-video_eng=521059.m3u8
videos-cloudfront-usp.jwpsrv.com/645ca485_44e7ac7a6c0d5d526df16ea261c2338749335883/site/WWavnRQ9/media/8gjfX5FU/version/8gjfX5FU/manifest.ism/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://videos-cloudfront-usp.jwpsrv.com/645ca485_44e7ac7a6c0d5d526df16ea261c2338749335883/site/WWavnRQ9/media/8gjfX5FU/version/8gjfX5FU/manifest.ism/manifest-audio_eng=112017-video_eng=521059.m3u8
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2491:3800:2:cecb:23c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache /
Resource Hash
ef650279c4e58b369632b91813bee266831b73a1056d98b4fb39e0e49ba6460f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 16:59:26 GMT
via
1.1 56317bf75183e752b06c880e8a1e502a.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P7
age
11864
x-cache
Hit from cloudfront
content-length
2044
server
Apache
etag
"usp-1A1BEE61"
vary
Accept-Encoding
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
access-control-expose-headers
server,range,date,x-cdn-forward
cache-control
max-age=2592000
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
origin, range, x-cdn-forward
x-amz-cf-id
j1fFUyoMJcNgp_yxkwYiORX6LkuWepQCX7uIku48EQjdz0N18xVq8g==
si
googleads.g.doubleclick.net/pagead/drt/ Frame 7D22
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Redirect headers

date
Wed, 10 May 2023 20:17:10 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
gtm.js
www.googletagmanager.com/ 		161 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-P7XVL79&l=MG2DL
Requested by
Host: cdn.godiciardstia.com
URL: https://cdn.godiciardstia.com/prod/forum/g2i.min.js?2023410
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5b555bd12e05d479bf1514e2cfb7839b65182a024adbb46d296c02c7f62770d3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 20:17:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55609
x-xss-protection
0
last-modified
Wed, 10 May 2023 18:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 10 May 2023 20:17:10 GMT
index.js
cdn.pranmcpkx.com/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pranmcpkx.com/index.js
Requested by
Host: cdn.pranmcpkx.com
URL: https://cdn.pranmcpkx.com/prod/forum/t8y9347t.min.js?2023410
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CBD) /
Resource Hash
6941d870c4bac732a6ed7718c594a73cc27000379eaaf241c9e47d982e44f407

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 10 May 2023 20:17:10 GMT
content-encoding
gzip
content-md5
nynBpfvYghYqzIzsvfssRw==
age
30702
x-cache
HIT
content-length
2382
x-ms-lease-status
unlocked
last-modified
Fri, 17 Jun 2022 17:08:13 GMT
server
ECAcc (frc/4CBD)
etag
0x8DA5083F65AD9E0
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-ms-request-id
528c1e87-301e-0005-5234-832565000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
GFH__LAUNCH1.json
cdn.pranmcpkx.com/prod/data/forum/ 		2 MB
2 MB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.pranmcpkx.com/prod/data/forum/GFH__LAUNCH1.json?_=1683749830851
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
ebbf2c9660805374a74fadbf8246a20108ab0d806161d0a96d7e35bad0da6410

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
AppendBlob
date
Wed, 10 May 2023 20:17:10 GMT
last-modified
Wed, 10 May 2023 18:47:49 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-committed-block-count
1
etag
0x8DB51870DF6BF2C
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
229b85a3-d01e-007f-507c-833825000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,x-ms-blob-committed-block-count,Content-Length,Date,Transfer-Encoding
cache-control
no-cache
x-ms-version
2009-09-19
content-length
1659179
ad_300_250.jpg
paywall-ad-bucket.s3.amazonaws.com/ 		631 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paywall-ad-bucket.s3.amazonaws.com/ad_300_250.jpg
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.44.20 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
0859f5f9bf49348ef81d01f953d520c10a2a857961ef1bfad4a7903609889de5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Wed, 10 May 2023 20:17:12 GMT
Last-Modified
Tue, 15 Oct 2019 13:44:16 GMT
Server
AmazonS3
x-amz-request-id
B8XS13QTA2PENFH4
ETag
"ef2cc7f55b7ab677b023e36033e26471"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
631
x-amz-id-2
QvFjF1GHqXxZRHSI6AdYzp2n4KozfrOAHmORyeZl/f9r6eWUGcInIQvK/MWrT9w1sHK/5C5IMqU=
x-amz-meta-s3b-last-modified
20191015T134358Z
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012304262219000/ Frame C694 		222 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304262219000/amp4ads-v0.mjs
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202305101013/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
151efe0aef9774258d30d2e65e7b1450e7d84d9965a55d0989d1d64d25484035
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 08 May 2023 19:10:26 GMT
age
176804
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
61839
x-xss-protection
0
server
sffe
etag
"ccf36922213b3ec5"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 May 2024 19:10:26 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012304262219000/v0/ Frame C694 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304262219000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202305101013/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a39d28f78d96f29523eee3db2d6657e6436565fb175a70e6c84c3106c53dde20
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 08 May 2023 19:10:26 GMT
age
176804
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5222
x-xss-protection
0
server
sffe
etag
"4fd619331b8f64df"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 May 2024 19:10:26 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012304262219000/v0/ Frame C694 		94 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304262219000/v0/amp-analytics-0.1.mjs
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202305101013/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
004dccc422f9d07025eb214e959cea7b998666e94fb15d5d254d7c581063d680
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 08 May 2023 19:10:26 GMT
age
176804
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28884
x-xss-protection
0
server
sffe
etag
"6451d33588c99856"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 May 2024 19:10:26 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012304262219000/v0/ Frame C694 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304262219000/v0/amp-fit-text-0.1.mjs
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202305101013/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0fa2fafb5adcf4a630ac19299166f2db7fad934b4c00be42447afbba5c36c852
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 08 May 2023 19:10:26 GMT
age
176804
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1906
x-xss-protection
0
server
sffe
etag
"83933b769a9f5701"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 May 2024 19:10:26 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012304262219000/v0/ Frame C694 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012304262219000/v0/amp-form-0.1.mjs
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202305101013/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d5b19727f965f05638f8fbb07196eb4aaae8722e495c7d38dc1815e676178831
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 08 May 2023 19:10:26 GMT
age
176804
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12938
x-xss-protection
0
server
sffe
etag
"3f9bab308b30f46e"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 07 May 2024 19:10:26 GMT
css
fonts.googleapis.com/ Frame C694 		7 KB
847 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:400|Roboto:400,500&lang=de
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202305101013/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8a4e7fa7a2e004d6d54573fc95acaca31222892cd641d3358f27f7159867ac4f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 10 May 2023 20:17:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 10 May 2023 18:44:51 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 May 2023 20:17:10 GMT
css
fonts.googleapis.com/ Frame C694 		4 KB
655 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,500&text=
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202305101013/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 10 May 2023 20:17:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 10 May 2023 18:36:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 10 May 2023 20:17:10 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C694 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202305101013/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 22:44:13 GMT
x-content-type-options
nosniff
server
cafe
age
77577
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Wed, 10 May 2023 22:44:13 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame C694 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/gptprebidnative/202305101013/wrap.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Tue, 09 May 2023 21:21:48 GMT
x-content-type-options
nosniff
server
cafe
age
82522
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Wed, 10 May 2023 21:21:48 GMT
pixel
protected-by.clarium.io/ 		68 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://protected-by.clarium.io/pixel?tag=wt_Y1VuUS10WU5aOTVKaDNFZXpWUU1EcEt1RURrLzIxMjgyMjI5OTc6MzIweDUw&v=5&s=v31h03kv080&h=www.grandforksherald.com&cb=2749780&d=eyJ3aCI6IlkxVnVVUzEwV1U1YU9UVkthRE5GWlhwV1VVMUVjRXQxUlVSckx6SXhNamd5TWpJNU9UYzZNekl3ZURVdyIsIndkIjp7Im8iOjIxMjgyMjI5OTcsInciOiIzMjAiLCJoIjoiNTAifSwid3IiOjJ9&id=eyJkZnAiOnsiYWQiOjIwOTM1MTQyMSwiYyI6bnVsbCwibCI6MCwibyI6MjEyODIyMjk5NywiQSI6Ii83MDIxL2ZvcnVtY29tbS9ncmFuZGZvcmtzaGVyYWxkL2hvbWVwYWdlIiwieSI6NDk5Njk4LCJjbyI6MCwicyI6Imdvb2dsZUFkNjgwZmRlMjUtODhhYS00MjJmLWE3NDAtZmNiZTY3ZmUzODY2In19
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.51.225.119 Stockholm, Sweden, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-51-225-119.eu-north-1.compute.amazonaws.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/png
pragma
no-cache
date
Wed, 10 May 2023 20:17:10 GMT
cache-control
no-store, no-cache, must-revalidate, max-age=0
server
nginx/1.18.0 (Ubuntu)
expires
Sat, 26 Jul 1997 05:00:00 GMT
14763004658117789537
tpc.googlesyndication.com/simgad/3769959127846838064/ Frame C694 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3769959127846838064/14763004658117789537?sqp=4sqPyQSSAUKPAQgAEhQNzczMPhUAAABAHQAAAAAlAAAAABgAIgoNAACAPxUAAIA_Kk8IWhABHQAAtEIgASgBMAY4A0CAwtcvSABQAFgAYFpwAngAgAEAiAEAkAEAnQEAAIA_oAEAqAEAsAGAreIEuAH___________8BxQEtsp0-MhYIMhAyGAEgAS0AAAA_MDI4MkUAAIA_&rs=AOga4qmffB-g5QqoOVlv9M5Reb_aaVAluw
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b9ce6670d2e1b5d00efa8ac76ce70ffd4c7ee0bdb09213e5f418291908704b38
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 20:17:10 GMT
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2237
x-xss-protection
0
last-modified
Thu, 21 Jul 2022 09:55:34 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 09 May 2024 20:17:10 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame C694 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CLIInxvtbZJblIsialgSmm7-gAYrOirZvxpDV0fwPsJAfEAEg4o30FWCVgoCAmAegAfyLlJkDyAEGqQK4Sb-1M2eyPuACAKgDAcgDCqoE0gJP0AikApn09eGEeKeUnbjfiOJD-FbIW4-Bu5PPNe65dvsBsZkJwD8E7ORjRdHV7QpIc9ZfUIyuRbOj5l8W-ldOCoFZpxrj4YPC8b-gOw558g6ZSIedybtXwd96n6N6j90Msk51Mg8ozIvfF0wiG4QRva5JhuUVZ4OPbJeguFZafVJ9hNSz5UazEy8Q0cKWHl2tg6zXMdAUDtkHBFJydnDKchmLtyK-IpZPVH4h59F759z_MavWq9UmiBlDMtNtGzgBmGIRccoGKbMSxVKkF7Yzbrn2U6jDNEonNGh0NrgVhAvTaYuSiPYebXWprIjRlZd_0AM8O5qzz8XVLdjOhTHE1Ie1wTDWilX0I0zH602xy_0o_zQLraBLsEQgY1vImYRgd3DeBsDREQ-w0G2Af8SC0zR9wJABjSPCWx82W0LNMEqt5Kzla3_LUly9Pyraa3sjBsAEtoX5mIUE4AQBkgUECAQYAZIFBAgFGASSBQQIBRgYkgUFCAUYqAGgBjeAB-zz62aoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHAxDwLtIIFgiA4YBwEAEYHTIC6wI6AoBASL39wTqACgPICwHYEwyIFATQFQGYFgGAFwGyFx4KHAgAEhRwdWItOTEzNjY5Mzk0NzMwNjQ0NRiVtBA&sigh=O97o8Tq_Smw&uach_m=[UACH]&cid=CAQSTQBygQiDFtrg3ElWmZuIR6CLBOJZhST1G8dmCRZ1oH7ZNFbRGSrfBMff0-2g9ZpdDBuNCemIsBKHZxmt7lGQR6NoPb9XyrSW2SRnkof-GAE&template_id=492
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers
l
www.google.com/ads/measurement/ Frame C694 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTibFO4cvMb_ruzQS_ngSV7oWMKBeGUqwQgdAX7PvR_d3Hsi_CgxYy9ybVleTPwTptBM91A
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers
235c2f65-3e44-4cc8-8ea2-db198b467524.png
storage.googleapis.com/ownlocal-platform-production/public/images/logos/600/ Frame E0FD 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/ownlocal-platform-production/public/images/logos/600/235c2f65-3e44-4cc8-8ea2-db198b467524.png
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
2d1fb30803d66f215bebb850d980dc37e3add8a488c05e8663593e38df7ed084

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 20:17:11 GMT
age
0
x-guploader-uploadid
ADPycdt5F2AFmvWZNzFznrJ-sVCqims_pEdUjX-paJCo9vDE6Q2m2dmxrXd70R3WdZraNG2UKnEFXHe5RRObbbvA5ufsRYGaK9gc
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15328
last-modified
Fri, 21 Jun 2019 14:20:50 GMT
server
UploadServer
etag
"c7019f83a1a2ef1d4976168fb1daff3d"
x-goog-generation
1561126850231028
x-goog-hash
crc32c=nxlr7A==, md5=xwGfg6Gi7x1JdhaPsdr/PQ==
access-control-allow-origin
*
access-control-expose-headers
Content-Type
cache-control
public, max-age=3600
x-goog-stored-content-length
15328
accept-ranges
bytes
content-type
application/octet-stream
expires
Wed, 10 May 2023 21:17:11 GMT
tp-production
us-central1-kube-ownlocal.cloudfunctions.net/ Frame E0FD 		26 B
282 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-central1-kube-ownlocal.cloudfunctions.net/tp-production?stm=1683749830925&e=pv&url=https%3A%2F%2Fwww.grandforksherald.com%2F&page=AdForge%20Ad%20Unit&refr=https%3A%2F%2Fwww.grandforksherald.com%2F&tv=js-2.10.2&tna=origami-tracker&aid=origami-unit&p=web&tz=UTC&lang=en-US&cs=UTF-8&f_pdf=1&f_qt=0&f_realp=0&f_wma=0&f_dir=0&f_fla=0&f_java=0&f_gears=0&f_ag=0&res=1600x1200&cd=24&cookie=1&eid=4614e685-001d-48bf-bc35-a69715633b3f&dtm=1683749830923&vp=300x300&ds=300x300&vid=1&sid=f8f5602c-54f1-4e2c-8bb1-87500da35b7d&duid=aae28209-a4ce-4ee7-b0cd-8cf520cfc29b&fp=2915675617&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoiaWdsdTpjb20ub3dubG9jYWwvb3JpZ2FtaV9jdHgvanNvbnNjaGVtYS8xLTAtMCIsImRhdGEiOnsiYWlkIjoiYTBmMmU4MmYtNGVlZC00NTIyLTk5NTMtNDBhOWFiZDBhMmQ4IiwiYmlkIjoiYzNlNWFiMGYtZDk2Ny00OTFiLWIyZjYtNjQyMmYzN2M2OGE5IiwicGlkIjoiNjliMzI0MzEtZjU0MS00YmNjLWFkZTQtOTQxZjhiMjdkNmU5In19XX0
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
09f9f507e1b9603cb213244da6e536b850fc6934a4e28701a53a341562e62c34

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 20:17:12 GMT
server
Google Frontend
etag
W/"1a-Hjpuc/IrHLWXlDT8bmHFqznVniY"
x-powered-by
Express
content-type
image/gif; charset=utf-8
access-control-allow-origin
*
x-cloud-trace-context
acb27243ccca2d3c6615f3b55f81506c
function-execution-id
nd24swqzs6n7
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26
photo-1612197622847-5eb1e8c32a71
storage.googleapis.com/ownlocal-images-db/300/ Frame E0FD 		96 KB
97 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://storage.googleapis.com/ownlocal-images-db/300/photo-1612197622847-5eb1e8c32a71
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
e0fe24b9e7c1da3b05c5deaaf6a91982509c7b6da7ad39ae4d7d18e7a1164e45

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 20:17:11 GMT
age
0
x-guploader-uploadid
ADPycdta1pi9Hikh6Ri3lR3DWZwTZvZookg17h4lqzbE4JZ9CKL44Py2mSBhKzsJuYoQTVZtXX3G5ruTqU2J6ozEWzWWNsSpon0j
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98632
last-modified
Fri, 05 May 2023 22:02:59 GMT
server
UploadServer
etag
"0afa353211dcce77c440eeaff35a5400"
x-goog-generation
1683324179445446
x-goog-hash
crc32c=FeGXUw==, md5=Cvo1MhHcznfEQO6v81pUAA==
content-type
application/octet-stream
cache-control
public, max-age=3600
x-goog-stored-content-length
98632
accept-ranges
bytes
expires
Wed, 10 May 2023 21:17:11 GMT
truncated
/ Frame C694 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b4cff825956405b0812384c3bad4d1838efc68efbce49576e93fe7fbdf28050b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
image/png
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C694 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400|Roboto:400,500&lang=de
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.grandforksherald.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 05 May 2023 02:06:17 GMT
x-content-type-options
nosniff
age
497453
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 04 May 2024 02:06:17 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame C694 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400|Roboto:400,500&lang=de
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.grandforksherald.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Sat, 06 May 2023 21:03:36 GMT
x-content-type-options
nosniff
age
342814
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 05 May 2024 21:03:36 GMT
si
googleads.g.doubleclick.net/pagead/drt/ Frame C694
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Redirect headers

date
Wed, 10 May 2023 20:17:11 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
Inter-roman.var.woff2
rsms.me/inter/font-files/ Frame E0FD 		222 KB
223 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://rsms.me/inter/font-files/Inter-roman.var.woff2?v=3.19
Requested by
Host: rsms.me
URL: https://rsms.me/inter/inter.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3038::6815:e9e1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
17fe38ab302c7e5dbfb5c3d87801092d79be958500db6412ed3bc0f126bd53d3

Request headers

Referer
https://rsms.me/inter/inter.css
Origin
https://www.grandforksherald.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-fastly-request-id
440f9e207c6fb7ec381436a835d3ab4d78b6abbc
date
Wed, 10 May 2023 20:17:11 GMT
via
1.1 varnish
expires
Wed, 03 May 2023 20:38:21 GMT
cf-cache-status
MISS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-proxy-cache
HIT
x-cache
HIT
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
227180
x-served-by
cache-fra-eddf8230054-FRA
last-modified
Thu, 27 Apr 2023 15:36:57 GMT
server
cloudflare
x-github-request-id
913E:EC3A:30998E5:322DCD9:6452C513
x-timer
S1683749831.170039,VS0,VE2
etag
"644a9699-3776c"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NqoI%2FKA7iWNpXEnJOrogMsODyhgXAXMHlAU7xIK%2BY0cVPIgRLIeynTuis4bLgs2iTWvukzYpk6jmLwlbbQuWknJuRW42qsHzv6GZ2RWzJQUZu%2BV7KAx5la%2BODH%2F6TYvB9vGkFVjH"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2678400
accept-ranges
bytes
x-origin-cache
HIT
cf-ray
7c54dd3cce9e92c9-FRA
x-cache-hits
1
materialdesignicons-webfont.woff2
cdn.jsdelivr.net/npm/@mdi/font@4.5.95/fonts/ Frame E0FD 		256 KB
257 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/fonts/materialdesignicons-webfont.woff2?v=4.5.95
Requested by
Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
Protocol
H3
Security
QUIC, , AES_256_GCM
Server
2a04:4e42::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
f824000649b12b68a220a0120c606932d0740bd5332770a244473db773185e4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://cdn.jsdelivr.net/npm/@mdi/font@4.5.95/css/materialdesignicons.min.css
Origin
https://www.grandforksherald.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Wed, 10 May 2023 20:17:11 GMT
x-content-type-options
nosniff
age
3073744
x-jsd-version
4.5.95
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
262440
x-served-by
cache-fra-eddf8230032-FRA, cache-gig2250030-GIG
x-jsd-version-type
version
etag
W/"40128-4s6MGTGrA2fPV5r2GYYmCP/EkkA"
vary
Accept-Encoding
content-type
font/woff2
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html
platform.twitter.com/widgets/ Frame 2837 		320 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fembed-981930.secondstreetapp.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/669E) /
Resource Hash
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer
https://embed-981930.secondstreetapp.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
1032290
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105435
Content-Type
text/html; charset=utf-8
Date
Wed, 10 May 2023 20:17:11 GMT
Etag
"95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified
Tue, 24 Jan 2023 21:41:13 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/669E)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
promotion_contents
embed-981930.secondstreetapp.com/api/ Frame 3812 		5 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://embed-981930.secondstreetapp.com/api/promotion_contents?organizationPromotionUniqueId=5695610b-a9ae-4766-808d-43bdb662c615
Requested by
Host: embed-981930.secondstreetapp.com
URL: https://embed-981930.secondstreetapp.com/assets/vendor-4d9812eff29c08649e4bc6f11befe3d0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.197.229.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-197-229-45.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b17c323542a38bd48ca5f48bfd42a56eebec01cb14b61baf3a171f72db6005db

Request headers

Accept
*/*
Referer
https://embed-981930.secondstreetapp.com/embed/5695610b-a9ae-4766-808d-43bdb662c615/
X-Requested-With
XMLHttpRequest
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
X-Api-Key
65032887

Response headers

Pragma
no-cache
Date
Wed, 10 May 2023 20:17:11 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
X-SS
106
Content-Type
application/json; charset=utf-8
X-StackifyID
V2|f71c37be-e63f-4d39-8b70-5c17a8a0c1e0|C69601|CD67
Cache-Control
no-cache
Content-Length
5533
Expires
-1
settings
syndication.twitter.com/ Frame 2837 		869 B
658 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=f91e7a5d97882e0efd23c7901b0969d0201a4369
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fembed-981930.secondstreetapp.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-response-time
114
date
Wed, 10 May 2023 20:17:10 GMT
content-encoding
gzip
strict-transport-security
max-age=631138519
last-modified
Wed, 10 May 2023 20:17:11 GMT
server
tsa_o
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
35f131e5b27374ea
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
perf
7626143928
x-connection-hash
b8690f83b5e0cf232990898e12a8393b82db2260062b80d8f75c52006b53099e
content-length
337
status
www.facebook.com/x/oauth/ Frame 3812 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/x/oauth/status?ancestor_origins=https%3A%2F%2Fwww.grandforksherald.com&client_id=1168954500254617&input_token&origin=1&redirect_uri=https%3A%2F%2Fembed-981930.secondstreetapp.com%2Fembed%2F5695610b-a9ae-4766-808d-43bdb662c615%2F&sdk=joey&wants_cookie_data=true
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js?hash=f8f956b655d4435c424576ac42c7bcbd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://embed-981930.secondstreetapp.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; preload
date
Wed, 10 May 2023 20:17:11 GMT
x-content-type-options
nosniff
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
x-fb-rlafr
0
pragma
no-cache
x-fb-debug
YoK5B4kTWEvxYeagR5d+CkpUOA7ar3hqTRYb/Ww7l9SSskuPXYvUXzBsjs7LRBg0pXWCgwiMQw9DptOV5SQbgg==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
fb-s
unknown
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://embed-981930.secondstreetapp.com
origin-agent-cluster
?0
access-control-expose-headers
fb-s
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
permissions-policy
accelerometer=()
priority
u=1,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
upland-second-street-logo-color.svg
embed-981930.secondstreetapp.com/Images/Logos/ Frame 3812 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://embed-981930.secondstreetapp.com/Images/Logos/upland-second-street-logo-color.svg
Requested by
Host: embed-981930.secondstreetapp.com
URL: https://embed-981930.secondstreetapp.com/assets/CSS/consumer_poll-9b22ccdfbfcb0644decdf80f64b2d5c5.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.197.229.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-197-229-45.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4db60939f3738fe7cbe1f25b1d1519de132068b9069cfe9991e513b52d8a5685

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://embed-981930.secondstreetapp.com/assets/CSS/consumer_poll-9b22ccdfbfcb0644decdf80f64b2d5c5.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Wed, 10 May 2023 20:17:11 GMT
Last-Modified
Wed, 10 May 2023 18:22:08 GMT
Server
Microsoft-IIS/10.0
ETag
W/"0c868546c83d91:0"
X-Powered-By
ASP.NET
X-SS
106
Content-Type
image/svg+xml
Accept-Ranges
bytes
Content-Length
4676
7Aulp_0qiz-aVz7u3PJLcUMYOFnOkEk30eg.woff2
fonts.gstatic.com/s/muli/v28/ Frame 3812 		17 KB
17 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/muli/v28/7Aulp_0qiz-aVz7u3PJLcUMYOFnOkEk30eg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Muli
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
15559265c43e023322fbb97f910244594c12c7c9b60afcfe7bd3529155f560ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://embed-981930.secondstreetapp.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Fri, 05 May 2023 03:33:28 GMT
x-content-type-options
nosniff
age
492223
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16932
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 20:54:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 04 May 2024 03:33:28 GMT
settings
embed-981930.secondstreetapp.com/api/ Frame 3812 		152 KB
152 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://embed-981930.secondstreetapp.com/api/settings?category=UI_Text
Requested by
Host: embed-981930.secondstreetapp.com
URL: https://embed-981930.secondstreetapp.com/assets/vendor-4d9812eff29c08649e4bc6f11befe3d0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.197.229.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-197-229-45.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a74ca623415ee28f8d6845f42bda78a59e227f27fa9099d5b8ce2e3e5afe785b

Request headers

X-Organization-Promotion-Id
981930
X-Fingerprint
54234ed5437eb38679d33e1b3702d6d8
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://embed-981930.secondstreetapp.com/embed/5695610b-a9ae-4766-808d-43bdb662c615/
X-Requested-With
XMLHttpRequest
X-Referring-Url
https://embed-981930.secondstreetapp.com/embed/5695610b-a9ae-4766-808d-43bdb662c615/
X-Organization-Id
838
X-Promotion-Id
833776
X-Api-Key
65032887

Response headers

Pragma
no-cache
Date
Wed, 10 May 2023 20:17:11 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
X-SS
106
Content-Type
application/json; charset=utf-8
X-StackifyID
V2|656b3783-ba56-4c58-96ab-7a71b4338bd7|C69601|CD67
Cache-Control
no-cache
Content-Length
155333
Expires
-1
sweepstakes
embed-981930.secondstreetapp.com/api/ Frame 3812 		127 B
465 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://embed-981930.secondstreetapp.com/api/sweepstakes
Requested by
Host: embed-981930.secondstreetapp.com
URL: https://embed-981930.secondstreetapp.com/assets/vendor-4d9812eff29c08649e4bc6f11befe3d0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.197.229.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-197-229-45.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
29022c3e709470d2f9a01eb906ccbac02a60e213eb51ab140d202a613ed6afc2

Request headers

X-Organization-Promotion-Id
981930
X-Fingerprint
54234ed5437eb38679d33e1b3702d6d8
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://embed-981930.secondstreetapp.com/embed/5695610b-a9ae-4766-808d-43bdb662c615/
X-Requested-With
XMLHttpRequest
X-Referring-Url
https://embed-981930.secondstreetapp.com/embed/5695610b-a9ae-4766-808d-43bdb662c615/
X-Organization-Id
838
X-Promotion-Id
833776
X-Api-Key
65032887

Response headers

Pragma
no-cache
Date
Wed, 10 May 2023 20:17:11 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
X-SS
102
Content-Type
application/json; charset=utf-8
X-StackifyID
V2|7f3fdc9f-f74d-4e38-a041-338264247ea2|C69601|CD64
Cache-Control
no-cache
Content-Length
127
Expires
-1
981930
embed-981930.secondstreetapp.com/api/organization_promotions/ Frame 3812 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://embed-981930.secondstreetapp.com/api/organization_promotions/981930
Requested by
Host: embed-981930.secondstreetapp.com
URL: https://embed-981930.secondstreetapp.com/assets/vendor-4d9812eff29c08649e4bc6f11befe3d0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.197.229.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-197-229-45.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
14e53087d9ec048a8135adca03aa7a3227f61239e31841401b4e1724070cf695

Request headers

X-Organization-Promotion-Id
981930
X-Fingerprint
54234ed5437eb38679d33e1b3702d6d8
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://embed-981930.secondstreetapp.com/embed/5695610b-a9ae-4766-808d-43bdb662c615/
X-Requested-With
XMLHttpRequest
X-Referring-Url
https://embed-981930.secondstreetapp.com/embed/5695610b-a9ae-4766-808d-43bdb662c615/
X-Organization-Id
838
X-Promotion-Id
833776
X-Api-Key
65032887

Response headers

Pragma
no-cache
Date
Wed, 10 May 2023 20:17:11 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
X-SS
103
Content-Type
application/json; charset=utf-8
X-StackifyID
V2|16001209-d456-485d-ba93-b17861cba65c|C69601|CD69
Cache-Control
no-cache
Content-Length
1947
Expires
-1
matchups
embed-981930.secondstreetapp.com/api/ Frame 3812 		503 B
841 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://embed-981930.secondstreetapp.com/api/matchups?excludeSecondaryMatchups=true
Requested by
Host: embed-981930.secondstreetapp.com
URL: https://embed-981930.secondstreetapp.com/assets/vendor-4d9812eff29c08649e4bc6f11befe3d0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.197.229.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-197-229-45.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
a4211321d33059a10e7424c8f675954dac1d7aac273ac863f44c775a51b75454

Request headers

X-Organization-Promotion-Id
981930
X-Fingerprint
54234ed5437eb38679d33e1b3702d6d8
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://embed-981930.secondstreetapp.com/embed/5695610b-a9ae-4766-808d-43bdb662c615/
X-Requested-With
XMLHttpRequest
X-Referring-Url
https://embed-981930.secondstreetapp.com/embed/5695610b-a9ae-4766-808d-43bdb662c615/
X-Organization-Id
838
X-Promotion-Id
833776
X-Api-Key
65032887

Response headers

Pragma
no-cache
Date
Wed, 10 May 2023 20:17:11 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
X-SS
106
Content-Type
application/json; charset=utf-8
X-StackifyID
V2|4a4a473e-ce8f-49e1-90ab-5b40304716cf|C69601|CD67
Cache-Control
no-cache
Content-Length
503
Expires
-1
questions
embed-981930.secondstreetapp.com/api/ Frame 3812 		664 B
1002 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://embed-981930.secondstreetapp.com/api/questions
Requested by
Host: embed-981930.secondstreetapp.com
URL: https://embed-981930.secondstreetapp.com/assets/vendor-4d9812eff29c08649e4bc6f11befe3d0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.197.229.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-197-229-45.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
4127cf5ed2e86a5c99579d5fe7c29b6ead88296c0ad1cf3313f111cc343c2654

Request headers

X-Organization-Promotion-Id
981930
X-Fingerprint
54234ed5437eb38679d33e1b3702d6d8
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://embed-981930.secondstreetapp.com/embed/5695610b-a9ae-4766-808d-43bdb662c615/
X-Requested-With
XMLHttpRequest
X-Referring-Url
https://embed-981930.secondstreetapp.com/embed/5695610b-a9ae-4766-808d-43bdb662c615/
X-Organization-Id
838
X-Promotion-Id
833776
X-Api-Key
65032887

Response headers

Pragma
no-cache
Date
Wed, 10 May 2023 20:17:12 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
X-SS
103
Content-Type
application/json; charset=utf-8
X-StackifyID
V2|3fa7bea8-7493-4e15-82eb-2d00998dbdb1|C69601|CD69
Cache-Control
no-cache
Content-Length
664
Expires
-1
sweepstakes
embed-981930.secondstreetapp.com/api/ Frame 3812 		127 B
465 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://embed-981930.secondstreetapp.com/api/sweepstakes
Requested by
Host: embed-981930.secondstreetapp.com
URL: https://embed-981930.secondstreetapp.com/assets/vendor-4d9812eff29c08649e4bc6f11befe3d0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.197.229.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-197-229-45.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
29022c3e709470d2f9a01eb906ccbac02a60e213eb51ab140d202a613ed6afc2

Request headers

X-Organization-Promotion-Id
981930
X-Fingerprint
54234ed5437eb38679d33e1b3702d6d8
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://embed-981930.secondstreetapp.com/embed/5695610b-a9ae-4766-808d-43bdb662c615/
X-Requested-With
XMLHttpRequest
X-Referring-Url
https://embed-981930.secondstreetapp.com/embed/5695610b-a9ae-4766-808d-43bdb662c615/
X-Organization-Id
838
X-Promotion-Id
833776
X-Api-Key
65032887

Response headers

Pragma
no-cache
Date
Wed, 10 May 2023 20:17:11 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
X-SS
102
Content-Type
application/json; charset=utf-8
X-StackifyID
V2|bf85f641-59b6-4023-8d41-5e89897e3500|C69601|CD64
Cache-Control
no-cache
Content-Length
127
Expires
-1
settings
embed-981930.secondstreetapp.com/api/ Frame 3812 		417 B
755 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://embed-981930.secondstreetapp.com/api/settings?key=Registration_Type
Requested by
Host: embed-981930.secondstreetapp.com
URL: https://embed-981930.secondstreetapp.com/assets/vendor-4d9812eff29c08649e4bc6f11befe3d0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.197.229.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-197-229-45.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9d32bebe6ad270413f2223ea363fff2ffb0a4d1f611b152294a65d39c1dbab4a

Request headers

X-Organization-Promotion-Id
981930
X-Fingerprint
54234ed5437eb38679d33e1b3702d6d8
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://embed-981930.secondstreetapp.com/embed/5695610b-a9ae-4766-808d-43bdb662c615/
X-Requested-With
XMLHttpRequest
X-Referring-Url
https://embed-981930.secondstreetapp.com/embed/5695610b-a9ae-4766-808d-43bdb662c615/
X-Organization-Id
838
X-Promotion-Id
833776
X-Api-Key
65032887

Response headers

Pragma
no-cache
Date
Wed, 10 May 2023 20:17:11 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
X-SS
106
Content-Type
application/json; charset=utf-8
X-StackifyID
V2|82a0e172-f884-4e54-82ec-70f5bc2c85b7|C69601|CD67
Cache-Control
no-cache
Content-Length
417
Expires
-1
chartbeat.js
static.chartbeat.com/js/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:9e00:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 01:10:22 GMT
content-encoding
gzip
via
1.1 89c822bb1ce1445a7be6d1057088cfbe.cloudfront.net (CloudFront)
last-modified
Thu, 08 Dec 2022 17:25:10 GMT
server
nginx
x-amz-cf-pop
FRA6-C1
age
68810
etag
W/"63921df6-9377"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
VlEKTRiyo7Oem7oxvIk_-WFOG05TslShmN1HA-zBquis84oX_YbqRw==
expires
Thu, 11 May 2023 01:10:22 GMT
19931
embed-981930.secondstreetapp.com/api/media_items/ Frame 3812 		324 B
662 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://embed-981930.secondstreetapp.com/api/media_items/19931
Requested by
Host: embed-981930.secondstreetapp.com
URL: https://embed-981930.secondstreetapp.com/assets/vendor-4d9812eff29c08649e4bc6f11befe3d0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.197.229.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-197-229-45.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
87b944ae1e3383e261d2e322cad1b152594049c0fbf1214e0b9499474c07dca7

Request headers

X-Organization-Promotion-Id
981930
X-Fingerprint
54234ed5437eb38679d33e1b3702d6d8
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://embed-981930.secondstreetapp.com/embed/5695610b-a9ae-4766-808d-43bdb662c615/questions
X-Requested-With
XMLHttpRequest
X-Referring-Url
https://embed-981930.secondstreetapp.com/embed/5695610b-a9ae-4766-808d-43bdb662c615/
X-Organization-Id
838
X-Promotion-Id
833776
X-Api-Key
65032887

Response headers

Pragma
no-cache
Date
Wed, 10 May 2023 20:17:12 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
X-SS
106
Content-Type
application/json; charset=utf-8
X-StackifyID
V2|2db69653-b075-4ae8-a18d-bd022b1d7ab1|C69601|CD67
Cache-Control
no-cache
Content-Length
324
Expires
-1
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=grandforksherald.com&p=%2F&u=xdtePO6tSEG-cy&d=grandforksherald.com&g=63431&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=9352&o=4000&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.grandforksherald.com%2F&b=6611&t=Dkai6vB-boW0CFngRlCbagTzcwGyp&V=139&i=Grand%20Forks%20Herald%20%7C%20Grand%20Forks%2C%20East%20Grand%20Forks%20news%2C%20weather%20%26%20sports&tz=0&_acct=anon&sn=1&sv=B8wpGRD6DRQ9Dig1f5reNIrDZLSXX&sd=1&im=067b07ff&_
Requested by
Host: www.grandforksherald.com
URL: https://www.grandforksherald.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.173.81.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-173-81-117.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Wed, 10 May 2023 20:17:12 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
domains
embed-981930.secondstreetapp.com/api/ Frame 3812 		4 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://embed-981930.secondstreetapp.com/api/domains?organizationId=838
Requested by
Host: embed-981930.secondstreetapp.com
URL: https://embed-981930.secondstreetapp.com/assets/vendor-4d9812eff29c08649e4bc6f11befe3d0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.197.229.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-197-229-45.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
afee6456dfb8c4a06c385b66dcfc3ba275db7f215414bd73d85fd595a665d34d

Request headers

X-Organization-Promotion-Id
981930
X-Fingerprint
54234ed5437eb38679d33e1b3702d6d8
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://embed-981930.secondstreetapp.com/embed/5695610b-a9ae-4766-808d-43bdb662c615/questions
X-Requested-With
XMLHttpRequest
X-Referring-Url
https://embed-981930.secondstreetapp.com/embed/5695610b-a9ae-4766-808d-43bdb662c615/
X-Organization-Id
838
X-Promotion-Id
833776
X-Api-Key
65032887

Response headers

Pragma
no-cache
Date
Wed, 10 May 2023 20:17:11 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
X-SS
102
Content-Type
application/json; charset=utf-8
X-StackifyID
V2|39e495e1-7a8f-4c62-b862-7db9ae9240df|C69601|CD64
Cache-Control
no-cache
Content-Length
3587
Expires
-1
838
embed-981930.secondstreetapp.com/api/organizations/ Frame 3812 		581 B
919 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://embed-981930.secondstreetapp.com/api/organizations/838
Requested by
Host: embed-981930.secondstreetapp.com
URL: https://embed-981930.secondstreetapp.com/assets/vendor-4d9812eff29c08649e4bc6f11befe3d0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.197.229.45 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-197-229-45.compute-1.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
c072d69ae7b04ee3426d0e6677dda7e520dedc80a3b9b337294130674d7e112f

Request headers

X-Organization-Promotion-Id
981930
X-Fingerprint
54234ed5437eb38679d33e1b3702d6d8
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://embed-981930.secondstreetapp.com/embed/5695610b-a9ae-4766-808d-43bdb662c615/questions
X-Requested-With
XMLHttpRequest
X-Referring-Url
https://embed-981930.secondstreetapp.com/embed/5695610b-a9ae-4766-808d-43bdb662c615/
X-Organization-Id
838
X-Promotion-Id
833776
X-Api-Key
65032887

Response headers

Pragma
no-cache
Date
Wed, 10 May 2023 20:17:12 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
X-SS
103
Content-Type
application/json; charset=utf-8
X-StackifyID
V2|c6aff9f3-966f-4438-b064-569d16c3c2ec|C69601|CD69
Cache-Control
no-cache
Content-Length
581
Expires
-1
/
api.amplitude.com/ 		7 B
206 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.amplitude.com/
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.11.162.50 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-11-162-50.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.grandforksherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 10 May 2023 20:17:13 GMT
strict-transport-security
max-age=15768000
trace-id
Root=1-645bfbc9-2e60e3320f838ade461836cb
content-length
7
access-control-allow-methods
GET, POST
content-type
text/html;charset=utf-8
wxwidget.common.js
widgets-green.media.weather.com/ 		759 KB
173 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets-green.media.weather.com/wxwidget.common.js?cid=315354512&v=34f0e1a315dff78ad2cd
Requested by
Host: widgets-lts.media.weather.com
URL: https://widgets-lts.media.weather.com/wxwidget.loader.js?cid=315354512
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1a4::3282 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
7a2bbb77ccbed0143c134b242c437fe8a5892d5646c496ee1eb5c49d35a144fc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Wed, 10 May 2023 20:17:13 GMT
server
nginx
etag
W/"bdc8e-uzBl33GxNFpZQq3TKNB4sWJRQCs"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=546
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
expires
Wed, 10 May 2023 20:26:19 GMT
wxwidget.current-conditions.js
widgets-green.media.weather.com/widgets/ 		25 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets-green.media.weather.com/widgets/wxwidget.current-conditions.js?cid=315354512&v=34f0e1a315dff78ad2cd&referrer=www.grandforksherald.com
Requested by
Host: widgets-lts.media.weather.com
URL: https://widgets-lts.media.weather.com/wxwidget.loader.js?cid=315354512
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1a4::3282 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
7743632b2d2859cbf59a94120bedbf217a2b7e68de4f971d88560fd21cea3f7f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Wed, 10 May 2023 20:17:13 GMT
server
nginx
etag
W/"6507-iqpfHpcpObb2gjCnTUYFBSlECsM"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=600
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
5830
expires
Wed, 10 May 2023 20:27:13 GMT
wxwidget.daily-forecast.js
widgets-green.media.weather.com/widgets/ 		82 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://widgets-green.media.weather.com/widgets/wxwidget.daily-forecast.js?cid=315354512&v=34f0e1a315dff78ad2cd&referrer=www.grandforksherald.com
Requested by
Host: widgets-lts.media.weather.com
URL: https://widgets-lts.media.weather.com/wxwidget.loader.js?cid=315354512
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1a4::3282 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
4a0ec64a53d11a6f2a23606cda78de02bddb6160e6fef75e6c58d34b71108eb0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
date
Wed, 10 May 2023 20:17:14 GMT
server
nginx
etag
W/"14799-+pGoppRo7oXozGi691Ptv/8SX6c"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=542
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
content-length
12967
expires
Wed, 10 May 2023 20:26:16 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305040101&st=env
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fca861b43e8d8ef241760fc480255cc617158f899d696c64b5fccbd8e065785b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 20:17:13 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11174
x-xss-protection
0
ping.gif
prd.jwpltx.com/v1/jwplayer6/ 		0
92 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prd.jwpltx.com/v1/jwplayer6/ping.gif?h=-411820665&e=e&n=9154488545771402&abc=0&aid=asO3XEvoEeyVDMYWVUcjsw&amp=0&ask=YCJNo9qr&at=1&c=1&ccp=0&cp=0&d=0&eb=0&ed=6&emi=16vc52m1phqo&i=0&id=8gjfX5FU&lid=1yg8x472fqwu&lsa=set&mt=0&pbd=1&pbr=1&pgi=1yqdfdw4zyub&ph=3&pid=3trNsOiL&pii=0&pl=236&plc=1&pli=1fqleul1gjop&pp=hlsjs&ppm=VOD&prc=1&ps=4&pss=1&pt=Grand%20Forks%20Herald%20%7C%20Grand%20Forks%2C%20East%20Grand%20Forks%20news%2C%20weather%20%26%20sports&pu=https%3A%2F%2Fwww.grandforksherald.com%2F&pv=8.27.0&pyc=0&s=0&sdk=0&stc=1&stpe=0&t=Futurecast%20outlook%20for%20the%20next%20few%20day%27s%20precipitation&tv=3.42.2&vb=0&vi=0&vl=90&wd=420&ab=1&cae=0&cb=1&cdid=botr_8gjfX5FU_3trNsOiL_div&cme=0&dd=1&flc=0&fv=&ga=0&lng=en&mk=hls&mu=https%3A%2F%2Fcdn.jwplayer.com%2Fmanifests%2F8gjfX5FU.m3u8&pbc=0&pd=2&pdr=&plng=en&plt=3950&pni=0&po=0&sp=0&st=890&sa=1683749829701
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230126-FRA
date
Wed, 10 May 2023 20:17:13 GMT
via
1.1 varnish
server
nginx
accept-ranges
bytes
x-cache
MISS
x-cache-hits
0
ping.gif
prd.jwpltx.com/v1/jwplayer6/ 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prd.jwpltx.com/v1/jwplayer6/ping.gif?h=774158738&e=gab&n=7930466898241302&abc=0&aid=asO3XEvoEeyVDMYWVUcjsw&amp=0&ask=YCJNo9qr&at=1&c=1&ccp=0&cp=0&d=0&eb=0&ed=6&emi=16vc52m1phqo&i=0&id=8gjfX5FU&lid=1yg8x472fqwu&lsa=set&mt=0&pbd=1&pbr=1&pgi=1yqdfdw4zyub&ph=3&pid=3trNsOiL&pii=0&pl=236&plc=1&pli=1fqleul1gjop&pp=hlsjs&ppm=VOD&prc=1&ps=4&pss=1&pt=Grand%20Forks%20Herald%20%7C%20Grand%20Forks%2C%20East%20Grand%20Forks%20news%2C%20weather%20%26%20sports&pu=https%3A%2F%2Fwww.grandforksherald.com%2F&pv=8.27.0&pyc=0&s=0&sdk=0&stc=1&stpe=0&t=Futurecast%20outlook%20for%20the%20next%20few%20day%27s%20precipitation&tv=3.42.2&vb=0&vi=0&vl=90&wd=420&abpr=1&ati=0&fls=0&lae=e-jwplayer6&pbs=0&pcp=0&prs=idle&prsd=-1&ti=0&tps=0&ubc=0&vti=0&sa=1683749829809
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230126-FRA
date
Wed, 10 May 2023 20:17:13 GMT
via
1.1 varnish
server
nginx
accept-ranges
bytes
x-cache
MISS
x-cache-hits
0
cv
adservices.brandcdn.com/pixel/ Frame 6FF9 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://adservices.brandcdn.com/pixel/cv?aid=333755&cv_ck=3be42fba-e2fa-491f-8c8b-2ad6647e9ac2&m=www.grandforksherald.com&r=
Requested by
Host: adservices.brandcdn.com
URL: https://adservices.brandcdn.com/pixel/cv_pixel.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.183.53.112 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-183-53-112.us-west-1.compute.amazonaws.com
Software
Apache/2.4.52 (Ubuntu) /
Resource Hash
6d4bfc379f8f81d76a205639ac01b9e876aa346c3eec763d2c0ce8c5b709a2fe

Request headers

Referer
https://www.grandforksherald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-encoding
gzip
content-length
1137
content-location
cv.html
content-type
text/html
date
Wed, 10 May 2023 20:17:13 GMT
etag
"1002-5f8ff265c97b6;5f8ff265c97b6
last-modified
Mon, 10 Apr 2023 18:00:27 GMT
server
Apache/2.4.52 (Ubuntu)
tcn
choice
vary
negotiate,Accept-Encoding
esw.html
service.force.com/embeddedservice/5.0/ Frame D5BE 		194 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.grandforksherald.com/
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.1.38 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl3-ncg0-lhr3.um4-lo2.force.com
Software
/
Resource Hash
01f5a67caa33661cd1698afb1a912b91d9eddc962c2d78307b3b32a5453214e4
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.grandforksherald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
public,max-age=86400
Content-Encoding
gzip
Content-Security-Policy
upgrade-insecure-requests
Content-Type
text/html;charset=UTF-8
Date
Wed, 10 May 2023 20:17:13 GMT
Expires
Thu, 11 May 2023 20:17:13 GMT
Last-Modified
Fri, 02 Aug 2019 08:43:42 GMT
Referrer-Policy
origin-when-cross-origin
Strict-Transport-Security
max-age=63072000; includeSubDomains
Transfer-Encoding
chunked
Vary
Accept-Encoding
X-Content-Type-Options
nosniff
X-Robots-Tag
none
X-XSS-Protection
1; mode=block
ping.gif
prd.jwpltx.com/v1/jwplayer6/ 		0
26 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://prd.jwpltx.com/v1/jwplayer6/ping.gif?h=1162042017&e=e&n=0472654663615453&abc=0&aid=asO3XEvoEeyVDMYWVUcjsw&amp=0&ask=23452342&at=1&c=1&ccp=0&cp=0&d=0&eb=0&ed=6&emi=1ugn4k61xoly&i=0&id=8gjfX5FU&lid=1yg8x472fqwu&lsa=read&mt=0&pbd=1&pbr=1&pgi=1yqdfdw4zyub&ph=3&pid=3trNsOiL&pii=0&pl=236&plc=1&pli=1rwhd0zxdl1m&pp=hlsjs&ppm=VOD&prc=1&ps=4&pss=1&pt=Grand%20Forks%20Herald%20%7C%20Grand%20Forks%2C%20East%20Grand%20Forks%20news%2C%20weather%20%26%20sports&pu=https%3A%2F%2Fwww.grandforksherald.com%2F&pv=8.27.0&pyc=0&s=0&sdk=0&stc=2&stpe=0&t=Futurecast%20outlook%20for%20the%20next%20few%20day%27s%20precipitation&tv=3.42.2&vb=0&vi=0&vl=90&wd=420&ab=1&cae=0&cb=1&cdid=botr_8gjfX5FU_3trNsOiL_div&cme=0&dd=1&flc=0&fv=&ga=0&lng=en&mk=hls&mu=https%3A%2F%2Fcdn.jwplayer.com%2Fmanifests%2F8gjfX5FU.m3u8&pbc=0&pd=2&pdr=&plng=en&plt=4100&pni=0&po=0&sp=0&st=20&sa=1683749829834
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230126-FRA
date
Wed, 10 May 2023 20:17:13 GMT
via
1.1 varnish
server
nginx
accept-ranges
bytes
x-cache
MISS
x-cache-hits
0
track
dc.services.visualstudio.com/v2/ 		96 B
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.106.90 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
7e0e8aa8b79a82ed3333ae5ad64bb6ca9c0ab19ecf23bc04e921c26be1f9a9a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.grandforksherald.com/
accept-language
de-DE,de;q=0.9
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
FA1B39FD-24E8-4F66-93BE-0A52E871114F
strict-transport-security
max-age=31536000
date
Wed, 10 May 2023 20:17:13 GMT
x-content-type-options
nosniff
access-control-max-age
3600
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length
96
track
dc.services.visualstudio.com/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.106.90 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://www.grandforksherald.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
date
Wed, 10 May 2023 20:17:13 GMT
x-content-type-options
nosniff
eswFrame.min.js
service.force.com/embeddedservice/5.0/ Frame D5BE 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://service.force.com/embeddedservice/5.0/eswFrame.min.js
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.grandforksherald.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.1.38 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl3-ncg0-lhr3.um4-lo2.force.com
Software
/
Resource Hash
0284b82fc74f4fd666a234fc2df3c7be10d49e40d9f5d238594f69b63c5d794d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Wed, 10 May 2023 15:40:11 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Thu, 06 Oct 2022 23:37:30 GMT
Content-Encoding
gzip
Age
16622
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
2002
X-XSS-Protection
1; mode=block
Expires
Thu, 11 May 2023 15:40:11 GMT
session.esw.min.js
service.force.com/embeddedservice/5.0/frame/ Frame D5BE 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://service.force.com/embeddedservice/5.0/frame/session.esw.min.js
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/eswFrame.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.1.38 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl3-ncg0-lhr3.um4-lo2.force.com
Software
/
Resource Hash
f2863821119660d61dea8c3d9024b49b3cf368a87f54fada27a95379f20ce92b
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Wed, 10 May 2023 15:23:52 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Wed, 17 Aug 2022 20:10:20 GMT
Content-Encoding
gzip
Age
17601
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
882
X-XSS-Protection
1; mode=block
Expires
Thu, 11 May 2023 15:23:52 GMT
broadcast.esw.min.js
service.force.com/embeddedservice/5.0/frame/ Frame D5BE 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://service.force.com/embeddedservice/5.0/frame/broadcast.esw.min.js
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/eswFrame.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.1.38 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl3-ncg0-lhr3.um4-lo2.force.com
Software
/
Resource Hash
ecb244f676677252c58d2eccb58f1b0b87b5dd6baab45d29d46dba74c823b7f2
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Wed, 10 May 2023 15:23:49 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Thu, 18 Feb 2021 00:07:24 GMT
Content-Encoding
gzip
Age
17604
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
779
X-XSS-Protection
1; mode=block
Expires
Thu, 11 May 2023 15:23:49 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305040101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 20:17:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Wed, 10 May 2023 20:17:13 GMT
chasitor.esw.min.js
service.force.com/embeddedservice/5.0/frame/ Frame D5BE 		23 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://service.force.com/embeddedservice/5.0/frame/chasitor.esw.min.js
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/eswFrame.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.1.38 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl3-ncg0-lhr3.um4-lo2.force.com
Software
/
Resource Hash
2b18192a287debcac96ef5cf0ffc45f720594a3c52a9c06a4478117871b21208
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Wed, 10 May 2023 15:40:38 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Thu, 26 Jan 2023 18:19:10 GMT
Content-Encoding
gzip
Age
16595
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
5265
X-XSS-Protection
1; mode=block
Expires
Thu, 11 May 2023 15:40:38 GMT
EmbeddedServiceConfig.jsonp
d.la4-c1-ia4.salesforceliveagent.com/chat/rest/EmbeddedService/ 		163 B
557 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.la4-c1-ia4.salesforceliveagent.com/chat/rest/EmbeddedService/EmbeddedServiceConfig.jsonp?Settings.prefix=EmbeddedService&org_id=00D5e000002UMd5&EmbeddedServiceConfig.configName=Chat_Agents&callback=embedded_svc.liveAgentAPI.handleChatSettings&version=48
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/utils/common.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.110.58.222 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl3-ncg1-c5-iad4.la4-c1-ia4.salesforceliveagent.com
Software
/
Resource Hash
6e26df5294a3d646e0a3dd585231f43b8da79a056e522c7f7a3072b9ca63267c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
close
Expires
-1
invite.esw.min.js
service.force.com/embeddedservice/5.0/client/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://service.force.com/embeddedservice/5.0/client/invite.esw.min.js
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.1.38 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl3-ncg0-lhr3.um4-lo2.force.com
Software
/
Resource Hash
11b97392fe91256a463d66e0a68f1ed068dd3ba2200289fa89e0afb2b0558b12
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Wed, 10 May 2023 15:27:04 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Fri, 24 Sep 2021 16:25:36 GMT
Content-Encoding
gzip
Age
17409
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
4540
X-XSS-Protection
1; mode=block
Expires
Thu, 11 May 2023 15:27:04 GMT
truncated
/ 		3 KB
3 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
10a396cf83a1f0fa5ae02c199215e1b8e32fdb313f3d5e24c3e61a56f01e3eb5

Request headers

Referer
https://service.force.com/
Origin
https://www.grandforksherald.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type
application/octet-stream
SalesforceSans-Regular.woff
c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://c1.sfdcstatic.com/etc/clientlibs/sfdc-aem-master/clientlibs_base/fonts/SalesforceSans-Regular.woff
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.36.162.199 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-36-162-199.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
61b1f95fd4b77f7674f18aca5e867efb6e1ca58026ae61cc43f0f7b86d05743d
Security Headers
Name Value
Strict-Transport-Security maxage=16070400; includeSubdomains; preload, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

Referer
https://www.grandforksherald.com/
Origin
https://www.grandforksherald.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
maxage=16070400; includeSubdomains; preload, max-age=31536000; includeSubDomains
date
Wed, 10 May 2023 20:17:13 GMT
x-content-type-options
nosniff
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 17 Apr 2023 15:42:42 GMT
server
Apache
x-frame-options
SAMEORIGIN
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=2592000, s-maxage=10
accept-ranges
bytes
content-length
34888
expires
Fri, 09 Jun 2023 20:17:13 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 2490 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.grandforksherald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
6262
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 10 May 2023 18:32:51 GMT
expires
Thu, 09 May 2024 18:32:51 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame B3E2 		783 B
534 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
b61e0645a94cdfec554ba8745b9078edbe7b8defd3b345baa7f218e73404f647
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-452etNFiu6HiskPIDoVExg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.grandforksherald.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-length
512
content-security-policy
script-src 'report-sample' 'nonce-452etNFiu6HiskPIDoVExg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Wed, 10 May 2023 20:17:13 GMT
expires
Wed, 10 May 2023 20:17:13 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
filetransfer.esw.min.js
service.force.com/embeddedservice/5.0/frame/ Frame D5BE 		473 B
745 B 		Script
General
Check archive.org
Download Go to
Full URL
https://service.force.com/embeddedservice/5.0/frame/filetransfer.esw.min.js
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/eswFrame.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.1.38 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl3-ncg0-lhr3.um4-lo2.force.com
Software
/
Resource Hash
34172e3b2c0f93498a2730933bc90740b38178cf10bd81b3164289d0445644a9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://service.force.com/embeddedservice/5.0/esw.html?parent=https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Wed, 10 May 2023 15:40:19 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Tue, 18 Aug 2020 17:12:46 GMT
Content-Encoding
gzip
Age
16614
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
231
X-XSS-Protection
1; mode=block
Expires
Thu, 11 May 2023 15:40:19 GMT
cv_confirm.png
adservices.brandcdn.com/pixel/ Frame 6FF9 		68 B
561 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adservices.brandcdn.com/pixel/cv_confirm.png?aid=333755&buid=3be42fba-e2fa-491f-8c8b-2ad6647e9ac2&m=www.grandforksherald.com&r=&oid=46337911
Requested by
Host: adservices.brandcdn.com
URL: https://adservices.brandcdn.com/pixel/cv?aid=333755&cv_ck=3be42fba-e2fa-491f-8c8b-2ad6647e9ac2&m=www.grandforksherald.com&r=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.183.53.112 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-183-53-112.us-west-1.compute.amazonaws.com
Software
Apache/2.4.52 (Ubuntu) /
Resource Hash
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://adservices.brandcdn.com/pixel/cv?aid=333755&cv_ck=3be42fba-e2fa-491f-8c8b-2ad6647e9ac2&m=www.grandforksherald.com&r=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 20:17:13 GMT
last-modified
Mon, 10 Apr 2023 18:00:27 GMT
server
Apache/2.4.52 (Ubuntu)
accept-ranges
bytes
etag
"44-5f8ff265c97b6"
content-length
68
content-type
image/png
Settings.jsonp
d.la4-c1-ia4.salesforceliveagent.com/chat/rest/Visitor/ 		166 B
555 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.la4-c1-ia4.salesforceliveagent.com/chat/rest/Visitor/Settings.jsonp?Settings.prefix=Visitor&Settings.buttonIds=[5735e000000DnFE]&Settings.updateBreadcrumb=1&callback=embedded_svc.liveAgentAPI.connection.handlePing&deployment_id=5725e000000DmKk&org_id=00D5e000002UMd5&version=48
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/client/liveagent.esw.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.110.58.222 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl3-ncg1-c5-iad4.la4-c1-ia4.salesforceliveagent.com
Software
/
Resource Hash
12fe27ff9a57f5c8ebfb83aee9fffd02c213181f195935f594644bda4ec44c84
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
close
Expires
-1
inert.min.js
service.force.com/embeddedservice/5.0/utils/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://service.force.com/embeddedservice/5.0/utils/inert.min.js
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/esw.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
161.71.1.38 London, United Kingdom, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl3-ncg0-lhr3.um4-lo2.force.com
Software
/
Resource Hash
12834f596f899e7e17cc2a4a76a1ee77ea0f1ebbfb61e8a33dafe426327c71a3
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Wed, 10 May 2023 15:25:56 GMT
Strict-Transport-Security
max-age=63072000; includeSubDomains
X-Content-Type-Options
nosniff
Referrer-Policy
origin-when-cross-origin
Last-Modified
Tue, 18 Aug 2020 17:12:46 GMT
Content-Encoding
gzip
Age
17477
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
public,max-age=86400
Accept-Ranges
bytes
X-Robots-Tag
none
Content-Length
2469
X-XSS-Protection
1; mode=block
Expires
Thu, 11 May 2023 15:25:56 GMT
bm1_94Kb-kItKk9BUfYvqSgel0djyAicUnZvZLzBumQ.js
pagead2.googlesyndication.com/bg/ Frame 2490 		37 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/bm1_94Kb-kItKk9BUfYvqSgel0djyAicUnZvZLzBumQ.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e6d7ff7829bfa422d2a4f4151f62fa9281e974763c8089c52766f64bcc1ba64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 16:08:27 GMT
content-encoding
br
x-content-type-options
nosniff
age
14926
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
14581
x-xss-protection
0
last-modified
Mon, 01 May 2023 14:28:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 09 May 2024 16:08:27 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame B3E2 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305040101&jk=3241219401962957&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers
generate_204
tpc.googlesyndication.com/ Frame 2490 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?TJ8ozA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date
Wed, 10 May 2023 20:17:13 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
EmbeddedServiceConfig.jsonp
d.la4-c2-ia5.salesforceliveagent.com/chat/rest/EmbeddedService/ 		20 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d.la4-c2-ia5.salesforceliveagent.com/chat/rest/EmbeddedService/EmbeddedServiceConfig.jsonp?Settings.prefix=EmbeddedService&org_id=00D5e000002UMd5&EmbeddedServiceConfig.configName=Chat_Agents&callback=embedded_svc.liveAgentAPI.handleChatSettings&version=48
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/utils/common.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.110.41.224 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl10-ncg1-c6-iad5.la4-c2-ia5.salesforceliveagent.com
Software
/
Resource Hash
da8b37412e5fee3c19281c758250cbe01f6e51e173bbb04f683aca0289133ba0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
close
Expires
-1
Settings.jsonp
d.la4-c2-ia5.salesforceliveagent.com/chat/rest/Visitor/ 		346 B
677 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d.la4-c2-ia5.salesforceliveagent.com/chat/rest/Visitor/Settings.jsonp?Settings.prefix=Visitor&Settings.buttonIds=[5735e000000DnFE]&Settings.updateBreadcrumb=1&callback=embedded_svc.liveAgentAPI.connection.handlePing&deployment_id=5725e000000DmKk&org_id=00D5e000002UMd5&version=48
Requested by
Host: service.force.com
URL: https://service.force.com/embeddedservice/5.0/client/liveagent.esw.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.110.41.224 , United States, ASN14340 (SALESFORCE, US),
Reverse DNS
dcl10-ncg1-c6-iad5.la4-c2-ia5.salesforceliveagent.com
Software
/
Resource Hash
546905d171737871c6410a8fb6b325b39ae9469c68e0903772dbeb9027adcc41
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Pragma
no-cache
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Content-Type
text/javascript
Access-Control-Allow-Origin
*
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
close
Expires
-1
/
api.amplitude.com/ 		7 B
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.amplitude.com/
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.11.162.50 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-11-162-50.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.grandforksherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 10 May 2023 20:17:13 GMT
strict-transport-security
max-age=15768000
trace-id
Root=1-645bfbc9-619066210fc682363663a8bd
content-length
7
access-control-allow-methods
GET, POST
content-type
text/html;charset=utf-8
current.json
api.weather.com/v1/geocode/47.925891/-97.033252/observations/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.weather.com/v1/geocode/47.925891/-97.033252/observations/current.json?language=en-US&units=e&apiKey=089ed4e892fb0dfdf34eb81e6f2521aa
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1a4::3282 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
929c33e2c8c8992df4b0db540fd19c9ea6956891f6b0ced6f1da5568e9cda2a1
Security Headers
Name Value
Content-Security-Policy default-src 'none'
Strict-Transport-Security max-age=86400
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.grandforksherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-varnish-cache
MISS
date
Wed, 10 May 2023 20:17:13 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy
default-src 'none'
strict-transport-security
max-age=86400
grace
x-shard
varnish-service-oapi-monolith-varnish-10
x-region
eu-west-1
content-length
698
x-served-by
varnish-service-oapi-monolith-varnish-13
vary
Accept-Encoding
content-type
application/json;charset=UTF-8
access-control-allow-origin
*
content-language
en-US
cache-control
public, max-age=467, s-maxage=521
accept-ranges
bytes
expires
Wed, 10 May 2023 20:25:00 GMT
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305040101&jk=3241219401962957&bg=!FRalFkLNAAYV_mUANf47ADkAdvg8WjRa11wgyH7TCCFG21OkD5wxlJrasE9fuu2vqpWpry3K-ezk_3zP4CRNYtiVYzz_DkcMRiYCAAAAjlIAAAACaAEHCgCNMfAMp7l_cEweTQoTmC5Iq-OW-VtfehRsDByZB9RoOHYwl2PI1NU2gcwhzJeqj748vcrEOdZ9bPR4MTKGpFmpC-0KcA37gORpWlW0Jze5WdDvcCC4juC-vH2HRnPRHqHJXyLqifu1O2HgTezYaDnaY-zk6IGvhSRqG3naxc3bjttOlv0IJaf8bvRpGkBZmQKk6wdQwJyg_pmkObtcXD2DtDTQ5el955GIxXIE0id4XrqX2cqAeqMqWEvFSMj_zoZts2KyqzHLHC6panAhnyNgTy7Dq4uJ1gqaAhqPgaufzuoVFJWzReq3KBffBr8bT2K7DAnEs-8gv51pWi7G65daOqNy5hbUTOQVKT2SyeT49koPkntaS3zdkCTCawidLnUgS0kZv1NSHaqXFWEjJYid-aRKvvfhS-mDj-E75ZT9oEwzlcy6f_GTDtLfFcKn_G61Bh272rqKNl5uCe9fC1wXMf7brJhujlSSfGni9mAbMsNuKp4LoeoqOCPwzwk6tR-PnpccqB0V0mvX5OgN2Jp0Ac3clqJgh5s_bXCwITJLypFt5wKtpP78rZA-3EEHwnJGFk1Y8kwfufqiAU9L23wRE9d9AROIwVAavsiVddBcW9jQ4KFni5oX6Eh_pDEDj4hKSzqNCS6pPSxtdfGvdUTViOQ5q8HicZMtF5gS5SOxlSKfdijirBPGZ9_fwK7A9vNstgP6sqJE0DS4_GcltuOC4PERlf_ZwI9E2NeUzrynbidocPYn7wkxgRMQ6e9maDQK4AENqHIEshp72Bqt9-omz9Il45ryAsELe9z1qwxFmFYAioCGs6gnaa0d__oJMEUFMEapTx-VeSEZK-LBXte6Dl3EFPH37vARIyU3aTHPcMq_8_WsVGacvvGm6Rm2aePqFdjRt9QxDGz-5QUIj_yZOdfYsUiTt_HVSC9tD0VewokqBdsDEWnWB9jBICMU18l4EPUv0KrhlX6fxlvyorGUdS3v4HB5GbJse9ACgdDWpAc-xIPzHnWi-u2_i4f9P8aXk5CawEYLqunD7DJX4nH8YXw1o_kU3z2XoRSn8ZPZth5-VD7nK0by-uX_VwrPAnBao3PHtA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers
/
api.amplitude.com/ 		7 B
205 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.amplitude.com/
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.11.162.50 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-11-162-50.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://www.grandforksherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
*
date
Wed, 10 May 2023 20:17:14 GMT
strict-transport-security
max-age=15768000
trace-id
Root=1-645bfbca-7f7a8a96010dad0a24d7f316
content-length
7
access-control-allow-methods
GET, POST
content-type
text/html;charset=utf-8
custom
api.weather.com/v3/wx/forecast/daily/10day/ 		9 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.weather.com/v3/wx/forecast/daily/10day/custom?apiKey=089ed4e892fb0dfdf34eb81e6f2521aa&format=json&geocode=47.925891,-97.033252&language=en-US&units=e&clientId=315354512
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:6c00:1a4::3282 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
62b4442ddb0ae7dc79251f9ad42b77aec1563acb2005876ce979d292d2be458f
Security Headers
Name Value
Content-Security-Policy default-src 'none'
Strict-Transport-Security max-age=86400
X-Content-Type-Options nosniff

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.grandforksherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=86400
content-security-policy
default-src 'none'
x-content-type-options
nosniff
date
Wed, 10 May 2023 20:17:14 GMT
content-encoding
gzip
surrogate-control
ESI/1.0
vary
Accept-Encoding
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=244
x-region
eu-west-1
x-trace-token
a11f52c0-c87e-4d16-9f52-c0c87e4d1695, a11f52c0-c87e-4d16-9f52-c0c87e4d1695
content-length
2581
views
prod-forum-proxy-connext.azurewebsites.net/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prod-forum-proxy-connext.azurewebsites.net/api/views?UserId=d7e84d8008d916b4bd2b28176519fdd8&ConfigCode=LAUNCH1&SiteCode=GFH
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.44.128.13 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-origin,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
Access-Control-Request-Method
GET
Origin
https://www.grandforksherald.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Access-Control-Allow-Headers
access-control-allow-origin,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
Access-Control-Allow-Origin
*
Content-Length
0
Date
Wed, 10 May 2023 20:17:14 GMT
X-Powered-By
ASP.NET
views
prod-forum-proxy-connext.azurewebsites.net/api/ 		90 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-forum-proxy-connext.azurewebsites.net/api/views?UserId=d7e84d8008d916b4bd2b28176519fdd8&ConfigCode=LAUNCH1&SiteCode=GFH
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.44.128.13 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0, Microsoft-IIS/10.0 / ASP.NET, ASP.NET
Resource Hash
bf7da55ef6be4cdd0d0932dd1e689a423b9b04c68e3cc9b083d4c099bf0e0ec9

Request headers

source-system
Plugin
site-code
GFH
autoqa
false
accept-language
de-DE,de;q=0.9
settingskey
null
authorization
Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1bmlxdWVfbmFtZSI6IkNvbm5lWHQiLCJleHAiOjE3NTU3NDk4MzB9.UK_hICjnuVDcthJYhi5WxfML5REkQM3_ZXixXNvGWmk
ssid
9dde42712ee01d5c84170bad71dd97a1
environment
Prod
config-code
LAUNCH1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
content-type
application/json
access-control-allow-origin
*
accept
application/json
location
System
Referer
https://www.grandforksherald.com/
version
Version: 2.8.4.2

Response headers

Expires
-1
Pragma
no-cache
Date
Wed, 10 May 2023 20:17:14 GMT
Content-Encoding
gzip
X-Server-Time
5/10/2023 8:17:15 PM
Server
Microsoft-IIS/10.0, Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET, ASP.NET
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Server-Time,Request-Context
Cache-Control
no-cache
Content-Length
193
Request-Context
appId=cid-v1:b3b1c194-8bfe-45e5-8168-866947d4f019
ad_300_250.jpg
paywall-ad-bucket.s3.amazonaws.com/ 		631 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paywall-ad-bucket.s3.amazonaws.com/ad_300_250.jpg
Requested by
Host: cdn.pranmcpkx.com
URL: https://cdn.pranmcpkx.com/prod/forum/t8y9347t.min.js?2023410
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.217.44.20 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
0859f5f9bf49348ef81d01f953d520c10a2a857961ef1bfad4a7903609889de5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date
Wed, 10 May 2023 20:17:15 GMT
Last-Modified
Tue, 15 Oct 2019 13:44:16 GMT
Server
AmazonS3
x-amz-request-id
GE46BZ35AX76CBR1
ETag
"ef2cc7f55b7ab677b023e36033e26471"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
631
x-amz-id-2
LRzLWTVmLvv3xZOZMtrqJSTMI/q4tQC6UGlZalAxlappJpbtQ6euXGm9V8+vtzELxvd1+eF/6VM=
x-amz-meta-s3b-last-modified
20191015T134358Z
index.js
cdn.pranmcpkx.com/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pranmcpkx.com/index.js
Requested by
Host: cdn.pranmcpkx.com
URL: https://cdn.pranmcpkx.com/prod/forum/t8y9347t.min.js?2023410
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CBD) /
Resource Hash
6941d870c4bac732a6ed7718c594a73cc27000379eaaf241c9e47d982e44f407

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Wed, 10 May 2023 20:17:14 GMT
content-encoding
gzip
content-md5
nynBpfvYghYqzIzsvfssRw==
age
30706
x-cache
HIT
content-length
2382
x-ms-lease-status
unlocked
last-modified
Fri, 17 Jun 2022 17:08:13 GMT
server
ECAcc (frc/4CBD)
etag
0x8DA5083F65AD9E0
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-ms-request-id
528c1e87-301e-0005-5234-832565000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
collect
www.google-analytics.com/j/ 		4 B
24 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j100&a=935751105&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.grandforksherald.com%2F&ul=en-us&de=UTF-8&dt=Grand%20Forks%20Herald%20%7C%20Grand%20Forks%2C%20East%20Grand%20Forks%20news%2C%20weather%20%26%20sports&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=G2I.Connext&ea=PageView&el=%7B%22Page%22%3A%22Grand%20Forks%20Herald%20%7C%20Grand%20Forks%2C%20East%20Grand%20Forks%20news%2C%20weather%20%26%20sports%22%2C%22ContentType%22%3A%22website%22%2C%22MeterLevel%22%3A%22Free%22%7D&_u=aCDACEABBAAAAGAAI~&jid=1631426307&gjid=1262301941&cid=1267645818.1683749829&tid=UA-778232-37&_gid=906386831.1683749829&_r=1&_slc=1&gtm=45He3580n81P7XVL79&cd3=d7e84d8008d916b4bd2b28176519fdd8&cd2=1683749835586.u2frx1lm&cd4=Not%20Set&cd5=Not%20Set&cd6=Not%20Set&cd7=Unknown&cd8=Free&cd9=Traffic%20from%20Outside%20the%20U.S.&cd10=1&cd11=unlimited&cd12=unlimited&cd13=2023-05-10T20%3A17%3A15Z&cd14=Not%20Set&cd16=Not%20Set&cd17=Not%20Set&cd18=website&cd19=Not%20Set&cd20=Not%20Set&cd21=Not%20Set&cd22=Default&cd23=1.0.0.0&cd24=Not%20Set&z=55316787
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.grandforksherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Wed, 10 May 2023 20:17:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.grandforksherald.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		51 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P7XVL79&l=MG2DL
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 10 May 2023 19:05:00 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
4335
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Wed, 10 May 2023 21:05:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-778232-37&cid=1267645818.1683749829&jid=1631426307&gjid=1262301941&_gid=906386831.1683749829&_u=aCDACEABBAAAAGAAI~&z=726936578
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/rollbar.js/2.4.6/rollbar.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.grandforksherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Wed, 10 May 2023 20:17:15 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.grandforksherald.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-N18WFR4G74&gtm=45je3580&_p=935751105&cid=1267645818.1683749829&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAI&sid=1683749829&sct=1&seg=0&dl=https%3A%2F%2Fwww.grandforksherald.com%2F&dt=Grand%20Forks%20Herald%20%7C%20Grand%20Forks%2C%20East%20Grand%20Forks%20news%2C%20weather%20%26%20sports&_s=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-N18WFR4G74&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.grandforksherald.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 10 May 2023 20:17:15 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.grandforksherald.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-778232-37&cid=1267645818.1683749829&jid=1631426307&_u=aCDACEABBAAAAGAAI~&z=1229083218
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 May 2023 20:17:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-778232-37&cid=1267645818.1683749829&jid=1631426307&_u=aCDACEABBAAAAGAAI~&z=1229083218
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.grandforksherald.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 10 May 2023 20:17:15 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
cdn.jwplayer.com
URL
https://cdn.jwplayer.com/manifests/8gjfX5FU.m3u8

Verdicts & Comments Add Verdict or Comment

340 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 boolean| credentialless function| ensureUserIsSetChartbeat object| _sf_async_config object| WebComponents object| head undefined| styleGuideScript function| getForumCookie function| setForumCookie object| dataLayer object| paywall object| dfpAdSlotsObject object| dfpAdSlots object| dfpAdIds object| staticAdSlots object| googletag boolean| dfpEnableLazyLoad function| fbAsyncInit function| iFrameResize object| Sailthru object| Attribution function| admiral function| __uspapi object| MG2Loader function| user object| navSettingsKey boolean| checkUserDataEveryPageLoad function| ensureUserIsSet boolean| enableAmazon object| apstag boolean| enablePrebid number| bidderTimeout string| GRANULARITY object| desktopSizes object| tabletSizes object| phoneSizes object| ad_mapping_large_desktop object| ad_mapping_desktop object| ad_mapping_tablet object| ad_mapping_phone object| sizeConfig object| priceBucket object| confSetConfig object| link object| relList function| clickEpaper function| clickSubscribe function| isNavigaTemplate function| hasAllParams function| createCampaignCookie function| addReturnUrl function| updateUrlCampaignParameters function| jQueryBridget function| EvEmitter function| getSize function| matchesSelector object| fizzyUIUtils function| Flickity function| Unipointer function| Unidragger function| imagesLoaded undefined| pianoUserId function| getElementsStartsWithId function| waitForElement object| kvpMap object| ntvConfig object| webpackChunkjwplayer function| jwplayer object| pbjsChunk object| pbjs object| _pbjsGlobals object| webpackJsonp object| regeneratorRuntime function| setImmediate function| clearImmediate object| FB object| _cb_shared function| postscribe object| google_tag_manager_external object| google_tag_manager object| google_tag_data function| fbq function| _fbq string| GoogleAnalyticsObject function| ga function| twq object| confiant object| ggeac object| google_js_reporting_queue undefined| nQuery number| ntvLoadStart object| ntv object| prdom object| onFocusEvents function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvGetElementViewability function| ntvArticleTracker function| ntvViewableImpressionTracker object| PostRelease object| ntvToutAds boolean| onFocus function| 4dm1r11545242527 object| __buffer boolean| apstagLOADED object| apscustom object| _aps function| onYouTubeIframeAPIReady object| gaGlobal object| gaplugins object| gaData object| adv_id object| s object| twttr undefined| google_measure_js_timing function| janrainCaptureWidgetOnLoad object| _rollbarConfig object| _rollbarShims object| _rollbarWrappedError object| Rollbar function| rollbar object| embedded_svc function| initESW object| webpackChunkwsi_media_widgets object| wxWidgets object| wxMicroWidgets object| wxSunWidgetEventEmitter object| wxMapboxPlaceholder function| logout function| login object| apstagSlots function| unfocus object| googleToken object| googleIMState function| processGoogleToken string| axel number| a number| google_unique_id number| _rollbarStartTime boolean| _rollbarDidLoad boolean| _rollbarInitialized object| _cbm function| addLoadEvent function| generateUUID function| getCookie function| setCookie object| loadJobsHQ object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| closure_lm_400621 object| appInsights object| ox_esp function| lotameIsCompatible function| sync16589_aa function| sync16589_c undefined| sync16589_d undefined| sync16589_ba undefined| sync16589_e function| sync16589_f object| sync16589_h function| sync16589_ca function| sync16589_j function| sync16589_da object| sync16589_ object| sync16589_ga object| sync16589_v object| sync16589_na object| sync16589_wa object| sync16589_xa function| sync16589_a function| sync16589_b function| sync16589_g function| sync16589_i function| sync16589_k function| sync16589_l function| sync16589_m function| sync16589_n function| sync16589_o function| sync16589_p function| sync16589_q function| sync16589_r function| sync16589_fa function| sync16589_ea function| sync16589_s function| sync16589_t function| sync16589_u function| sync16589_w function| sync16589_ha function| sync16589_ia function| sync16589_y function| sync16589_ja function| sync16589_z function| sync16589_A function| sync16589_x function| sync16589_B function| sync16589_ka function| sync16589_C function| sync16589_D function| sync16589_E function| sync16589_F function| sync16589_G function| sync16589_H function| sync16589_I function| sync16589_K function| sync16589_L function| sync16589_M function| sync16589_J function| sync16589_la function| sync16589_ma function| sync16589_N function| sync16589_O function| sync16589_oa function| sync16589_P function| sync16589_pa function| sync16589_qa function| sync16589_ra function| sync16589_Q function| sync16589_sa function| sync16589_ta function| sync16589_ua function| sync16589_va function| sync16589_R function| sync16589_S function| sync16589_ya function| sync16589_T function| sync16589_U function| sync16589_V function| sync16589_W function| sync16589_za function| sync16589_X function| sync16589_Y function| sync16589_Z function| sync16589__ function| sync16589_0 function| sync16589_Da function| sync16589_Aa function| sync16589_1 function| sync16589_Ca function| sync16589_Ba function| sync16589_2 function| sync16589_3 function| sync16589_4 function| sync16589_5 function| sync16589_Fa function| sync16589_Ga function| sync16589_Ia function| sync16589_Ea function| sync16589_7 function| sync16589_Ha function| sync16589_Ka function| sync16589_Ja function| sync16589_8 function| sync16589_6 function| sync16589_9 function| sync16589_La function| sync16589_Ma function| sync16589_Na function| sync16589_Oa function| sync16589_$ function| sync16589_Pa function| sync16589_Qa function| sync16589_Ra function| sync16589_Sa object| lotame_sync_16589 object| __uid2SecureSignalProvider object| __uid2 object| criteo_syncframe_state object| criteo_pubtag object| criteo_identitytag_135 object| Criteo object| Criteo_identitytag_135 object| cast object| closure_lm_110724 object| AI object| Microsoft function| __extends function| _endsWith string| fpVersion string| fpBuild object| DeviceDetector object| Fingerprint object| g2ExtendInits object| G2Analytics object| G2Insights object| MG2Insights object| nxtBundle object| webpackJsonpnxtBundle object| NxtInner object| Connext object| CnnXt boolean| isPxlSent function| confiantDfpWrap object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| MG2DL function| _____WB$wombat$assign$function_____ function| __WB_pmw object| gPartners object| _cbq object| pSUPERFLY_mab object| pSUPERFLY number| pxl_idx object| GoogleGcLKhOms object| _wx_lastElementInsertedByStyleLoader object| google_image_requests

50 Cookies

Domain/Path Name / Value
www.grandforksherald.com/ Name: sailthru_pageviews
Value: 1
.grandforksherald.com/ Name: _attrb
Value: %224e1d7957-c6d1-4cc5-8e46-c4164d405499%22
.grandforksherald.com/ Name: _gcl_au
Value: 1.1.2068016473.1683749829
.grandforksherald.com/ Name: _ga
Value: GA1.2.1267645818.1683749829
.grandforksherald.com/ Name: _gid
Value: GA1.2.906386831.1683749829
.grandforksherald.com/ Name: _dc_gtm_UA-778232-37
Value: 1
.grandforksherald.com/ Name: _gat_UA-41542537-2
Value: 1
.grandforksherald.com/ Name: _gat_UA-778232-77
Value: 1
.postrelease.com/ Name: opt_out
Value: 1
.grandforksherald.com/ Name: usprivacy
Value: 1---
.grandforksherald.com/ Name: _fcc_ppid
Value: c159c22b555540a78b18a01862c48d8de2b9112d
.t.co/ Name: muc_ads
Value: 1e889c9c-2b60-446a-84dc-b0c5efe7ae70
.twitter.com/ Name: guest_id_marketing
Value: v1%3A168374982937643725
.twitter.com/ Name: guest_id_ads
Value: v1%3A168374982937643725
.twitter.com/ Name: personalization_id
Value: "v1_8EbyKG7d8qrieZwdOlbCuA=="
.twitter.com/ Name: guest_id
Value: v1%3A168374982937643725
www.grandforksherald.com/ Name: ntvSession
Value: {"id":5889881,"placementID":1145438,"lastInteraction":1683749829451,"sessionStart":1683749829451,"sessionEndDate":1683763200000,"experiment":""}
www.grandforksherald.com/ Name: sailthru_content
Value: 552c6587e26f70412fe9b72c6ea110c4
www.grandforksherald.com/ Name: sailthru_visitor
Value: 32179908-e5aa-4823-9bff-6d81e2015ce8
.grandforksherald.com/ Name: _fbp
Value: fb.1.1683749829560.1697005327
.rubiconproject.com/ Name: khaos
Value: LHI56B9O-1L-49QE
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qq8YKKubOZG3szzH/SUMvpGs1wMD2ZZQDLix8/D4moDzJcwVgMTN5YpoiRfbzAyC/tjfvKuOZw80uRfZkR4k+KWJhsHlJbldDdGPfy22I3goKZr5ZVxLWDe
.grandforksherald.com/ Name: lotame_domain_check
Value: grandforksherald.com
.grandforksherald.com/ Name: _awl
Value: 2.1683749829.5-c044235e331ce42ab1347d710e0d4e2a-6763652d6575726f70652d7765737431-0
.openx.net/ Name: i
Value: 927be10f-61ba-45cf-a91d-3883893279e9|1683749830
www.grandforksherald.com/ Name: ai_user
Value: hELVn|2023-05-10T20:17:10.210Z
.criteo.com/ Name: uid
Value: 5925b357-6c66-4011-8984-05876bfed22f
.grandforksherald.com/ Name: cto_bundle
Value: Pvr0WF9BZnlveTFzZVp1QUtBQnB5MGpUdTZFc2JKVEFHa1dpWlp4SldPUWVQR2lObzlvb0VhTVdDRjF3VkRwVDdRWmt3WHRldDNKUVUlMkJtbE9GRDhMTElMZkpIcnVhQnE5OHFTWUwwRGVTWXhjZG94ZUlPdCUyQk9aVVFadnJWeDlRayUyQm52NTZ4cW5mWiUyQm5FSjJNakJlcExxeE1jRG9QQmxvVTM3QUpjMTclMkZ6T0F4bzdvJTNE
.doubleclick.net/ Name: IDE
Value: AHWqTUlh0kj4xO1Jk1Az0IW7Kz6vHOGlxhQ_PQa4tcZ0NZdRqJF_iSs7YXLEgulb_A4
.grandforksherald.com/ Name: anonDeviceId
Value: d7e84d8008d916b4bd2b28176519fdd8
.grandforksherald.com/ Name: nxt_last_visit
Value: 1683749830849
.grandforksherald.com/ Name: __gads
Value: ID=6818caa983dac147:T=1683749829:S=ALNI_MYXsJZei4eThJg3DOPfuEvF2Zsw4Q
.grandforksherald.com/ Name: __gpi
Value: UID=00000c1354c23e7d:T=1683749829:RT=1683749829:S=ALNI_MZrQO5yZFLXQCj9JLgB8E88Dqr3rA
www.grandforksherald.com/ Name: _sp_ses.eb11
Value: *
www.grandforksherald.com/ Name: _sp_id.eb11
Value: aae28209-a4ce-4ee7-b0cd-8cf520cfc29b.1683749831.1.1683749831.1683749831.f8f5602c-54f1-4e2c-8bb1-87500da35b7d
.grandforksherald.com/ Name: _ga_N18WFR4G74
Value: GS1.1.1683749829.1.0.1683749830.0.0.0
.doubleclick.net/ Name: DSID
Value: NO_DATA
www.grandforksherald.com/ Name: ai_session
Value: Venp1|1683749832143.6|1683749832143.6
.grandforksherald.com/ Name: _fcc_user_status
Value: anonymous
.grandforksherald.com/ Name: _fcc_user_created
Value:
.grandforksherald.com/ Name: _cb
Value: xdtePO6tSEG-cy
.grandforksherald.com/ Name: _chartbeat2
Value: .1683749832356.1683749832356.1.B8wpGRD6DRQ9Dig1f5reNIrDZLSXX.1
.grandforksherald.com/ Name: _cb_svref
Value: null
www.grandforksherald.com/ Name: brandcdn_uid
Value: 3be42fba-e2fa-491f-8c8b-2ad6647e9ac2
.force.com/ Name: BrowserId_sec
Value: pmAjKu9vEe28YB2fcKzrUw
adservices.brandcdn.com/ Name: brandcdn_uid
Value: 3be42fba-e2fa-491f-8c8b-2ad6647e9ac2
adservices.brandcdn.com/ Name: AWSALBCORS
Value: gmFXLLLI2zmuCQev+xNiLXw8Q1fvsp8YVgLsRYBRsObErBN/tblqgvvFGImBErhhJ5rlQOl+TFJHn8q5xJH3s82BvLnYLPk9wnnIAc6EoR2EqZ+htwZJvhCaZM+H
.grandforksherald.com/ Name: amplitude_id_432ae79507b8a1b31e85f5a42448d9ccgrandforksherald.com
Value: eyJkZXZpY2VJZCI6ImJlZDkxNWUwLTIzMzgtNGY0NC05YWFiLWZiMGVmYmZhYzUwY1IiLCJ1c2VySWQiOm51bGwsIm9wdE91dCI6ZmFsc2UsInNlc3Npb25JZCI6MTY4Mzc0OTgzMjk0MSwibGFzdEV2ZW50VGltZSI6MTY4Mzc0OTgzNDA5OSwiZXZlbnRJZCI6MywiaWRlbnRpZnlJZCI6MCwic2VxdWVuY2VOdW1iZXIiOjN9
.grandforksherald.com/ Name: nxt_GFH_LAUNCH1_PROD
Value: {}
.grandforksherald.com/ Name: nxt_upd_ac_GFH_LAUNCH1_PROD
Value: 1

3 Console Messages

Source Level URL
Text
security error URL: https://embed-981930.secondstreetapp.com/Scripts/dist/embed.js(Line 26)
Message:
Failed to execute 'postMessage' on 'DOMWindow': The target origin provided ('https://embed-981930.secondstreetapp.com') does not match the recipient window's origin ('https://www.grandforksherald.com').
rendering warning URL: https://www.grandforksherald.com/(Line 3552)
Message:
Canvas2D: Multiple readback operations using getImageData are faster with the willReadFrequently attribute set to true. See: https://html.spec.whatwg.org/multipage/canvas.html#concept-canvas-will-read-frequently
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 466)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2c10b09c2f0b1833eecb56a5cc8b9664.safeframe.googlesyndication.com
8975227.fls.doubleclick.net
aax.amazon-adsystem.com
adservice.google.com
adservice.google.de
adservices.brandcdn.com
ak.sail-horizon.com
analytics.twitter.com
api-mg2.db-ip.com
api.amplitude.com
api.jobshq.com
api.sail-personalize.com
api.weather.com
assets-jpcust.jwpsrv.com
az416426.vo.msecnd.net
bcp.crwdcntrl.net
btlr.sharethrough.com
c.amazon-adsystem.com
c1.sfdcstatic.com
capig.inforum.com
cdn.ampproject.org
cdn.confiant-integrations.net
cdn.forumcomm.com
cdn.godiciardstia.com
cdn.id5-sync.com
cdn.jsdelivr.net
cdn.jwplayer.com
cdn.materialdesignicons.com
cdn.mircheigeshoa.com
cdn.polyfill.io
cdn.pranmcpkx.com
cdn.prod.uidapi.com
cdn.wgchrrammzv.com
cdnjs.cloudflare.com
connect.facebook.net
d.la4-c1-ia4.salesforceliveagent.com
d.la4-c2-ia5.salesforceliveagent.com
d1eoo1tco6rr5e.cloudfront.net
dc.services.visualstudio.com
embed-981930.secondstreetapp.com
entitlements.jwplayer.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
google-bidout-d.openx.net
googleads.g.doubleclick.net
gum.criteo.com
htlb.casalemedia.com
id5-sync.com
imasdk.googleapis.com
insight.adsrvr.org
jadserve.postrelease.com
loader-cdn.azureedge.net
mab.chartbeat.com
mug.criteo.com
oa.openxcdn.net
oajs.openx.net
origami.secure.ownlocal.com
pagead2.googlesyndication.com
paywall-ad-bucket.s3.amazonaws.com
ping.chartbeat.net
platform.twitter.com
polyfill.io
prd.jwpltx.com
prod-forum-proxy-connext.azurewebsites.net
protected-by.clarium.io
pubads.g.doubleclick.net
region1.google-analytics.com
rsms.me
rtb.openx.net
s.ntv.io
s0.2mdn.net
scripts.attributionapp.com
securepubads.g.doubleclick.net
service.force.com
snowplow.ownlocal.com
ssl.p.jwpcdn.com
static.ads-twitter.com
static.adsafeprotected.com
static.chartbeat.com
static.criteo.net
static.forumcomm.com
stats.g.doubleclick.net
stereotypedsugar.com
storage.googleapis.com
syndication.twitter.com
t.co
tag.brandcdn.com
tags.crwdcntrl.net
tpc.googlesyndication.com
track.attributionapp.com
unpkg.com
us-central1-kube-ownlocal.cloudfunctions.net
videos-cloudfront-usp.jwpsrv.com
widgets-green.media.weather.com
widgets-lts.media.weather.com
widgets.jobshq.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.grandforksherald.com
www.gstatic.com
cdn.jwplayer.com
104.18.25.185
104.244.42.136
104.244.42.195
104.244.42.69
104.44.128.13
108.138.7.42
13.110.41.224
13.110.58.222
13.224.192.181
13.225.83.200
13.32.27.124
13.51.225.119
13.69.106.90
141.95.98.64
146.75.116.157
151.101.66.114
152.199.22.243
161.71.1.38
172.67.75.166
178.250.7.13
18.165.122.104
18.185.67.118
2001:4860:4802:34::36
2001:4860:4802:36::36
216.58.212.166
23.35.237.64
23.36.162.199
2400:52e0:1e00::1077:1
2600:1901:0:d733::1
2600:9000:2057:9e00:18:1fcd:351:7bc1
2600:9000:2156:4e00:1b:e643:4ac0:93a1
2600:9000:223c:8c00:1d:9060:10c0:93a1
2600:9000:223c:f400:14:d64b:ab80:93a1
2600:9000:223f:3c00:8:48e:53c0:93a1
2600:9000:2250:9000:a:e047:752:b361
2600:9000:225e:2a00:7:e536:8b00:93a1
2600:9000:225e:9a00:1:a3fa:7cc0:93a1
2600:9000:2491:3800:2:cecb:23c0:93a1
2602:803:c003:200::41
2606:2800:133:206e:1315:22a5:2006:24fd
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700:10::6816:3456
2606:4700:3038::6815:e9e1
2606:4700:4400::ac40:99f6
2606:4700::6810:7eaf
2606:4700::6811:180e
2a00:1450:4001:800::2003
2a00:1450:4001:803::2003
2a00:1450:4001:808::200e
2a00:1450:4001:809::2001
2a00:1450:4001:80b::2006
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2004
2a00:1450:4001:80e::2008
2a00:1450:4001:811::2002
2a00:1450:4001:811::200a
2a00:1450:4001:812::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2010
2a00:1450:4001:82b::2001
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2002
2a00:1450:4001:831::2001
2a00:1450:4001:831::2002
2a00:1450:400c:c00::9a
2a02:2638:3::3
2a02:2638:d::d
2a02:26f0:6c00:1a4::3282
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42:200::282
2a04:4e42:400::714
2a04:4e42::485
34.102.146.192
34.120.107.143
34.217.66.45
34.248.111.53
34.96.77.232
34.98.64.218
35.227.252.103
35.244.184.131
35.71.131.137
52.11.162.50
52.217.44.20
52.222.239.116
54.173.81.117
54.183.53.112
54.197.229.45
54.204.238.15
54.76.232.125
65.9.66.109
65.9.66.122
99.83.154.140
004dccc422f9d07025eb214e959cea7b998666e94fb15d5d254d7c581063d680
01e50d160f9632529f4d453e0b5ee8a18af04ae08dd7249951bf84c59a0a92b3
01f5a67caa33661cd1698afb1a912b91d9eddc962c2d78307b3b32a5453214e4
0284b82fc74f4fd666a234fc2df3c7be10d49e40d9f5d238594f69b63c5d794d
028ddd0cf27c55dff07fa9232f63251cda3cbd811e2f2bc383c9349e39cd4bb6
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07d9cf67eb9852fdbef95e1069f17bca2fd4b9faeadbb812cd5a2a4800b4f996
07e18c8d3cb864c4237b36bdf07531404904c75307a0cabde06776d842bb2b1f
0859f5f9bf49348ef81d01f953d520c10a2a857961ef1bfad4a7903609889de5
09f9f507e1b9603cb213244da6e536b850fc6934a4e28701a53a341562e62c34
0b5471dc2876762c0689554242e543efec8e27b820603f7ae86a19e5da029a74
0b7ff162f763d20a96f2a87ee042f8c0a41810777eaacc7883b3379a69c1fe50
0d444a81d6d7302bf1361efe4a5ce65d00d7dfce23c355ac76bdd0ebe3f6d1f8
0f31c8abfb356dc3872f74226d599b498d931ef853763e4eb966875106d017f5
0f91c72136eb1b542012a4fe6d15acfb546f24a26d28ac76f5da28d446443879
0fa2fafb5adcf4a630ac19299166f2db7fad934b4c00be42447afbba5c36c852
106fb417f17d07a860ebd1466dd44c0f30c754560e24e4f85ce5b4b560fd6bdc
10a396cf83a1f0fa5ae02c199215e1b8e32fdb313f3d5e24c3e61a56f01e3eb5
10b9c9ca2cc02d143867e6e7919d95cad2be51ea62a85c260d9285e2a2b02f16
11ab1f88248f74604ef64741a032a3fa806feca3602872ca57ba60303211d4c2
11b97392fe91256a463d66e0a68f1ed068dd3ba2200289fa89e0afb2b0558b12
12834f596f899e7e17cc2a4a76a1ee77ea0f1ebbfb61e8a33dafe426327c71a3
12fe27ff9a57f5c8ebfb83aee9fffd02c213181f195935f594644bda4ec44c84
132926f52bf738c2930b18852466f28cb92d469957a1894290aed33340470473
14068c1ca71484d52089cfb826306e65faa23fbb6daf451979201572d1cad4f4
14cd740cfb34a149d34ebbcfe5391e044d5b1d2a5a1e4c4a5aa6e44c6914abf4
14e53087d9ec048a8135adca03aa7a3227f61239e31841401b4e1724070cf695
151efe0aef9774258d30d2e65e7b1450e7d84d9965a55d0989d1d64d25484035
153b89dfb7423cdeff87d9e727356188b36bf1bdf237f07c120d809a7e64dae5
15559265c43e023322fbb97f910244594c12c7c9b60afcfe7bd3529155f560ae
159a4348738faa6a17a4a91085572a0a1827448977e79cff09b77eb06d13a030
17fe38ab302c7e5dbfb5c3d87801092d79be958500db6412ed3bc0f126bd53d3
1cee87ecea5f99dce79483ee4d0f2bb1aa48b726bab80074ddac3fda062e7b40
1d83afcdc6b732315ec510266ea2fdededbeb29dc82e917e7983a56d7ccea7f9
1d8924ee705dd789545282d7ba7f109ed626e9e0aaf1c430bb64858fbdadb29c
1df96aff7c1a0b4a1f03d51ec741df8d542fcf32eddee1a0295068e4a7f0017b
22452f2ba903b47c8bb647a45489f042b23190b3ad064ce7fea7e12b21700920
275430d552eaabb8041704d8d685623785f36f13e9a7b44da9fc0dd895a12aec
29022c3e709470d2f9a01eb906ccbac02a60e213eb51ab140d202a613ed6afc2
2a54e29a4b1f0cdf4f5cb2e77963987ff5051d96515bf7ee4cf0a17a28756539
2b18192a287debcac96ef5cf0ffc45f720594a3c52a9c06a4478117871b21208
2c70c3aea5b37689d76ff458144b97f676ce4c383d84e93b92a2c978c8d8293c
2d1fb30803d66f215bebb850d980dc37e3add8a488c05e8663593e38df7ed084
2d6b2c2152331f09ba70a1704ae87f8b114c43f478b381a894f8fb265ee62f22
2e823bf21b40e4f4b284896cf9c1ae0c10a8aab18bca4ffcf2a669cf8d7483ad
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
30672bbcaf57760c0496cc6cf57b071b78b8341e0d2465328c4f00d368b54082
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
33761a4292c2e63df414689af34c6675bf6fcc6e47db4d9da2ce37208663af2b
339db5e6572896fca2d362454306e691191caf9de8ca91211da57b3802bb38e7
34172e3b2c0f93498a2730933bc90740b38178cf10bd81b3164289d0445644a9
34d0271aed99f02abe21d99c0599a4ec0d40ab19fb0118d725aefe4a07f01f1d
34e4e4e998d1023cadeeda959be0f4fce5abe4eaf9d241782ae404e36446ecbf
35996152a03a39eff3b0e04face1999b4f0d5726bb7da1f7c531510a7bb6dbef
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
36ca968841d864331acba0762ff91be0f4fac82b02585deb7be048af7558816b
38e33cb66d9e6c0ebb591c68943277b0c0f243f3137490010da38c701d0304cc
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b
39804ee9102080ae5ce7df36dbbb57c836c9ece97c07690afd22538f3e16f1c4
3aa6d58d974d052d6bad494e15bff103c518e148e59054c006564610b41103d2
3b0044aec222c9896823db7c2a05b93c9cfe4000eeb96afec0a1e054f3916b1d
3bfc8e25ed15e0f95e9e05967803f55701b3dca8227626604f2c25b7201aa2cc
3d941ced27645a06d0572588ad6dcc0968dff13aec06f4c0a5ccd13ff6ee2521
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
406e93678105af49a6da804035838fe531f4b4e60d84223d31892b4c19439b2a
4127cf5ed2e86a5c99579d5fe7c29b6ead88296c0ad1cf3313f111cc343c2654
41fdc9a4ce3d3824ceaa71d1be9e2d65277e841e309601a2ca9ed6c595b34f56
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
44088f1b95ca90b57fdbe79bf246c1873018037d7eb6b7e77e4f0eff5226f99c
44d2515506ef0a50a83f6dbdabcb3ff097174bf01fb34664786953872226b074
44eefef34507164f4234b958d8f6906488a2521071379498041568bae9499b2e
45a61a04904fc2115c440a349a65dc93d2965b0b24dc5a8172bd8b792bdbf103
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
469d340f4d48d1a532f76a3a34b1473a0eb60317bb67d2f71caf6aad4a2d802f
46defd9f9676264832c18e26def5614bad9a10342d6ddfb7dc74cee05dc62021
46e7f97d31bf3ad9892b92a25a204a0a71ad7d23ddcf33dcd090705684a79eb5
495785dfc5653d48c336ce66d1879872f8f69628e6b046a4f978de34f5b0a2fc
496db6d47cb7396e6e92ea0d527d26f700d1719a5e993a26379d927da5fd9b20
4a0ec64a53d11a6f2a23606cda78de02bddb6160e6fef75e6c58d34b71108eb0
4db60939f3738fe7cbe1f25b1d1519de132068b9069cfe9991e513b52d8a5685
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
5270155ff4a7e8b5f899599bed68fd18e6bc5a609ca7a451371f3ae24e2380a1
544c55ca9f05d425f3beb90f287308d7a408b1f60d17728eff5c605a494bc1b9
545153a3dcdbb881de9d7bed7385b8ae8c6ff955f0864aa143f4cd0307cea575
546905d171737871c6410a8fb6b325b39ae9469c68e0903772dbeb9027adcc41
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57ea188e56203b50ec90dbc86954c4970b5461c1600ee0b87f1a2006c1748bfd
58a14ba2e3e773324e8b8aeadcd988bdd177f68e6bf65c5fcdd339032e536e61
58d5ce004f72552af92a1ed7815fbbaac9998c3d3aa2689430758bbc2d27e604
5b250abf024f6ec976f6c28435f73dbe9260dbbe80f5db18cdc0f23121f9a11b
5b2dca118abfd1898078b18d42cc27b2a8d72316607478214bb349e3d9005c2f
5b555bd12e05d479bf1514e2cfb7839b65182a024adbb46d296c02c7f62770d3
5c351da5e4fc24467ac473b2ddcac467c50aeff9e2915d68ec02de9be0ce3d50
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab
60fcc2cc7ccf0fa8a2d4ca7fbb23d90b20d437f382b4518cec0ca6c3dfc0ac2f
61649ea126405e25d62d1c5aa3e41a5f5dc29c11d0a3cb1df5e723f217964661
61b1f95fd4b77f7674f18aca5e867efb6e1ca58026ae61cc43f0f7b86d05743d
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
61e37bd98083e658c6beb37a8885da81004d8645e66565f5990cd3a3e63146cb
62b4442ddb0ae7dc79251f9ad42b77aec1563acb2005876ce979d292d2be458f
6369e763330653558817dae31c7e19d8c836e69fd314cd3eda5d41f73f97aae7
63f2170fac8aa98fb5f23cf2ee3998f1f384d53cf252e6c8d9267c6519c93152
6653d2cca03c490c0032cd74205c6c37a494ea31ac1c46aec8e55c7017c1b3f9
676efe1d8cfe93ea78e3bbfa528afa7cc4c0a8b7404a90fa2d370b350938b7f6
6941d870c4bac732a6ed7718c594a73cc27000379eaaf241c9e47d982e44f407
69539b5b3777cffda28a66d7f2aa9b17c91ee1ec8fd50c00c442af91753a60f7
69df6878865b81a88b50d9f371abc7c3fcf13775ee6b7a9dbd5840719d0c5507
6a526700a518d11ba17f9e4afc2fac0b2cfacda8a91a1975931bb30d6de3b479
6d4bfc379f8f81d76a205639ac01b9e876aa346c3eec763d2c0ce8c5b709a2fe
6d588419e60fbe47c551159a6e85b9f0655077a779d2e5ebbe78691a996f96a6
6db32324f58d89a117ece690f38313c6687dceef532dbeadf56b3194063fd1a0
6e26df5294a3d646e0a3dd585231f43b8da79a056e522c7f7a3072b9ca63267c
6e6d7ff7829bfa422d2a4f4151f62fa9281e974763c8089c52766f64bcc1ba64
6ed0c7fc0c9f4def57af12e53b570988cc2c8b20eaaf5c191aaca0f4917bb5e2
6ee541ee385accb8454f23556c93af5bdb6c03e965bbb34ce8544fcfcb173e7b
6f1e786fda076b554f9f60db23a15e7256166b651f8051e2049f3df08c6ecf42
6f2050953a344452656f955b3e85621c301548f965631f75f913bd94f5ecd21a
706207ca4f59d7aa6899f7f54bd9a3c7b50c82dde7b043c4a84658fb79902ab9
70e2c48e17f030066b530cf41f5f7d726ff7736ae0875e36dc2b5ef649e1f146
721f2d2fe18f13edc2ae51c1918c1b0a2d7b668318c559310ab35fa22363fdad
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7673b8d74cf705b7e20cb15b087b257f313985e8f0fa2a31b3ceba1c2afb3332
77384310d4ffb3b35481ce813a3ef4f3cbcf694e8a7a58f6698c692bdf27de5e
7743632b2d2859cbf59a94120bedbf217a2b7e68de4f971d88560fd21cea3f7f
778be0a20b795b24796a8bc78cad7d23ccbcf35d20d68c761527d57486605aaa
7826fe95a2a54d45f09eea4a374622adefb6eeab1612ffd8e4eef8de367744ab
7a2bbb77ccbed0143c134b242c437fe8a5892d5646c496ee1eb5c49d35a144fc
7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530
7c273510050e27ad1e0a533b0a766c6c597575710d578a104e60d4810e173648
7c9d524c36d139c29177f4a8d23afec8f55c7936aa1d1d3d12d7ca74e48ebd06
7cd2282be168cf2abda9da81b4c69c369a9f81f6a2d48c2142dd893dcffe14ad
7e0e8aa8b79a82ed3333ae5ad64bb6ca9c0ab19ecf23bc04e921c26be1f9a9a8
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
801c9f9f43b0ac567b2a38344b4208c9d38a337d2ef534c3b588a603350f78f6
80c1d95d81bc2fdee7c6b6fb798f6d27e405258d3f5116c6bce43949bfae0032
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
839283326c111773ab5e567624466412703746e7be1a67d12743926298533ce8
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
875bb6a0b46c3e1354ad266b10d685c171ae0f263d81a5db42a9a86e5658e95c
87b944ae1e3383e261d2e322cad1b152594049c0fbf1214e0b9499474c07dca7
8a4e7fa7a2e004d6d54573fc95acaca31222892cd641d3358f27f7159867ac4f
8b66f48278fb986f0f07a7827e508cdf1228e1f6a3960915ee2f8451112a256b
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dcee59828f1423ecefd552dd353e25bd4ac38a9557ee084604ee7c2d41d9b98
8e2d476a3da7d96d989379c7fb3be5ed4595a5dcdf7164cda8b5ecf0ed9a39fe
8ea3b1ac8c7484427325ded6517f7ed0acc6be4cc428bbbd47cde78f1f148811
8fc7d7b5dc1eee9785b7b9781fed417152efc00afe62378908c64c13e65d1cf1
917315618023f6b319b724ae0fb89a9dcf5a4bf47fadab4a8031e6af996c6fcf
929c33e2c8c8992df4b0db540fd19c9ea6956891f6b0ced6f1da5568e9cda2a1
93ae7d494fad0fb30cbf3ae746a39c4bc7a0f8bbf87fbb587a3f3c01f3c5ce20
97cf4206e208ceee4baa88c1d02f47176d84c5c84f85f63bca9d23aa9f077dc4
9cf4fc9350f69e442ebfdf130d4e601377e9273b642282a1ebb4f79d6116e8c5
9cf71774f1f1f6c394e18096287cb46b53cc4ba8e2f17af4625b2dde339f4776
9d01f0bfa64e1b1c71f849cef0de317a83cb3020bbbd9dc83cf0394e6f6dc749
9d32bebe6ad270413f2223ea363fff2ffb0a4d1f611b152294a65d39c1dbab4a
9d7805992cf7b7a6eb820f848e9eed600cb66123bcf4a71bb94f6851ebc1eb86
9efc76ce3a66d2308182603c89a12559ec0b65e8965f3ad3e5cf3a846756e622
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a15d10ee6ae48395020b55338c0384cc95c1baa147d27f4d0fe05520beb75ff1
a1e373b622db63e2129f7ab5e8d6419d906a7ce57f10428a4d1f6ae6cfdfb26a
a244ae0637bfd4ba5403e87779198dc659a06b35ec99b11dbf47a413a1b3d4fb
a2653c8d60c8bdb5019d043ba0c0c5de5eef0ff0a61d2d4453df56c1c40792b1
a2bdd8cb01353d4ed2a9ab4c7d7c263225f6908aa875614d015a2f39956d9d73
a39d28f78d96f29523eee3db2d6657e6436565fb175a70e6c84c3106c53dde20
a4211321d33059a10e7424c8f675954dac1d7aac273ac863f44c775a51b75454
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a51c16d553a84214d4227dd23f3de586b78d23908f42c4b6802877e773586f59
a5230196df9a4e9f6382c504668862efc8e25c1ec093c7dc997fbedb4b3ec54e
a58db5c848b6223d565ca22ff9b9904e7efa8c22a1d2f518eb49bf7bf9c0589f
a695b8b12c7d88355d0b1b33d6c643a7913bcfbeae91553bd7560019188b1032
a74ca623415ee28f8d6845f42bda78a59e227f27fa9099d5b8ce2e3e5afe785b
a7771ea45fb4c2e5c5dd5c882a087066ffe4c306d1484c1cd0caff01214b67a9
aaa73b3468d15f4180dc64332cd14c412dd4c8661ad85135eac773aee4511451
aabfa6cbe5168fa68dc898138c30503e8a9d29c8ad9882cdc79f887c1b2f2ae7
abf731d1e7ef6bdb9dc5de16de86cdbcc2377b83fa3b656ce6a9aaec80af5b06
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad95508c2876e24f8b6df55859670686303d39668bb1cbf465922cff5a89fa6c
adcc812e959337ea806767e296146eae68f9abbb9f196cdb732626bb943a1c27
aea64597236978121bbf14d1dd6b4bcf37ba92dab89923ffc1cbb55fc3f2efb7
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
afee6456dfb8c4a06c385b66dcfc3ba275db7f215414bd73d85fd595a665d34d
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b1289ccca476df0a33259965671579525261926bf8ea0a9f4fb3ba67535c4f69
b144069da3f1709d073fdb3895992e36a79a45b9f8db3a8bc3f52b54bc86115a
b17c323542a38bd48ca5f48bfd42a56eebec01cb14b61baf3a171f72db6005db
b2be71d96357ea8f77245c04ce8273ac82555687ac77acbd9d5e6aba96582da6
b4b9a5881171f76dce531adbcdb57884b7f96aa1f5b37f49e3fadfc29a81c51d
b4cff825956405b0812384c3bad4d1838efc68efbce49576e93fe7fbdf28050b
b61e0645a94cdfec554ba8745b9078edbe7b8defd3b345baa7f218e73404f647
b8e2612575553a93321a90a8885f7807956cfe779304b51d0d596fdf71420c42
b9200fbcf60ce201c7eaabf39ebba98246c1a806f98d9d63a8aa438ee7ba6365
b9c3517ef33044cccc4fbf946cad87f8c2c47c71d26f3b9005947b6e73360815
b9ce6670d2e1b5d00efa8ac76ce70ffd4c7ee0bdb09213e5f418291908704b38
bc530c3c75bb87677cb79d645697759ea411ab9ca7ba55cb28d5e040ff44f603
bc611cd3f2e427b4b4c098b3cd5ccbf6e46754bcaa2bf3e2445b0d2f83e78b65
bc69e745842038cdf8e24211e251c7f6c23db3cdf21f5113dbb59f2a60fcfe41
bc9a16cd945457ad9463cdaed95129b01c589466978dfee3d019d9c604b2171a
bd3384993e8aca42906a17cf7f569f315e9898b68122390e84caca56f26e29b0
bf5de2a37e1b850ca9cc3b1a55bccd36def2be3524d0c5acb67b61f26aac8a96
bf61d2f3029bfbbb1e16f369f6884d786708f7910c4336f8e384d9039183c59c
bf7da55ef6be4cdd0d0932dd1e689a423b9b04c68e3cc9b083d4c099bf0e0ec9
c072d69ae7b04ee3426d0e6677dda7e520dedc80a3b9b337294130674d7e112f
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c14569b287795db20f175729c90108f5e756049018e48f45d6f92c11c31be884
c1f7fd917113ad51a86228d740ec3e049988b0f7ff668f393688f6126bc4d94a
c7fc8dae04703101d705fac5268f8900d96149d6b2d3fdd6c1fac249ed16cf1b
c99b52f0c8489a1b84098d5893dde6d9ffc96de4fa43be9dde349bf6fcfaa4e1
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca800714e3b6d8be547d694454f907aab1f8e97a79e17855320fa6be661ca81d
cb08d029fc700faac06fcf389bd278990545b86d450297472e0687d5fedb95ae
ce6af6b25de4f562aa2feedebd3acaf08fd337ef2535283c5344492841c8f468
cf12ee84c417cbb401083f27253d0541a64dd8605c7442f8ce8a22fe3026bbad
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d39ea8b01429409597b65e67ec77e3a76fbd01ac17882fccfdc7b5ade5b522ee
d5b19727f965f05638f8fbb07196eb4aaae8722e495c7d38dc1815e676178831
d6a5789ddcefcde65aca42763fdf458a4df543f92f13d903aab39e05918971cc
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
d82a9f3f9a4913012f1585db86d3ebf48087df5fe7b50e9daada0ef7e3d5edc8
d8fba1c77a83219514a230d614b64730e49f1bb3c244886b55b4a4255d90de3e
d90aeda66c47178379868016b798c0035f74873ebcc6db2db1682cf5778bf60a
d961a31d3d2fdb93a35a4024f9878b2ed896cd86a084ceb8df6af3bc53e29125
da2b592b0cefd3e8cc371c7960518a403628977e282a1d7e8d1d5ed4e0a5325c
da8b37412e5fee3c19281c758250cbe01f6e51e173bbb04f683aca0289133ba0
db83f799f235d5e9643e8b6d541a3b504aef47610492c4074e09d664eb58582d
dc5f18223b1a8a5c768d7e1a6e61e1f6c724d385921f6353ba01ff9ef19d59e5
e0fe24b9e7c1da3b05c5deaaf6a91982509c7b6da7ad39ae4d7d18e7a1164e45
e2311cf98af0c3c466d302bdfc92e4c9fa74d1282bc67e8b00a22282b6b7e482
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4d188579bddcd83fc8d1383f60e6a50c5cc3428e4f6c32b493a8cce04bc9c87
e6f81727235ec36cf5aa569816d86da9ed243bdd4a6ea70cd38591c5dee7bcfa
e77edf5939bc2d42eb1467d0bf33d5f58fe919dbc70e6b8b62460c28e26ce177
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e8620488d51627bdeb03bd8e1fb09f2e8be370d05ab90324bca19c7515b31554
ea6ea3a65726c9736c6f9715f39fc113bef17e87589ee3b2c220fc21f13083af
ebbf2c9660805374a74fadbf8246a20108ab0d806161d0a96d7e35bad0da6410
ec889b60ca5e46d4779ee2a1563781d74c5cc9424f64d6c833d3a293316fc4af
ecb244f676677252c58d2eccb58f1b0b87b5dd6baab45d29d46dba74c823b7f2
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef2864db59214510b41fd811cb68c05b4d9542a3298a56b290b02970052dbbfa
ef650279c4e58b369632b91813bee266831b73a1056d98b4fb39e0e49ba6460f
f10134f63012891e9e259c48919da02a150be23f97892cae445acec7c1e8e00f
f18b2e0a7d888b717705751708e2bdcfee1f898fbc2d959747303ecab4a8efbb
f214bb83b00dbb7096b4e44ef9d18385e8b643b2f306c311d34233b83b20e526
f2863821119660d61dea8c3d9024b49b3cf368a87f54fada27a95379f20ce92b
f4383501f967cdcfd029237d3348c3d588ce998786fc7bfa8769a6aedc294c61
f59d61052c742fb252334d4b9c6e0e4d85ee2f6a2881ab86b22c98b6a6ec2c30
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f80bfae8f1ef2c434dc6ae09f1aaed16abe8ab5b495825014097825b47838c4a
f8238cdd1cc6032f1c34cf7e559b55a936097f78cc8839628e5cc39a6fc3f390
f824000649b12b68a220a0120c606932d0740bd5332770a244473db773185e4a
f826765655e6a3e039bda8ec43370f2c9247a931e3e33129175e48ca0690b1e2
fca861b43e8d8ef241760fc480255cc617158f899d696c64b5fccbd8e065785b
fe3bb4178d86004f1174e414cf2e193df519c365f9ef88d47639d59445294831
fecb0283d12054716ddc0b9cb7784b3729046986359bea7ea4f02002b6e76ab8