urlscan.io logo urlscan.io
SecurityTrails logo

www.sonomanews.com Open in urlscan Pro
107.154.114.220  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Submission: On December 27 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 73 IPs in 7 countries across 55 domains to perform 395 HTTP transactions. The main IP is 107.154.114.220, located in United States and belongs to INCAPSULA, US. The main domain is www.sonomanews.com.
TLS certificate: Issued by Thawte RSA CA 2018 on September 9th 2022. Valid for: a year.
This is the only time www.sonomanews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
3 107.154.114.220 19551 (INCAPSULA)
10 2a00:1450:400... 15169 (GOOGLE)
8 2606:4700::68... 13335 (CLOUDFLAR...)
11 2600:9000:224... 16509 (AMAZON-02)
9 54.219.243.149 16509 (AMAZON-02)
2 2600:9000:223... 16509 (AMAZON-02)
1 44.234.227.111 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
22 99.86.4.97 16509 (AMAZON-02)
4 23.62.220.135 16625 (AKAMAI-AS)
1 52.222.214.9 16509 (AMAZON-02)
14 2606:2800:233... 15133 (EDGECAST)
31 2600:9000:223... 16509 (AMAZON-02)
7 184.169.129.237 16509 (AMAZON-02)
1 23.35.237.64 16625 (AKAMAI-AS)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
26 2a00:1450:400... 15169 (GOOGLE)
3 13.32.28.197 16509 (AMAZON-02)
1 2 107.178.250.234 15169 (GOOGLE)
9 2a00:1450:400... 15169 (GOOGLE)
1 2a04:4e42::714 54113 (FASTLY)
3 23.35.237.151 16625 (AKAMAI-AS)
3 108.138.7.90 16509 (AMAZON-02)
8 54.163.174.71 14618 (AMAZON-AES)
1 52.160.40.218 8075 (MICROSOFT...)
1 23.206.210.112 16625 (AKAMAI-AS)
3 2600:1f18:44f... 14618 (AMAZON-AES)
17 2a00:1450:400... 15169 (GOOGLE)
27 2606:4700:20:... 13335 (CLOUDFLAR...)
3 52.18.228.75 16509 (AMAZON-02)
1 199.232.196.134 54113 (FASTLY)
1 18.208.87.237 14618 (AMAZON-AES)
3 2600:9000:230... 16509 (AMAZON-02)
1 151.101.128.134 54113 (FASTLY)
2 2a04:4e42::282 54113 (FASTLY)
3 2001:4860:480... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
9 108.138.4.150 16509 (AMAZON-02)
4 2a02:26f0:170... 20940 (AKAMAI-ASN1)
1 2a04:4e42:200... 54113 (FASTLY)
1 2620:116:800d... 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
14 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2606:2800:133... 15133 (EDGECAST)
2 44.213.39.37 14618 (AMAZON-AES)
3 151.101.2.132 54113 (FASTLY)
4 54.198.19.104 14618 (AMAZON-AES)
1 172.67.75.166 13335 (CLOUDFLAR...)
15 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
2 52.216.78.36 16509 (AMAZON-02)
9 3.217.241.65 14618 (AMAZON-AES)
6 2a00:1450:400... 15169 (GOOGLE)
2 151.101.130.132 54113 (FASTLY)
6 52.204.2.157 14618 (AMAZON-AES)
10 108.59.1.119 30633 (LEASEWEB-...)
1 54.87.52.15 14618 (AMAZON-AES)
2 13.69.106.89 8075 (MICROSOFT...)
1 162.19.138.117 16276 (OVH)
1 2001:41d0:701... 16276 (OVH)
1 141.95.98.64 16276 (OVH)
1 95.101.23.91 20940 (AKAMAI-ASN1)
13 95.101.23.88 20940 (AKAMAI-ASN1)
2 13.85.16.224 8075 (MICROSOFT...)
2 4 185.86.137.113 201081 (SMARTADSE...)
2 23.82.15.162 30633 (LEASEWEB-...)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:dc:... 20940 (AKAMAI-ASN1)
4 2a00:1450:400... 15169 (GOOGLE)
1 209.58.147.67 394380 (LEASEWEB-...)
395 73
3    107.154.114.220 (United States)

ASN19551 (INCAPSULA, US)
PTR: 107.154.114.220.ip.incapdns.net
www.sonomanews.com
10    2a00:1450:400d:80d::200a (Ireland)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
imasdk.googleapis.com
8    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
11    2600:9000:2240:4800:1c:7f52:bb40:21 (United States)

ASN16509 (AMAZON-02, US)
d6w29wm3j2vhp.cloudfront.net
9    54.219.243.149 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-219-243-149.us-west-1.compute.amazonaws.com
code.sonomanews.com
img.sonomanews.com
code.pressdemocrat.com
api.pressdemocrat.com
feeds.sonomanews.com
cdn.pressdemocrat.com
2    2600:9000:223c:8c00:18:1fcd:351:7bc1 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
1    44.234.227.111 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-44-234-227-111.us-west-2.compute.amazonaws.com
prod.ew.srp.navigacloud.com
6    2a00:1450:400d:80e::2008 (Ireland)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
22    99.86.4.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-97.fra6.r.cloudfront.net
imengine.prod.srp.navigacloud.com
4    23.62.220.135 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-62-220-135.deploy.static.akamaitechnologies.com
s7.addthis.com
v1.addthisedge.com
m.addthis.com
1    52.222.214.9 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-214-9.fra56.r.cloudfront.net
nextdoor.com
14    2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)
cdn.cityspark.com
loader-cdn.azureedge.net
cdn.wgchrrammzv.com
cdn.mircheigeshoa.com
cdn.godiciardstia.com
cdn.pranmcpkx.com
cdn.czx5eyk0exbhwp43ya.biz
31    2600:9000:223c:dc00:8:2ae1:d740:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.viafoura.net
7    184.169.129.237 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-184-169-129-237.us-west-1.compute.amazonaws.com
privacy.sonomanews.com
newsletter.sonomanews.com
1    23.35.237.64 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-64.deploy.static.akamaitechnologies.com
s.ntv.io
3    2606:4700:20::681a:274 (United States)

ASN13335 (CLOUDFLARENET, US)
tru.am
beacon.tru.am
26    2a00:1450:400d:808::2002 (Ireland)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
3    13.32.28.197 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-28-197.fra56.r.cloudfront.net
c.amazon-adsystem.com
2    107.178.250.234 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 234.250.178.107.bc.googleusercontent.com
js.matheranalytics.com
9    2a00:1450:400d:806::2003 (Ireland)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    2a04:4e42::714 (United States)

ASN54113 (FASTLY, US)
mab.chartbeat.com
3    23.35.237.151 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-237-151.deploy.static.akamaitechnologies.com
z.moatads.com
s-jsonp.moatads.com
3    108.138.7.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-90.fra56.r.cloudfront.net
e.infogram.com
8    54.163.174.71 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-163-174-71.compute-1.amazonaws.com
jadserve.postrelease.com
1    52.160.40.218 (San Jose, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
p.cityspark.com
1    23.206.210.112 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-206-210-112.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
3    2600:1f18:44f0:4832:3ff4:417f:f0f6:3cef (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
api.viafoura.co
17    2a00:1450:400d:80a::200e (Ireland)

ASN15169 (GOOGLE, US)
www.google-analytics.com
27    2606:4700:20::ac43:4a06 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.jifo.co
gfonts.jifo.co
3    52.18.228.75 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-18-228-75.eu-west-1.compute.amazonaws.com
s.infogram.com
1    199.232.196.134 (United States)

ASN54113 (FASTLY, US)
sonoma-index-tribune.disqus.com
1    18.208.87.237 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-208-87-237.compute-1.amazonaws.com
ping.chartbeat.net
3    2600:9000:2304:6800:6:8656:f5c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
c.disquscdn.com
1    151.101.128.134 (United States)

ASN54113 (FASTLY, US)
disqus.com
2    2a04:4e42::282 (United States)

ASN54113 (FASTLY, US)
polyfill.io
3    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
3    2a00:1450:400c:c06::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
9    108.138.4.150 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-4-150.fra56.r.cloudfront.net
aax-dtb-cf.amazon-adsystem.com
4    2a02:26f0:1700:d::1737:6e8f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
csp.azureedge.net
1    2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)
cdn.jsdelivr.net
1    2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)
pixel.quantserve.com
1    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
14    2a00:1450:400d:80a::2002 (Ireland)

ASN15169 (GOOGLE, US)
adservice.google.com
www.googletagservices.com
1    2a00:1450:400d:805::2001 (Ireland)

ASN15169 (GOOGLE, US)
d265f6d7e57b56fcbd4983888ae7decf.safeframe.googlesyndication.com
3    2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)
az416426.vo.msecnd.net
2    44.213.39.37 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-213-39-37.compute-1.amazonaws.com
livecomments.viafoura.co
3    151.101.2.132 (United States)

ASN54113 (FASTLY, US)
rdc.m32.media
fastlygeo.m32.media
4    54.198.19.104 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-198-19-104.compute-1.amazonaws.com
livecomments.viafoura.co
i.viafoura.co
notifications.viafoura.co
1    172.67.75.166 (United States)

ASN13335 (CLOUDFLARENET, US)
api-mg2.db-ip.com
15    2a00:1450:400d:806::2001 (Ireland)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
6    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
5    2a00:1450:400d:806::2002 (Ireland)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    52.216.78.36 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
paywall-ad-bucket.s3.amazonaws.com
9    3.217.241.65 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-217-241-65.compute-1.amazonaws.com
www.i.matheranalytics.com
6    2a00:1450:400d:80e::2004 (Ireland)

ASN15169 (GOOGLE, US)
www.google.com
2    151.101.130.132 (United States)

ASN54113 (FASTLY, US)
player.ex.co
6    52.204.2.157 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-204-2-157.compute-1.amazonaws.com
prd-collector-anon.ex.co
10    108.59.1.119 (United States)

ASN30633 (LEASEWEB-USA-WDC, US)
p.channelexco.com
s-23.channelexco.com
1    54.87.52.15 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-87-52-15.compute-1.amazonaws.com
gpv.ex.co
2    13.69.106.89 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com
1    162.19.138.117 (France)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu
lb.eu-1-id5-sync.com
1    2001:41d0:701:1000::31d2 (France)

ASN16276 (OVH, FR)
lbs.eu-1-id5-sync.com
1    141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu
id5-sync.com
1    95.101.23.91 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-23-91.deploy.static.akamaitechnologies.com
cdn.ex.co
13    95.101.23.88 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-23-88.deploy.static.akamaitechnologies.com
mcd.ex.co
2    13.85.16.224 (San Antonio, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
prod-smi-proxy-connext.azurewebsites.net
4    185.86.137.113 (France)

ASN201081 (SMARTADSERVER, FR)
www9.smartadserver.com
2    23.82.15.162 (The Colony, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
e.channelexco.com
1    2a00:1450:400d:808::2006 (Ireland)

ASN15169 (GOOGLE, US)
s0.2mdn.net
1    2a02:26f0:dc::217:6110 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)
creatives.sascdn.com
4    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pubads.g.doubleclick.net
1    209.58.147.67 (Dallas, United States)

ASN394380 (LEASEWEB-USA-DAL, US)
a.channelexco.com
Apex Domain
Subdomains		 Transfer
33 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 251
stats.g.doubleclick.net — Cisco Umbrella Rank: 156
pubads.g.doubleclick.net — Cisco Umbrella Rank: 382
246 KB
31 viafoura.net
cdn.viafoura.net — Cisco Umbrella Rank: 12717
540 KB
27 jifo.co
cdn.jifo.co — Cisco Umbrella Rank: 36410
gfonts.jifo.co — Cisco Umbrella Rank: 56546
2 MB
23 ex.co
player.ex.co — Cisco Umbrella Rank: 15544
prd-collector-anon.ex.co — Cisco Umbrella Rank: 13399
gpv.ex.co — Cisco Umbrella Rank: 17061
cdn.ex.co — Cisco Umbrella Rank: 19931
mcd.ex.co — Cisco Umbrella Rank: 16687
2 MB
23 navigacloud.com
prod.ew.srp.navigacloud.com — Cisco Umbrella Rank: 307851
imengine.prod.srp.navigacloud.com — Cisco Umbrella Rank: 284784
1011 KB
21 googlesyndication.com
d265f6d7e57b56fcbd4983888ae7decf.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 185
pagead2.googlesyndication.com — Cisco Umbrella Rank: 135
598 KB
20 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 87
region1.google-analytics.com — Cisco Umbrella Rank: 2158
99 KB
13 channelexco.com
p.channelexco.com — Cisco Umbrella Rank: 16124
s-23.channelexco.com — Cisco Umbrella Rank: 131513
e.channelexco.com — Cisco Umbrella Rank: 14604
a.channelexco.com — Cisco Umbrella Rank: 15478
28 KB
13 google.com
adservice.google.com — Cisco Umbrella Rank: 129
www.google.com — Cisco Umbrella Rank: 15
2 KB
13 sonomanews.com
www.sonomanews.com
code.sonomanews.com
img.sonomanews.com
privacy.sonomanews.com
feeds.sonomanews.com
newsletter.sonomanews.com
91 KB
12 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 383
aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 649
52 KB
11 matheranalytics.com
js.matheranalytics.com — Cisco Umbrella Rank: 14377
www.i.matheranalytics.com — Cisco Umbrella Rank: 13774
45 KB
11 cloudfront.net
d6w29wm3j2vhp.cloudfront.net
77 KB
10 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 111
imasdk.googleapis.com — Cisco Umbrella Rank: 454
1017 KB
9 viafoura.co
api.viafoura.co — Cisco Umbrella Rank: 12967
livecomments.viafoura.co — Cisco Umbrella Rank: 14397
i.viafoura.co — Cisco Umbrella Rank: 12964
notifications.viafoura.co — Cisco Umbrella Rank: 15866
7 KB
9 gstatic.com
fonts.gstatic.com
230 KB
8 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1362
5 KB
8 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 324
180 KB
7 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 225
327 KB
7 google.de
adservice.google.de — Cisco Umbrella Rank: 6468
1 KB
6 azureedge.net
loader-cdn.azureedge.net — Cisco Umbrella Rank: 38199
csp.azureedge.net — Cisco Umbrella Rank: 46691
35 KB
6 infogram.com
e.infogram.com — Cisco Umbrella Rank: 32029
s.infogram.com — Cisco Umbrella Rank: 35173
29 KB
6 pressdemocrat.com
code.pressdemocrat.com — Cisco Umbrella Rank: 320553
api.pressdemocrat.com — Cisco Umbrella Rank: 340609
cdn.pressdemocrat.com — Cisco Umbrella Rank: 315104
33 KB
6 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 115
353 KB
4 smartadserver.com
www9.smartadserver.com — Cisco Umbrella Rank: 13665
2 KB
4 czx5eyk0exbhwp43ya.biz
cdn.czx5eyk0exbhwp43ya.biz — Cisco Umbrella Rank: 46877
80 KB
3 m32.media
rdc.m32.media — Cisco Umbrella Rank: 31242
fastlygeo.m32.media — Cisco Umbrella Rank: 34835
19 KB
3 pranmcpkx.com
cdn.pranmcpkx.com — Cisco Umbrella Rank: 53851
433 KB
3 msecnd.net
az416426.vo.msecnd.net — Cisco Umbrella Rank: 2965
67 KB
3 disquscdn.com
c.disquscdn.com — Cisco Umbrella Rank: 4556
251 KB
3 moatads.com
z.moatads.com — Cisco Umbrella Rank: 519
s-jsonp.moatads.com — Cisco Umbrella Rank: 20377
56 KB
3 tru.am
tru.am — Cisco Umbrella Rank: 5344
beacon.tru.am — Cisco Umbrella Rank: 6904
12 KB
3 addthis.com
s7.addthis.com — Cisco Umbrella Rank: 2211
m.addthis.com — Cisco Umbrella Rank: 2216
141 KB
3 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1821
mab.chartbeat.com — Cisco Umbrella Rank: 2817
25 KB
2 azurewebsites.net
prod-smi-proxy-connext.azurewebsites.net — Cisco Umbrella Rank: 395293
1 KB
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1326
lbs.eu-1-id5-sync.com — Cisco Umbrella Rank: 1738
638 B
2 visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 827
600 B
2 amazonaws.com
paywall-ad-bucket.s3.amazonaws.com — Cisco Umbrella Rank: 57632
2 KB
2 wgchrrammzv.com
cdn.wgchrrammzv.com — Cisco Umbrella Rank: 51946
3 KB
2 polyfill.io
polyfill.io — Cisco Umbrella Rank: 1876
774 B
2 disqus.com
sonoma-index-tribune.disqus.com
disqus.com — Cisco Umbrella Rank: 1331
43 KB
2 cityspark.com
cdn.cityspark.com — Cisco Umbrella Rank: 49591
p.cityspark.com — Cisco Umbrella Rank: 32543
7 KB
1 sascdn.com
creatives.sascdn.com — Cisco Umbrella Rank: 17476
388 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 333
17 KB
1 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 510
628 B
1 db-ip.com
api-mg2.db-ip.com — Cisco Umbrella Rank: 35514
799 B
1 godiciardstia.com
cdn.godiciardstia.com — Cisco Umbrella Rank: 75316
48 KB
1 mircheigeshoa.com
cdn.mircheigeshoa.com — Cisco Umbrella Rank: 75380
23 KB
1 quantserve.com
pixel.quantserve.com — Cisco Umbrella Rank: 884
372 B
1 jsdelivr.net
cdn.jsdelivr.net — Cisco Umbrella Rank: 490
38 KB
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1334
201 B
1 addthisedge.com
v1.addthisedge.com — Cisco Umbrella Rank: 2611
325 B
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1841
17 KB
1 ntv.io
s.ntv.io — Cisco Umbrella Rank: 4062
149 KB
1 nextdoor.com
nextdoor.com — Cisco Umbrella Rank: 3850
769 B
395 55
Domain Requested by
31 cdn.viafoura.net www.sonomanews.com
cdn.viafoura.net
26 securepubads.g.doubleclick.net d6w29wm3j2vhp.cloudfront.net
securepubads.g.doubleclick.net
www.sonomanews.com
www.googletagservices.com
az416426.vo.msecnd.net
23 gfonts.jifo.co cdn.jifo.co
gfonts.jifo.co
22 imengine.prod.srp.navigacloud.com www.sonomanews.com
17 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
www.sonomanews.com
az416426.vo.msecnd.net
15 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
13 mcd.ex.co az416426.vo.msecnd.net
player.ex.co
11 d6w29wm3j2vhp.cloudfront.net www.sonomanews.com
d6w29wm3j2vhp.cloudfront.net
9 www.i.matheranalytics.com www.sonomanews.com
9 aax-dtb-cf.amazon-adsystem.com c.amazon-adsystem.com
az416426.vo.msecnd.net
9 fonts.gstatic.com fonts.googleapis.com
8 p.channelexco.com player.ex.co
az416426.vo.msecnd.net
8 jadserve.postrelease.com s.ntv.io
www.sonomanews.com
8 cdnjs.cloudflare.com www.sonomanews.com
cdnjs.cloudflare.com
newsletter.sonomanews.com
7 www.googletagservices.com securepubads.g.doubleclick.net
7 adservice.google.com securepubads.g.doubleclick.net
imasdk.googleapis.com
7 adservice.google.de securepubads.g.doubleclick.net
imasdk.googleapis.com
6 prd-collector-anon.ex.co player.ex.co
az416426.vo.msecnd.net
6 www.google.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
6 www.googletagmanager.com www.sonomanews.com
www.googletagmanager.com
e.infogram.com
newsletter.sonomanews.com
cdn.godiciardstia.com
5 imasdk.googleapis.com player.ex.co
imasdk.googleapis.com
5 pagead2.googlesyndication.com www.sonomanews.com
az416426.vo.msecnd.net
tpc.googlesyndication.com
5 newsletter.sonomanews.com cdnjs.cloudflare.com
newsletter.sonomanews.com
5 fonts.googleapis.com www.sonomanews.com
csp.azureedge.net
newsletter.sonomanews.com
client
4 pubads.g.doubleclick.net imasdk.googleapis.com
4 www9.smartadserver.com 2 redirects
4 cdn.czx5eyk0exbhwp43ya.biz cdn.pranmcpkx.com
4 livecomments.viafoura.co cdn.viafoura.net
az416426.vo.msecnd.net
4 csp.azureedge.net cdn.cityspark.com
csp.azureedge.net
4 cdn.jifo.co e.infogram.com
3 cdn.pranmcpkx.com loader-cdn.azureedge.net
cdn.pranmcpkx.com
3 az416426.vo.msecnd.net loader-cdn.azureedge.net
cdn.pranmcpkx.com
3 stats.g.doubleclick.net www.google-analytics.com
3 region1.google-analytics.com www.googletagmanager.com
3 c.disquscdn.com sonoma-index-tribune.disqus.com
3 cdn.pressdemocrat.com cdnjs.cloudflare.com
newsletter.sonomanews.com
3 s.infogram.com e.infogram.com
s.infogram.com
3 api.viafoura.co cdn.viafoura.net
3 e.infogram.com www.sonomanews.com
e.infogram.com
3 c.amazon-adsystem.com d6w29wm3j2vhp.cloudfront.net
c.amazon-adsystem.com
3 www.sonomanews.com www.sonomanews.com
2 e.channelexco.com player.ex.co
2 prod-smi-proxy-connext.azurewebsites.net cdn.pranmcpkx.com
2 s-23.channelexco.com
2 dc.services.visualstudio.com az416426.vo.msecnd.net
2 player.ex.co www.sonomanews.com
player.ex.co
2 paywall-ad-bucket.s3.amazonaws.com www.sonomanews.com
cdn.pranmcpkx.com
2 rdc.m32.media cdn.viafoura.net
rdc.m32.media
2 cdn.wgchrrammzv.com loader-cdn.azureedge.net
2 polyfill.io loader-cdn.azureedge.net
2 loader-cdn.azureedge.net cdnjs.cloudflare.com
newsletter.sonomanews.com
2 z.moatads.com s7.addthis.com
s.ntv.io
2 js.matheranalytics.com 1 redirects www.sonomanews.com
2 code.pressdemocrat.com cdnjs.cloudflare.com
2 tru.am www.sonomanews.com
tru.am
2 privacy.sonomanews.com www.sonomanews.com
cdnjs.cloudflare.com
2 s7.addthis.com www.sonomanews.com
s7.addthis.com
2 static.chartbeat.com www.sonomanews.com
1 a.channelexco.com
1 creatives.sascdn.com
1 s0.2mdn.net imasdk.googleapis.com
1 cdn.ex.co player.ex.co
1 id5-sync.com az416426.vo.msecnd.net
1 lbs.eu-1-id5-sync.com az416426.vo.msecnd.net
1 lb.eu-1-id5-sync.com az416426.vo.msecnd.net
1 gpv.ex.co player.ex.co
1 notifications.viafoura.co cdn.viafoura.net
1 fastlygeo.m32.media rdc.m32.media
1 api-mg2.db-ip.com cdn.mircheigeshoa.com
1 i.viafoura.co cdn.viafoura.net
1 cdn.godiciardstia.com loader-cdn.azureedge.net
1 cdn.mircheigeshoa.com loader-cdn.azureedge.net
1 s-jsonp.moatads.com www.sonomanews.com
1 d265f6d7e57b56fcbd4983888ae7decf.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 pixel.quantserve.com cdn.cityspark.com
1 cdn.jsdelivr.net cdn.cityspark.com
1 disqus.com sonoma-index-tribune.disqus.com
1 ping.chartbeat.net www.sonomanews.com
1 sonoma-index-tribune.disqus.com code.sonomanews.com
1 feeds.sonomanews.com cdnjs.cloudflare.com
1 api.pressdemocrat.com cdnjs.cloudflare.com
1 m.addthis.com s7.addthis.com
1 v1.addthisedge.com s7.addthis.com
1 beacon.tru.am tru.am
1 secure.cdn.fastclick.net www.sonomanews.com
1 p.cityspark.com cdn.cityspark.com
1 mab.chartbeat.com static.chartbeat.com
1 s.ntv.io www.sonomanews.com
1 cdn.cityspark.com www.sonomanews.com
1 nextdoor.com www.sonomanews.com
1 img.sonomanews.com www.sonomanews.com
1 prod.ew.srp.navigacloud.com www.sonomanews.com
1 code.sonomanews.com www.sonomanews.com
395 93
Subject Issuer Validity Valid
www.pressdemocrat.com
Thawte RSA CA 2018		 2022-09-09 -
2023-09-01		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.chartbeat.com
Thawte RSA CA 2018		 2022-05-06 -
2023-06-03		 a year crt.sh
pressdemocrat.com
Amazon		 2022-11-20 -
2023-12-19		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
imengine.stage.srp.navigacloud.com
Amazon		 2022-08-25 -
2023-09-23		 a year crt.sh
odc-addthis-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2022-02-27 -
2023-02-28		 a year crt.sh
nextdoor.com
Amazon		 2022-04-14 -
2023-05-13		 a year crt.sh
sni0f49gl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-24 -
2023-09-24		 a year crt.sh
viafoura.com
Amazon		 2022-09-07 -
2023-10-06		 a year crt.sh
*.ntv.io
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-24 -
2023-10-26		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-16 -
2023-11-18		 a year crt.sh
infogram.com
Amazon		 2022-06-08 -
2023-07-06		 a year crt.sh
*.postrelease.com
Amazon		 2022-11-27 -
2023-12-25		 a year crt.sh
*.cityspark.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-08 -
2023-03-11		 a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-02 -
2023-12-02		 a year crt.sh
jifo.co
Cloudflare Inc ECC CA-3		 2022-06-28 -
2023-06-28		 a year crt.sh
*.disqus.com
Sectigo RSA Domain Validation Secure Server CA		 2022-04-20 -
2023-04-20		 a year crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2022-10-25 -
2023-10-25		 a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2021-12-01 -
2022-12-30		 a year crt.sh
a.disquscdn.com
Amazon		 2022-09-30 -
2023-10-29		 a year crt.sh
polyfill.io
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-10 -
2024-01-11		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon		 2022-06-15 -
2023-06-15		 a year crt.sh
*.azureedge.net
Microsoft Azure ECC TLS Issuing CA 01		 2022-07-27 -
2023-07-22		 a year crt.sh
jsdelivr.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-23 -
2024-01-24		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
sni2bf2bgl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-31 -
2023-11-02		 a year crt.sh
*.google.de
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
sni2bf2fgl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-31 -
2023-11-02		 a year crt.sh
sni2bf2egl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-31 -
2023-11-02		 a year crt.sh
sni2bf2agl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-31 -
2023-11-02		 a year crt.sh
*.m32.media
Sectigo RSA Domain Validation Secure Server CA		 2021-12-16 -
2023-01-16		 a year crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
snibe7egl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-01-31 -
2023-03-03		 a year crt.sh
*.s3.amazonaws.com
Amazon		 2022-09-21 -
2023-08-26		 a year crt.sh
www.i.matheranalytics.com
Amazon		 2022-12-14 -
2024-01-13		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.ex.co
Go Daddy Secure Certificate Authority - G2		 2022-06-06 -
2023-07-08		 a year crt.sh
*.channelexco.com
R3		 2022-11-28 -
2023-02-26		 3 months crt.sh
in.applicationinsights.azure.com
Microsoft Azure TLS Issuing CA 06		 2022-11-21 -
2023-11-16		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
*.id5-sync.com
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
cdn.ex.co
R3		 2022-11-09 -
2023-02-07		 3 months crt.sh
*.azurewebsites.net
Microsoft Azure TLS Issuing CA 01		 2022-03-14 -
2023-03-09		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-11-28 -
2023-02-20		 3 months crt.sh
*.sascdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-08 -
2023-09-11		 a year crt.sh

This page contains 20 frames:

Primary Page: https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Frame ID: 2E4C3FC17FB321422EF568010E933836
Requests: 269 HTTP requests in this frame

Frame: https://e.infogram.com/f313c0b2-ea91-41c0-830a-4286027d3c28?parent_url=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Fnews%2Fduis-fall-48-in-sonoma-valley-in-2022%2F&src=embed
Frame ID: 9F22F4C3C2C33530AEBB189025BC1DAB
Requests: 34 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: FC249102DCDA9F4C51CC0656DC1F59A9
Requests: 1 HTTP requests in this frame

Frame: https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Frame ID: 764EAC58E0717E1C1B1D7105690F6F1C
Requests: 1 HTTP requests in this frame

Frame: https://www.google-analytics.com/analytics.js
Frame ID: 8CE3B5DADE30548F9DC04C43B0AD636B
Requests: 12 HTTP requests in this frame

Frame: https://newsletter.sonomanews.com/framed/single/a3adc18b5cb65f9d29d5f908b3bdadc1?pref=sit_daily&hideImage=1&padCopy=0&fid=4643
Frame ID: 5CCE73849C7096B8532DAD2086379230
Requests: 21 HTTP requests in this frame

Frame: https://d265f6d7e57b56fcbd4983888ae7decf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7870C166E18CD202F20463AF36ADDC48
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsttwlYO_qTeBRH4xASFMxp82Hj4fmUJkuzkUHyEanHR2ng9fD7fWtFTvss-uR3__mLi5FnKXmQ53gtNS9qrbD1wtOZ4BSPtqT6Mf28ZegkjaSLn5lYm2RR56hZrZLBC0JK_XhohKPNDNHe2gKV-8SN_X6Lg8nLEyuSjZ4t8dIeo0oqi169ks7chtRvoo6JVt0kRCChCaz7dB62hw7TZ5_BTEbxa3MO5_-L55tCSeIncIBnJF1Obs_0jKmja8J7XLeVndjW1PG8i2hBxFTvfmGwFoZUYgc_5knATqxUqLg4WQDZcqikF7Vq3QfzJVsmpXQ&sai=AMfl-YQDgmxVqE50sQU785XjPETdWZAFLov9d5ZsymmdrRq_A296f438-wt5pk-Hu0PjNwLB1VitkZtubTS05jIJSbPMNKNavz2o39Gz7SPpl0i7-DFNSVOyWCa0qD2Xyn7SN5fBIO0IH1LYsw_KbZS_CA&sig=Cg0ArKJSzLhzaEbzcVhlEAE&uach_m=[UACH]&adurl=
Frame ID: D1D88F3BEDA35EBF301703DA8BD63C48
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssJmsBTB3Wy4Rw-MEe226f1oI3ZVrVAVUb_PEF-IlfkzYPmZKXuKPbC7R_lD8GpddQtoKbU0k9S1an0BQ8Xb_85sMiJdsgNi4qt1g0ITBLcuXqq9T8TctWe9iWHNiftmXPKXwIWbeQfeNVTvHTDEbLCyJm74Y5B_5frIdkwR7zbFgKvatKE2GSKYnSJrV630A2GcFVBwBeKdvfFhGgeUZEZeSbrsW5zZWpxeIaBniC9CT6wV1iK50ujafPN2vcRiNCJUcedYUTpSDx5snuYT3ifOD1TCAczeyRT6mlM7EHWUc-APf3V7-dTer16XM-avA&sai=AMfl-YQ9fJFTplcvdK_zR0Ief9hZWn_oYwK4XSh8buJMz18e3ROBD69G41BV7oGseL5LuOFE5KacZzZ8QgXuyp0h33vjsVVC4RMy7II0st32H234IrCO8SinXp6HXff9eC7R&sig=Cg0ArKJSzD4-z1VU5iAGEAE&uach_m=[UACH]&adurl=
Frame ID: 30FB195062571A31BDD51B9E1BDB7DA5
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuVGCvzUsmFwu6Q8bl58CauQNRrHJxgmRNctn4VMMDmQvZJxeaZBrGvgegro8rdmEY8r0yHpF_w59nGkRXAfIR8l8fNx7qF1HrDtuVY17Dvm3rh_DEtnRftN77UurN3ZAsUkvdnRxN3eSPEmkcWYPxnx5gzdHO-6OFkluOZlssu_JaE9xi410OBcZcQNixAmR1JalMw2ZQHdeObdfOC8XwgEKqQ3MmzpsWd_Ow1A74gKkvVOccOj1AsOKa3vsrZ-aJpJRDxDW7mMucOssMe7vazj5dryHScH3HEVKXUkJ0fqxoVmVWtO2DpyUEy-HngRkN4pQ&sai=AMfl-YSzXufmREiHwA4ejEtEWHU3SR4OjvmbcLITnJCOL0RpTQRFDr1wRI1VyFTncJ8giLNe22UVFaekfytFcij4Z4OBXEYOeFh1wmeN_AKFUiYfG-JYIi83FlPjmPyKUkI8&sig=Cg0ArKJSzMQnTv9pC_spEAE&uach_m=[UACH]&adurl=
Frame ID: 7FBD76F355AEF8C3694F9E4C1E5ACE29
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss-rbv_gxLfVsz1l8oigMDNvLCAhiaGYGafASo8uFdzfJXNjutfgpkXtaRlbNtGa2Q52zEovjEX-RNGGCvecCHAIGHG785uChCID6EW_n995vRn75V5XAWrGzc8zWnmN9GQraJu_K9DkmVO0axjIPiTjinTpDU6aGKvTIkV1RzeFNgBstMl7EEb2uMGF5G7bqzvYTjw0ZrwfsVPbyTNK9BNvsqI_zxnXqAYMQuQ8qu7__fNRTJUy3dQ91CMbl-zBFTZLw7lN_3OBbYwo0Ub7zienlmbONRZnYAMh0wia7KdhHw79siFbzVGU-oYc9XzYw&sai=AMfl-YT0Iy8TGOHqM_T78TehIS048utvfkBZ4-Nac8fH1FZWYeNpD2rh5B_KpbK1wBrIis7Ejvc4kT50KRmHoflTu-37WU02qFO617uAwM-ZLOxrfaVENoKLtNxWz-jUlIpp&sig=Cg0ArKJSzMDVMygZdPqJEAE&uach_m=[UACH]&adurl=
Frame ID: 8F4717E2F6279F90447A132B75383448
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssfko8smE-gTpZM2ZVpx2cVu8pa0wgbWtO4ozXyQht7Dz3dIPAscsTOfsrHR-y9Z0O2Pe4puYnQu-4q9JwcJeS-HJyle0fZLgOV95BYNQm9YpqEGhTknKbxfCfSCq284plcgYjU7G9bnOkfZfLpeUR8m8tc18fBFK8R5RHsdTlqW-X21GGm7F4y-MMuUffzf6N0hXEDwcTrVSN_TOaVniSVYYmKCc_IpzyDdmtOv4YvR01-UDN3TB0-QYrpArTgl1rCKek_gI9EjOUfUT-ZGzBefPYsBFxv91xH4_HKJI_rEBd279ck0TPukHiG9FIjV2sQLg&sai=AMfl-YRQbenYd47kXyz5g9rfn5oxA8v5f7z2VFixhQTOpOcTnFd_W1eLwO5sGaQ0rEVdVn0M7o0FW8HMidflPBgzbo7AkUCn2iNqzwsf1M5-YCOmoqiPvQOObBXPK8yeBCON&sig=Cg0ArKJSzKk02G0YHAvpEAE&uach_m=[UACH]&adurl=
Frame ID: 0968694B1C1A8D43DD173C3FACA2872D
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssJXslOSI3cvStiY6Vdn0vS5TZqf88AW0iC7RHJ07WOEAHdneRQmVgpZpaoh3Ly4Ysc_I-SIowKeBsxr-sJ35C3MF7hhn6uE1zIC7YzysEh6sruyGhx29beyOFGIRTgclYUV49P3AnTvsEYOual1GuphA0qmaOQgcxoVRkicsYlzYbEL6mAZ_sUpUVLzKBtgFXtSCpVm-UNNcUkWx6hZb_YJS_Gfikd5e2Hp9qVuda71S3o80gMxgRLwMQ8zwQyRVrBjDvvoYwv3tvJDuE_GlsFOpvf8ngrkhINBWgefUwlZxtgnqzVA_kCzXxlQRlezA&sai=AMfl-YSyD1bOgEboBmyJ2h5psP_ngpfA9GGROnZR8Z4Bzpm8WmDQKB1K1ymUj6v7rUwzYaTRpMKl9MOCgMLcd0-roWtoDgZxkElBQaMqJQVwvcASztjjjq_X5AF4w_8oZG4b&sig=Cg0ArKJSzIcelkxjLiHJEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: CA0A502E25234D0E3543A5128BD81A5C
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B814E28C052C54B2C3F2A64D2F237194
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8C1EC02796623640AC736B9C52D727A5
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Frame ID: 1A264C081DCCE7956BC4DF13DB3287B2
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Frame ID: 16E21BD05914000F060E0B9EB22D6BB9
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Frame ID: 0DBF516FE150E5E27C67EB660FE7A6A0
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Frame ID: AB78726831BC06AB3AD2D2480EB3EDB0
Requests: 2 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstcqgJZKAzKT3jdHiiHxzmuSH_k7Ktzi0hblpfy0RUNtp32o-pKBe_8MRJHAPNdwdGc7EcgDvCIX0C16w8dECxSTQU5cKxWDjNkj8DY-ylT-zX2QhypHH5wkU2cj67_IGNkffwUUY_mTkm1q4ohh_uLmZ21UIEwYdOoDtK4P2o3U9tMhGTpGMHTFAF-1J6YiMF_F9ixzOoXze2uoE5a3Gbbt3bBUZt6QVrWkoU_rhE336YNC1iDQPGdxGLqpXjD2mti1SLq1NoNUJ0Hf77PxoyOQSHPSkWFL73p5AfPC5nVEZz3rGFnM88pSGJwfkwYUQ&sai=AMfl-YTCowDNtJCxzj2OLH7ew66AGs_XUXOvQ_1jKS2OJdAYS-mJljgPZ4RjD-y1rrgwCWr9tSYqOP-14Uslhb_QnbUi77-cwQzluL5BNs6pTgkRbqhTvqomaTWnNPEdBM_r&sig=Cg0ArKJSzHor_7H2EmRIEAE&uach_m=[UACH]&adurl=
Frame ID: 4C84077ED4FA66C97E4ADA126E747AA9
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

DUIs fall 48% in Sonoma Valley in 2022FacebookTwitterRedditWhatsAppAddThis

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • addthis\.com/js/
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • /_Incapsula_Resource
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • //cdn\.jsdelivr\.net/

Page Statistics

395
Requests

98 %
HTTPS

46 %
IPv6

55
Domains

93
Subdomains

73
IPs

7
Countries

9810 kB
Transfer

23607 kB
Size

51
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30
  • https://js.matheranalytics.com/s/ma16916/901956900/ml.js?cb=1613 HTTP 301
  • https://js.matheranalytics.com/static/ltm/ma16916/901956900/18/ml.br.js
Request Chain 325
  • https://www9.smartadserver.com/ac?siteid=215340&pgid=1352541&fmtid=63953&ab=1&tgt=&oc=1&out=vast4&ps=1&pb=0&visit=S&vcn=s&tmstp=1672143030207&pgdomain=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Fnews%2Fduis-fall-48-in-sonoma-valley-in-2022%2F&vph=337&vpw=600&gdpr_consent=&us_privacy=&schain=1.0%2C1!playbuzz.com%2C0016M00002HONu5QAH%2C1%2C%2C%2Cwww.sonomanews.com&gdpr=1 HTTP 302
  • https://www9.smartadserver.com/ac?siteid=215340&pgid=1352541&fmtid=63953&ab=1&tgt=&oc=1&out=vast4&ps=1&pb=0&visit=S&vcn=s&tmstp=1672143030207&pgdomain=https%3a%2f%2fwww.sonomanews.com%2farticle%2fnews%2fduis-fall-48-in-sonoma-valley-in-2022%2f&vph=337&vpw=600&gdpr_consent=&us_privacy=&schain=1.0%2c1!playbuzz.com%2c0016M00002HONu5QAH%2c1%2c%2c%2cwww.sonomanews.com&gdpr=1&cklb=1
Request Chain 334
  • https://www9.smartadserver.com/ac?siteid=218209&pgid=1426227&fmtid=63953&ab=1&tgt=&oc=1&out=vast4&ps=1&pb=0&visit=S&vcn=s&tmstp=1672143030353&pgdomain=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Fnews%2Fduis-fall-48-in-sonoma-valley-in-2022%2F&vph=337&vpw=600&gdpr_consent=&us_privacy=&schain=1.0%2C1!playbuzz.com%2C0016M00002HONu5QAH%2C1%2C%2C%2Cwww.sonomanews.com&gdpr=1 HTTP 302
  • https://www9.smartadserver.com/ac?siteid=218209&pgid=1426227&fmtid=63953&ab=1&tgt=&oc=1&out=vast4&ps=1&pb=0&visit=S&vcn=s&tmstp=1672143030353&pgdomain=https%3a%2f%2fwww.sonomanews.com%2farticle%2fnews%2fduis-fall-48-in-sonoma-valley-in-2022%2f&vph=337&vpw=600&gdpr_consent=&us_privacy=&schain=1.0%2c1!playbuzz.com%2c0016M00002HONu5QAH%2c1%2c%2c%2cwww.sonomanews.com&gdpr=1&cklb=1

395 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/ 		226 KB
46 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.114.220 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.114.220.ip.incapdns.net
Software
imio /
Resource Hash
8cd995c4e1c618d00a87c41d72af699cd21256e512afa30e557fbae54714a7fd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=60
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Tue, 27 Dec 2022 12:10:24 GMT
expires
60
link
<https://www.sonomanews.com/wp-json/>; rel="https://api.w.org/" <https://www.sonomanews.com/?p=44710>; rel=shortlink
server
imio
vary
Accept-Encoding
x-cdn
Imperva
x-iinfo
10-281778958-281778964 NNNN CT(174 354 0) RT(1672143023174 23) q(0 0 6 1) r(9 15) U12
css
fonts.googleapis.com/ 		11 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Slab:400,700|Open+Sans:400,700|Roboto+Condensed:400
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2c2e1bc729032641f837ea4b1f793c107b0846797fc8b74bc4ed8b5579fd7e97
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 27 Dec 2022 12:10:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 27 Dec 2022 12:10:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 27 Dec 2022 12:10:24 GMT
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2222814
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
5631
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NI3AxOO3Fq7UUXxfeQoOc%2BQ6B7jCV9aYVeQ884ESwVBs3iox5%2Bbdnux9MPT4%2FFZzfj7e6S0u4MxwGjMYPssFzelQDd4W9Nr3QTzXvrL6Y3DCo93RbMgD2zOKOW1EpfIphzklwUPUE6mHtGBR7%2FEyPIY5"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7801f3f0be399195-FRA
expires
Sun, 17 Dec 2023 12:10:24 GMT
shared.css
d6w29wm3j2vhp.cloudfront.net/2021/css/ 		96 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d6w29wm3j2vhp.cloudfront.net/2021/css/shared.css?ver=20221222
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:4800:1c:7f52:bb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
c308929ba711afecfa62f4564c4f00cc51332d4c7440435a4934b735d82cbdf5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 11:48:32 GMT
content-encoding
gzip
via
1.1 a49c26e403f2dac09629dceb6dac5740.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
age
346912
x-cache
Hit from cloudfront
content-length
16153
last-modified
Wed, 21 Dec 2022 15:00:22 GMT
server
Apache/2.4.41 (Ubuntu)
etag
"17eec-5f057cfc26d80-gzip"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604801
accept-ranges
bytes
x-amz-cf-id
XIdZM_HDOsZJzvtGUWpl67f4Usok12hUUv4baIH8KvVYnWHtEPqU9A==
style.css
d6w29wm3j2vhp.cloudfront.net/tpl2022/css/ 		50 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d6w29wm3j2vhp.cloudfront.net/tpl2022/css/style.css?ver=20221222
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:4800:1c:7f52:bb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
1b175796185c6f19d5079c42232a86b682c17ab4aa111e34d7526e10783f09d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 11:48:32 GMT
content-encoding
gzip
via
1.1 a49c26e403f2dac09629dceb6dac5740.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
age
346912
x-cache
Hit from cloudfront
content-length
6363
last-modified
Mon, 19 Dec 2022 19:27:18 GMT
server
Apache/2.4.41 (Ubuntu)
etag
"c8b1-5f0334eb47180-gzip"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604801
accept-ranges
bytes
x-amz-cf-id
wvSAj_hLel5WooIfE-FHURUvPfEPOGc1uaUgetNYR9YHQusd4_nqMw==
article.css
d6w29wm3j2vhp.cloudfront.net/2021/css/ 		34 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d6w29wm3j2vhp.cloudfront.net/2021/css/article.css?ver=20221222
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:4800:1c:7f52:bb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
5aa784ec046ae4e251eb0f75a097310476f2a39e9ef02eb5ef5b9c85c96e8a67

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 11:48:32 GMT
content-encoding
gzip
via
1.1 a49c26e403f2dac09629dceb6dac5740.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
age
346912
x-cache
Hit from cloudfront
content-length
6413
last-modified
Wed, 16 Nov 2022 18:14:40 GMT
server
Apache/2.4.41 (Ubuntu)
etag
"8912-5ed9a722f4400-gzip"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604801
accept-ranges
bytes
x-amz-cf-id
I9s-xWl9NnHOmxnavNJPlWTaL12DJNsSCsT3HTbOs-lHtJRfZnsurA==
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
3595900
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27938
last-modified
Tue, 02 Mar 2021 18:58:36 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"603e8adc-15d9d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=K%2Bm63FlIgqYErkFnYBY%2Bmagl2YgLNrJ4o5Qubil9gzgPsoI1SMsQo6I1qtriTSfXqxbCFAYj41hAmxGhMeU75YP6fVo%2Fk6GswvTN0vepp775nVvsLT3KGzFqnW7gwwd%2F6%2BF%2FLU%2FW8MWIKbC6MHC7nTcu"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7801f3f0be3c9195-FRA
expires
Sun, 17 Dec 2023 12:10:24 GMT
template7.min.js
cdnjs.cloudflare.com/ajax/libs/template7/1.4.1/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/template7/1.4.1/template7.min.js
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
23c1ffea33859d03e09b47ea211060d9fd494ee2133ed2e23431d8392836b731
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:24 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
7018504
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3349
last-modified
Mon, 04 May 2020 16:16:57 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03ff9-3011"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZdMXulptXEBZg84GHIkj9euB0J29HvzSlBCm%2B3vKGHqtwlIT%2Bs%2BsOIN7WWeo1xVtAxxZ3h0fz9Pv1bKsQvzjvm6FcpkMC0Ztzjsh29CvCA8bDT9HXHZFVWYBv6fdI%2BS%2FIXjjKneGKTR8aQchuU6oqGQT"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7801f3f0be3b9195-FRA
expires
Sun, 17 Dec 2023 12:10:24 GMT
shared.min.js
d6w29wm3j2vhp.cloudfront.net/2021/js/ 		42 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d6w29wm3j2vhp.cloudfront.net/2021/js/shared.min.js?ver=20221222
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:4800:1c:7f52:bb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
5669564c4add9f169bd160ad74d23577aded6e87144239b165c3daa886da7de1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 11:48:32 GMT
content-encoding
gzip
via
1.1 a49c26e403f2dac09629dceb6dac5740.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
age
346912
x-cache
Hit from cloudfront
content-length
14111
last-modified
Wed, 21 Dec 2022 15:00:21 GMT
server
Apache/2.4.41 (Ubuntu)
etag
"a73e-5f057cfb32b40-gzip"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604801
accept-ranges
bytes
x-amz-cf-id
QT0en3wBYL3MRrjcRI4heK06fRKQgg_F-j24TyTd1yXEFQUKqQzltw==
script.min.js
d6w29wm3j2vhp.cloudfront.net/tpl2022/js/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d6w29wm3j2vhp.cloudfront.net/tpl2022/js/script.min.js?ver=20221222
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:4800:1c:7f52:bb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
109c8b35f91d08005ecaaeac456b693e610f3ab8acfad435873a0519584cc696

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 11:48:32 GMT
content-encoding
gzip
via
1.1 a49c26e403f2dac09629dceb6dac5740.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
age
346912
x-cache
Hit from cloudfront
content-length
6486
last-modified
Thu, 15 Dec 2022 17:39:47 GMT
server
Apache/2.4.41 (Ubuntu)
etag
"448e-5efe156d47ec0-gzip"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604801
accept-ranges
bytes
x-amz-cf-id
QUan05hjPBaA9QgQR87i4vINKENHwpBrXN9HedPvUzUZLvK5OHv-QQ==
sit.min.js
d6w29wm3j2vhp.cloudfront.net/2021/js/pub/ 		591 B
828 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d6w29wm3j2vhp.cloudfront.net/2021/js/pub/sit.min.js?ver=20221222
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:4800:1c:7f52:bb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
4a1196f380c70433005938279a92454248d28a5248132f4fddc06996b42f8362

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 11:48:40 GMT
content-encoding
gzip
via
1.1 a49c26e403f2dac09629dceb6dac5740.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
age
346905
x-cache
Hit from cloudfront
content-length
409
last-modified
Tue, 19 Oct 2021 00:50:29 GMT
server
Apache/2.4.41 (Ubuntu)
etag
"24f-5ceaa0c427f40-gzip"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604801
accept-ranges
bytes
x-amz-cf-id
CF1fGVXNzhI2nUZYS2UZJ-tqxsjyA5HXedSdJVg_w5NlUmO0G1ucqA==
article.min.js
d6w29wm3j2vhp.cloudfront.net/2021/js/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d6w29wm3j2vhp.cloudfront.net/2021/js/article.min.js?ver=20221222
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:4800:1c:7f52:bb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
9322e7873871e811c9c6b769af1ca776eb5f7307368a697a28c71cb427570be2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 11:48:33 GMT
content-encoding
gzip
via
1.1 a49c26e403f2dac09629dceb6dac5740.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
age
346912
x-cache
Hit from cloudfront
content-length
5645
last-modified
Thu, 15 Dec 2022 17:39:35 GMT
server
Apache/2.4.41 (Ubuntu)
etag
"46ba-5efe1561d63c0-gzip"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604801
accept-ranges
bytes
x-amz-cf-id
UmLVxLd8X4e5xJqRBva2tjZnCWGfx3Qnu5Fnjm6RS4RVKY-w4PLzCA==
george.js
code.sonomanews.com/2020/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://code.sonomanews.com/2020/js/george.js?ver=20221222
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.219.243.149 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-219-243-149.us-west-1.compute.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
c4ae4ce27bb586d22f2717ad56d0386f683520b33d1f3ce7de2d267d032ddcc4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 12:10:25 GMT
Content-Encoding
gzip
Last-Modified
Fri, 07 Feb 2020 19:50:48 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"ff4-59e01b4bd1600-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=604801
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1597
chartbeat_mab.js
static.chartbeat.com/js/ 		23 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat_mab.js
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:8c00:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 00:43:34 GMT
content-encoding
gzip
via
1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
last-modified
Wed, 20 Jul 2022 00:57:56 GMT
server
nginx
x-amz-cf-pop
FRA56-P2
age
41211
etag
W/"62d75314-5d6b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
r5W1rkyXixs1pKF8V3aOI3gEu-wdBkako92NDz3EjK-xdaqzueiqJA==
expires
Wed, 28 Dec 2022 00:43:34 GMT
/
prod.ew.srp.navigacloud.com/ 		0
169 B 		Script
General
Check archive.org
Download Go to
Full URL
https://prod.ew.srp.navigacloud.com/?dm=57c9b89633572b02cc3fff738d631684&action=load&blogid=8&siteid=1&t=818053174&back=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Fnews%2Fduis-fall-48-in-sonoma-valley-in-2022%2F
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.234.227.111 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-44-234-227-111.us-west-2.compute.amazonaws.com
Software
imio /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Tue, 27 Dec 2022 12:10:25 GMT
cache-control
max-age=60
content-encoding
gzip
server
imio
vary
Accept-Encoding
expires
60
gtm.js
www.googletagmanager.com/ 		120 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WFZ86PJ
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
63ccd08ff2cc4fd3b794408034541723f4ed91f5150ec43ef37795b8996f7707
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
46807
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 27 Dec 2022 12:10:25 GMT
print.css
d6w29wm3j2vhp.cloudfront.net/2021/css/ 		337 B
584 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d6w29wm3j2vhp.cloudfront.net/2021/css/print.css?ver=20221222
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:4800:1c:7f52:bb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
fa9741b56425431e42a594bcd263d5452c327646c4b6da2d08f5820d173ad358

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 11:48:34 GMT
content-encoding
gzip
via
1.1 a49c26e403f2dac09629dceb6dac5740.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P1
age
346911
x-cache
Hit from cloudfront
content-length
185
last-modified
Mon, 30 Aug 2021 17:44:45 GMT
server
Apache/2.4.41 (Ubuntu)
etag
"151-5caca637e9d40-gzip"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604801
accept-ranges
bytes
x-amz-cf-id
UG2BAYNPkWREiCO8dAKVAij00oMdHNbnwG_vE08t13wS7_RyxUHUfg==
/
imengine.prod.srp.navigacloud.com/ 		54 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imengine.prod.srp.navigacloud.com/?uuid=15036BBF-5C4B-47D4-A0F5-055BBE18801E&type=primary&q=72&width=800
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-97.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
b3356e6f16f0b09d4af3424e5595bbbad570eeadce263d74f8befd12405a96de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
public
date
Tue, 27 Dec 2022 12:09:37 GMT
via
1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
last-modified
Tue, 27 Dec 2022 12:09:37 +0000
server
nginx
x-amz-cf-pop
FRA6-C1
age
48
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=15552000
x-amz-cf-id
Dd2QXBRqDg7uhACLT0sdMUymAfdfABPLrgeSAi-xML9leb8cFkpW1A==
expires
Sun, 25 Jun 2023 12:09:37 GMT
nextdoor.png
img.sonomanews.com/shared/social/32/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.sonomanews.com/shared/social/32/nextdoor.png
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.219.243.149 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-219-243-149.us-west-1.compute.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
7ba7d2e45f0f982339af039e10e99300c759eb0a78e946f357fa8b82dd009b38

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 12:10:25 GMT
Last-Modified
Wed, 07 Feb 2018 23:54:14 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"5af-564a8032b3580"
Content-Type
image/png
Access-Control-Allow-Origin
*
Cache-Control
max-age=604801, public
Connection
Keep-Alive
Accept-Ranges
bytes
SMI-Test
Yes
Keep-Alive
timeout=5, max=100
Content-Length
1455
addthis_widget.js
s7.addthis.com/js/300/ 		353 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/js/300/addthis_widget.js
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.62.220.135 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-62-220-135.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; includeSubDomains
content-encoding
gzip
date
Tue, 27 Dec 2022 12:10:25 GMT
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
server
nginx/1.15.8
etag
"5f971164-5834c"
vary
Accept-Encoding
x-distribution
99
content-type
application/javascript
cache-control
public, max-age=600
x-host
s7.addthis.com
content-length
116406
share.js
nextdoor.com/static/widgets/ 		653 B
769 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nextdoor.com/static/widgets/share.js
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.214.9 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-214-9.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
57f2307b8e823f173f76d04fddf39771a5282649ca337be3144634ae3f976c74
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=0
content-encoding
gzip
via
1.1 e94c77a12a65a84cbcef7856ed7e0fb8.cloudfront.net (CloudFront)
date
Mon, 26 Dec 2022 20:42:44 GMT
last-modified
Tue, 20 Dec 2022 20:28:57 GMT
server
nginx
x-amz-cf-pop
FRA56-P3
age
55845
etag
W/"63a21b09-28d"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
x-amz-cf-id
QjZNxLQ2VaJMoRNcgFB8sRUu3IY45rv_rTwLJJE9sksn5Asaq8pbdw==
expires
Thu, 31 Dec 2037 23:55:55 GMT
get.js
cdn.cityspark.com/wid/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cityspark.com/wid/get.js
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CB9) /
Resource Hash
948c224783bfc65ebe57eaca98e5968a10717272ed8120746501997509fa564c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 27 Dec 2022 12:10:25 GMT
content-encoding
gzip
content-md5
DgH26NwpVpUJ7mY3mCxUbA==
age
475126
x-cache
HIT
content-length
919
x-ms-lease-state
available
x-ms-lease-status
unlocked
last-modified
Thu, 07 May 2020 14:25:32 GMT
server
ECAcc (frc/4CB9)
etag
"0x8D7F2927FD84964+gzip"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
92350331-c01e-009f-3699-15b40f000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-version
2014-02-14
vf-v2.js
cdn.viafoura.net/ 		770 KB
182 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/vf-v2.js
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:dc00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2e02fc2a011930836ab395848e72c15902d5df9231c04ffb6d94d135b194e009

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
281y_yWrS8o.Z3W.IO9Gv8KbJAnX427H
content-encoding
br
via
1.1 bbd2abbdb134a9d53c0a12f6566e69fe.cloudfront.net (CloudFront)
date
Tue, 27 Dec 2022 12:10:06 GMT
x-amz-cf-pop
FRA56-P2
age
25
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 20 Dec 2022 18:02:55 GMT
server
AmazonS3
etag
W/"e36eaa7bdd12969966a61a71f4530634"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
x-amz-cf-id
Ld_0_iFHRoabpauMcTpvfRuxAXpxEaEJ0EWyE0-vsMk6B1ZExqaL0w==
cookie.js
privacy.sonomanews.com/banner/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://privacy.sonomanews.com/banner/cookie.js?ver=20221222
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
184.169.129.237 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-184-169-129-237.us-west-1.compute.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
0b6e506bcfb98732190b8305693c60ef43d022a9a5e7d403710ac88d92225538

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 12:10:25 GMT
Content-Encoding
gzip
Last-Modified
Thu, 16 Jan 2020 21:32:31 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"4cab-59c488fff39c0-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
5801
load.js
s.ntv.io/serve/ 		536 KB
149 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.237.64 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-64.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
14e707178a0b672b479215bb15ed37912fd2a3cbe020d9f4f71269fb89c245d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 12:10:25 GMT
Content-Encoding
gzip
x-amz-request-id
024KYDC99A6114MY
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
7tE+2CMLDD5BNDBqi1qfF94IVqOEVgapt9i7xklf+fhUWOnQyKQ4BAQZIhCTAtoLRKRXvzg49nM=
Last-Modified
Fri, 16 Dec 2022 21:32:35 GMT
Server
AmazonS3
ETag
"4f9f244a6d1c98dafe98c9b8b18b1fbb"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
sonomamedia.js
tru.am/scripts/custom/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tru.am/scripts/custom/sonomamedia.js
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:274 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbc58176d281ddc0caa4af91ba0154a26d901cf3481ba9964c1e4804a4075c12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:25 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
33127
x-guploader-uploadid
ADPycdsU1_T-5IPDlyn7y1B3qszGnnQyikAHhvJUg1NmE4lF30KtlbDed1ba5mZSP7jydS1PHTrX1AkoXtyqf_i0UGxpbBHC-EMO
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 20 Nov 2020 03:52:27 GMT
server
cloudflare
etag
W/"7a67e589de188bb53d6b01061de96609"
vary
Accept-Encoding
x-goog-hash
crc32c=G1tUAw==, md5=emflid4Yi7U9awEGHelmCQ==
x-goog-generation
1605844347006942
content-type
text/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0vmEkng77QfOuig3g%2BAQafQ7NodUqyYCmvx5SsAYPrI2BQbUrEc43Qa3ZxdsGKS0%2FroCEotERKZmjPF7OckMcU3P8aqV9Ig62Zv6q1TZRbxrTpa7RPRUukXPrI3lKK5uVzzHHw%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
public, max-age=2678400
x-goog-stored-content-length
1039
cf-ray
7801f3f4dd0d9960-FRA
expires
Tue, 27 Dec 2022 03:58:18 GMT
_Incapsula_Resource
www.sonomanews.com/ 		144 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.sonomanews.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=529053727
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.114.220 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.114.220.ip.incapdns.net
Software
/
Resource Hash
77b1e2dfccabde5e176a1179a030bb27e0d33d0f0c10ae1057cb6249629a35ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

cache-control
no-cache, no-store
content-encoding
gzip
x-robots-tag
noindex
content-length
20710
content-type
application/javascript
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: d6w29wm3j2vhp.cloudfront.net
URL: https://d6w29wm3j2vhp.cloudfront.net/2021/js/shared.min.js?ver=20221222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7eabd269d94046e76c744518aa01578a00047c238727208cded024567d7a0974
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27544
x-xss-protection
0
server
sffe
etag
"1433 / 370 of 1000 / last-modified: 1670587582"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Tue, 27 Dec 2022 12:10:25 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		178 KB
45 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: d6w29wm3j2vhp.cloudfront.net
URL: https://d6w29wm3j2vhp.cloudfront.net/2021/js/shared.min.js?ver=20221222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-28-197.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1a718e27fd0df6d791b9038ae5640afdd677afa35b5e080ce20118a9e11553c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 11:17:24 GMT
content-encoding
gzip
via
1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront), 1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
last-modified
Thu, 22 Dec 2022 18:13:56 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA56-C2
age
3182
x-amz-server-side-encryption
AES256
etag
W/"01691be6486b0003601b7299d35deebf"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
JUN4UpdhhFGzovToFgIrwuDBUWcD7agPoCfCUt6ozP_aC-cl-9RpTg==
index.php
code.pressdemocrat.com/getip/ 		24 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://code.pressdemocrat.com/getip/index.php
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.219.243.149 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-219-243-149.us-west-1.compute.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
bab2971e3958c3894d1f9379386d1e1b341da6213d325bd4a23b529ede912838

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 27 Dec 2022 12:10:25 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
24
Content-Type
text/html; charset=UTF-8
chartbeat.js
static.chartbeat.com/js/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223c:8c00:18:1fcd:351:7bc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:01:25 GMT
content-encoding
gzip
via
1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
last-modified
Thu, 08 Dec 2022 17:25:10 GMT
server
nginx
x-amz-cf-pop
FRA56-P2
age
40140
etag
W/"63921df6-9377"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
_CHu_5aYGZQwLShS9Mg0JRPQqWuIBcY0buQETlg0LWwmESq_zqipug==
expires
Wed, 28 Dec 2022 01:01:25 GMT
ml.br.js
js.matheranalytics.com/static/ltm/ma16916/901956900/18/
Redirect Chain
  • https://js.matheranalytics.com/s/ma16916/901956900/ml.js?cb=1613
  • https://js.matheranalytics.com/static/ltm/ma16916/901956900/18/ml.br.js
147 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.matheranalytics.com/static/ltm/ma16916/901956900/18/ml.br.js
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Protocol
H3
Server
107.178.250.234 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
234.250.178.107.bc.googleusercontent.com
Software
nginx /
Resource Hash
6cebc86e3fe8b8271965c306d0d137dca59b4b56c4441a4e0a2e182383c23d93

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 22:16:00 GMT
content-encoding
br
via
1.1 google
last-modified
Mon, 18 Oct 2021 15:12:19 GMT
server
nginx
age
50065
etag
"025f70c0814cfcd236d352e7838fa4d3"
vary
Accept-Encoding
x-cache
HIT Sun, 18 Dec 2022 07:24:56 GMT
content-type
application/x-javascript
cache-control
public,max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43435

Redirect headers

date
Tue, 27 Dec 2022 12:10:25 GMT
via
1.1 google
server
nginx
vary
Accept-Encoding
location
https://js.matheranalytics.com/static/ltm/ma16916/901956900/18/ml.br.js
cache-control
public, max-age=269200
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-served-by
2-gc-europe-west6-8j340940
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css
Origin
https://www.sonomanews.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:25 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
1268721
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
77160
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-12d68"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2F%2F%2BSSkBCn6CwiIYhCQ6%2BLYWVCuXYH2IQo%2BsWqpH%2FwU2U6St%2Fw42mwVmCG6dblXD9j%2FI9wrmGB3EEinRc9shS8VneKursyE2Z8mC5ZNGA19qXmfZ0GPf1uxgFuMK29c1n5vabTBGZjeX8FSYQG9qfWP5L"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7801f3f49957bb59-FRA
expires
Sun, 17 Dec 2023 12:10:25 GMT
BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
fonts.gstatic.com/s/robotoslab/v24/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotoslab/v24/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Slab:400,700|Open+Sans:400,700|Roboto+Condensed:400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9a3993918629dfd6a59c4563e9b4d464152b51d4113957ab8ebfbdcbcdc7f536
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.sonomanews.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 11:20:05 GMT
x-content-type-options
nosniff
age
348620
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32860
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 19:12:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Dec 2023 11:20:05 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Slab:400,700|Open+Sans:400,700|Roboto+Condensed:400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.sonomanews.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 18:50:55 GMT
x-content-type-options
nosniff
age
62370
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 26 Dec 2023 18:50:55 GMT
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/gif
newspaper.png
d6w29wm3j2vhp.cloudfront.net/2021/css/image/newspaper/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d6w29wm3j2vhp.cloudfront.net/2021/css/image/newspaper/newspaper.png
Requested by
Host: d6w29wm3j2vhp.cloudfront.net
URL: https://d6w29wm3j2vhp.cloudfront.net/2021/css/shared.css?ver=20221222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:4800:1c:7f52:bb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
b817dc11f25f1066fa60bced66d1ae1d4b0bceadef2bd614ecbf5ad35306247c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d6w29wm3j2vhp.cloudfront.net/2021/css/shared.css?ver=20221222
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 15:26:31 GMT
via
1.1 a49c26e403f2dac09629dceb6dac5740.cloudfront.net (CloudFront)
last-modified
Fri, 27 Aug 2021 23:05:27 GMT
server
Apache/2.4.41 (Ubuntu)
x-amz-cf-pop
FRA60-P1
age
247434
etag
"757-5ca9284e21bc0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604801, public
accept-ranges
bytes
content-length
1879
x-amz-cf-id
kGwMHHFiXr1Hq5TBGzFvnRInpUPoTPkjbvmPrPa64z-e0qDkvdVvpA==
sit-logo-header.png
d6w29wm3j2vhp.cloudfront.net/2021/css/image/logo/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d6w29wm3j2vhp.cloudfront.net/2021/css/image/logo/sit-logo-header.png
Requested by
Host: d6w29wm3j2vhp.cloudfront.net
URL: https://d6w29wm3j2vhp.cloudfront.net/2021/css/shared.css?ver=20221222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:4800:1c:7f52:bb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
eb012d35873cf2682901744c3e07e98ad0aa6f3e5f24abf362c98bae3ebe48c4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d6w29wm3j2vhp.cloudfront.net/2021/css/shared.css?ver=20221222
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 15:12:09 GMT
via
1.1 a49c26e403f2dac09629dceb6dac5740.cloudfront.net (CloudFront)
last-modified
Fri, 27 Aug 2021 23:05:27 GMT
server
Apache/2.4.41 (Ubuntu)
x-amz-cf-pop
FRA60-P1
age
507496
etag
"3a80-5ca9284e21bc0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604801, public
accept-ranges
bytes
content-length
14976
x-amz-cf-id
H66H5_xLpWJLt5wImjpkey3USBynG9kq1fPJgjW9oKm8GYh3rW6BxA==
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v25/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Slab:400,700|Open+Sans:400,700|Roboto+Condensed:400
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.sonomanews.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 22:18:08 GMT
x-content-type-options
nosniff
age
395537
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15700
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:51:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Dec 2023 22:18:08 GMT
/
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 		213 B
517 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=sonomanews.com&domain=sonomanews.com&path=%2Farticle%2Fnews%2Fduis-fall-48-in-sonoma-valley-in-2022%2F
Requested by
Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3149aed62eb79bc871ec662a2307887dfd33f096410e8cb4d33a4fa720fc418c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-cache-hits
1
date
Tue, 27 Dec 2022 12:10:25 GMT
content-encoding
gzip
via
1.1 varnish (Varnish/6.0), 1.1 varnish
age
48
x-cache
HIT
cross-origin-resource-policy
cross-origin
content-length
160
x-served-by
cache-hhn-etou8220035-HHN
x-timer
S1672143025.482843,VS0,VE1
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges
bytes
expires
Sun, 25 Dec 2022 12:09:37 GMT
moatframe.js
z.moatads.com/addthismoatframe568911941483/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/addthismoatframe568911941483/moatframe.js
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:25 GMT
content-encoding
gzip
last-modified
Fri, 08 Nov 2019 20:13:52 GMT
server
AmazonS3
x-amz-request-id
D5503D14AA2F06AA
etag
"f14b4e1f799b14f798a195f43cf58376"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=11488
accept-ranges
bytes
content-length
948
x-amz-id-2
JgalEtxvSAtZmM7+naGfrhsdf0JFS0gJW8lypWF8Tp90EkcPp4c3eAnpK+RDOIL1ltWgpx8wc3s=
embed-loader-min.js
e.infogram.com/js/dist/ 		14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://e.infogram.com/js/dist/embed-loader-min.js
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-90.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
feadabf145bd00e5fe9dd76f3519cd03837fb500d407248e1ddcb1a1d7bb644f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 11:55:14 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
x-content-type-options
nosniff
content-encoding
gzip
via
1.1 f61953901038b0c4b4c82c311140f1b8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
age
911
x-dns-prefetch-control
off
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
no-referrer
last-modified
Tue, 27 Dec 2022 11:11:09 GMT
server
nginx
etag
W/"363f-185534770c8"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
max-age=86400, public
timing-allow-origin
*
x-amz-cf-id
dnhkmrSKQsZs8rKkRZMjQXCBUxOjOFEtYXzbmooZ3wSWL46gXDeQxQ==
expires
Wed, 28 Dec 2022 11:55:14 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		248 B
606 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.sonomanews.com&pubid=db83f9c6-a698-4a6a-89fb-c29c85426748
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-28-197.fra56.r.cloudfront.net
Software
Server /
Resource Hash
7beb96ef759b267b4159270a64ca009646a2e9a725882896b3dd431198b92058

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:09:36 GMT
via
1.1 cbe141923b7469a299306144733821c2.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-C2
age
48
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.sonomanews.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
248
x-amz-cf-id
a6NXZqoK74YeJPb1owvc-X2z0AIPhGMD6HLEx1GLV7fsZDxyaaStiQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-28-197.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id
1R3b4YI9dI20q9Y7Gq1DHxVUnq3Fp2gn
content-encoding
gzip
via
1.1 753f415578c1ca010e51a83aef192330.cloudfront.net (CloudFront)
date
Tue, 27 Dec 2022 12:09:37 GMT
x-amz-cf-pop
FRA56-C2
age
34669
x-cache
Hit from cloudfront
last-modified
Fri, 23 Dec 2022 01:05:48 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
Udpu3YXmdTQCwDZ8lHReZ5lcWdgKjA9tb9odqTDxFBqcr3av8Y_opg==
t
jadserve.postrelease.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Fnews%2Fduis-fall-48-in-sonoma-valley-in-2022%2F&ntv_mvi
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.163.174.71 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-163-174-71.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
d4757e658d5fbd1efc22a84136db74f9ca6786983e3a6b81cdbe00d01f903e95

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 12:10:26 GMT
content-encoding
gzip
server
nginx/1.12.1
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
1532
expires
Mon, 1 Jan 1990 12:00:00 GMT
ta-pagesocial-sdk.js
tru.am/scripts/ 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tru.am/scripts/ta-pagesocial-sdk.js
Requested by
Host: tru.am
URL: https://tru.am/scripts/custom/sonomamedia.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:20::681a:274 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a20b371f96093be0c049b07134deb9bec533817ce791e865aaab7b60dfe4beb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:25 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
361416
x-guploader-uploadid
ADPycduaHnC5-Np9VAWtJGFeLTlyBBqWqHNHS8NTzn1upbQ2V3rPBUKRfrVoDr0AkVEGDR8_X0PNYMe4pbrjqnAq_CJxgC2ZljaW
x-goog-storage-class
REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Thu, 21 Jul 2022 07:45:14 GMT
server
cloudflare
etag
W/"2925c8da90d1d29f7899fa52629fe37d"
vary
Accept-Encoding
x-goog-generation
1658389514760491
content-type
text/javascript
x-goog-hash
crc32c=TsbXyg==, md5=KSXI2pDR0p94mfpSYp/jfQ==
cache-control
max-age=2678400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NxWmV4p7VWOlmI1JZtDjwIZOTvsbxlg%2FGMR%2Bz9ynMQz28ODfClnuouQkKomSb4LcOFvsyFYTUgxEAnIVwZ3hLmAz2u3tDn5ssAAvzMiTN73YDYXGt4OAOjnShBCLTQcJ7pDEWg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
27860
cf-ray
7801f3f69b3c9bbf-FRA
expires
Fri, 23 Dec 2022 07:46:59 GMT
_Incapsula_Resource
www.sonomanews.com/ 		1 B
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sonomanews.com/_Incapsula_Resource?SWKMTFSR=1&e=0.36758935676041626
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.114.220 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
107.154.114.220.ip.incapdns.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

cache-control
no-cache, no-store
x-robots-tag
noindex
content-length
1
content-type
text/plain
widgetinfo
p.cityspark.com/api/widgets/ 		26 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.cityspark.com/api/widgets/widgetinfo?wid=9121&callback=jsonp1672143285989
Requested by
Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
52.160.40.218 San Jose, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
360db2e6a9a001df55e765aebec86019122f26432a9c57b353866e65880174cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 12:10:26 GMT
Content-Encoding
gzip
Server
Microsoft-IIS/10.0
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		53 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.206.210.112 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-206-210-112.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0767c070293f17944c5246f47d8c610131ee16556a032dc3b5820bdac5ec725f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:25 GMT
content-encoding
gzip
last-modified
Thu, 13 Oct 2022 18:14:48 GMT
server
Apache
etag
"d4ed-5eaee7c12df48-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17131
expires
Tue, 27 Dec 2022 12:25:25 GMT
v2
api.viafoura.co/v2/www.sonomanews.com/bootstrap/ 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/www.sonomanews.com/bootstrap/v2
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:44f0:4832:3ff4:417f:f0f6:3cef Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
63a18ffa4fcad4f8e5c20b970a2c040de6f5eaec33c58fe2d91d6a49c3a9597b

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json;charset=UTF-8

Response headers

x-instance-id
i-018e858902735c884
pragma
no-cache
date
Tue, 27 Dec 2022 12:10:26 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.sonomanews.com
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires
Tue, 27 Dec 2022 12:10:26 GMT
v2
api.viafoura.co/v2/www.sonomanews.com/bootstrap/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/www.sonomanews.com/bootstrap/v2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:44f0:4832:3ff4:417f:f0f6:3cef Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.sonomanews.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
access-control-allow-origin
https://www.sonomanews.com
access-control-max-age
1728000
cache-control
max-age=0
date
Tue, 27 Dec 2022 12:10:25 GMT
expires
Tue, 27 Dec 2022 12:10:25 GMT
server
nginx/1.18.0 (Ubuntu)
f313c0b2-ea91-41c0-830a-4286027d3c28
e.infogram.com/ Frame 9F22 		44 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://e.infogram.com/f313c0b2-ea91-41c0-830a-4286027d3c28?parent_url=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Fnews%2Fduis-fall-48-in-sonoma-valley-in-2022%2F&src=embed
Requested by
Host: e.infogram.com
URL: https://e.infogram.com/js/dist/embed-loader-min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-90.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
df89279b2cdd7d6f2cdebbfdba451de98f2ab94fe13072453826ff7ddae49985
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=utf-8
date
Tue, 27 Dec 2022 12:10:25 GMT
etag
W/"af63-RLkXUj1Q23D8codwxF7tBaDS9aY"
referrer-policy
no-referrer
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains; preload
vary
Accept-Encoding
via
1.1 f61953901038b0c4b4c82c311140f1b8.cloudfront.net (CloudFront)
x-amz-cf-id
QevNcqCebwg136xEy3NNvJH9-_A3FnspfdOZZULOJ-bLN3yrwzxS8w==
x-amz-cf-pop
FRA56-P6
x-cache
Miss from cloudfront
x-content-type-options
nosniff
x-dns-prefetch-control
off
x-download-options
noopen
x-xss-protection
1; mode=block
pubads_impl_2022120501.js
securepubads.g.doubleclick.net/gpt/ 		380 KB
129 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:06:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
235
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
131905
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 09:36:10 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Wed, 27 Dec 2023 12:06:30 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		255 B
145 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.sonomanews.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
23edb4e12b128d4b36741d479e9818b6b3b1c757d225fec597d730049751b815
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120
x-xss-protection
0
expires
Tue, 27 Dec 2022 12:10:25 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WFZ86PJ
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 27 Dec 2022 10:27:20 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
6185
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Tue, 27 Dec 2022 12:27:20 GMT
js
www.googletagmanager.com/gtag/ 		216 KB
75 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-K5E335ZW0Z&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WFZ86PJ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
138218ec04996cadf152965ae3c66d846c9aa41daaece69fdaca080f409b9385
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
76876
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 27 Dec 2022 12:10:25 GMT
beacon
beacon.tru.am/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://beacon.tru.am/beacon
Requested by
Host: tru.am
URL: https://tru.am/scripts/ta-pagesocial-sdk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:274 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 12:10:25 GMT
via
1.1 google
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
surrogate-control
no-store
vary
Origin
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=29Vjh83Gd9EI2wASSbZXACm1SwaOtrnh02X8CshSqcv9NapeCJe9swkT3QQoYvW5qtA%2BV0%2BuXXa3Op0OJMM8ZCzlDo79ADeI%2BQpPA3iAqOwLIsZ79YXww63rCOvRjiNj0Nq26F96UMSjLG0%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate
cf-ray
7801f3f73bedbb79-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 01 Jan 1970 00:00:00 UTC
215
e.infogram.com/api/stylesheets/ Frame 9F22 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://e.infogram.com/api/stylesheets/215
Requested by
Host: e.infogram.com
URL: https://e.infogram.com/f313c0b2-ea91-41c0-830a-4286027d3c28?parent_url=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Fnews%2Fduis-fall-48-in-sonoma-valley-in-2022%2F&src=embed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-90.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
1aeebc85f0882d98c258a2a8da8a7eef3574d585a8b1d01050d1e1ee6b7b988c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 27 Dec 2022 11:31:29 GMT
via
1.1 f61953901038b0c4b4c82c311140f1b8.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P6
age
2337
x-dns-prefetch-control
off
x-cache
Hit from cloudfront
x-xss-protection
1; mode=block
referrer-policy
no-referrer
server
nginx
etag
W/"1105-inKqqiZSjMkZ5rHQybyRFVfo5mQ"
x-download-options
noopen
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
x-amz-cf-id
tLmiCUOaEvMoAFiz7nkYXlVWo7P_06g3IvART4CGTIqe5o7Gvzm7XQ==
bundle_vendor-df99a81d08bbec95a491-1-webpack.js
cdn.jifo.co/js/dist/ Frame 9F22 		779 KB
222 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jifo.co/js/dist/bundle_vendor-df99a81d08bbec95a491-1-webpack.js
Requested by
Host: e.infogram.com
URL: https://e.infogram.com/f313c0b2-ea91-41c0-830a-4286027d3c28?parent_url=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Fnews%2Fduis-fall-48-in-sonoma-valley-in-2022%2F&src=embed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6545cc6348d570cd29f42d81ebf9ea99253647af9836ed675e9d6afbe5030df
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://e.infogram.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:25 GMT
via
1.1 d952e65bda0e6131468d44ec8b072180.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-cf-pop
MXP64-C1
age
2600
content-encoding
br
x-cache
Miss from cloudfront
last-modified
Mon, 21 Nov 2022 16:00:56 GMT
server
cloudflare
etag
W/"ec273ecb1dd989640f8600ccea9e788a"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sDYxv5%2BO8%2BBnlLq9mVo1DEusz1raMEV0LEwZxFOmDXts3GKjq1Bq2z%2F5KR5k%2FU%2FDa1BIQSevOQhLx9PMQpA9mp005c2q0ZG6dGDF4TsPGEgT5wJsnL7P6JVLs0hzisg02h4RHKzAi0nt"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
ETag
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=31536000
timing-allow-origin
*
cf-ray
7801f3f758129247-FRA
x-amz-cf-id
QUno6Mgkp1E9zZbY4DWDaA2Zv3ZSa7EyGNRzzT6P-iKChrgNHMG47g==
assets-embed_view-324e57db50a3d35bf3ac-1-webpack.js
cdn.jifo.co/js/dist/ Frame 9F22 		701 KB
165 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jifo.co/js/dist/assets-embed_view-324e57db50a3d35bf3ac-1-webpack.js
Requested by
Host: e.infogram.com
URL: https://e.infogram.com/f313c0b2-ea91-41c0-830a-4286027d3c28?parent_url=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Fnews%2Fduis-fall-48-in-sonoma-valley-in-2022%2F&src=embed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
56c0aba94956ecd35b3ce831d909a9e6b9976cf141841cc2be1fcbedbbb33642
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://e.infogram.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:25 GMT
via
1.1 ccfe5851ecd4194e2d976fb32dec7538.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-cf-pop
FRA2-C2
age
5363
content-encoding
br
x-cache
Miss from cloudfront
last-modified
Tue, 06 Dec 2022 13:25:44 GMT
server
cloudflare
etag
W/"2ad79d5b26cd5de44a83d6299c7f5d11"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nJVnkJHPwzk6JnJnpOEK4FI9PXYpIELw7BmrFm5mBgdatgIMjdfrjSRFR0X%2BzFredlPJVwLxKegFBKBjeX5cD6w%2FPK4iLdVJp%2FdjP71IWpRkRJwL7ZCO6zks4l5rGaUCVqCPcyC0h2j6"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
ETag
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=31536000
timing-allow-origin
*
cf-ray
7801f3f758169247-FRA
x-amz-cf-id
hj-RmDjtSTZwYR7-K2mOH6HPJfZEZPv-oYjd23Dp1syM6RSZWCXQiw==
embed_viewer-f12de5e681ef5c51e098-1-webpack.js
cdn.jifo.co/js/dist/ Frame 9F22 		3 MB
652 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jifo.co/js/dist/embed_viewer-f12de5e681ef5c51e098-1-webpack.js
Requested by
Host: e.infogram.com
URL: https://e.infogram.com/f313c0b2-ea91-41c0-830a-4286027d3c28?parent_url=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Fnews%2Fduis-fall-48-in-sonoma-valley-in-2022%2F&src=embed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d82e0b27b336a53e5856f970efeab7bfa6a7a6091e86f0e3a6c2bbc2c4517029
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
Origin
https://e.infogram.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:25 GMT
via
1.1 6c19750e796252a348d1690986c10426.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-cf-pop
FCO50-P1
age
1928
content-encoding
br
x-cache
Miss from cloudfront
last-modified
Thu, 22 Dec 2022 14:16:15 GMT
server
cloudflare
etag
W/"ca1ed8bbc9a46bd917473bb17d67fa03"
access-control-max-age
3000
access-control-allow-methods
GET, HEAD
content-type
application/javascript
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SvuoGtTgJxzbhxW1dhow%2BhEjHQCl%2FD6jZFOZt38DPWB1JqyKfwr7zmyKv9WySvRF5tpx9%2FwQxcugSle1zppZwy8a6JGQvLagIHXxOtTLJyB0VFeq2VTe9Q7OvhMtofBStOaV8W0GKxV5"}],"group":"cf-nel","max_age":604800}
access-control-expose-headers
ETag
vary
Origin,Access-Control-Request-Headers,Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=31536000
timing-allow-origin
*
cf-ray
7801f3f758179247-FRA
x-amz-cf-id
nKbjwNXxyYtCqmRoEkCQ5w4TvHOOUerg6eiTTBz7wwPofo47GOUiww==
embed_view-f1ab9572036801880aeb234a2b9804bd9287d7af.css
cdn.jifo.co/css/dist/ Frame 9F22 		39 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.jifo.co/css/dist/embed_view-f1ab9572036801880aeb234a2b9804bd9287d7af.css
Requested by
Host: e.infogram.com
URL: https://e.infogram.com/f313c0b2-ea91-41c0-830a-4286027d3c28?parent_url=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Fnews%2Fduis-fall-48-in-sonoma-valley-in-2022%2F&src=embed
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
47f2a897a06af3443437c06bedd8ff30140ce66ee8fba10b19604987887544fa
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:25 GMT
via
1.1 ff2bcb2d3b4a3d9e0615ddd1033c38c4.cloudfront.net (CloudFront)
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-amz-cf-pop
FRA2-C2
age
6490
content-encoding
br
x-cache
Miss from cloudfront
last-modified
Tue, 22 Nov 2022 13:16:42 GMT
server
cloudflare
etag
W/"4f40d5da9bf2a2dd2301246292e12b03"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y23Ddd5SqGqndv3whBRCiEiRfqx3Idof9rrAxJkg1hlwCM3geEAYoRANLr5xZRzLkEfNvyxrPwOdpbXAGqKQ0Thyqnvbzj0P%2FtjhD6ayQ%2F5nIqhsaOCdE7PLmOhs0YSsz6nbpB26O6gX"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31536000
timing-allow-origin
*
cf-ray
7801f3f77d85915f-FRA
x-amz-cf-id
-1FhtZ9_MiWsHosRlM1SQc78HGS6beFy-76kIJ_LhIut3lZ4Y-4wYw==
t.js
s.infogram.com/ Frame 9F22 		26 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.infogram.com/t.js?v3
Requested by
Host: e.infogram.com
URL: https://e.infogram.com/f313c0b2-ea91-41c0-830a-4286027d3c28?parent_url=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Fnews%2Fduis-fall-48-in-sonoma-valley-in-2022%2F&src=embed
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.228.75 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-228-75.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
38fda481fd0bc94ec396e6d26c557bd46c1360d5f573fdae05099234848729eb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:26 GMT
content-encoding
gzip
last-modified
Wed, 07 Dec 2022 12:12:19 GMT
x-powered-by
Express
etag
W/"21e3-184ec8040b8"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
cache-control
public, max-age=0
accept-ranges
bytes
content-length
8675
_ate.track.config_resp
v1.addthisedge.com/live/boost/ra-5460f089073e7021/ 		166 B
325 B 		Script
General
Check archive.org
Download Go to
Full URL
https://v1.addthisedge.com/live/boost/ra-5460f089073e7021/_ate.track.config_resp
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.62.220.135 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-62-220-135.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4cf8b4da854cac70fb514c2d255e93904353bda1fcc7229de2f59d5971d83028

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:26 GMT
content-encoding
gzip
etag
659743217
vary
Accept-Encoding
content-type
application/javascript;charset=utf-8
cache-control
public, max-age=58, s-maxage=86400
content-disposition
attachment; filename=1.txt
content-length
154
300lo.json
m.addthis.com/live/red_lojson/ 		90 B
250 B 		Script
General
Check archive.org
Download Go to
Full URL
https://m.addthis.com/live/red_lojson/300lo.json?si=63aae0b12b440350&bkl=0&bl=1&pdt=1623&sid=63aae0b12b440350&pub=ra-5460f089073e7021&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.sonomanews.com&fp=article%2Fnews%2Fduis-fall-48-in-sonoma-valley-in-2022%2F&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=0&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&colc=1672143025853&jsl=131073&uvs=63aae0b1babc920a000&skipb=1&callback=addthis.cbs.jsonp__096142692070028570
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.62.220.135 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-62-220-135.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
f39bbcda4c2bf0c8f371286cfdd6b855afa8455f796ef69e22e87fee2d87c095

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 12:10:26 GMT
cache-control
max-age=0, no-cache, no-store, no-transform
content-disposition
attachment; filename=1.txt
content-length
90
content-type
application/javascript;charset=utf-8
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame FC24 		0
0
sh.f48a1a04fe8dbf021b4cda1d.html
s7.addthis.com/static/ Frame 764E 		71 KB
26 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Requested by
Host: s7.addthis.com
URL: https://s7.addthis.com/js/300/addthis_widget.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.62.220.135 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-62-220-135.deploy.static.akamaitechnologies.com
Software
nginx/1.15.8 /
Resource Hash
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
public, max-age=86313600
content-encoding
gzip
content-length
26421
content-type
text/html
date
Tue, 27 Dec 2022 12:10:25 GMT
etag
W/"5f971164-11adc"
last-modified
Mon, 26 Oct 2020 18:11:48 GMT
p3p
CP="NON ADM OUR DEV IND COM STA"
server
nginx/1.15.8
strict-transport-security
max-age=15724800; includeSubDomains
timing-allow-origin
*
vary
Accept-Encoding
x-host
s7.addthis.com
sit-live.json
api.pressdemocrat.com/_data/notifications/ 		2 B
322 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.pressdemocrat.com/_data/notifications/sit-live.json?cache=2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.219.243.149 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-219-243-149.us-west-1.compute.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 12:10:26 GMT
Last-Modified
Mon, 25 Jul 2022 22:04:40 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"2-5e4a85ed3a2e9"
Content-Type
application/json
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
2
feed.json
feeds.sonomanews.com/sit2018/wex/ 		561 B
753 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://feeds.sonomanews.com/sit2018/wex/feed.json?cache=2
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.219.243.149 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-219-243-149.us-west-1.compute.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
93cd4ce14fa33896f4780def1c50d867fe346808450db8cee0295b9a27ad9324

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 12:10:26 GMT
Content-Encoding
gzip
Last-Modified
Tue, 27 Dec 2022 12:00:03 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"231-5f0cdfdf32998-gzip"
Vary
Accept-Encoding
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
max-age=300, public
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
341
index.php
code.pressdemocrat.com/getip/ 		24 B
260 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://code.pressdemocrat.com/getip/index.php
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.219.243.149 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-219-243-149.us-west-1.compute.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
bab2971e3958c3894d1f9379386d1e1b341da6213d325bd4a23b529ede912838

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Tue, 27 Dec 2022 12:10:25 GMT
Server
Apache/2.4.41 (Ubuntu)
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
24
Content-Type
text/html; charset=UTF-8
embed.js
sonoma-index-tribune.disqus.com/ 		78 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sonoma-index-tribune.disqus.com/embed.js
Requested by
Host: code.sonomanews.com
URL: https://code.sonomanews.com/2020/js/george.js?ver=20221222
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
199.232.196.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
openresty /
Resource Hash
cfdb7eec9e4ce602e5d4db495ea4763ab5f0512e405712f5a23bc41a6b0fa6a1
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 12:10:25 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=300; includeSubdomains
Server
openresty
Age
48
Vary
Accept-Encoding
Content-Type
application/javascript; charset=utf-8
Cache-Control
private, max-age=60
X-Service
router
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Link
<https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length
25687
loader.min.js
loader-cdn.azureedge.net/prod/smi/ 		42 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://loader-cdn.azureedge.net/prod/smi/loader.min.js?_=1672143024944
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CBB) /
Resource Hash
be487c1e4c16a1237d80fa8b4befd8710ba5208eda4f68b37b599301d0468a7a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 27 Dec 2022 12:10:25 GMT
content-encoding
gzip
content-md5
7io/LfZ/tiuzzwxyZn6L9g==
age
16387
x-cache
HIT
content-length
12042
x-ms-lease-status
unlocked
last-modified
Mon, 28 Nov 2022 07:03:44 GMT
server
ECAcc (frc/4CBB)
etag
0x8DAD10EB09255F1
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
a11e2220-c01e-005c-5bc6-19a2e6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
script.js
newsletter.sonomanews.com/widget/single/pref:daily;hideImage:1/ 		1 KB
979 B 		Script
General
Check archive.org
Download Go to
Full URL
https://newsletter.sonomanews.com/widget/single/pref:daily;hideImage:1/script.js
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
184.169.129.237 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-184-169-129-237.us-west-1.compute.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
4351bdc944243b3184174c8b7d027c669f243022287b348d1670b5cf95b52d8c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 12:10:26 GMT
Content-Encoding
gzip
Last-Modified
Mon, 26 Dec 2022 20:00:02 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"418-5f0c094a8b769-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=604801
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
566
swiper-bundle.min.css
cdnjs.cloudflare.com/ajax/libs/Swiper/6.5.8/ 		14 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/Swiper/6.5.8/swiper-bundle.min.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
401d5c523f0d2dd193df65b0c6f3115f94a8c7c305129df8570072cb05ccff8c
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1006908
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
3605
last-modified
Fri, 23 Apr 2021 19:42:36 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"6083232c-3631"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wh%2Blfnm%2Flb%2BdWKAVkDyRc3XYBpx8VC2RQ%2Fl4x6ZUK6IIZUJBqbg4kiiUPCL0J%2BD8C8AFmnyR%2BtEoklfSI%2FONGdVgcYZcM2eGw0J3bp5%2Bzretk%2F%2Brnx9O9VDxyo6dVNm6o9gxF5Aev0OFGAMipfz7ldKn"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7801f3f7eb5e8fdc-FRA
expires
Sun, 17 Dec 2023 12:10:25 GMT
swiper-bundle.min.js
cdnjs.cloudflare.com/ajax/libs/Swiper/6.5.8/ 		139 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/Swiper/6.5.8/swiper-bundle.min.js
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5e9bb24ae7c06f8c03e85e337e60442ed5a57d2b7aa5482b3fd4e641baae335
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:25 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
6535626
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
32882
last-modified
Fri, 23 Apr 2021 19:42:36 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"6083232c-22b70"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NmfxHq%2BK6Lq%2F1xhTTUdGXCshXKa3rMlZqxPpPlNjQX5jGpx2I%2BkVbhT1sONK%2FNYVSXs7v%2FMTJJtW%2F78gSSkdFouXAHkWyCrRcp0uxSJfYZbiILMH%2FXUvTTXceOjgCc8qkJrMOGee4c61IxUAnwJ4ndsi"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7801f3f7eb5f8fdc-FRA
expires
Sun, 17 Dec 2023 12:10:25 GMT
sonomanews.json
privacy.sonomanews.com/banner/config/ 		324 B
679 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://privacy.sonomanews.com/banner/config/sonomanews.json
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
184.169.129.237 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-184-169-129-237.us-west-1.compute.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
62481370ed59087d216e2d8d8e3142ef08a2dc7ebdf73b13afc94e5a642ad21c

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 12:10:26 GMT
Last-Modified
Thu, 16 Jan 2020 16:45:27 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"144-59c448d5dd7c0"
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
max-age=604800
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
324
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=sonomanews.com&p=%2Farticle%2Fnews%2Fduis-fall-48-in-sonoma-valley-in-2022%2F&u=CE4VsPLal4iCBMsVI&d=sonomanews.com&g=60036&g0=news&g1=CHASE%20HUNTER&n=1&f=00001&c=0&x=0&m=0&y=4687&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Fnews%2Fduis-fall-48-in-sonoma-valley-in-2022%2F&b=2757&t=D4fNg_BUOeASBYmjQSWUBiICCIqe-&V=139&i=DUIs%20fall%2048%25%20in%20Sonoma%20Valley%20in%202022&tz=0&_acct=anon&sn=1&sv=CxB-1jBDmxUsa82p6CovvRFXMX3T&sd=1&im=067b2ffb&_
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.208.87.237 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-208-87-237.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Tue, 27 Dec 2022 12:10:26 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
tipped.css
cdn.pressdemocrat.com/vendor/tipped/4.7.0/ 		19 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.pressdemocrat.com/vendor/tipped/4.7.0/tipped.css
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.219.243.149 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-219-243-149.us-west-1.compute.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
d76ec8aed9529461612d64ed4d6f46ec5eddf8843de20fd41d8e2a7b8f5a881c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 12:10:26 GMT
Content-Encoding
gzip
Last-Modified
Fri, 20 Dec 2019 20:21:10 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"4ccf-59a286b1d3980-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=604801
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
3342
tipped.js
cdn.pressdemocrat.com/vendor/tipped/4.7.0/ 		76 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pressdemocrat.com/vendor/tipped/4.7.0/tipped.js
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.219.243.149 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-219-243-149.us-west-1.compute.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
5ed5ca8064edb1d7566bf5628d09a65eb4020802aeff658b099fa9ef898b2032

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 12:10:26 GMT
Content-Encoding
gzip
Last-Modified
Fri, 20 Dec 2019 20:21:41 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"13126-59a286cf63f40-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=604801
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
20290
/
imengine.prod.srp.navigacloud.com/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imengine.prod.srp.navigacloud.com/?uuid=0f5272e6-942f-51ae-8ed6-7056ec3b1b42&type=primary&q=72&width=300
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-97.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
9aea7622c9a16bee1967c911c3a09c2a2cbed020ce71922d7fb56cf68c8c5047

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
public
date
Tue, 27 Dec 2022 00:03:52 GMT
via
1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
last-modified
Tue, 27 Dec 2022 00:03:52 +0000
server
nginx
x-amz-cf-pop
FRA6-C1
age
43593
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=15552000
x-amz-cf-id
ct41fj-ta8JiLmf_a_n0gRGG8mae6kAMfBWbAMbAJWXL_LjTY1EXkA==
expires
Sun, 25 Jun 2023 00:03:52 GMT
/
imengine.prod.srp.navigacloud.com/ 		49 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imengine.prod.srp.navigacloud.com/?uuid=d858ca31-964e-53ab-86a8-55aead203944&type=primary&q=72&width=300
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-97.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
20705d76419b62721b18b677415d31f85cd51875c835546ba5abec18ae73c344

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
public
date
Mon, 26 Dec 2022 21:43:50 GMT
via
1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
last-modified
Mon, 26 Dec 2022 21:43:50 +0000
server
nginx
x-amz-cf-pop
FRA6-C1
age
51995
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=15552000
x-amz-cf-id
RqJmnovRBszZoe6Dq2GSH7FsuyvRBu-83sMJOdmvyY7920m50dAp3g==
expires
Sat, 24 Jun 2023 21:43:50 GMT
/
imengine.prod.srp.navigacloud.com/ 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imengine.prod.srp.navigacloud.com/?uuid=229572bc-110a-5c8e-a38f-8ca64aa2638a&type=primary&q=72&width=300
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-97.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
c137106005502bd2b368f2d1015377b29f7f68dadafd88d56091b4f185106485

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
public
date
Mon, 26 Dec 2022 17:16:13 GMT
via
1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
last-modified
Mon, 26 Dec 2022 17:16:13 +0000
server
nginx
x-amz-cf-pop
FRA6-C1
age
68052
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=15552000
x-amz-cf-id
rjb1s-9LMKQh4LT6Jn0Cj93lkBJvF19F0vZCFL1b32jzpWI6Pxj9Aw==
expires
Sat, 24 Jun 2023 17:16:13 GMT
/
imengine.prod.srp.navigacloud.com/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imengine.prod.srp.navigacloud.com/?uuid=35fc7318-fe11-5e44-b16a-8d349b907f53&type=primary&q=72&width=300
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-97.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
5b6040e92ed2ab04a25a918eae1ae24a0ac3564db4908ada0ebe166a26c3e1cb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
public
date
Sat, 24 Dec 2022 19:49:36 GMT
via
1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
last-modified
Sat, 24 Dec 2022 19:49:36 +0000
server
nginx
x-amz-cf-pop
FRA6-C1
age
231649
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=15552000
x-amz-cf-id
NI8eroPX0oy8aPAcugkPkn0OzbyHXKFDuP8GIMroqJp_T5Mr7HzUMQ==
expires
Thu, 22 Jun 2023 19:49:36 GMT
/
imengine.prod.srp.navigacloud.com/ 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imengine.prod.srp.navigacloud.com/?uuid=a3dd7d65-84ed-504a-9cd6-2a3b940e402f&type=primary&q=72&function=cropresize&crop_w=0.99999&crop_h=0.5814&x=1.0E-5&y=0.24128&width=300&height=225
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-97.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
ee4b6acb0aa8f360b9560d7f94417ad9a89a6b53d6027ff07a8acc10a9d11d57

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
public
date
Sat, 24 Dec 2022 19:11:05 GMT
via
1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
last-modified
Sat, 24 Dec 2022 19:11:05 +0000
server
nginx
x-amz-cf-pop
FRA6-C1
age
233960
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=15552000
x-amz-cf-id
xiNMKUDuDBhtgi-hjfwnW3WiLKeOa4inABDEP5c8Ap5AGXe0FcB-VQ==
expires
Thu, 22 Jun 2023 19:11:05 GMT
/
imengine.prod.srp.navigacloud.com/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imengine.prod.srp.navigacloud.com/?uuid=ab235039-6ba2-520a-bda0-6ee9ac4a9624&type=primary&q=72&width=300
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-97.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
d2332508fb5d23dace6ccc8bb2ddeff1f89a71ca032d5d2ecc4411879073bb51

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
public
date
Fri, 23 Dec 2022 23:54:31 GMT
via
1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
last-modified
Fri, 23 Dec 2022 23:54:21 +0000
server
nginx
x-amz-cf-pop
FRA6-C1
age
303353
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=15552000
x-amz-cf-id
mnOB2nJ0Ap0cqIWAbvF8IOAEiT8WyGRiLaEwt5zgezEMeizjQhgXJA==
expires
Wed, 21 Jun 2023 23:54:21 GMT
/
imengine.prod.srp.navigacloud.com/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imengine.prod.srp.navigacloud.com/?uuid=7957efff-d1e7-530d-b60e-125f63fdf694&type=primary&q=72&width=300
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-97.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
f4ac68fdc7260be74501c1e5eb218005e693d90fa0648397b4f4f71c85be0a79

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
public
date
Fri, 23 Dec 2022 19:48:38 GMT
via
1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
last-modified
Fri, 23 Dec 2022 19:48:38 +0000
server
nginx
x-amz-cf-pop
FRA6-C1
age
318107
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=15552000
x-amz-cf-id
iKeNz1kgIfyT43tkdIgvTGHttKk_foGJuCBQsGKiVPM3nkaro2IAaQ==
expires
Wed, 21 Jun 2023 19:48:38 GMT
/
imengine.prod.srp.navigacloud.com/ 		59 KB
60 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imengine.prod.srp.navigacloud.com/?uuid=8448c10f-5728-54cc-a680-7fb1593dff3c&type=primary&q=72&width=300
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-97.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
b6f95a52d6a6e0e964b509bf91747afda3d8dd7d85a6d53245f4fc80e5a0c29d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
public
date
Thu, 22 Dec 2022 23:53:35 GMT
via
1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
last-modified
Thu, 22 Dec 2022 23:53:35 +0000
server
nginx
x-amz-cf-pop
FRA6-C1
age
389810
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=15552000
x-amz-cf-id
_BjHFws1H6gf8jgF7ozK8xAa3tFo17KhjqfxAnTB6ZuVx3czTtfGJA==
expires
Tue, 20 Jun 2023 23:53:35 GMT
/
imengine.prod.srp.navigacloud.com/ 		36 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imengine.prod.srp.navigacloud.com/?uuid=dd07137f-f60e-5332-aae2-6621371cefc2&type=primary&q=72&width=300
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-97.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
737b10174311f6f20efa54a1369f58f70d87dda4dcea23946f0949d60967d59f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
public
date
Thu, 22 Dec 2022 23:35:28 GMT
via
1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
last-modified
Thu, 22 Dec 2022 23:35:28 +0000
server
nginx
x-amz-cf-pop
FRA6-C1
age
390897
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=15552000
x-amz-cf-id
JouokzE0Hhc-gkQP5aOJXh33pZ5q94ZaItOvgBDOnsip7IUMrBgc-g==
expires
Tue, 20 Jun 2023 23:35:28 GMT
/
imengine.prod.srp.navigacloud.com/ 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imengine.prod.srp.navigacloud.com/?uuid=c4628295-8387-58df-aeea-fd1f0706eb6b&type=primary&q=72&width=300
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-97.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
0c714b4baf6a0f94961194d95138016e37ef244cfff529e192aedad9eed26079

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
public
date
Thu, 22 Dec 2022 21:39:19 GMT
via
1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
last-modified
Thu, 22 Dec 2022 21:39:19 +0000
server
nginx
x-amz-cf-pop
FRA6-C1
age
397866
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=15552000
x-amz-cf-id
wqQVrpnEuShzx26ByU2KTESOWWkaoE5Z8Z6v5dYBygyZm-gMIx1HnQ==
expires
Tue, 20 Jun 2023 21:39:19 GMT
/
imengine.prod.srp.navigacloud.com/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imengine.prod.srp.navigacloud.com/?uuid=4EB2D220-C0DC-4952-8E05-9410E6086FA4&type=primary&q=72&width=150
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-97.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
3cc32fde868679c57e5131e42f66d72b9de8f7f395b7c80837b84bfc8372e21b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
public
date
Mon, 26 Dec 2022 21:59:59 GMT
via
1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
last-modified
Mon, 26 Dec 2022 21:59:59 +0000
server
nginx
x-amz-cf-pop
FRA6-C1
age
51026
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=15552000
x-amz-cf-id
tnv8GaZ0w7LmiA0ihxSYQUzRNAur-ONeONc3ZuT8kflEXzVcu9n7IA==
expires
Sat, 24 Jun 2023 21:59:59 GMT
/
imengine.prod.srp.navigacloud.com/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imengine.prod.srp.navigacloud.com/?uuid=f96e67f6-9a8a-5d59-8ab5-7d03534325a3&type=primary&q=72&width=150
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-97.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
bb1babbb30ef7df8af5ea5838f48cf6e9b1405ed188e34ca632db0f2d2f6be93

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
public
date
Mon, 26 Dec 2022 08:17:30 GMT
via
1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
last-modified
Mon, 26 Dec 2022 08:17:30 +0000
server
nginx
x-amz-cf-pop
FRA6-C1
age
100375
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=15552000
x-amz-cf-id
IAj4rUc-1esxl9mZHUuIHcZroq_UsOs47v-NyZgPIOVXO1uryGCOEg==
expires
Sat, 24 Jun 2023 08:17:30 GMT
/
imengine.prod.srp.navigacloud.com/ 		31 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imengine.prod.srp.navigacloud.com/?uuid=0f5272e6-942f-51ae-8ed6-7056ec3b1b42&type=primary&q=72&width=150
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-97.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
d33ae6cd58460ee34112ff454e5ed2ef64251df2e856229226d44ef5eb817253

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
public
date
Tue, 27 Dec 2022 06:10:17 GMT
via
1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
last-modified
Tue, 27 Dec 2022 06:10:17 +0000
server
nginx
x-amz-cf-pop
FRA6-C1
age
21608
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=15552000
x-amz-cf-id
VPzTu56lxEDS-Qz4HuUic46-t68oy3FycfigAhiVIPR0KzmreCrVjw==
expires
Sun, 25 Jun 2023 06:10:17 GMT
/
imengine.prod.srp.navigacloud.com/ 		39 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imengine.prod.srp.navigacloud.com/?uuid=229572bc-110a-5c8e-a38f-8ca64aa2638a&type=primary&q=72&width=150
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-97.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
80a3026ee3d22ddd6673bf85673bbb0e3144c4873a1ccf155e883e228a36af32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
public
date
Mon, 26 Dec 2022 22:00:00 GMT
via
1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
last-modified
Mon, 26 Dec 2022 22:00:00 +0000
server
nginx
x-amz-cf-pop
FRA6-C1
age
51025
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=15552000
x-amz-cf-id
-_wr-QnPlVph-9CeqTG87iwHF-M8Qu3ZHshKBy19n9qUYMYT0y9n2w==
expires
Sat, 24 Jun 2023 22:00:00 GMT
/
imengine.prod.srp.navigacloud.com/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imengine.prod.srp.navigacloud.com/?uuid=18f8490b-0a46-5194-b199-fe2113745044&type=primary&q=72&width=150
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-97.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
9ccc0b2a26a9d7813ce2d1669b5d2398c2797a7ef9c7bf498d2ef03d7985a3cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
public
date
Fri, 16 Dec 2022 08:11:08 GMT
via
1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
last-modified
Fri, 16 Dec 2022 08:11:08 +0000
server
nginx
x-amz-cf-pop
FRA6-C1
age
964757
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=15552000
x-amz-cf-id
EIGFktLCjaWEcyf5JThvG4qtERgOKxp5GYiGGQibm5dR4hnEG84Vfg==
expires
Wed, 14 Jun 2023 08:11:08 GMT
gtm.js
www.googletagmanager.com/ Frame 9F22 		115 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5MG85WM
Requested by
Host: e.infogram.com
URL: https://e.infogram.com/f313c0b2-ea91-41c0-830a-4286027d3c28?parent_url=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Fnews%2Fduis-fall-48-in-sonoma-valley-in-2022%2F&src=embed
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d583602cbe269eb53e6c403015ec88a91c0ac736a067c0a42d7bfe9d28c2c7ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:25 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
45385
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 27 Dec 2022 12:10:25 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=318729312&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Fnews%2Fduis-fall-48-in-sonoma-valley-in-2022%2F&dp=%2Farticle%2Fnews%2Fduis-fall-48-in-sonoma-valley-in-2022&ul=en-us&de=UTF-8&dt=DUIs%20fall%2048%25%20in%20Sonoma%20Valley%20in%202022&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1464511413&gjid=2066449020&cid=594819456.1672143026&tid=UA-39519010-1&_gid=510789851.1672143026&_r=1&gtm=2wgbu0WFZ86PJ&z=1416122711
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 12:10:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sonomanews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=318729312&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Fnews%2Fduis-fall-48-in-sonoma-valley-in-2022%2F&dp=%2Farticle%2Fnews%2Fduis-fall-48-in-sonoma-valley-in-2022&ul=en-us&de=UTF-8&dt=DUIs%20fall%2048%25%20in%20Sonoma%20Valley%20in%202022&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAACAAI~&jid=872484957&gjid=103986619&cid=594819456.1672143026&tid=UA-55293627-1&_gid=510789851.1672143026&_r=1&gtm=2wgbu0WFZ86PJ&z=1450343041
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 12:10:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sonomanews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=318729312&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Fnews%2Fduis-fall-48-in-sonoma-valley-in-2022%2F&dp=%2Farticle%2Fnews%2Fduis-fall-48-in-sonoma-valley-in-2022&ul=en-us&de=UTF-8&dt=DUIs%20fall%2048%25%20in%20Sonoma%20Valley%20in%202022&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAACAAI~&jid=1981856904&gjid=1836561004&cid=594819456.1672143026&tid=UA-44780506-1&_gid=510789851.1672143026&_r=1&gtm=2wgbu0WFZ86PJ&z=1528671729
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 12:10:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sonomanews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=318729312&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Fnews%2Fduis-fall-48-in-sonoma-valley-in-2022%2F&dp=%2Farticle%2Fnews%2Fduis-fall-48-in-sonoma-valley-in-2022%2F&ul=en-us&de=UTF-8&dt=DUIs%20fall%2048%25%20in%20Sonoma%20Valley%20in%202022&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAACAAI~&jid=1930343178&gjid=578408925&cid=594819456.1672143026&tid=UA-37401929-2&_gid=510789851.1672143026&_r=1&gtm=2wgbu0WFZ86PJ&z=2099676490
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 12:10:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sonomanews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=318729312&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Fnews%2Fduis-fall-48-in-sonoma-valley-in-2022%2F&dp=%2Farticle%2Fnews%2Fduis-fall-48-in-sonoma-valley-in-2022%2F&ul=en-us&de=UTF-8&dt=DUIs%20fall%2048%25%20in%20Sonoma%20Valley%20in%202022&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAACAAI~&jid=516713588&gjid=90124190&cid=594819456.1672143026&tid=UA-37401929-3&_gid=510789851.1672143026&_r=1&gtm=2wgbu0WFZ86PJ&z=888902659
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 12:10:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sonomanews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
truncated
/ 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60280b8ab4c8d489c74567c55e14945b935c2f5937855f808163ee40a65f065f

Request headers

Referer
Origin
https://www.sonomanews.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
/
imengine.prod.srp.navigacloud.com/ 		45 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imengine.prod.srp.navigacloud.com/?uuid=2de1c124-d359-5f7d-8889-7cdfba339219&type=primary&q=72&width=861
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-97.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
e04e4efa2f562b3ed4e6258c74fe327b6060817a43dc0de9b291f3de8149d8ac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
public
date
Tue, 27 Dec 2022 12:09:38 GMT
via
1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
last-modified
Tue, 27 Dec 2022 12:09:38 +0000
server
nginx
x-amz-cf-pop
FRA6-C1
age
48
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=15552000
x-amz-cf-id
MVxl-ojJbuyTZ9RZp5uijeURZSr170sBLCJ6wm4lf-Iw1145JbJW8w==
expires
Sun, 25 Jun 2023 12:09:38 GMT
lounge.1bdd56d22493b91804cbc7f49fe6c365.css
c.disquscdn.com/next/embed/styles/ 		0
31 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/styles/lounge.1bdd56d22493b91804cbc7f49fe6c365.css
Requested by
Host: sonoma-index-tribune.disqus.com
URL: https://sonoma-index-tribune.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2304:6800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-cache-hits
0
date
Thu, 22 Dec 2022 23:34:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 af4c7c5690ef99c2d2945817a4e41504.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-P1
age
390963
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
30867
x-xss-protection
1; mode=block
x-served-by
static-web-1
surrogate-key
next
last-modified
Thu, 22 Dec 2022 23:22:39 GMT
server
nginx
etag
"63a4e6bf-7893"
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
Oer206wgj2Grs2aKgA13qbNVyg5ZvFtSVR_PVygM0BoS4epqk1hOQQ==
expires
Fri, 22 Dec 2023 23:34:23 GMT
common.bundle.78f08d08ee97a04dc049cbcf3a5ec827.js
c.disquscdn.com/next/embed/ 		0
93 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/common.bundle.78f08d08ee97a04dc049cbcf3a5ec827.js
Requested by
Host: sonoma-index-tribune.disqus.com
URL: https://sonoma-index-tribune.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2304:6800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-cache-hits
0
date
Tue, 20 Dec 2022 22:44:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 af4c7c5690ef99c2d2945817a4e41504.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-P1
age
566758
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
94881
x-xss-protection
1; mode=block
x-served-by
static-web-1
surrogate-key
next
last-modified
Tue, 20 Dec 2022 22:36:25 GMT
server
nginx
etag
"63a238e9-172a1"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
XxIsqn1x4vZuZz4d5NS2C1jbZm5SCoaR7B5wtwDf1SCptxDz0PsiLA==
expires
Wed, 20 Dec 2023 22:44:28 GMT
lounge.bundle.abd95c70c0bf2833afad839d2ac60096.js
c.disquscdn.com/next/embed/ 		0
127 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://c.disquscdn.com/next/embed/lounge.bundle.abd95c70c0bf2833afad839d2ac60096.js
Requested by
Host: sonoma-index-tribune.disqus.com
URL: https://sonoma-index-tribune.disqus.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2304:6800:6:8656:f5c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-cache-hits
0
date
Thu, 22 Dec 2022 23:34:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 af4c7c5690ef99c2d2945817a4e41504.cloudfront.net (CloudFront)
x-amz-cf-pop
VIE50-P1
age
390963
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
129104
x-xss-protection
1; mode=block
x-served-by
static-web-1
surrogate-key
next
last-modified
Thu, 22 Dec 2022 23:22:39 GMT
server
nginx
etag
"63a4e6bf-1f850"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=31536000, public, immutable, no-transform
timing-allow-origin
*
x-amz-cf-id
5G_jGLaPHPKJwxbzeUNJSkC3kt0aGtGNKKmVJI1-3BcUYnV1AOAYlA==
expires
Fri, 22 Dec 2023 23:34:23 GMT
config.js
disqus.com/next/ 		0
17 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://disqus.com/next/config.js
Requested by
Host: sonoma-index-tribune.disqus.com
URL: https://sonoma-index-tribune.disqus.com/embed.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
151.101.128.134 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=300; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 12:10:26 GMT
Strict-Transport-Security
max-age=300; includeSubdomains
X-Content-Type-Options
nosniff
Server
nginx
Age
38
X-Frame-Options
SAMEORIGIN
p3p
CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin
*
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Timing-Allow-Origin
*
Content-Length
16919
X-XSS-Protection
1; mode=block
polyfill.min.js
polyfill.io/v3/ 		101 B
579 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?flags=gated&features=es5%2CCustomEvent%2CArray.from%2CArray.isArray%2CArray.prototype.filter%2CArray.prototype.find%2CArray.prototype.findIndex%2CArray.prototype.forEach%2CArray.prototype.indexOf%2CArray.prototype.keys%2CArray.prototype.lastIndexOf%2CArray.prototype.map%2CArray.prototype.reduce%2CDate.prototype.toISOString%2CDocumentFragment%2CDocumentFragment.prototype.append%2CDocumentFragment.prototype.prepend%2CElement%2CElement.prototype.after%2CElement.prototype.append%2CElement.prototype.before%2CElement.prototype.classList%2CElement.prototype.cloneNode%2CElement.prototype.closest%2CElement.prototype.dataset%2CElement.prototype.matches%2CElement.prototype.placeholder%2CElement.prototype.prepend%2CElement.prototype.remove%2CElement.prototype.replaceWith%2CElement.prototype.toggleAttribute%2CEvent%2CJSON%2CMap%2CNumber.parseInt%2CNumber.parseFloat%2CObject.assign%2CObject.create%2CObject.defineProperties%2CObject.defineProperty%2CObject.entries%2CObject.getOwnPropertyDescriptor%2CObject.getOwnPropertyNames%2CObject.is%2CObject.keys%2CObject.values%2CPromise%2CPromise.prototype.finally%2CSet%2CString.prototype.trim%2CXMLHttpRequest%2Cdocument.getElementsByClassName%2Cdocument.currentScript%2Cdocument.querySelector%2Cfetch%2CgetComputedStyle%2ClocalStorage%2CArray.prototype.some%2CDate.now%2CEvent.focusin%2CEventSource%2CFunction.prototype.bind%2CFunction.prototype.name%2CHTMLDocument%2CNodeList.prototype.forEach%2CNodeList.prototype.%40%40iterator%2CNode.prototype.contains%2CObject.getPrototypeOf%2CObject.setPrototypeOf%2CRegExp.prototype.flags%2CString.prototype.%40%40iterator%2CString.prototype.startsWith%2CString.prototype.endsWith%2Cconsole%2Cconsole.debug%2Cconsole.error%2Cconsole.info%2Cconsole.log%2Cdocument%2Cdocument.head%2Cdocument.visibilityState%2Clocation.origin%2CrequestIdleCallback%2Cscreen.orientation%2CmatchMedia%2CURL
Requested by
Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/smi/loader.min.js?_=1672143024944
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Origin
https://www.sonomanews.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 27 Dec 2022 12:10:26 GMT
age
3319433
detected-user-agent
Chrome/108.0.0
server-timing
HIT, fastly;desc="Edge time";dur=0, HIT-CLUSTER, fastly;desc="Edge time";dur=2
content-length
94
referrer-policy
origin-when-cross-origin
last-modified
Fri, 18 Nov 2022 10:54:38 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=utf-8
normalized-user-agent
chrome/108.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
collect
region1.google-analytics.com/g/ 		0
349 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-K5E335ZW0Z&gtm=2oebu0&_p=318729312&cid=594819456.1672143026&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1672143026&sct=1&seg=0&dl=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Fnews%2Fduis-fall-48-in-sonoma-valley-in-2022%2F&dt=DUIs%20fall%2048%25%20in%20Sonoma%20Valley%20in%202022&en=page_view&_fv=1&_ss=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-K5E335ZW0Z&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 12:10:26 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sonomanews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
css
gfonts.jifo.co/ Frame 9F22 		24 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gfonts.jifo.co/css?family=Roboto:400,500,700,400i,500i,700i%7CRaleway:400,500,600,700,400i,500i,600i,700i&subset=latin,latin-ext,cyrillic
Requested by
Host: cdn.jifo.co
URL: https://cdn.jifo.co/js/dist/embed_viewer-f12de5e681ef5c51e098-1-webpack.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cfadea1af93dab64219a7eed233fcfea130177d745367eaef0c940c15e0da3f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:26 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3228
content-encoding
br
cross-origin-resource-policy
cross-origin
x-xss-protection
0
last-modified
Tue, 27 Dec 2022 11:16:38 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t6Y8KMeB0LZZcL3akpDrd8opn9E0DvGualtidE3TBRf0C8yu7zAU2Xynn2gorJGH1a6QGpNZrnHmysFN6E5odXZpU5xhLfHlX8X9m4spEjerY6EldybdKfZr4sgReouXkJZk%2B1q8SXmdJexi"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31560000
timing-allow-origin
*
cf-ray
7801f3fb0cb3915f-FRA
collect
stats.g.doubleclick.net/j/ 		1 B
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-39519010-1&cid=594819456.1672143026&jid=1464511413&gjid=2066449020&_gid=510789851.1672143026&_u=YEBAAEAAAAAAACAAI~&z=1976002994
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 27 Dec 2022 12:10:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sonomanews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
67 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-55293627-1&cid=594819456.1672143026&jid=872484957&gjid=103986619&_gid=510789851.1672143026&_u=YEDAAEABAAAAACAAI~&z=527731034
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 27 Dec 2022 12:10:26 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sonomanews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		23 B
466 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Fnews%2Fduis-fall-48-in-sonoma-valley-in-2022%2F&pid=XONpwVcKPOr4r&cb=0&ws=1600x1200&v=22.1213.2134&t=2000&slots=%5B%7B%22sd%22%3A%22ad-0-1x1-desktop%22%2C%22s%22%3A%5B%221x1%22%5D%2C%22sn%22%3A%22%2F94238257%2Fsit%2Fnews%22%7D%5D&schain=1.0%2C1!yourbow.com%2C63%2C1%2C%2C%2C&pubid=db83f9c6-a698-4a6a-89fb-c29c85426748&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-150.fra56.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:26 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 a2eae5bb517678c9d6b43a2731b4462e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
Y0T8DQV7BZ3JYVFNRNJ2
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.sonomanews.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
tcj4tJPwxJfWxNoEdcCepM-NQHjLglX77NjP_-zFdKyOVFlqD1mk0Q==
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		23 B
466 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Fnews%2Fduis-fall-48-in-sonoma-valley-in-2022%2F&pid=XONpwVcKPOr4r&cb=1&ws=1600x1200&v=22.1213.2134&t=2000&slots=%5B%7B%22sd%22%3A%22ad-1-2x1-desktop%22%2C%22s%22%3A%5B%222x1%22%5D%2C%22sn%22%3A%22%2F94238257%2Fsit%2Fnews%22%7D%5D&schain=1.0%2C1!yourbow.com%2C63%2C1%2C%2C%2C&pubid=db83f9c6-a698-4a6a-89fb-c29c85426748&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-150.fra56.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:26 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 a2eae5bb517678c9d6b43a2731b4462e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
WMQ6QYTKGZFB70YGCDXS
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.sonomanews.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
UYX-YvFIQzZoZeuPWKHXdX7Q_-VreauOvY_rvM5QRld5quNKz1-y8Q==
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		23 B
465 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Fnews%2Fduis-fall-48-in-sonoma-valley-in-2022%2F&pid=XONpwVcKPOr4r&cb=2&ws=1600x1200&v=22.1213.2134&t=2000&slots=%5B%7B%22sd%22%3A%22ad-2-728x90-desktop%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F94238257%2Fsit%2Fnews%22%7D%5D&schain=1.0%2C1!yourbow.com%2C63%2C1%2C%2C%2C&pubid=db83f9c6-a698-4a6a-89fb-c29c85426748&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-150.fra56.r.cloudfront.net
Software
Server /
Resource Hash
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:26 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 a2eae5bb517678c9d6b43a2731b4462e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
Z17WDW9BH8HAPCQH2TN1
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.sonomanews.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
EXmVQVIyQXa_9TJBVwv-6HCTfA_xvFp4mYS3sUda5zZIyc7aKzNsXw==
thirdpartycookie
api.viafoura.co/v2/www.sonomanews.com/ 		45 B
650 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.viafoura.co/v2/www.sonomanews.com/thirdpartycookie?section=
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:44f0:4832:3ff4:417f:f0f6:3cef Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
61a2b2588acde0ccae626edbff25bbe32c1ff43cc0d89859c4ef48af507cd356

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-instance-id
i-018e858902735c884
pragma
no-cache
date
Tue, 27 Dec 2022 12:10:26 GMT
content-encoding
gzip
server
nginx/1.18.0 (Ubuntu)
vary
Accept-Encoding
access-control-allow-methods
GET, POST, OPTIONS, PUT, DELETE, PATCH, HEAD
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.sonomanews.com
cache-control
max-age=0
access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
expires
Tue, 27 Dec 2022 12:10:26 GMT
showers.png
d6w29wm3j2vhp.cloudfront.net/2021/css/image/weather/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d6w29wm3j2vhp.cloudfront.net/2021/css/image/weather/showers.png
Requested by
Host: d6w29wm3j2vhp.cloudfront.net
URL: https://d6w29wm3j2vhp.cloudfront.net/2021/css/shared.css?ver=20221222
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2240:4800:1c:7f52:bb40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
25755c09dd4cc205f40b360b6ff1567beddaa39df908eed0eab5e2abb8499a04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d6w29wm3j2vhp.cloudfront.net/2021/css/shared.css?ver=20221222
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 14:11:34 GMT
via
1.1 a49c26e403f2dac09629dceb6dac5740.cloudfront.net (CloudFront)
last-modified
Fri, 27 Aug 2021 23:05:27 GMT
server
Apache/2.4.41 (Ubuntu)
x-amz-cf-pop
FRA60-P1
age
165532
etag
"849-5ca9284e21bc0"
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
cache-control
max-age=604801, public
accept-ranges
bytes
content-length
2121
x-amz-cf-id
uwp_G5J47-yH4-ZObZdPSGuoME80rfDl_jMli_Idv9IFXmTrXdEcpg==
analytics.js
www.google-analytics.com/ Frame 9F22 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MG85WM
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 27 Dec 2022 10:27:20 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
6186
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Tue, 27 Dec 2022 12:27:20 GMT
moatcontent.js
z.moatads.com/nativonielsen548znrb18/ 		167 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/nativonielsen548znrb18/moatcontent.js?moatClientLevel1=9621
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
4217045a8d701cac3b4a766a11076e7cc5342087464a8a6e3cc7e4f9feec09a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

unused62
8096267
date
Tue, 27 Dec 2022 12:10:26 GMT
content-encoding
gzip
last-modified
Mon, 24 Aug 2020 17:04:05 GMT
server
AmazonS3
x-amz-request-id
541CA3CB462144FD
etag
"774acff2cee5852cdfc3fd8471cb2667"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=31915
accept-ranges
bytes
content-length
55696
x-amz-id-2
WNwhnB94WoMq7DmM1MaoToceuK3QbHC7vn11hUldfKqO5oRdP3/lkIWqAFpXgth7b2BO5KLt3DE=
trk.gif
jadserve.postrelease.com/ 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=3025453&ntv_pl=837619
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.163.174.71 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-163-174-71.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 12:10:26 GMT
server
nginx/1.12.1
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=8e8b4d97-ca2c-4865-a402-2b45f43e07c0&ntv_fl=NbQ4aU5OBSZnQ5dqjaL7A9Fs0vmPjxtpy0yhQG06W3x8RWTaY7saMQJfNh92G8oYHtYdwT_FgNRjjvoSmpu4Q4KQvh8I2oRgjVlROJsq8hVO83ZPkXbybhZFXnQ05kd9183Qy8HWd0l54PGQ792uaWndQl0zzuymW_KLx5rYrNsmqB_aMI3bCJB7RFz9H7Rba0FhBeb0S9CiR5c7nIcydGsjDWt989_APLw-TiQlAl5WnYZ1Z0K15xTD-5b4cHLu&ntv_ht=suCqYwA&ntv_at=303,302&ntv_a=AAAAAAAAAApRAPA&ord=1672143026444&ntv_it
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.163.174.71 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-163-174-71.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 12:10:26 GMT
server
nginx/1.12.1
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=45ab8d56-5eb1-45e0-b775-c3077e480b5c&ntv_fl=VrIfSalH9B1p_-WDplSwJCxqzEuSFdD8JEA9NMGuKKjbeUdLLLxfWx9K-jiIwxEUtaE7NpOxh3GXzLMYw2wSlXMQpxL6tTjPx6TvfM2Hqr87Zpwjl_TZdsrAjeR5KXJpw1S6X0sq2lmYr58Quek5rg69gvnHT0H9oyl2oPplsr9SL7j1RgoO_7EruVI3cySHzL28QenYB4qz9syZQ0SK9nm4TAZwrpF31q1z0BxWnSqpavvsNV_JpkiCqg2Bac4I&ntv_ht=suCqYwA&ntv_at=303&ntv_a=AAAAAAAAAA88cMA&ord=1672143026447&ntv_it
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.163.174.71 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-163-174-71.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 12:10:26 GMT
server
nginx/1.12.1
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=18516c1e-a10f-4945-a890-222d153dce4e&ntv_fl=JG0OGQQliz1DpjrE2qiB7VyfOFoPBR_11LJQ1m6Q1_akx8RYvvDe2nQ8Uh6YaRsEMqf2tKMUgGv1Wh5kn74gMYVk8o7TFG1iOUy_xLAjlUAxZCBaIy5QVTzNosMpXpFdJZrGAlw8UEk0ks0uD8nzrrKOmKBK1KM06X8Q5Dj_Y2ZJRgF2ymaUIh71AG8Y5iynXLZbKfW9OXKcCvhh6tAZVWZy2h5hcCweMS6qv1lGYP4ZpW9VcMZxv21AjvvoFex2&ntv_ht=suCqYwA&ntv_at=303&ntv_a=AAAAAAAAAAAvwQA&ord=1672143026448&ntv_it
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.163.174.71 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-163-174-71.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 12:10:26 GMT
server
nginx/1.12.1
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
gdprConsent
jadserve.postrelease.com/ 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/gdprConsent?ntv_pl=1113090&ntv_gdpr_consent=&ntv_it
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.163.174.71 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-163-174-71.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 12:10:26 GMT
server
nginx/1.12.1
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
t2
s.infogram.com/ Frame 9F22 		2 B
206 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s.infogram.com/t2
Requested by
Host: s.infogram.com
URL: https://s.infogram.com/t.js?v3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.228.75 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-228-75.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 27 Dec 2022 12:10:26 GMT
x-powered-by
Express
etag
W/"2-eoX0dku9ba8cNUXvu/DyeabcC+s"
vary
Origin
content-type
text/html; charset=utf-8
access-control-allow-origin
https://e.infogram.com
access-control-allow-credentials
true
content-length
2
t2
s.infogram.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://s.infogram.com/t2
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.18.228.75 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-18-228-75.eu-west-1.compute.amazonaws.com
Software
/ Express
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://e.infogram.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin
https://e.infogram.com
date
Tue, 27 Dec 2022 12:10:26 GMT
vary
Origin, Access-Control-Request-Headers
x-powered-by
Express
analytics.js
www.google-analytics.com/ Frame 8CE3 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 27 Dec 2022 10:27:20 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
6186
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Tue, 27 Dec 2022 12:27:20 GMT
WidgetTemplate2.min.css
csp.azureedge.net/cdn/widget/ Frame 8CE3 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://csp.azureedge.net/cdn/widget/WidgetTemplate2.min.css?v=2
Requested by
Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e1d39256faa607df65dd15fb254dd774699293492ac06bdbdd800b73967d3334

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:26 GMT
content-encoding
gzip
last-modified
Fri, 29 Jul 2022 22:43:11 GMT
server
Microsoft-IIS/10.0
etag
"1d8a39c948e2641"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
1712
jquery@3.1.0(jquery.slim.min.js),velocity@1.2.3(velocity.min.js+velocity.ui.min.js)
cdn.jsdelivr.net/g/ Frame 8CE3 		115 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.jsdelivr.net/g/jquery@3.1.0(jquery.slim.min.js),velocity@1.2.3(velocity.min.js+velocity.ui.min.js)
Requested by
Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c8309b85a5fc59eab6c75b425f32f89d070fcdfa9498fa3e9eff23fdcbb61a1b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 27 Dec 2022 12:10:26 GMT
age
2284796
x-cache
HIT, HIT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
38019
x-served-by
cache-fra-eddf8230130-FRA, cache-hhn-etou8220096-HHN
etag
W/"1ca18-fw6ZPglKViimyicfOtWQPF7WA8s"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
jquery.fireSlider.min.js
csp.azureedge.net/cdn/js/ Frame 8CE3 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csp.azureedge.net/cdn/js/jquery.fireSlider.min.js
Requested by
Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
d19425f20bfe1ea505166a8841b2232c795ff72b1c8a34f10a743db915f7494d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:26 GMT
content-encoding
gzip
last-modified
Fri, 29 Jul 2022 22:43:11 GMT
server
Microsoft-IIS/10.0
etag
"1d8a39c948e1d53"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
4442
rad.js
csp.azureedge.net/cdn/js/ Frame 8CE3 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csp.azureedge.net/cdn/js/rad.js
Requested by
Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
e03ea88e5149801458dd9cabf62c8871cc27687d7d8a6a0fc2ff59ef434cb645

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:26 GMT
content-encoding
gzip
last-modified
Fri, 29 Jul 2022 22:43:11 GMT
server
Microsoft-IIS/10.0
etag
"1d8a39c948e3aea"
x-powered-by
ASP.NET
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
1892
p-uq0GLFySb_d1T.gif
pixel.quantserve.com/pixel/ Frame 8CE3 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel/p-uq0GLFySb_d1T.gif
Requested by
Host: cdn.cityspark.com
URL: https://cdn.cityspark.com/wid/get.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 12:10:26 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
loader-config.json
cdn.wgchrrammzv.com/prod/smi/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.wgchrrammzv.com/prod/smi/loader-config.json
Requested by
Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/smi/loader.min.js?_=1672143024944
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4C9C) /
Resource Hash
ccec265192dfe3d4e502eb9b4afdfd300ebdefb5cc4fccf2c36edeab5467d85b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 27 Dec 2022 12:10:26 GMT
content-encoding
gzip
content-md5
xlyIDGFrCHaXouuUMgCX6A==
age
15523
x-cache
HIT
content-length
1272
x-ms-lease-status
unlocked
last-modified
Mon, 28 Nov 2022 07:07:49 GMT
server
ECAcc (frc/4C9C)
etag
0x8DAD10F428BF9D5
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
ff810911-201e-0009-70c8-19b26d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
a3adc18b5cb65f9d29d5f908b3bdadc1
newsletter.sonomanews.com/framed/single/ Frame 5CCE 		11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newsletter.sonomanews.com/framed/single/a3adc18b5cb65f9d29d5f908b3bdadc1?pref=sit_daily&hideImage=1&padCopy=0&fid=4643
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
184.169.129.237 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-184-169-129-237.us-west-1.compute.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
6fa0449f218e55a2ffec74f375691d6fcc928d4fe3d1933e381fdd53f2050245

Request headers

Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
3630
Content-Type
text/html
Date
Tue, 27 Dec 2022 12:10:26 GMT
ETag
"2c67-5f0c094aada4b-gzip"
Keep-Alive
timeout=5, max=99
Last-Modified
Mon, 26 Dec 2022 20:00:02 GMT
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
gfonts.jifo.co/s/roboto/v30/ Frame 9F22 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gfonts.jifo.co/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: gfonts.jifo.co
URL: https://gfonts.jifo.co/css?family=Roboto:400,500,700,400i,500i,700i%7CRaleway:400,500,600,700,400i,500i,600i,700i&subset=latin,latin-ext,cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gfonts.jifo.co/css?family=Roboto:400,500,700,400i,500i,700i%7CRaleway:400,500,600,700,400i,500i,600i,700i&subset=latin,latin-ext,cyrillic
Origin
https://e.infogram.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:26 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
910
cross-origin-resource-policy
cross-origin
content-length
11028
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:50 GMT
server
cloudflare
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=szobS8yn%2FlslrTwvqxuegT4uwvTv8WTbfHxYEGO6WHDFOYZASwyW2FUY7RpJWanwKlXDpe1QqZNMA%2BekQeOhSYWPMfR8zCRBxPqwTdyhy0agiOQtJM9jGqK3af7EUlRtorCyDVfJ6KDLmCIJ"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31560000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7801f3fb9eb29247-FRA
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
gfonts.jifo.co/s/roboto/v30/ Frame 9F22 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gfonts.jifo.co/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: gfonts.jifo.co
URL: https://gfonts.jifo.co/css?family=Roboto:400,500,700,400i,500i,700i%7CRaleway:400,500,600,700,400i,500i,600i,700i&subset=latin,latin-ext,cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bce2f309470952b7affa62ff4d91b454334c68cefa541429b502904d20696875
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gfonts.jifo.co/css?family=Roboto:400,500,700,400i,500i,700i%7CRaleway:400,500,600,700,400i,500i,600i,700i&subset=latin,latin-ext,cyrillic
Origin
https://e.infogram.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:26 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1080
cross-origin-resource-policy
cross-origin
content-length
11072
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:53 GMT
server
cloudflare
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MUNdVxdLlPeftZtLubiq2Mes98bWtMiwtzyATVdVwZ%2FW6slJdfMSKyFHbjAMMUHIzRY3P1%2F3ftE7Hz5reeKXmAuRq7QCx%2Bu4x82G23W0gh80SBO9q%2BP9byuOXlFrhoYOSuLpH6T7cwCd5A%2Fc"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31560000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7801f3fb9eb49247-FRA
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
gfonts.jifo.co/s/roboto/v30/ Frame 9F22 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gfonts.jifo.co/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: gfonts.jifo.co
URL: https://gfonts.jifo.co/css?family=Roboto:400,500,700,400i,500i,700i%7CRaleway:400,500,600,700,400i,500i,600i,700i&subset=latin,latin-ext,cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gfonts.jifo.co/css?family=Roboto:400,500,700,400i,500i,700i%7CRaleway:400,500,600,700,400i,500i,600i,700i&subset=latin,latin-ext,cyrillic
Origin
https://e.infogram.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:26 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1080
cross-origin-resource-policy
cross-origin
content-length
11040
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
cloudflare
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0m4B%2BPsse3gbS07Zj8p8U8XgoqSh0My%2F8b%2FV5KkW2hA0%2BW3pmlKa3HF%2FGgycn3yqN%2FKwSxwNOzAGQlkeulwbgWgZRf338UFCGu2Q3D%2FN3dFz2H2GkGFZ90NFJ7udCyvJkf9LqzW5PlcjPW48"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31560000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7801f3fb9eb59247-FRA
KFOkCnqEu92Fr1Mu51xIIzIXKMny.woff2
gfonts.jifo.co/s/roboto/v30/ Frame 9F22 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gfonts.jifo.co/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzIXKMny.woff2
Requested by
Host: gfonts.jifo.co
URL: https://gfonts.jifo.co/css?family=Roboto:400,500,700,400i,500i,700i%7CRaleway:400,500,600,700,400i,500i,600i,700i&subset=latin,latin-ext,cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1af0ee2e409d753adfedb8a11628be961881ad5139d1a9252fcc4984cbce5f2d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gfonts.jifo.co/css?family=Roboto:400,500,700,400i,500i,700i%7CRaleway:400,500,600,700,400i,500i,600i,700i&subset=latin,latin-ext,cyrillic
Origin
https://e.infogram.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:26 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1080
cross-origin-resource-policy
cross-origin
content-length
12684
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
cloudflare
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DV8k%2BWmD%2B3I5n8k5oEUP3Sk4Aar6NyFD%2BMa1JOhrzFOC18Bo64%2BcZzFMr7GF7rNprv%2BdCZuNpUbK2cl9RULzpvEAj8KsM5VTv2fiLJTJoQmd24Nm%2BHvjuB%2FPimRpgCpQJRBBb8sLMOX6%2Fnol"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31560000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7801f3fb9eb79247-FRA
KFOjCnqEu92Fr1Mu51S7ACc6CsTYl4BO.woff2
gfonts.jifo.co/s/roboto/v30/ Frame 9F22 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gfonts.jifo.co/s/roboto/v30/KFOjCnqEu92Fr1Mu51S7ACc6CsTYl4BO.woff2
Requested by
Host: gfonts.jifo.co
URL: https://gfonts.jifo.co/css?family=Roboto:400,500,700,400i,500i,700i%7CRaleway:400,500,600,700,400i,500i,600i,700i&subset=latin,latin-ext,cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8eabbb5502fb7a73076383db8e9feaa31a0f14bd82a318e46aceb8144982763
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gfonts.jifo.co/css?family=Roboto:400,500,700,400i,500i,700i%7CRaleway:400,500,600,700,400i,500i,600i,700i&subset=latin,latin-ext,cyrillic
Origin
https://e.infogram.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:26 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
322
cross-origin-resource-policy
cross-origin
content-length
12732
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
cloudflare
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TBR3bi6SL5G3G6FX7rImo%2Fy7l2CnvHLUvpoZ7gexH1d91zwRhy3V3fmRJjVQpLS8WXiuQP8z1E7lOC5BGY%2FXUjTTM9U6bNUFpPYdHSyqO2ON3U1RZGFTg990%2FFqGAWptxvRAehmyyDIUjlCf"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31560000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7801f3fb9eba9247-FRA
KFOjCnqEu92Fr1Mu51TzBic6CsTYl4BO.woff2
gfonts.jifo.co/s/roboto/v30/ Frame 9F22 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gfonts.jifo.co/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic6CsTYl4BO.woff2
Requested by
Host: gfonts.jifo.co
URL: https://gfonts.jifo.co/css?family=Roboto:400,500,700,400i,500i,700i%7CRaleway:400,500,600,700,400i,500i,600i,700i&subset=latin,latin-ext,cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e342aa90b4e8e60ab4ad065179117a64b5ef68595890a393ff4f6d5428613ce
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gfonts.jifo.co/css?family=Roboto:400,500,700,400i,500i,700i%7CRaleway:400,500,600,700,400i,500i,600i,700i&subset=latin,latin-ext,cyrillic
Origin
https://e.infogram.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:26 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
793
cross-origin-resource-policy
cross-origin
content-length
12724
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:06 GMT
server
cloudflare
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dO4Kvkfd%2BBQEDWrIVPkuF2vnyxM8cmsgqQ61uBLD1436GmRAkhh0Zz7j9RyQxwTGFiGVChhzm12OCGihPr6F2j6iQc%2F08FhGFSeH0E322QdL1ydCCYcrzLAfFQ1TojyhD68kKH%2Bqoj%2FAxSX1"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31560000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7801f3fb9ebc9247-FRA
1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2
gfonts.jifo.co/s/raleway/v28/ Frame 9F22 		41 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gfonts.jifo.co/s/raleway/v28/1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2
Requested by
Host: gfonts.jifo.co
URL: https://gfonts.jifo.co/css?family=Roboto:400,500,700,400i,500i,700i%7CRaleway:400,500,600,700,400i,500i,600i,700i&subset=latin,latin-ext,cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c43b0ad19f388f2381cbbb9ed34cee414d5f74d35897d496f5806c45a02ae0a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gfonts.jifo.co/css?family=Roboto:400,500,700,400i,500i,700i%7CRaleway:400,500,600,700,400i,500i,600i,700i&subset=latin,latin-ext,cyrillic
Origin
https://e.infogram.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:26 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1080
cross-origin-resource-policy
cross-origin
content-length
41852
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:45:40 GMT
server
cloudflare
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Sn8pXK28QuoqI6yS8CBJVnbuXbUf2p1uyY%2F5gJJ8xqLeBGLBjgWBmA44IrDtYKpkqp62vGXGKStvOzR6GEciu8TCpbWLm2OBin8KLxouK6A4IgeuRPTgDrAq61IYHWqSSofHuk%2FS20hTT63W"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31560000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7801f3fb9ebe9247-FRA
1Ptsg8zYS_SKggPNyCg4TYFqL_KWxQ.woff2
gfonts.jifo.co/s/raleway/v28/ Frame 9F22 		43 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gfonts.jifo.co/s/raleway/v28/1Ptsg8zYS_SKggPNyCg4TYFqL_KWxQ.woff2
Requested by
Host: gfonts.jifo.co
URL: https://gfonts.jifo.co/css?family=Roboto:400,500,700,400i,500i,700i%7CRaleway:400,500,600,700,400i,500i,600i,700i&subset=latin,latin-ext,cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88ea9f1e981238c0dab217c7364ce82c865e7f18c249a066b0933997f55d9f31
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gfonts.jifo.co/css?family=Roboto:400,500,700,400i,500i,700i%7CRaleway:400,500,600,700,400i,500i,600i,700i&subset=latin,latin-ext,cyrillic
Origin
https://e.infogram.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:26 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
435
cross-origin-resource-policy
cross-origin
content-length
43980
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:40:19 GMT
server
cloudflare
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZQ8TnJezODryrlrlDHo60y5YIAmnkc1VoSg9%2Brfma44L%2BPTmPFaCd3UL2tvBEBZ5vP5VCEzLxU0gtMvX7t%2B19nB%2Fwm5Es7R51BMWfcmc7lkIzA8QABLzUK%2BVBl9f%2FTxh3PiBF785EOliO2ja"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31560000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7801f3fb9ebf9247-FRA
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.sonomanews.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.sonomanews.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		738 B
423 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2439481857926904&correlator=4211542842619753&eid=31071221&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=94238257%2Csit%2Cnews&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=1x1&ifi=1&adks=3663328139&didk=2272157285&sfv=1-0-40&prev_scp=loggedin%3Dfalse%26type%3Darticle%26amznbid%3D2%26amznp%3D2&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1672143026509&lmt=1672143026&dlt=1672143024729&idt=1383&adxs=0&adys=4852&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&color_bg=FFFFFF&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Fnews%2Fduis-fall-48-in-sonoma-valley-in-2022%2F&frm=20&vis=1&psz=0x0&msz=0x0&fws=128&ohw=0&ga_vid=594819456.1672143026&ga_sid=1672143027&ga_hid=318729312&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0b9d49a04d7270c46c219b75a2f690a46b5e9ebe528cd8a7208de9c828ef6031
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:26 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
393
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sonomanews.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
d265f6d7e57b56fcbd4983888ae7decf.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7870 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d265f6d7e57b56fcbd4983888ae7decf.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:805::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Tue, 27 Dec 2022 12:10:26 GMT
expires
Wed, 27 Dec 2023 12:10:26 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		31 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2439481857926904&correlator=551928899346227&eid=31071221&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=94238257%2Csit%2Cnews&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90&ifi=2&adks=4161934099&didk=4204625287&sfv=1-0-40&prev_scp=loggedin%3Dfalse%26position%3DATF%26loc%3D1%26type%3Darticle%26amznbid%3D2%26amznp%3D2&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1672143026524&lmt=1672143026&dlt=1672143024729&idt=1383&adxs=436&adys=271&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=2&oid=2&color_bg=FFFFFF&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Fnews%2Fduis-fall-48-in-sonoma-valley-in-2022%2F&frm=20&vis=1&psz=1600x0&msz=728x0&fws=132&ohw=1600&ga_vid=594819456.1672143026&ga_sid=1672143027&ga_hid=318729312&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d95a6af4d872751764c1de9897417902d18eed2ddd6ba88dbafaf9619eaf94c7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:26 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13637
x-xss-protection
0
google-lineitem-id
6161872054
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138414536925
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sonomanews.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		526 B
291 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2439481857926904&correlator=664742182749168&eid=31071221&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=94238257%2Csit%2Cnews&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=2x1&ifi=3&adks=1832681402&didk=1057072343&sfv=1-0-40&prev_scp=loggedin%3Dfalse%26type%3Dteads%26amznbid%3D2%26amznp%3D2&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1672143026533&lmt=1672143026&dlt=1672143024729&idt=1383&adxs=0&adys=4852&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=3&oid=2&color_bg=FFFFFF&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Fnews%2Fduis-fall-48-in-sonoma-valley-in-2022%2F&frm=20&vis=1&psz=0x0&msz=0x0&fws=128&ohw=0&ga_vid=594819456.1672143026&ga_sid=1672143027&ga_hid=318729312&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e483d5f83f318999241366a7a35cb8c589db3e0117b31a1b6991620f71e4c55d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:26 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
261
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sonomanews.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
intl-messageformat.bf6062c403b225e4d45f.js
cdn.viafoura.net/chunks/vendors~languages/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vendors~languages/intl-messageformat.bf6062c403b225e4d45f.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:dc00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
41bef6a0fc14b26c2aa1a1584be48395885c831476c9e8663186e6ece986282f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 18:03:32 GMT
x-amz-version-id
wdD6lFq1VO2em4QPS1cqFJ53bOGJfQW.
content-encoding
br
via
1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
age
583615
x-amz-cf-pop
FRA56-P2
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 20 Dec 2022 18:02:39 GMT
server
AmazonS3
etag
W/"facb3cd498aaf29d08114c9883649761"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
xgmgZ6HeGlfBi-UwCEUGOyZ13kDbMjJY4YwDVjPo7_-1zEtN7lIVrw==
intl-messageformat.d91502dba1a9ef496ce6.js
cdn.viafoura.net/chunks/languages/ 		135 B
522 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/languages/intl-messageformat.d91502dba1a9ef496ce6.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:dc00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1a84d4a31ab9ef2e5b93573b808fd414e1017444fcd21ef274fc77f28390f1b2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 18:03:32 GMT
x-amz-version-id
fP3wmS..bVoC.Kh5IjvJIsh8HR1YY07e
via
1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
age
583615
x-amz-cf-pop
FRA56-P2
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
135
last-modified
Tue, 20 Dec 2022 18:02:37 GMT
server
AmazonS3
etag
"2586b70f078af63641a84a0bdf6c2a42"
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
tX2b8fcVzv5tV8y6wViNtOwVrctMaKdLWgtDgjBJ4l4_lxqHMFFYLA==
en-us-base-json.7d2424bcaca2bf64b7b2.js
cdn.viafoura.net/chunks/languages/ 		19 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/languages/en-us-base-json.7d2424bcaca2bf64b7b2.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:dc00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e35ba401e036e470fbd81c5cce94bcd11b9b3a52fe3b7c307e51594cba27a067

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 18:03:33 GMT
x-amz-version-id
Y.g8v._31CwYTF1H0W06PdTBagtDZXMl
content-encoding
br
via
1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
age
583614
x-amz-cf-pop
FRA56-P2
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 20 Dec 2022 18:02:26 GMT
server
AmazonS3
etag
W/"1f308d0378b968b81be7dbd979f3dc32"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
l5UG3oCZiKHnssdIkffTIYR66CqIyDZwUE__QxhxZl_F20xzC3jvtw==
9621
s-jsonp.moatads.com/ocr/NATIVOINVCONTENT1/level3/ 		0
251 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s-jsonp.moatads.com/ocr/NATIVOINVCONTENT1/level3/9621?t=20221127122
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.35.237.151 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-237-151.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:26 GMT
last-modified
Tue, 18 Nov 2014 20:18:12 GMT
server
AmazonS3
x-amz-request-id
B17D55F7DE27FB81
etag
"d41d8cd98f00b204e9800998ecf8427e"
content-type
application/x-javascript
cache-control
max-age=320
accept-ranges
bytes
content-length
0
x-amz-id-2
mIU50l84eryBjMRqOnAd1Wue1SPq7w6EiQwUrn6rNchVVQCR2FTaNBeV7eOeh+EnU1pv9ak3kX4=
css
fonts.googleapis.com/ Frame 8CE3 		12 KB
829 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:100,300,400,700,900,500
Requested by
Host: csp.azureedge.net
URL: https://csp.azureedge.net/cdn/widget/WidgetTemplate2.min.css?v=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b345abe33a4f53c748b8b6858bbe2c0380add9fbbec748044d2e76d6f0bd681d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csp.azureedge.net/cdn/widget/WidgetTemplate2.min.css?v=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 27 Dec 2022 12:10:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 27 Dec 2022 12:10:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 27 Dec 2022 12:10:26 GMT
css
fonts.googleapis.com/ Frame 8CE3 		7 KB
698 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Condensed:300,400,700
Requested by
Host: csp.azureedge.net
URL: https://csp.azureedge.net/cdn/widget/WidgetTemplate2.min.css?v=2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
98c79c403cbb4a0c321790331af72a914f0231da2736659055fc196597d6c31a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csp.azureedge.net/cdn/widget/WidgetTemplate2.min.css?v=2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 27 Dec 2022 12:10:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 27 Dec 2022 11:56:24 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 27 Dec 2022 12:10:26 GMT
css
gfonts.jifo.co/ Frame 9F22 		24 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://gfonts.jifo.co/css?family=Roboto:400,500,700,400i,500i,700i%7CRaleway:400,500,600,700,400i,500i,600i,700i&subset=latin,latin-ext,cyrillic
Requested by
Host: cdn.jifo.co
URL: https://cdn.jifo.co/js/dist/embed_viewer-f12de5e681ef5c51e098-1-webpack.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8cfadea1af93dab64219a7eed233fcfea130177d745367eaef0c940c15e0da3f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:26 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3228
content-encoding
br
cross-origin-resource-policy
cross-origin
x-xss-protection
0
last-modified
Tue, 27 Dec 2022 11:16:38 GMT
server
cloudflare
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/css; charset=utf-8
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dilED4jtuKon2f0Dls4q4Y7n60EzUN8uOkY6%2BN5YxgjDTsRIFMJizoGZRqZwzT3bJ%2BmcLAI9VoM2XlkeDs2b5RcRC7qOIiCtXb44IHZZF5QoyoaeYCczo38dxVqy5vAXPHbg%2Fe1OruJRbUlC"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=31560000
timing-allow-origin
*
cf-ray
7801f3fc5fb2915f-FRA
ai.0.js
az416426.vo.msecnd.net/scripts/a/ 		94 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/smi/loader.min.js?_=1672143024944
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CD6) /
Resource Hash
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 27 Dec 2022 12:10:26 GMT
content-encoding
gzip
x-ms-meta-lastmodified
2020-10-01 19:31:04
content-md5
HdY95yzx9wIyQkVEGES+Ew==
age
1258
x-cache
HIT
content-length
22495
x-ms-lease-status
unlocked
last-modified
Thu, 11 Mar 2021 07:46:59 GMT
server
ECAcc (frc/4CD6)
etag
0x8D8E461DA1A5889
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
b7aed11a-601e-009c-2ce9-198be5000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
expires
Tue, 27 Dec 2022 12:40:26 GMT
fp.min.js
cdn.mircheigeshoa.com/prod/smi/ 		65 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mircheigeshoa.com/prod/smi/fp.min.js?20221127
Requested by
Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/smi/loader.min.js?_=1672143024944
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CD0) /
Resource Hash
f98508e60c50c49a5da61b139b6d22346082cb33a0fa50f9fe92fb27f35b66d4

Request headers

Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Origin
https://www.sonomanews.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 27 Dec 2022 12:10:26 GMT
content-encoding
gzip
content-md5
hzhcSkRRKk6fU1wtsMkztw==
age
4969
x-cache
HIT
content-length
23424
x-ms-lease-status
unlocked
last-modified
Mon, 28 Nov 2022 07:16:19 GMT
server
ECAcc (frc/4CD0)
etag
0x8DAD1107249F1A6
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
b1bb112d-201e-0054-6ce0-19b8e9000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
g2i.min.js
cdn.godiciardstia.com/prod/smi/ 		219 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.godiciardstia.com/prod/smi/g2i.min.js?20221127
Requested by
Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/smi/loader.min.js?_=1672143024944
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4C8D) /
Resource Hash
5ae13c953240a8aa99c57d8bd07c7358593a5e16aa29652edddda99a4eb082d6

Request headers

Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Origin
https://www.sonomanews.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 27 Dec 2022 12:10:26 GMT
content-encoding
gzip
content-md5
w7RitLOAL4t1C0A/grSH5A==
age
4969
x-cache
HIT
content-length
48974
x-ms-lease-status
unlocked
last-modified
Mon, 28 Nov 2022 07:17:04 GMT
server
ECAcc (frc/4C8D)
etag
0x8DAD1108D57FD84
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
e7d0b491-b01e-0046-56e0-19c339000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
t8y9347t.min.js
cdn.pranmcpkx.com/prod/smi/ 		867 KB
204 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pranmcpkx.com/prod/smi/t8y9347t.min.js?20221127
Requested by
Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/smi/loader.min.js?_=1672143024944
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4D05) /
Resource Hash
1ca7cd3c05d3775a9fb9d76d913f58eec264dd6e9a20242c3591825dc57d913b

Request headers

Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Origin
https://www.sonomanews.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 27 Dec 2022 12:10:26 GMT
content-encoding
gzip
content-md5
TZXrk2jU2PGc4sSH/iEOTA==
age
8279
x-cache
HIT
content-length
208183
x-ms-lease-status
unlocked
last-modified
Thu, 08 Dec 2022 17:28:24 GMT
server
ECAcc (frc/4D05)
etag
0x8DAD9419C190D78
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
ce7e9965-901e-00a5-53d8-19a1c4000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
t8y9347t.min.css
cdn.pranmcpkx.com/prod/smi/ 		386 KB
54 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.pranmcpkx.com/prod/smi/t8y9347t.min.css?20221127
Requested by
Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/smi/loader.min.js?_=1672143024944
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4C82) /
Resource Hash
6653d2cca03c490c0032cd74205c6c37a494ea31ac1c46aec8e55c7017c1b3f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 27 Dec 2022 12:10:26 GMT
content-encoding
gzip
content-md5
MrVpkxJID7vFEqfm9gnQOQ==
age
8279
x-cache
HIT
content-length
54497
x-ms-lease-status
unlocked
last-modified
Thu, 08 Dec 2022 17:28:24 GMT
server
ECAcc (frc/4C82)
etag
0x8DAD9419C184A46
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
fc64a492-b01e-009d-2dd8-190504000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
vf-css.7e9f02fe794169510df0.js
cdn.viafoura.net/chunks/ 		324 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vf-css.7e9f02fe794169510df0.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:dc00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
86351ce140994cd0d81f854f48f75852eb7ba45aa03298e61b510b040b208472

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 18:03:32 GMT
x-amz-version-id
2wRwDGWh4.LIi6NmQK3XiM6S48f4bZgD
content-encoding
br
via
1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
age
583615
x-amz-cf-pop
FRA56-P2
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 20 Dec 2022 18:02:40 GMT
server
AmazonS3
etag
W/"139a16b5a2acb1b3f014adcd35105d3d"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
PbzPgBJpC4WaOb91RjmGNJ-y4kqrirZImqJoXWUmgz1hQOmVIVQa6g==
js
www.googletagmanager.com/gtag/ Frame 5CCE 		219 KB
76 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-5SVQVJW3D6
Requested by
Host: newsletter.sonomanews.com
URL: https://newsletter.sonomanews.com/framed/single/a3adc18b5cb65f9d29d5f908b3bdadc1?pref=sit_daily&hideImage=1&padCopy=0&fid=4643
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
b73c3fdebc70bd7e2ed59e4dbefe358807dbf643be1e6899d32d92bbec68c83d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsletter.sonomanews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:26 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
77883
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 27 Dec 2022 12:10:26 GMT
normalize.min.css
cdnjs.cloudflare.com/ajax/libs/normalize/8.0.1/ Frame 5CCE 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/normalize/8.0.1/normalize.min.css
Requested by
Host: newsletter.sonomanews.com
URL: https://newsletter.sonomanews.com/framed/single/a3adc18b5cb65f9d29d5f908b3bdadc1?pref=sit_daily&hideImage=1&padCopy=0&fid=4643
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97ce4e98f3a3be297f48ebd5b771e74928f31754d43324fd795d1cd81cc41b35
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsletter.sonomanews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
2377088
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
633
last-modified
Mon, 04 May 2020 16:13:31 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f2b-745"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nQmqX9X27UpYRXXeQmhY%2FROp332gY%2BzGLbwW3oyNo%2FYK6wX1yngnvn4tAtYOx6%2BlW%2FuurOIEm7ZlV%2Fw8GNXTb%2BuYgTw6jALzZ89Q4nhW5oEibtMIhjOcqXsBlgK1AnAo%2Bl%2BXfcrOlQHcnG3mX99Gf1eM"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7801f3fc8a228fdc-FRA
expires
Sun, 17 Dec 2023 12:10:26 GMT
css
fonts.googleapis.com/ Frame 5CCE 		11 KB
923 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto+Slab:400,700|Open+Sans:400,700|Roboto+Condensed:400
Requested by
Host: newsletter.sonomanews.com
URL: https://newsletter.sonomanews.com/framed/single/a3adc18b5cb65f9d29d5f908b3bdadc1?pref=sit_daily&hideImage=1&padCopy=0&fid=4643
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2c2e1bc729032641f837ea4b1f793c107b0846797fc8b74bc4ed8b5579fd7e97
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsletter.sonomanews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 27 Dec 2022 12:10:26 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 27 Dec 2022 12:10:26 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 27 Dec 2022 12:10:26 GMT
style.css
newsletter.sonomanews.com/css/ Frame 5CCE 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsletter.sonomanews.com/css/style.css?v=20221203
Requested by
Host: newsletter.sonomanews.com
URL: https://newsletter.sonomanews.com/framed/single/a3adc18b5cb65f9d29d5f908b3bdadc1?pref=sit_daily&hideImage=1&padCopy=0&fid=4643
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
184.169.129.237 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-184-169-129-237.us-west-1.compute.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
27300bb5a52c724e148c3ca68b4d597394924023b3f01470e0a5449ff950b46a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsletter.sonomanews.com/framed/single/a3adc18b5cb65f9d29d5f908b3bdadc1?pref=sit_daily&hideImage=1&padCopy=0&fid=4643
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 12:10:26 GMT
Content-Encoding
gzip
Last-Modified
Tue, 24 May 2022 19:38:29 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"4f28-5dfc719ddb740-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=604801
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
3700
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ Frame 5CCE 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: newsletter.sonomanews.com
URL: https://newsletter.sonomanews.com/framed/single/a3adc18b5cb65f9d29d5f908b3bdadc1?pref=sit_daily&hideImage=1&padCopy=0&fid=4643
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsletter.sonomanews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:26 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
5135759
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27938
last-modified
Tue, 02 Mar 2021 18:58:36 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"603e8adc-15d9d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ysU%2BYPGK8VtQ38eOd6hCUXM3CPIDRqiDVNVh3JGTELTiWVJHsxgJIXQU77k%2B%2F0YwZiXndVWDRpJ%2FQHg7V52ghbOrrtgDbEA%2F12B9LF2rxhwUds%2FRPxSygxgF%2Byhq4cccXoRjEZzyguh0qqEj%2FZCO0QYW"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7801f3fc8a248fdc-FRA
expires
Sun, 17 Dec 2023 12:10:26 GMT
lightbox.min.js
cdn.pressdemocrat.com/vendor/cph/lightbox/3.0.3/ Frame 5CCE 		30 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pressdemocrat.com/vendor/cph/lightbox/3.0.3/lightbox.min.js
Requested by
Host: newsletter.sonomanews.com
URL: https://newsletter.sonomanews.com/framed/single/a3adc18b5cb65f9d29d5f908b3bdadc1?pref=sit_daily&hideImage=1&padCopy=0&fid=4643
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.219.243.149 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-219-243-149.us-west-1.compute.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
c8f46f3a4470800a0a5ce4e0ad6d4d0c2a8dcd3a5cd8af71e0767b8c49afa876

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsletter.sonomanews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 12:10:26 GMT
Content-Encoding
gzip
Last-Modified
Tue, 28 Sep 2021 21:31:15 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"789a-5cd14eeeb6ec0-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=604801
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
8021
base.js
newsletter.sonomanews.com/js/ Frame 5CCE 		13 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsletter.sonomanews.com/js/base.js?v=20221203
Requested by
Host: newsletter.sonomanews.com
URL: https://newsletter.sonomanews.com/framed/single/a3adc18b5cb65f9d29d5f908b3bdadc1?pref=sit_daily&hideImage=1&padCopy=0&fid=4643
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
184.169.129.237 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-184-169-129-237.us-west-1.compute.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
48cbda8e71a13e1e3a40c6c30bf96b5de10a1c7dc8b84bc6f15006b46d6f74c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsletter.sonomanews.com/framed/single/a3adc18b5cb65f9d29d5f908b3bdadc1?pref=sit_daily&hideImage=1&padCopy=0&fid=4643
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 12:10:26 GMT
Content-Encoding
gzip
Last-Modified
Tue, 27 Sep 2022 22:18:20 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"3362-5e9b0058a0300-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=604801
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
2892
loader.min.js
loader-cdn.azureedge.net/prod/smi/ Frame 5CCE 		42 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://loader-cdn.azureedge.net/prod/smi/loader.min.js
Requested by
Host: newsletter.sonomanews.com
URL: https://newsletter.sonomanews.com/framed/single/a3adc18b5cb65f9d29d5f908b3bdadc1?pref=sit_daily&hideImage=1&padCopy=0&fid=4643
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CBB) /
Resource Hash
be487c1e4c16a1237d80fa8b4befd8710ba5208eda4f68b37b599301d0468a7a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsletter.sonomanews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 27 Dec 2022 12:10:26 GMT
content-encoding
gzip
content-md5
7io/LfZ/tiuzzwxyZn6L9g==
age
16388
x-cache
HIT
content-length
12042
x-ms-lease-status
unlocked
last-modified
Mon, 28 Nov 2022 07:03:44 GMT
server
ECAcc (frc/4CBB)
etag
0x8DAD10EB09255F1
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
a11e2220-c01e-005c-5bc6-19a2e6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
mg2-auth.js
newsletter.sonomanews.com/js/ Frame 5CCE 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsletter.sonomanews.com/js/mg2-auth.js?v=20191209
Requested by
Host: newsletter.sonomanews.com
URL: https://newsletter.sonomanews.com/framed/single/a3adc18b5cb65f9d29d5f908b3bdadc1?pref=sit_daily&hideImage=1&padCopy=0&fid=4643
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
184.169.129.237 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-184-169-129-237.us-west-1.compute.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
2841d1028b9fbbca495f5f5f62c4bd3877e075c45d9e83b9280570ae5065e153

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsletter.sonomanews.com/framed/single/a3adc18b5cb65f9d29d5f908b3bdadc1?pref=sit_daily&hideImage=1&padCopy=0&fid=4643
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 12:10:27 GMT
Content-Encoding
gzip
Last-Modified
Tue, 19 Oct 2021 18:29:32 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"10f9-5ceb8d7b7bb00-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=604801
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
1283
id
livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-f9a45be2b954/contentcontainer/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-f9a45be2b954/contentcontainer/id?container_id=13046a4e-b254-47f3-b6f2-0da1ab0223fe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.213.39.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-213-39-37.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.sonomanews.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,X-REQUEST-SIGNATURE,content-type,X-UNIQUE-ID
access-control-allow-methods
DELETE,PATCH,GET,PUT,POST
access-control-allow-origin
https://www.sonomanews.com
access-control-max-age
43200
content-length
0
date
Tue, 27 Dec 2022 12:10:26 GMT
0.b1baf7dc66dcc720e7c6.css
cdn.viafoura.net/ 		87 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/0.b1baf7dc66dcc720e7c6.css
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:dc00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a7ba05bf1c9a7887b4032d876a6a4a12dcc739f3210b6a13ddeea309cf9bdf2d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 18:03:32 GMT
x-amz-version-id
suuXT1PfKXXQ7bog663ozskGnDeYI5A8
content-encoding
br
via
1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
age
583615
x-amz-cf-pop
FRA56-P2
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 20 Dec 2022 18:02:52 GMT
server
AmazonS3
etag
W/"8abeb1b7b4e7c5fe45b7b22107f6b9a6"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
E-Qkq66uXouAZWQDiFrZWIlyQB0YBwp4I1AuJpCKYJ_9Z3eG6wX2Vw==
da.2b5b4d93a7af9f7834ea.js
cdn.viafoura.net/chunks/ 		136 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/da.2b5b4d93a7af9f7834ea.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:dc00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9b78f0e5dafec7984760e02383571794de01e3ee49e3d5f72b4e3cbe9352be77

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 18:03:32 GMT
x-amz-version-id
X.1HhYQ_syNsb7IcbHH9m2QCyyW235lD
content-encoding
br
via
1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
age
583615
x-amz-cf-pop
FRA56-P2
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 20 Dec 2022 18:02:44 GMT
server
AmazonS3
etag
W/"21acdb0bbb89a41237960614de119310"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
e_aBJLS7A3sEXyPGD-qIv1KwVS_TERqW4mepPHFo7h2Nln1aTvdq9Q==
167.dec51542ab77839fe7d4.css
cdn.viafoura.net/ 		1 KB
842 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/167.dec51542ab77839fe7d4.css
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:dc00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
78016dcf3cc0dbc404bf2d29452efa67815d24fc050d9d1203570623a8fb62e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 18:03:32 GMT
x-amz-version-id
ZPhEoegB_3eQgB_s0zcXVZk.mJC1HbXd
content-encoding
br
via
1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
age
583615
x-amz-cf-pop
FRA56-P2
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 20 Dec 2022 18:02:54 GMT
server
AmazonS3
etag
W/"50bce8b8e9c95dfbb4e41f65c9883f1d"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
fmpoOowyymoq299s-b3_JpN80MlHy9iGAwpesSeCQeU4P4y2cyNK-g==
tray-trigger.e0d0d045470ad4423692.js
cdn.viafoura.net/chunks/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/tray-trigger.e0d0d045470ad4423692.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:dc00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
929bcf2ecb3f915b17584b3e7b1a5feac1040e904d7b1560b09e13fe0b0d3817

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 18:03:32 GMT
x-amz-version-id
h6h3AgSIPZ.9mgIjsD1xjlM2_FTpSoUb
content-encoding
br
via
1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
age
583615
x-amz-cf-pop
FRA56-P2
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 20 Dec 2022 18:02:48 GMT
server
AmazonS3
etag
W/"a9c6349d54f9f7fc0d7bc1a3ce7da722"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
80rl4sGDNBRI1oS4xLPHhyE4HUYYBr7I17shNW7zqtWC6pVhiCXlNw==
en-us-trending_articles-json.5adadd9472dc1a21aad7.js
cdn.viafoura.net/chunks/languages/ 		1 KB
917 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/languages/en-us-trending_articles-json.5adadd9472dc1a21aad7.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:dc00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
cf5065c1ca382908e567ca3fdaf02c42fb394659bd2957637c9685fc00bb4e51

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 18:03:32 GMT
x-amz-version-id
ueV452jp0Y2jZrkiJ9OHjzHOothxQQ4_
content-encoding
br
via
1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
age
583615
x-amz-cf-pop
FRA56-P2
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 20 Dec 2022 18:02:23 GMT
server
AmazonS3
etag
W/"7b6f8451c97005347f2e541a73d40598"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
Uy0TF_GXtZqvI2QWCTvAxAnpez5_RESR7HW93v4sw_WdAVgKnry-tw==
madops.min.js
rdc.m32.media/ 		58 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rdc.m32.media/madops.min.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
c0f616c8c0eaf35d4ffacd0dcb27a68acb5855fde4df6e3b0ec94ffe9918033a
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:26 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31557600
age
1707478
x-guploader-uploadid
ADPycdtBjWGuSDw4eY8fSHPdsodqAhk2oYureXF1NuxZVoXdzHdO6D3YJWeCW-z8eH-vx_udXJHEdUhwPv1DDLk4YYNwQw
x-cache
HIT, HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
16656
x-served-by
cache-yul12832-YUL, cache-hhn-etou8220092-HHN
last-modified
Wed, 09 Nov 2022 17:52:22 GMT
server
UploadServer
x-timer
S1672143027.743499,VS0,VE0
etag
"c44cae1183c49993fe30b4d79d528e5b"
vary
Accept-Encoding
x-goog-generation
1668016342333926
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=FoaY5g==, md5=xEyuEYPEmZP+MLTXnVKOWw==
access-control-expose-headers
Content-Type
cache-control
public,max-age=86400
x-goog-stored-content-length
59789
accept-ranges
bytes
x-cache-hits
20652, 22196
en-us-conversations-json.28048587897b4c1f902e.js
cdn.viafoura.net/chunks/languages/ 		14 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/languages/en-us-conversations-json.28048587897b4c1f902e.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:dc00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
66e212a6136ff68d718dab6b1ec2b1bd37b0b3e6d8ad16bd70b29132e293c4d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 18:03:33 GMT
x-amz-version-id
WW_cR1pjvf7MfQIrQPf1RkXppe0v2lFk
content-encoding
br
via
1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
age
583614
x-amz-cf-pop
FRA56-P2
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 20 Dec 2022 18:02:28 GMT
server
AmazonS3
etag
W/"ceef5a69dabc85345bdcee16fb84e1b4"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
_F9t8K6-uGQv6nmpXNJoExCArCAvBL_54NUsOX4vK86wEPmL0iabNg==
content_container-module-js.ab51afe635e3a645cf3e.js
cdn.viafoura.net/chunks/vuex_store/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vuex_store/content_container-module-js.ab51afe635e3a645cf3e.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:dc00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d8e506a295e54af25dd3d53cf9e62a9f6255e376ba97b2ec56b9b3f5dc0a9ac3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 18:03:32 GMT
x-amz-version-id
zbgCv3UvCcD8YljE7_zoqYZ94QVLo2Hu
content-encoding
br
via
1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
age
583614
x-amz-cf-pop
FRA56-P2
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 20 Dec 2022 18:02:39 GMT
server
AmazonS3
etag
W/"1234a75713831bd5a348bc092b8dc992"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
9jHyqYVEzVyZIf1j4N4rdwT1YEV0Mjj4ivaL0kT_-L0r8ukFpYsYng==
id
livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-f9a45be2b954/contentcontainer/ 		763 B
473 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-f9a45be2b954/contentcontainer/id?container_id=13046a4e-b254-47f3-b6f2-0da1ab0223fe
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.198.19.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-198-19-104.compute-1.amazonaws.com
Software
/
Resource Hash
4d6c20a0e1996b37f1fb033c6df64961e1a28977cac42447b4b0280fb6ff2efb

Request headers

Accept
application/json
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json;charset=utf-8

Response headers

access-control-allow-origin
https://www.sonomanews.com
date
Tue, 27 Dec 2022 12:10:27 GMT
content-encoding
gzip
access-control-allow-credentials
true
content-length
317
content-type
application/json
roboto-regular.woff2
cdn.viafoura.net/front/assets/fonts/roboto/ 		49 KB
49 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/front/assets/fonts/roboto/roboto-regular.woff2
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:dc00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
659a8dee04b272c247129ff6513d23c16f4f9c183b5d64e7347815af8861a2a4

Request headers

Referer
https://www.sonomanews.com/
Origin
https://www.sonomanews.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 18:03:32 GMT
x-amz-version-id
agv1.DiuywVdOwrN9dZKThSZsHWi0VwW
via
1.1 993c0866e705e48daa4fed5e30627712.cloudfront.net (CloudFront)
age
583615
x-amz-cf-pop
FRA56-P2
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
content-length
50240
last-modified
Thu, 01 Sep 2022 19:35:45 GMT
server
AmazonS3
etag
"184a2a669cf798f8d80bcfba041c3ecf"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
x-amz-cf-id
DkIB-d_gkgQAU4kWXURT-CPaxspCOwbaHNvPKXTfWdyy7HbAZbbwSw==
ingest
i.viafoura.co/v3/www.sonomanews.com/ 		67 B
394 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://i.viafoura.co/v3/www.sonomanews.com/ingest
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.198.19.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-198-19-104.compute-1.amazonaws.com
Software
/
Resource Hash
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a

Request headers

Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.sonomanews.com
date
Tue, 27 Dec 2022 12:10:26 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-type
image/png
content-length
67
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
gfonts.jifo.co/s/roboto/v30/ Frame 9F22 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gfonts.jifo.co/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxKKTU1Kg.woff2
Requested by
Host: gfonts.jifo.co
URL: https://gfonts.jifo.co/css?family=Roboto:400,500,700,400i,500i,700i%7CRaleway:400,500,600,700,400i,500i,600i,700i&subset=latin,latin-ext,cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gfonts.jifo.co/css?family=Roboto:400,500,700,400i,500i,700i%7CRaleway:400,500,600,700,400i,500i,600i,700i&subset=latin,latin-ext,cyrillic
Origin
https://e.infogram.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:26 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
910
cross-origin-resource-policy
cross-origin
content-length
11028
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:50 GMT
server
cloudflare
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rLK0H5e5yl%2BD%2Fx49fxp2pFi6ZTLrr93GvdTMlE1j0ob1%2BNOUx81YryvExEk6UbgBlGGKSOxwecJn%2Fs77H02cyG%2FiN8xHJsE5VcFxiKg3K8vPKaF7y7yvj3oCilA7McYjhoFIrneVGrb3SZ5p"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31560000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7801f3fcf88d9247-FRA
KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
gfonts.jifo.co/s/roboto/v30/ Frame 9F22 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gfonts.jifo.co/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4AMP6lQ.woff2
Requested by
Host: gfonts.jifo.co
URL: https://gfonts.jifo.co/css?family=Roboto:400,500,700,400i,500i,700i%7CRaleway:400,500,600,700,400i,500i,600i,700i&subset=latin,latin-ext,cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bce2f309470952b7affa62ff4d91b454334c68cefa541429b502904d20696875
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gfonts.jifo.co/css?family=Roboto:400,500,700,400i,500i,700i%7CRaleway:400,500,600,700,400i,500i,600i,700i&subset=latin,latin-ext,cyrillic
Origin
https://e.infogram.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:26 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1080
cross-origin-resource-policy
cross-origin
content-length
11072
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:53 GMT
server
cloudflare
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IYHZAjkaBgpbNpZ1qZkcvI%2B2HGtu4GuL7%2FT14dHES3VEV68YmODh2twa97dlg6hJ2G%2FnRDQdbmcYw%2BAiYyfCYBInW6NE9U2XUb0CegErsiItMmOOF1HkCs%2FBeO08Jyx2cGjLb5k6BwtoFQEL"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31560000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7801f3fcf88f9247-FRA
KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
gfonts.jifo.co/s/roboto/v30/ Frame 9F22 		11 KB
11 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gfonts.jifo.co/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4AMP6lQ.woff2
Requested by
Host: gfonts.jifo.co
URL: https://gfonts.jifo.co/css?family=Roboto:400,500,700,400i,500i,700i%7CRaleway:400,500,600,700,400i,500i,600i,700i&subset=latin,latin-ext,cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gfonts.jifo.co/css?family=Roboto:400,500,700,400i,500i,700i%7CRaleway:400,500,600,700,400i,500i,600i,700i&subset=latin,latin-ext,cyrillic
Origin
https://e.infogram.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:26 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1080
cross-origin-resource-policy
cross-origin
content-length
11040
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
cloudflare
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=itp1BNuoEAX7hEuNDKDELa0jU8C7SOomZ8%2Fvox8dZSqFILjlTv5ascyjNIerm8h2YxFAcQUC%2F6oEHQmj9T%2FzojQE52DdfIgvhPQjmgVmNA9TtcnqFQjIcax1PG%2B5jQVj7ZSY5UWA8UVdhphE"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31560000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7801f3fcf8909247-FRA
KFOkCnqEu92Fr1Mu51xIIzIXKMny.woff2
gfonts.jifo.co/s/roboto/v30/ Frame 9F22 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gfonts.jifo.co/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzIXKMny.woff2
Requested by
Host: gfonts.jifo.co
URL: https://gfonts.jifo.co/css?family=Roboto:400,500,700,400i,500i,700i%7CRaleway:400,500,600,700,400i,500i,600i,700i&subset=latin,latin-ext,cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1af0ee2e409d753adfedb8a11628be961881ad5139d1a9252fcc4984cbce5f2d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gfonts.jifo.co/css?family=Roboto:400,500,700,400i,500i,700i%7CRaleway:400,500,600,700,400i,500i,600i,700i&subset=latin,latin-ext,cyrillic
Origin
https://e.infogram.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:26 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1080
cross-origin-resource-policy
cross-origin
content-length
12684
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
cloudflare
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kKjUZ7ykzbTv5lclgI8%2FJ%2BbuYpzpRYI95Y98mVuQnTOBvyyVCbbEFxXKFNoGvYLvB0pCQwgho1NUtKvb6BeBc%2F9b209Xl0Z44Al7FCFqyhCriTMhIrcZD8CZZjBz3frx5YnIHZfjLkSu8OPD"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31560000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7801f3fcf8919247-FRA
KFOjCnqEu92Fr1Mu51S7ACc6CsTYl4BO.woff2
gfonts.jifo.co/s/roboto/v30/ Frame 9F22 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gfonts.jifo.co/s/roboto/v30/KFOjCnqEu92Fr1Mu51S7ACc6CsTYl4BO.woff2
Requested by
Host: gfonts.jifo.co
URL: https://gfonts.jifo.co/css?family=Roboto:400,500,700,400i,500i,700i%7CRaleway:400,500,600,700,400i,500i,600i,700i&subset=latin,latin-ext,cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8eabbb5502fb7a73076383db8e9feaa31a0f14bd82a318e46aceb8144982763
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gfonts.jifo.co/css?family=Roboto:400,500,700,400i,500i,700i%7CRaleway:400,500,600,700,400i,500i,600i,700i&subset=latin,latin-ext,cyrillic
Origin
https://e.infogram.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:26 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
322
cross-origin-resource-policy
cross-origin
content-length
12732
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
cloudflare
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cxiC4yQWbTLDK4jEXnE1CWeIPCeZ9PLHvJDoB8rzwwEBXa3x75kNSUNcLm9IMUpdv9535LlQa%2BRksGkh3it9yr7TN4i1YsV5lEpJemIKCBgymqPYgOBLATkej4c%2BrGjyXcg8YlnGTUlUXdaX"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31560000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7801f3fcf8929247-FRA
KFOjCnqEu92Fr1Mu51TzBic6CsTYl4BO.woff2
gfonts.jifo.co/s/roboto/v30/ Frame 9F22 		12 KB
13 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gfonts.jifo.co/s/roboto/v30/KFOjCnqEu92Fr1Mu51TzBic6CsTYl4BO.woff2
Requested by
Host: gfonts.jifo.co
URL: https://gfonts.jifo.co/css?family=Roboto:400,500,700,400i,500i,700i%7CRaleway:400,500,600,700,400i,500i,600i,700i&subset=latin,latin-ext,cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7e342aa90b4e8e60ab4ad065179117a64b5ef68595890a393ff4f6d5428613ce
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gfonts.jifo.co/css?family=Roboto:400,500,700,400i,500i,700i%7CRaleway:400,500,600,700,400i,500i,600i,700i&subset=latin,latin-ext,cyrillic
Origin
https://e.infogram.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:26 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
793
cross-origin-resource-policy
cross-origin
content-length
12724
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:25:06 GMT
server
cloudflare
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ueNrpxdpzMKJTLXhXcZylRMIWa7iGrP%2FVMPeQVriNoVXnDzRuJl63xUK0kYsNrTWte73qTCr5EU%2F9f7c%2FG6Xmu3rBcl0mdY7I8RBftyeWnTe7OL50hGiAejWGiHyTGtcWntkY8uiZOjZ0pvw"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31560000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7801f3fcf8939247-FRA
1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2
gfonts.jifo.co/s/raleway/v28/ Frame 9F22 		41 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gfonts.jifo.co/s/raleway/v28/1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2
Requested by
Host: gfonts.jifo.co
URL: https://gfonts.jifo.co/css?family=Roboto:400,500,700,400i,500i,700i%7CRaleway:400,500,600,700,400i,500i,600i,700i&subset=latin,latin-ext,cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c43b0ad19f388f2381cbbb9ed34cee414d5f74d35897d496f5806c45a02ae0a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gfonts.jifo.co/css?family=Roboto:400,500,700,400i,500i,700i%7CRaleway:400,500,600,700,400i,500i,600i,700i&subset=latin,latin-ext,cyrillic
Origin
https://e.infogram.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:26 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1080
cross-origin-resource-policy
cross-origin
content-length
41852
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:45:40 GMT
server
cloudflare
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hdb9XBxCVCU6eowQYvWxw1tAlGhR%2BrI1ycEm5t%2BEC83VAkMgHNgn5Any%2BLML6MPZma8bqCdtXwmdhn6XjsQMyLiIbSxuYeEJLZ%2BEUYyeJk1D00l%2BHMgletHe3klVlKKK3aruZLhw0DJsJo5z"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31560000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7801f3fcf8959247-FRA
1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2
gfonts.jifo.co/s/raleway/v28/ Frame 9F22 		41 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gfonts.jifo.co/s/raleway/v28/1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2
Requested by
Host: gfonts.jifo.co
URL: https://gfonts.jifo.co/css?family=Roboto:400,500,700,400i,500i,700i%7CRaleway:400,500,600,700,400i,500i,600i,700i&subset=latin,latin-ext,cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c43b0ad19f388f2381cbbb9ed34cee414d5f74d35897d496f5806c45a02ae0a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gfonts.jifo.co/css?family=Roboto:400,500,700,400i,500i,700i%7CRaleway:400,500,600,700,400i,500i,600i,700i&subset=latin,latin-ext,cyrillic
Origin
https://e.infogram.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:26 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1080
cross-origin-resource-policy
cross-origin
content-length
41852
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:45:40 GMT
server
cloudflare
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=IzNX0h8or3Aqrkaa3Ehu8YIJ50DKRxjgIwR3sTgc%2FN450za7nQtnp3PXlXBewHfHlPwsVb22OUVaOwZzH6XXjjWl4IB2SccG6n9a%2BFSs2nCYf1Z2Xx9yUbZjCWX%2FF6IaPB2Zk1tLmjx42d20"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31560000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7801f3fcf8979247-FRA
1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2
gfonts.jifo.co/s/raleway/v28/ Frame 9F22 		41 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gfonts.jifo.co/s/raleway/v28/1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2
Requested by
Host: gfonts.jifo.co
URL: https://gfonts.jifo.co/css?family=Roboto:400,500,700,400i,500i,700i%7CRaleway:400,500,600,700,400i,500i,600i,700i&subset=latin,latin-ext,cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c43b0ad19f388f2381cbbb9ed34cee414d5f74d35897d496f5806c45a02ae0a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gfonts.jifo.co/css?family=Roboto:400,500,700,400i,500i,700i%7CRaleway:400,500,600,700,400i,500i,600i,700i&subset=latin,latin-ext,cyrillic
Origin
https://e.infogram.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:26 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1080
cross-origin-resource-policy
cross-origin
content-length
41852
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:45:40 GMT
server
cloudflare
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RDI3%2BqoQxnEpb29k2h6BXvkeawTimmC6BS4FuWOnTNmi680m2Q%2BqpdW5fcOCnKTVaa0HZI6hl5ufqGgjD8WGvI7jWpo7lRWxQRYbDpIjjesRlVPVUqsGCfqy7Rpm87J3WWMOEJmTYWoQGqIN"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31560000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7801f3fcf8989247-FRA
1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2
gfonts.jifo.co/s/raleway/v28/ Frame 9F22 		41 KB
41 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gfonts.jifo.co/s/raleway/v28/1Ptug8zYS_SKggPNyC0IT4ttDfA.woff2
Requested by
Host: gfonts.jifo.co
URL: https://gfonts.jifo.co/css?family=Roboto:400,500,700,400i,500i,700i%7CRaleway:400,500,600,700,400i,500i,600i,700i&subset=latin,latin-ext,cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c43b0ad19f388f2381cbbb9ed34cee414d5f74d35897d496f5806c45a02ae0a
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gfonts.jifo.co/css?family=Roboto:400,500,700,400i,500i,700i%7CRaleway:400,500,600,700,400i,500i,600i,700i&subset=latin,latin-ext,cyrillic
Origin
https://e.infogram.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:26 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1080
cross-origin-resource-policy
cross-origin
content-length
41852
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:45:40 GMT
server
cloudflare
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CG0ZduHj%2Fs6mEuQoKhI9tNcfGjMk6vI8eribnTDbJ6GemRJnkAItkAJEgYVCL4gidZ9%2BdZ0ICR%2BXzw0jLq%2BFwTHWIGPcaHtYqnum2LAbB8mWT1F2St6o89hVmm0tN%2FCGNx3f9rZiUl9IusRs"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31560000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7801f3fcf8999247-FRA
1Ptsg8zYS_SKggPNyCg4TYFqL_KWxQ.woff2
gfonts.jifo.co/s/raleway/v28/ Frame 9F22 		43 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gfonts.jifo.co/s/raleway/v28/1Ptsg8zYS_SKggPNyCg4TYFqL_KWxQ.woff2
Requested by
Host: gfonts.jifo.co
URL: https://gfonts.jifo.co/css?family=Roboto:400,500,700,400i,500i,700i%7CRaleway:400,500,600,700,400i,500i,600i,700i&subset=latin,latin-ext,cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88ea9f1e981238c0dab217c7364ce82c865e7f18c249a066b0933997f55d9f31
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gfonts.jifo.co/css?family=Roboto:400,500,700,400i,500i,700i%7CRaleway:400,500,600,700,400i,500i,600i,700i&subset=latin,latin-ext,cyrillic
Origin
https://e.infogram.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:26 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
435
cross-origin-resource-policy
cross-origin
content-length
43980
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:40:19 GMT
server
cloudflare
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B2Gl0iv1qiUVDqFaT6J9IDAILcsLy1hi2mAwo87qyXQw7y19QTlEyqVFuM9VXTAcLB1I3dd%2FisDpVcth4VFvJ5aOOVbatROnhwBWH3iLtT%2BKwxdEOSFEUrdSU8Ysh9E0Et9i4A0W5Zf5GUvR"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31560000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7801f3fd08a79247-FRA
1Ptsg8zYS_SKggPNyCg4TYFqL_KWxQ.woff2
gfonts.jifo.co/s/raleway/v28/ Frame 9F22 		43 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gfonts.jifo.co/s/raleway/v28/1Ptsg8zYS_SKggPNyCg4TYFqL_KWxQ.woff2
Requested by
Host: gfonts.jifo.co
URL: https://gfonts.jifo.co/css?family=Roboto:400,500,700,400i,500i,700i%7CRaleway:400,500,600,700,400i,500i,600i,700i&subset=latin,latin-ext,cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88ea9f1e981238c0dab217c7364ce82c865e7f18c249a066b0933997f55d9f31
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gfonts.jifo.co/css?family=Roboto:400,500,700,400i,500i,700i%7CRaleway:400,500,600,700,400i,500i,600i,700i&subset=latin,latin-ext,cyrillic
Origin
https://e.infogram.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:26 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
435
cross-origin-resource-policy
cross-origin
content-length
43980
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:40:19 GMT
server
cloudflare
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pavdaGBu2nkSoHAD93yxmmHGSzk9jtax2qcRz6rrIJaj9S0m9thkEZ9C5PXaQb%2Bp5u%2F%2FUVR8gb0g8%2B1EOZwXBRvv5TtfzH6s2uw8YgovYFhkiA8Tw6eky%2BBChU%2FOJ6tQgVGdzFocNWv2yius"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31560000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7801f3fd08a99247-FRA
1Ptsg8zYS_SKggPNyCg4TYFqL_KWxQ.woff2
gfonts.jifo.co/s/raleway/v28/ Frame 9F22 		43 KB
43 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://gfonts.jifo.co/s/raleway/v28/1Ptsg8zYS_SKggPNyCg4TYFqL_KWxQ.woff2
Requested by
Host: gfonts.jifo.co
URL: https://gfonts.jifo.co/css?family=Roboto:400,500,700,400i,500i,700i%7CRaleway:400,500,600,700,400i,500i,600i,700i&subset=latin,latin-ext,cyrillic
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4a06 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88ea9f1e981238c0dab217c7364ce82c865e7f18c249a066b0933997f55d9f31
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://gfonts.jifo.co/css?family=Roboto:400,500,700,400i,500i,700i%7CRaleway:400,500,600,700,400i,500i,600i,700i&subset=latin,latin-ext,cyrillic
Origin
https://e.infogram.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:26 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
435
cross-origin-resource-policy
cross-origin
content-length
43980
x-xss-protection
0
last-modified
Mon, 18 Jul 2022 19:40:19 GMT
server
cloudflare
cross-origin-opener-policy
same-origin; report-to="apps-themes"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wj1I3Ld6gIGPMVYiThSll19TAK3E2w1N2gJbVMkUryT70E8zS%2BzNZjL2HEMp2xn8pRtNYgfNoNWrLo22in91NzQet4bRfjdvF43ZBZUH%2BbNEOLoqoS%2FVPYsL6%2BzVRMTY0HryBvM2kkCs598e"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=31560000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7801f3fd08aa9247-FRA
truncated
/ 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cd0b7385c8a691d9b2e7af11f3fbe1e7b1f42ecf11531882594908bf4a1b830e

Request headers

Referer
Origin
https://www.sonomanews.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
application/x-font-woff2;charset=utf-8
truncated
/ Frame 9F22 		448 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
fbd59c1f37809f1f537e0e5b842f549f034891fa75968e5ff163632ff4c3dbcb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/svg+xml
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 8CE3 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:100,300,400,700,900,500
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.sonomanews.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 19:33:08 GMT
x-content-type-options
nosniff
age
491839
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Dec 2023 19:33:08 GMT
ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
fonts.gstatic.com/s/robotocondensed/v25/ Frame 8CE3 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v25/ieVi2ZhZI2eCN5jzbjEETS9weq8-32meGCQYbw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:300,400,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.sonomanews.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 03:10:59 GMT
x-content-type-options
nosniff
age
464368
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15660
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:42:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Dec 2023 03:10:59 GMT
ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
fonts.gstatic.com/s/robotocondensed/v25/ Frame 8CE3 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotocondensed/v25/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Condensed:300,400,700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.sonomanews.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Thu, 22 Dec 2022 22:18:08 GMT
x-content-type-options
nosniff
age
395539
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15700
x-xss-protection
0
last-modified
Tue, 19 Apr 2022 18:51:55 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 22 Dec 2023 22:18:08 GMT
icomoon.woff
csp.azureedge.net/cdn/widget/fonts/ Frame 8CE3 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://csp.azureedge.net/cdn/widget/fonts/icomoon.woff?-35bf
Requested by
Host: csp.azureedge.net
URL: https://csp.azureedge.net/cdn/widget/WidgetTemplate2.min.css?v=2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
ab4c432dc5313ff43167b911b6be0742a49eb52ccc520124e9a6104e81f72c27

Request headers

Referer
https://csp.azureedge.net/cdn/widget/WidgetTemplate2.min.css?v=2
Origin
https://www.sonomanews.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:26 GMT
last-modified
Fri, 29 Jul 2022 22:43:11 GMT
server
Microsoft-IIS/10.0
etag
"1d8a39c948e2e5c"
x-powered-by
ASP.NET
content-type
application/font-woff
access-control-allow-origin
*
accept-ranges
bytes
content-length
2012
self
api-mg2.db-ip.com/v2/p14891b727f063924f0d86d8a8e5063678abd2ac/ 		563 B
799 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-mg2.db-ip.com/v2/p14891b727f063924f0d86d8a8e5063678abd2ac/self?_=1672143026990
Requested by
Host: cdn.mircheigeshoa.com
URL: https://cdn.mircheigeshoa.com/prod/smi/fp.min.js?20221127
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b27810e53514aee6309f0e2cd89c7f5293a7eab6c2523762ff84664abad2c6e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:27 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Tue, 27 Dec 2022 12:10:27 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ejgj04smbMZqKTHmQa%2FCXpNcP%2BOi%2BTiET466f5pSaal5RPEoBlIBFt%2BYX3K8UNTL58kdqwaKg%2BWyM%2B4SP8xvA3NUeCY546JbIDMP8DaBoqocOkkpdlenoGLpakEKRtZ%2B9dIl"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1800
cf-ray
7801f3fefd3a68e9-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
custom.json
rdc.m32.media/adops/custom_files/sonomanews.com/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rdc.m32.media/adops/custom_files/sonomanews.com/custom.json
Requested by
Host: rdc.m32.media
URL: https://rdc.m32.media/madops.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
02f19d9d8f4ba858d5a9bf15bfe47ec749e8b3c63c1c536dbdc296ad11cdbe5c
Security Headers
Name Value
Strict-Transport-Security max-age=31557600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:27 GMT
content-encoding
gzip
via
1.1 varnish, 1.1 varnish
strict-transport-security
max-age=31557600
age
10912
x-guploader-uploadid
ADPycdsXB1cy5B54OcwB3xCmXMRLLFC05_5YNFZPcjHQ2IJDq2HkbPLOZkrcjS1DtyRQEop0sfocBDNXcAXSHPEZswDmHA
x-cache
HIT, HIT
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
1159
x-served-by
cache-yul12826-YUL, cache-hhn-etou8220029-HHN
last-modified
Tue, 27 Dec 2022 09:07:36 GMT
server
UploadServer
x-timer
S1672143027.016456,VS0,VE1
etag
"f1c41fc2a2a61d4a8072d61ce7d4f958"
vary
Accept-Encoding
x-goog-generation
1672132056451692
content-type
application/json
access-control-allow-origin
*
x-goog-hash
crc32c=yfV+9w==, md5=8cQfwqKmHUqActYc59T5WA==
access-control-expose-headers
Content-Type
cache-control
public,max-age=86400
x-goog-stored-content-length
3970
accept-ranges
bytes
x-cache-hits
13, 1
content-module-js.3987b79def71feaf346b.js
cdn.viafoura.net/chunks/vuex_store/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vuex_store/content-module-js.3987b79def71feaf346b.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:dc00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
64df872362c5c0f3794cf8eb49dff5603e5f96427ca6f86686f65201693e56f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 18:03:32 GMT
x-amz-version-id
SdKOChuj1_MwHlJTNHx8T9BpqnoMWGDJ
content-encoding
br
via
1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
age
583616
x-amz-cf-pop
FRA56-P2
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 20 Dec 2022 18:02:39 GMT
server
AmazonS3
etag
W/"9c52a1105d65f6033a33eb1ed356c9ad"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
HYXJB0RTSNYZaUMwkscxs9JxvA4ybJ60Telkd0xv3ggylJYpS8THLA==
js
www.googletagmanager.com/gtag/ Frame 5CCE 		109 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-37668716-1&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5SVQVJW3D6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6df648a5ec803bbe75e4ad3366c109e1c863fbd07b367f7024da284018e1b4c9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsletter.sonomanews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
43722
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 27 Dec 2022 12:10:27 GMT
collect
region1.google-analytics.com/g/ Frame 5CCE 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-5SVQVJW3D6&gtm=2oebu0&_p=952440186&cid=594819456.1672143026&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1672143027&sct=1&seg=0&dl=https%3A%2F%2Fnewsletter.sonomanews.com%2Fframed%2Fsingle%2Fa3adc18b5cb65f9d29d5f908b3bdadc1%3Fpref%3Dsit_daily%26hideImage%3D1%26padCopy%3D0%26fid%3D4643&dr=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Fnews%2Fduis-fall-48-in-sonoma-valley-in-2022%2F&dt=The%20Sonoma%20Index-Tribune&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5SVQVJW3D6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsletter.sonomanews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 12:10:27 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://newsletter.sonomanews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		23 B
465 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Fnews%2Fduis-fall-48-in-sonoma-valley-in-2022%2F&pid=XONpwVcKPOr4r&cb=3&ws=1600x1200&v=22.1213.2134&t=2000&slots=%5B%7B%22sd%22%3A%22ad-8-728x90-desktop%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F94238257%2Fsit%2Fnews%22%7D%5D&schain=1.0%2C1!yourbow.com%2C63%2C1%2C%2C%2C&pubid=db83f9c6-a698-4a6a-89fb-c29c85426748&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-150.fra56.r.cloudfront.net
Software
Server /
Resource Hash
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:27 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 a2eae5bb517678c9d6b43a2731b4462e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
RQ19X9EY3Z453XMX3MBY
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.sonomanews.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
pCTHUKwBHxdi2Fh4L7vMZK3ZXwfICtlhzl-DwNQZm9Kq3VHC8ucdOg==
view
securepubads.g.doubleclick.net/pcs/ Frame D1D8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsttwlYO_qTeBRH4xASFMxp82Hj4fmUJkuzkUHyEanHR2ng9fD7fWtFTvss-uR3__mLi5FnKXmQ53gtNS9qrbD1wtOZ4BSPtqT6Mf28ZegkjaSLn5lYm2RR56hZrZLBC0JK_XhohKPNDNHe2gKV-8SN_X6Lg8nLEyuSjZ4t8dIeo0oqi169ks7chtRvoo6JVt0kRCChCaz7dB62hw7TZ5_BTEbxa3MO5_-L55tCSeIncIBnJF1Obs_0jKmja8J7XLeVndjW1PG8i2hBxFTvfmGwFoZUYgc_5knATqxUqLg4WQDZcqikF7Vq3QfzJVsmpXQ&sai=AMfl-YQDgmxVqE50sQU785XjPETdWZAFLov9d5ZsymmdrRq_A296f438-wt5pk-Hu0PjNwLB1VitkZtubTS05jIJSbPMNKNavz2o39Gz7SPpl0i7-DFNSVOyWCa0qD2Xyn7SN5fBIO0IH1LYsw_KbZS_CA&sig=Cg0ArKJSzLhzaEbzcVhlEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 27 Dec 2022 12:10:27 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame D1D8 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:38:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
37915
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 10 Jan 2023 01:38:32 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D1D8 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 27 Dec 2022 12:10:27 GMT
15836515781615491465
tpc.googlesyndication.com/simgad/ Frame D1D8 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15836515781615491465
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1cbdc00502545ef02cdb49fc054c74a71de6c78bb6795a76ddb074e11acb55aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 06:06:45 GMT
x-content-type-options
nosniff
age
540222
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
70464
x-xss-protection
0
last-modified
Tue, 29 Nov 2022 21:58:34 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 21 Dec 2023 06:06:45 GMT
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		23 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Fnews%2Fduis-fall-48-in-sonoma-valley-in-2022%2F&pid=XONpwVcKPOr4r&cb=4&ws=1600x1200&v=22.1213.2134&t=2000&slots=%5B%7B%22sd%22%3A%22ad-11-300x250-desktop%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F94238257%2Fsit%2Fnews%22%7D%5D&schain=1.0%2C1!yourbow.com%2C63%2C1%2C%2C%2C&pubid=db83f9c6-a698-4a6a-89fb-c29c85426748&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-150.fra56.r.cloudfront.net
Software
Server /
Resource Hash
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:27 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 a2eae5bb517678c9d6b43a2731b4462e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
GZ0K4XJNRJ4J49D7H4EG
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.sonomanews.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
wZB1Y48U2c686xpTI8fifJMAy4ZHbIPdk2xuDKcEeS5VmOO2JFNWaQ==
truncated
/ Frame D1D8 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aa54c29eef43a368ed882f5f39987589cb30600aeadba721cd9c6bd42168d37d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
polyfill.min.js
polyfill.io/v3/ Frame 5CCE 		101 B
195 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?flags=gated&features=es5%2CCustomEvent%2CArray.from%2CArray.isArray%2CArray.prototype.filter%2CArray.prototype.find%2CArray.prototype.findIndex%2CArray.prototype.forEach%2CArray.prototype.indexOf%2CArray.prototype.keys%2CArray.prototype.lastIndexOf%2CArray.prototype.map%2CArray.prototype.reduce%2CDate.prototype.toISOString%2CDocumentFragment%2CDocumentFragment.prototype.append%2CDocumentFragment.prototype.prepend%2CElement%2CElement.prototype.after%2CElement.prototype.append%2CElement.prototype.before%2CElement.prototype.classList%2CElement.prototype.cloneNode%2CElement.prototype.closest%2CElement.prototype.dataset%2CElement.prototype.matches%2CElement.prototype.placeholder%2CElement.prototype.prepend%2CElement.prototype.remove%2CElement.prototype.replaceWith%2CElement.prototype.toggleAttribute%2CEvent%2CJSON%2CMap%2CNumber.parseInt%2CNumber.parseFloat%2CObject.assign%2CObject.create%2CObject.defineProperties%2CObject.defineProperty%2CObject.entries%2CObject.getOwnPropertyDescriptor%2CObject.getOwnPropertyNames%2CObject.is%2CObject.keys%2CObject.values%2CPromise%2CPromise.prototype.finally%2CSet%2CString.prototype.trim%2CXMLHttpRequest%2Cdocument.getElementsByClassName%2Cdocument.currentScript%2Cdocument.querySelector%2Cfetch%2CgetComputedStyle%2ClocalStorage%2CArray.prototype.some%2CDate.now%2CEvent.focusin%2CEventSource%2CFunction.prototype.bind%2CFunction.prototype.name%2CHTMLDocument%2CNodeList.prototype.forEach%2CNodeList.prototype.%40%40iterator%2CNode.prototype.contains%2CObject.getPrototypeOf%2CObject.setPrototypeOf%2CRegExp.prototype.flags%2CString.prototype.%40%40iterator%2CString.prototype.startsWith%2CString.prototype.endsWith%2Cconsole%2Cconsole.debug%2Cconsole.error%2Cconsole.info%2Cconsole.log%2Cdocument%2Cdocument.head%2Cdocument.visibilityState%2Clocation.origin%2CrequestIdleCallback%2Cscreen.orientation%2CmatchMedia%2CURL
Requested by
Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/smi/loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newsletter.sonomanews.com/
Origin
https://newsletter.sonomanews.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Tue, 27 Dec 2022 12:10:27 GMT
age
3319434
detected-user-agent
Chrome/108.0.0
server-timing
HIT, fastly;desc="Edge time";dur=0, HIT, fastly;desc="Edge time";dur=1
content-length
94
referrer-policy
origin-when-cross-origin
last-modified
Fri, 18 Nov 2022 10:54:38 GMT
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=utf-8
normalized-user-agent
chrome/108.0.0
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges
bytes
timing-allow-origin
*
/
fastlygeo.m32.media/ 		195 B
298 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlygeo.m32.media/
Requested by
Host: rdc.m32.media
URL: https://rdc.m32.media/madops.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
06e3e1d97816f9a45bbbfd44404d55cc7a33e8e6093890c4b9849d7f45954665

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-served-by
cache-hhn-etou8220029-HHN
date
Tue, 27 Dec 2022 12:10:27 GMT
via
1.1 varnish
server
Varnish
x-timer
S1672143027.105020,VS0,VE0
x-cache
HIT
content-type
application/json
access-control-allow-origin
*
accept-ranges
bytes
content-length
195
retry-after
0
x-cache-hits
0
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.sonomanews.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.sonomanews.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		30 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2439481857926904&correlator=1241779629812985&eid=31071221&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=94238257%2Csit%2Cnews&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90%7C970x250&ifi=4&adks=3673842807&didk=2302279472&sfv=1-0-40&prev_scp=loggedin%3Dfalse%26type%3Darticle%26loc%3D2%26position%3DBTF%26amznbid%3D2%26amznp%3D2&eri=1&sc=1&cookie=ID%3D713d0f657e7a0d72%3AT%3D1672143026%3AS%3DALNI_MaLPmPqHFs2ujTX8YJdnJwsiQ4iOA&gpic=UID%3D00000b991ba12ed0%3AT%3D1672143026%3ART%3D1672143026%3AS%3DALNI_MamFbhrtnHwpZU_nAbnVEPMSVgApg&abxe=1&dt=1672143027073&lmt=1672143027&dlt=1672143024729&idt=1383&adxs=315&adys=2896&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=4&oid=2&color_bg=FFFFFF&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Fnews%2Fduis-fall-48-in-sonoma-valley-in-2022%2F&frm=20&vis=1&psz=970x0&msz=728x0&fws=128&ohw=0&psts=ACgb8tuRJQV3aL0wM5iAvTk_u1w1%2CACgb8tuRJQV3aL0wM5iAvTk_u1w1%2CACgb8tvTgdNoaf7ddce5acpAop1AOQhjHCcWSPIEBsGcyShVcqvkz6E3AnaQZca39r54aiXEc1nbFW7L7UtRWJvbLLo&ga_vid=594819456.1672143026&ga_sid=1672143027&ga_hid=318729312&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3286e45350dafed1a9a8fb2d7c52c2e1ce6158d0cefe1b10d02fdc926a75d82e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:27 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13152
x-xss-protection
0
google-lineitem-id
6161872054
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138414536922
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sonomanews.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
all
notifications.viafoura.co/v5/notifications/00000000-0000-4000-8000-f9a45be2b954/ 		36 B
225 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://notifications.viafoura.co/v5/notifications/00000000-0000-4000-8000-f9a45be2b954/all
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.198.19.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-198-19-104.compute-1.amazonaws.com
Software
/
Resource Hash
b6dc85459fbb9d03f478d91eae99e6627e04c8f805b08e4b97423ffbc3870d9d

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin
https://www.sonomanews.com
date
Tue, 27 Dec 2022 12:10:27 GMT
content-encoding
gzip
access-control-allow-credentials
true
content-length
59
content-type
application/json; charset=utf-8
ads
securepubads.g.doubleclick.net/gampad/ 		31 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2439481857926904&correlator=2341184688225602&eid=31071221&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=94238257%2Csit%2Cnews&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=5&adks=4280428328&didk=3565792461&sfv=1-0-40&prev_scp=loggedin%3Dfalse%26type%3Darticle%26loc%3D1%26position%3DATF%26amznbid%3D2%26amznp%3D2&eri=1&sc=1&cookie=ID%3D713d0f657e7a0d72%3AT%3D1672143026%3AS%3DALNI_MaLPmPqHFs2ujTX8YJdnJwsiQ4iOA&gpic=UID%3D00000b991ba12ed0%3AT%3D1672143026%3ART%3D1672143026%3AS%3DALNI_MamFbhrtnHwpZU_nAbnVEPMSVgApg&abxe=1&dt=1672143027104&lmt=1672143027&dlt=1672143024729&idt=1383&adxs=1100&adys=388&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=5&oid=2&color_bg=FFFFFF&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Fnews%2Fduis-fall-48-in-sonoma-valley-in-2022%2F&frm=20&vis=1&psz=300x0&msz=300x0&fws=640&ohw=0&psts=ACgb8tuRJQV3aL0wM5iAvTk_u1w1%2CACgb8tuRJQV3aL0wM5iAvTk_u1w1%2CACgb8tvTgdNoaf7ddce5acpAop1AOQhjHCcWSPIEBsGcyShVcqvkz6E3AnaQZca39r54aiXEc1nbFW7L7UtRWJvbLLo&ga_vid=594819456.1672143026&ga_sid=1672143027&ga_hid=318729312&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
67f19cf2ec5994d6b41cf7743299d4ba538a46936d553eb8bf031a6054943583
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:27 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13241
x-xss-protection
0
google-lineitem-id
6161627422
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138416631505
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sonomanews.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		23 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Fnews%2Fduis-fall-48-in-sonoma-valley-in-2022%2F&pid=XONpwVcKPOr4r&cb=5&ws=1600x1200&v=22.1213.2134&t=2000&slots=%5B%7B%22sd%22%3A%22ad-12-300x600-desktop%22%2C%22s%22%3A%5B%22300x600%22%5D%2C%22sn%22%3A%22%2F94238257%2Fsit%2Fnews%22%7D%5D&schain=1.0%2C1!yourbow.com%2C63%2C1%2C%2C%2C&pubid=db83f9c6-a698-4a6a-89fb-c29c85426748&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-150.fra56.r.cloudfront.net
Software
Server /
Resource Hash
111041158b9290ae7cc0c6da69d7c4f5600e8a73b4c7399d675df7f15ba7b063
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:27 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 a2eae5bb517678c9d6b43a2731b4462e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
W3MKS4CFAVH778BHC3FK
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.sonomanews.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
eEDj5a7vi_Quv2DtQo_pINKZGiv13w8qzP9lHspi8k1Uds-QtW46MQ==
BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
fonts.gstatic.com/s/robotoslab/v24/ Frame 5CCE 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/robotoslab/v24/BngMUXZYTXPIvIBgJJSb6ufN5qU.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Slab:400,700|Open+Sans:400,700|Roboto+Condensed:400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9a3993918629dfd6a59c4563e9b4d464152b51d4113957ab8ebfbdcbcdc7f536
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsletter.sonomanews.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 11:20:05 GMT
x-content-type-options
nosniff
age
348622
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32860
x-xss-protection
0
last-modified
Mon, 11 Jul 2022 19:12:50 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 23 Dec 2023 11:20:05 GMT
memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ Frame 5CCE 		44 KB
44 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto+Slab:400,700|Open+Sans:400,700|Roboto+Condensed:400
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsletter.sonomanews.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Mon, 26 Dec 2022 18:50:55 GMT
x-content-type-options
nosniff
age
62372
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
44856
x-xss-protection
0
last-modified
Mon, 15 Aug 2022 18:20:18 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 26 Dec 2023 18:50:55 GMT
loader-config.json
cdn.wgchrrammzv.com/prod/smi/ Frame 5CCE 		4 KB
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.wgchrrammzv.com/prod/smi/loader-config.json
Requested by
Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/smi/loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4C9C) /
Resource Hash
ccec265192dfe3d4e502eb9b4afdfd300ebdefb5cc4fccf2c36edeab5467d85b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsletter.sonomanews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 27 Dec 2022 12:10:27 GMT
content-encoding
gzip
content-md5
xlyIDGFrCHaXouuUMgCX6A==
age
15524
x-cache
HIT
content-length
1272
x-ms-lease-status
unlocked
last-modified
Mon, 28 Nov 2022 07:07:49 GMT
server
ECAcc (frc/4C9C)
etag
0x8DAD10F428BF9D5
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
ff810911-201e-0009-70c8-19b26d000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
ai.0.js
az416426.vo.msecnd.net/scripts/a/ Frame 5CCE 		94 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/smi/loader.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CD6) /
Resource Hash
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsletter.sonomanews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 27 Dec 2022 12:10:27 GMT
content-encoding
gzip
x-ms-meta-lastmodified
2020-10-01 19:31:04
content-md5
HdY95yzx9wIyQkVEGES+Ew==
age
1259
x-cache
HIT
content-length
22495
x-ms-lease-status
unlocked
last-modified
Thu, 11 Mar 2021 07:46:59 GMT
server
ECAcc (frc/4CD6)
etag
0x8D8E461DA1A5889
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
b7aed11a-601e-009c-2ce9-198be5000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
expires
Tue, 27 Dec 2022 12:40:27 GMT
analytics.js
www.google-analytics.com/ Frame 5CCE 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-37668716-1&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsletter.sonomanews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 27 Dec 2022 10:27:20 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
6187
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Tue, 27 Dec 2022 12:27:20 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
442 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=gpt_paw&pvsid=2439481857926904&vrg=2022120501&nw_id=94238257&nslots=8&eid=31071221&pub_url=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Fnews%2Fduis-fall-48-in-sonoma-valley-in-2022%2F&sig=0&req=0&req_cnt=6&dm=8
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 12:10:27 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		31 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2439481857926904&correlator=165096701102469&eid=31071221&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=94238257%2Csit%2Cnews&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600&ifi=6&adks=3350303484&didk=2159370823&sfv=1-0-40&prev_scp=loggedin%3Dfalse%26type%3Darticle%26loc%3D1%26position%3DATF%26amznbid%3D2%26amznp%3D2&eri=1&sc=1&cookie=ID%3D713d0f657e7a0d72%3AT%3D1672143026%3AS%3DALNI_MaLPmPqHFs2ujTX8YJdnJwsiQ4iOA&gpic=UID%3D00000b991ba12ed0%3AT%3D1672143026%3ART%3D1672143026%3AS%3DALNI_MamFbhrtnHwpZU_nAbnVEPMSVgApg&abxe=1&dt=1672143027165&lmt=1672143027&dlt=1672143024729&idt=1383&adxs=1100&adys=950&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=6&oid=2&color_bg=FFFFFF&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Fnews%2Fduis-fall-48-in-sonoma-valley-in-2022%2F&frm=20&vis=1&psz=300x0&msz=300x0&fws=640&ohw=0&psts=ACgb8tuRJQV3aL0wM5iAvTk_u1w1%2CACgb8tuRJQV3aL0wM5iAvTk_u1w1%2CACgb8tvTgdNoaf7ddce5acpAop1AOQhjHCcWSPIEBsGcyShVcqvkz6E3AnaQZca39r54aiXEc1nbFW7L7UtRWJvbLLo&ga_vid=594819456.1672143026&ga_sid=1672143027&ga_hid=318729312&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d9f3ffa99c8e5ec7419662f580f9b90bdd20040a593bd7eeae88010a4247a1b4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:27 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13177
x-xss-protection
0
google-lineitem-id
6179389875
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138417125425
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sonomanews.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/j/ Frame 5CCE 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=952440186&t=pageview&_s=1&dl=https%3A%2F%2Fnewsletter.sonomanews.com%2Fframed%2Fsingle%2Fa3adc18b5cb65f9d29d5f908b3bdadc1%3Fpref%3Dsit_daily%26hideImage%3D1%26padCopy%3D0%26fid%3D4643&dr=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Fnews%2Fduis-fall-48-in-sonoma-valley-in-2022%2F&ul=en-us&de=UTF-8&dt=The%20Sonoma%20Index-Tribune&sd=24-bit&sr=1600x1200&vp=279x270&je=0&_u=QACAAUABAAAAACAAI~&jid=1495980188&gjid=1374472408&cid=594819456.1672143026&tid=UA-37668716-1&_gid=510789851.1672143026&_r=1&gtm=2oubu0&z=70293910
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://newsletter.sonomanews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 12:10:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://newsletter.sonomanews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		23 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Fnews%2Fduis-fall-48-in-sonoma-valley-in-2022%2F&pid=XONpwVcKPOr4r&cb=6&ws=1600x1200&v=22.1213.2134&t=2000&slots=%5B%7B%22sd%22%3A%22ad-13-300x250-desktop%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F94238257%2Fsit%2Fnews%22%7D%5D&schain=1.0%2C1!yourbow.com%2C63%2C1%2C%2C%2C&pubid=db83f9c6-a698-4a6a-89fb-c29c85426748&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-150.fra56.r.cloudfront.net
Software
Server /
Resource Hash
0cff03129f16a73a8ff89d06578b0b1a1127bddb582fd05f0ab62f8ccc6b62f7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:27 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 a2eae5bb517678c9d6b43a2731b4462e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
4H7NN8JVH4YPGK404VBT
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.sonomanews.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
10kp8ntM8sv5jxjzHH2ZFO0MVAe-f1P1ftP7mwoXymIikM1qvYzvdw==
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.sonomanews.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.sonomanews.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		31 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2439481857926904&correlator=804630816688706&eid=31071221&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=94238257%2Csit%2Cnews&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&ifi=7&adks=1269229393&didk=4028576070&sfv=1-0-40&prev_scp=loggedin%3Dfalse%26type%3Darticle%26loc%3D1%26vendor%3Dcitysparksit%26position%3DBTF%26amznbid%3D2%26amznp%3D2&eri=1&sc=1&cookie=ID%3D713d0f657e7a0d72%3AT%3D1672143026%3AS%3DALNI_MaLPmPqHFs2ujTX8YJdnJwsiQ4iOA&gpic=UID%3D00000b991ba12ed0%3AT%3D1672143026%3ART%3D1672143026%3AS%3DALNI_MamFbhrtnHwpZU_nAbnVEPMSVgApg&abxe=1&dt=1672143027278&lmt=1672143027&dlt=1672143024729&idt=1383&adxs=1100&adys=1338&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=7&oid=2&color_bg=FFFFFF&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Fnews%2Fduis-fall-48-in-sonoma-valley-in-2022%2F&frm=20&vis=1&psz=300x0&msz=300x0&fws=640&ohw=0&psts=ACgb8tuRJQV3aL0wM5iAvTk_u1w1%2CACgb8tuRJQV3aL0wM5iAvTk_u1w1%2CACgb8tvTgdNoaf7ddce5acpAop1AOQhjHCcWSPIEBsGcyShVcqvkz6E3AnaQZca39r54aiXEc1nbFW7L7UtRWJvbLLo&ga_vid=594819456.1672143026&ga_sid=1672143027&ga_hid=318729312&ga_fc=true
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6fc4353d6d9c54738470eac875d97343aae7a628fb924a98513c008b48c47eb9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:27 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13236
x-xss-protection
0
google-lineitem-id
6124768258
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138415189167
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sonomanews.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ Frame 5CCE 		1 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-37668716-1&cid=594819456.1672143026&jid=1495980188&gjid=1374472408&_gid=510789851.1672143026&_u=QACAAUAAAAAAACAAI~&z=1086269072
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c06::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://newsletter.sonomanews.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Tue, 27 Dec 2022 12:10:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://newsletter.sonomanews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
gtm.js
www.googletagmanager.com/ 		202 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T89FCNT&l=MG2DL
Requested by
Host: cdn.godiciardstia.com
URL: https://cdn.godiciardstia.com/prod/smi/g2i.min.js?20221127
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2008 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
ba42ec7d198c9032697ba83b9587dbfb575cf26fd756127a0be8833f580b385d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:27 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
69720
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 27 Dec 2022 12:10:27 GMT
ai.0.js
az416426.vo.msecnd.net/scripts/a/ 		94 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: cdn.pranmcpkx.com
URL: https://cdn.pranmcpkx.com/prod/smi/t8y9347t.min.js?20221127
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CD6) /
Resource Hash
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 27 Dec 2022 12:10:27 GMT
content-encoding
gzip
x-ms-meta-lastmodified
2020-10-01 19:31:04
content-md5
HdY95yzx9wIyQkVEGES+Ew==
age
1259
x-cache
HIT
content-length
22495
x-ms-lease-status
unlocked
last-modified
Thu, 11 Mar 2021 07:46:59 GMT
server
ECAcc (frc/4CD6)
etag
0x8D8E461DA1A5889
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
b7aed11a-601e-009c-2ce9-198be5000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
expires
Tue, 27 Dec 2022 12:40:27 GMT
index.js
cdn.czx5eyk0exbhwp43ya.biz/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.czx5eyk0exbhwp43ya.biz/index.js
Requested by
Host: cdn.pranmcpkx.com
URL: https://cdn.pranmcpkx.com/prod/smi/t8y9347t.min.js?20221127
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CBD) /
Resource Hash
6941d870c4bac732a6ed7718c594a73cc27000379eaaf241c9e47d982e44f407

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 27 Dec 2022 12:10:27 GMT
content-encoding
gzip
content-md5
nynBpfvYghYqzIzsvfssRw==
age
519927
x-cache
HIT
content-length
2382
x-ms-lease-status
unlocked
last-modified
Fri, 17 Jun 2022 17:08:13 GMT
server
ECAcc (frc/4CBD)
etag
0x8DA5083F65AD9E0
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-ms-request-id
b377606d-b01e-0056-3b31-150651000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
SIT__SIT.json
cdn.pranmcpkx.com/prod/data/smi/ 		175 KB
176 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.pranmcpkx.com/prod/data/smi/SIT__SIT.json?_=1672143027381
Requested by
Host: cdn.pranmcpkx.com
URL: https://cdn.pranmcpkx.com/prod/smi/t8y9347t.min.js?20221127
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
25d18d63d8879fb43f5f7b2ca3c7df4162f418406f4feca69fdecdee11abab02

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
AppendBlob
date
Tue, 27 Dec 2022 12:10:27 GMT
last-modified
Tue, 20 Dec 2022 21:11:01 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-committed-block-count
1
etag
0x8DAE2CEB2A2B074
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
dbfbfef0-a01e-0065-62ec-1959fa000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,x-ms-blob-committed-block-count,Content-Length,Date,Transfer-Encoding
cache-control
no-cache
x-ms-version
2009-09-19
content-length
179442
ad_300_250.jpg
paywall-ad-bucket.s3.amazonaws.com/ 		631 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paywall-ad-bucket.s3.amazonaws.com/ad_300_250.jpg
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.78.36 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
0859f5f9bf49348ef81d01f953d520c10a2a857961ef1bfad4a7903609889de5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 12:10:28 GMT
Last-Modified
Tue, 15 Oct 2019 13:44:16 GMT
Server
AmazonS3
x-amz-request-id
32KJF2P8KWK8DQW9
ETag
"ef2cc7f55b7ab677b023e36033e26471"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
631
x-amz-id-2
7/IcJMGt/rb0tfjzmOXpEp/1Doop8gcE/VX9eqovG4EFCoWFOh4Bl0KTcbiWNzGE55vPfMHPAQA=
x-amz-meta-s3b-last-modified
20191015T134358Z
view
securepubads.g.doubleclick.net/pcs/ Frame D1D8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuPzvvHmpN0cYESdfhkLdKLsjHC8MM32g2ttEc4kJPC6N3X0L5m2_jSmYruTp7_iC5KYqNZn_JiTli2CGnCpwGQoBreS5iA6qD8RyLPjSRFANqj3hA23SYqM4Lq-dnea-j8S8reMuO5X5PEohv9_pxcdzG0uc1duA7m2LBED_4LscmFEHvlbNyLUqKIiYJItOaVCq2UKKmsQ-BnmvjTk_Zb_-Z0KCNofIT0We4HMUUJooiMIxhD1EqfwZsjmXoOXMs-DImx2pMfazQ8mETaWNfCjbvW0qwllkgh9FXL2AcvzTc-sLa1hT7zKyMUHe1ESx08&sai=AMfl-YRbPIYXFFKAc6uiqik5DlpVJi9cxpX0Abh_Q5I9ApliuMZd7E0uA6SnvhcqoTEnUPEqO77ZUE25ykf9EHsWuPvLlw9G2tkDzWqaOh954ZUDwenYMQhmd_K6SeQmClEMa7KJwLyJ1VuuaCl9xUDnpQ&sig=Cg0ArKJSzMu0bjI1qjMDEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 27 Dec 2022 12:10:27 GMT
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjoiNjE2MTg3MjA1NCIsImVidXkiOiIyOTYxNzg3MTgwIiwiZWFkdiI6IjQ3NzA3MTczMjYiLCJlY2lkIjoiMTM4NDE0NTM2OTI1IiwiZWVudiI6ImoiLCJlcGlkIjoiOTQxMjU1MzciLCJlc2lkIjoiOTMyMzgzNzcifQ&tv=js-3.0.146&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=18&tid=a5e5caa1-ea90-402c-a2e4-b6f8cc2b9271&pid=b6898986-e438-4688-961d-1fd20b11321c&dtm=1672143027415&qnm=_matherq&visible=1&tabid=6ca31d76-ee54-4a72-8f76-1b022d37408c&url=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Fnews%2Fduis-fall-48-in-sonoma-valley-in-2022%2F&vp=1600x1200&ds=4000x5872&tofa=1672143027&vid=1&lvidt=1672143027&duid=37ab921dfcbf0be0&fp=983239506&cid=ma16916&mrk=901956900
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.217.241.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-241-65.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Tue, 27 Dec 2022 12:10:27 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
view
securepubads.g.doubleclick.net/pcs/ Frame 30FB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssJmsBTB3Wy4Rw-MEe226f1oI3ZVrVAVUb_PEF-IlfkzYPmZKXuKPbC7R_lD8GpddQtoKbU0k9S1an0BQ8Xb_85sMiJdsgNi4qt1g0ITBLcuXqq9T8TctWe9iWHNiftmXPKXwIWbeQfeNVTvHTDEbLCyJm74Y5B_5frIdkwR7zbFgKvatKE2GSKYnSJrV630A2GcFVBwBeKdvfFhGgeUZEZeSbrsW5zZWpxeIaBniC9CT6wV1iK50ujafPN2vcRiNCJUcedYUTpSDx5snuYT3ifOD1TCAczeyRT6mlM7EHWUc-APf3V7-dTer16XM-avA&sai=AMfl-YQ9fJFTplcvdK_zR0Ief9hZWn_oYwK4XSh8buJMz18e3ROBD69G41BV7oGseL5LuOFE5KacZzZ8QgXuyp0h33vjsVVC4RMy7II0st32H234IrCO8SinXp6HXff9eC7R&sig=Cg0ArKJSzD4-z1VU5iAGEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 30FB 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:38:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
37915
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 10 Jan 2023 01:38:32 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 30FB 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 27 Dec 2022 12:10:27 GMT
13503606725266446442
tpc.googlesyndication.com/simgad/ Frame 30FB 		61 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/13503606725266446442
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b030a461ca82417e38e96f91082e6b707f2620a23637ddd04102072065a0d2fd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 06:54:40 GMT
x-content-type-options
nosniff
age
18947
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62959
x-xss-protection
0
last-modified
Tue, 29 Nov 2022 21:58:34 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 27 Dec 2023 06:54:40 GMT
l
www.google.com/ads/measurement/ Frame 30FB 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSK7kl9HllwquQzCmvBaPnA9_P2qSPul1dWggPtqNXI1XpIgD_7xk_XYzqiRD5VyN5IbkPY
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
truncated
/ Frame 30FB 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c0afe621261180da80efe761ad6ff69ab018b38c31713448782fe4ed69c83e07

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j98&a=318729312&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Fnews%2Fduis-fall-48-in-sonoma-valley-in-2022%2F&ul=en-us&de=UTF-8&dt=DUIs%20fall%2048%25%20in%20Sonoma%20Valley%20in%202022&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=G2I.Connext&ea=MetaTagsCollected&el=Not%20Set&_u=aEHAAEABAAAAACAAI~&jid=2044508539&gjid=1330873833&cid=594819456.1672143026&tid=UA-143600161-1&_gid=510789851.1672143026&_r=1&gtm=2wgbu0T89FCNT&cd1=1672143027490.2zvby5vb&cd2=6d2f18942a6f96a0f9a2f44e76142c33&cd3=Not%20Set&cd4=Not%20Set&cd5=Not%20Set&cd6=Not%20Set&cd7=Not%20Set&cd8=Not%20Set&cd9=Not%20Set&cd10=Not%20Set&cd11=Not%20Set&cd12=Not%20Set&cd13=Not%20Set&cd14=Not%20Set&cd15=Not%20Set&cd16=Unknown&cd17=1672143027491.0.inz24vp6fkl&cd18=Not%20Set&cd19=Default&cd20=1.2.7.1&z=203990711
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 12:10:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sonomanews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T89FCNT&l=MG2DL
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 27 Dec 2022 10:27:20 GMT
last-modified
Tue, 27 Sep 2022 22:01:05 GMT
server
Golfe2
age
6187
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20039
expires
Tue, 27 Dec 2022 12:27:20 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_at=304&ntv_ui=8e8b4d97-ca2c-4865-a402-2b45f43e07c0&ntv_a=AAAAAAAAAApRAPA&ntv_ht=suCqYwA&ntv_fl=NbQ4aU5OBSZnQ5dqjaL7A9Fs0vmPjxtpy0yhQG06W3x8RWTaY7saMQJfNh92G8oYHtYdwT_FgNRjjvoSmpu4Q4KQvh8I2oRgjVlROJsq8hVO83ZPkXbybhZFXnQ05kd9183Qy8HWd0l54PGQ792uaWndQl0zzuymW_KLx5rYrNsmqB_aMI3bCJB7RFz9H7Rba0FhBeb0S9CiR5c7nIcydGsjDWt989_APLw-TiQlAl5WnYZ1Z0K15xTD-5b4cHLu&ord=-1104677202&ntv_ift=0&ntv_it
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.163.174.71 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-163-174-71.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 12:10:27 GMT
server
nginx/1.12.1
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
426 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_at=304&ntv_ui=18516c1e-a10f-4945-a890-222d153dce4e&ntv_a=AAAAAAAAAAAvwQA&ntv_ht=suCqYwA&ntv_fl=JG0OGQQliz1DpjrE2qiB7VyfOFoPBR_11LJQ1m6Q1_akx8RYvvDe2nQ8Uh6YaRsEMqf2tKMUgGv1Wh5kn74gMYVk8o7TFG1iOUy_xLAjlUAxZCBaIy5QVTzNosMpXpFdJZrGAlw8UEk0ks0uD8nzrrKOmKBK1KM06X8Q5Dj_Y2ZJRgF2ymaUIh71AG8Y5iynXLZbKfW9OXKcCvhh6tAZVWZy2h5hcCweMS6qv1lGYP4ZpW9VcMZxv21AjvvoFex2&ord=375302084&ntv_ift=0&ntv_it
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.163.174.71 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-163-174-71.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 12:10:27 GMT
server
nginx/1.12.1
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7FBD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuVGCvzUsmFwu6Q8bl58CauQNRrHJxgmRNctn4VMMDmQvZJxeaZBrGvgegro8rdmEY8r0yHpF_w59nGkRXAfIR8l8fNx7qF1HrDtuVY17Dvm3rh_DEtnRftN77UurN3ZAsUkvdnRxN3eSPEmkcWYPxnx5gzdHO-6OFkluOZlssu_JaE9xi410OBcZcQNixAmR1JalMw2ZQHdeObdfOC8XwgEKqQ3MmzpsWd_Ow1A74gKkvVOccOj1AsOKa3vsrZ-aJpJRDxDW7mMucOssMe7vazj5dryHScH3HEVKXUkJ0fqxoVmVWtO2DpyUEy-HngRkN4pQ&sai=AMfl-YSzXufmREiHwA4ejEtEWHU3SR4OjvmbcLITnJCOL0RpTQRFDr1wRI1VyFTncJ8giLNe22UVFaekfytFcij4Z4OBXEYOeFh1wmeN_AKFUiYfG-JYIi83FlPjmPyKUkI8&sig=Cg0ArKJSzMQnTv9pC_spEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 7FBD 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:38:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
37915
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 10 Jan 2023 01:38:32 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7FBD 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 27 Dec 2022 12:10:27 GMT
10717842937470098368
tpc.googlesyndication.com/simgad/ Frame 7FBD 		118 KB
118 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/10717842937470098368
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8646028b718fabbe1f2d290b5708d44476932f611a8bc50935d12262cc5e396d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sun, 25 Dec 2022 22:59:51 GMT
x-content-type-options
nosniff
age
133836
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
120640
x-xss-protection
0
last-modified
Fri, 09 Dec 2022 22:05:49 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Mon, 25 Dec 2023 22:59:51 GMT
l
www.google.com/ads/measurement/ Frame 7FBD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRofnnwA9yfBXUfYPJ40fJFP2U1EyN5lr9N4rc3yQXJtZFrrQmHnA56mtyPhWxmR-p4olHV
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
truncated
/ Frame 7FBD 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3cdbbb66434fa20a7d953baf3ef1b35c962c266cbbae2b8f92faf0830a2c4ed3

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 8F47 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss-rbv_gxLfVsz1l8oigMDNvLCAhiaGYGafASo8uFdzfJXNjutfgpkXtaRlbNtGa2Q52zEovjEX-RNGGCvecCHAIGHG785uChCID6EW_n995vRn75V5XAWrGzc8zWnmN9GQraJu_K9DkmVO0axjIPiTjinTpDU6aGKvTIkV1RzeFNgBstMl7EEb2uMGF5G7bqzvYTjw0ZrwfsVPbyTNK9BNvsqI_zxnXqAYMQuQ8qu7__fNRTJUy3dQ91CMbl-zBFTZLw7lN_3OBbYwo0Ub7zienlmbONRZnYAMh0wia7KdhHw79siFbzVGU-oYc9XzYw&sai=AMfl-YT0Iy8TGOHqM_T78TehIS048utvfkBZ4-Nac8fH1FZWYeNpD2rh5B_KpbK1wBrIis7Ejvc4kT50KRmHoflTu-37WU02qFO617uAwM-ZLOxrfaVENoKLtNxWz-jUlIpp&sig=Cg0ArKJSzMDVMygZdPqJEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 8F47 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:38:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
37915
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 10 Jan 2023 01:38:32 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8F47 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 27 Dec 2022 12:10:27 GMT
16581050633641469570
tpc.googlesyndication.com/simgad/ Frame 8F47 		115 KB
115 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16581050633641469570
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
153596856753e08bd6e55fe617a349daa4640c4b3e5dc1834798b7298a11792a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Sat, 24 Dec 2022 06:37:00 GMT
x-content-type-options
nosniff
age
279207
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117712
x-xss-protection
0
last-modified
Fri, 23 Dec 2022 18:24:07 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 24 Dec 2023 06:37:00 GMT
l
www.google.com/ads/measurement/ Frame 8F47 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQFikkq8oPLOIbRX0zpkw80SeeDWAsuNJkXGSK762ygEduls8ffkDXL4UkrYCtntApROVsx
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80e::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
truncated
/ Frame 8F47 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
6b4961055b2cce91ed09ecd0b282a81ee4218c09a7590396f286707508b11701

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 0968 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssfko8smE-gTpZM2ZVpx2cVu8pa0wgbWtO4ozXyQht7Dz3dIPAscsTOfsrHR-y9Z0O2Pe4puYnQu-4q9JwcJeS-HJyle0fZLgOV95BYNQm9YpqEGhTknKbxfCfSCq284plcgYjU7G9bnOkfZfLpeUR8m8tc18fBFK8R5RHsdTlqW-X21GGm7F4y-MMuUffzf6N0hXEDwcTrVSN_TOaVniSVYYmKCc_IpzyDdmtOv4YvR01-UDN3TB0-QYrpArTgl1rCKek_gI9EjOUfUT-ZGzBefPYsBFxv91xH4_HKJI_rEBd279ck0TPukHiG9FIjV2sQLg&sai=AMfl-YRQbenYd47kXyz5g9rfn5oxA8v5f7z2VFixhQTOpOcTnFd_W1eLwO5sGaQ0rEVdVn0M7o0FW8HMidflPBgzbo7AkUCn2iNqzwsf1M5-YCOmoqiPvQOObBXPK8yeBCON&sig=Cg0ArKJSzKk02G0YHAvpEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 0968 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:38:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
37915
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 10 Jan 2023 01:38:32 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 0968 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 27 Dec 2022 12:10:27 GMT
16511534123084594174
tpc.googlesyndication.com/simgad/ Frame 0968 		75 KB
75 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/16511534123084594174
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
236e25b960d008114698a6c52705cfd47f404c9825a5ce25483f8fc6d7e8d136
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 12:02:00 GMT
x-content-type-options
nosniff
age
518907
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
76300
x-xss-protection
0
last-modified
Sat, 03 Dec 2022 01:12:47 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 21 Dec 2023 12:02:00 GMT
l
www.google.com/ads/measurement/ Frame 0968 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRqO7Quqlq2qZQns-NzP9j_OEXjU4OS4XcQYMZAjTiIBwaK8I-npyNHxc-JdxETHa8BJaA0
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
truncated
/ Frame 0968 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
455e92b8871d2240f63a4a51776ec8717fabbde37adc62f145e21f9aaed3a957

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 30FB 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssvjJX2FBMzR9PTvDkBcu1nMvPpSD9rBIawVhR3O43lQtT2hc3KkSeGvyj7odsF-QEGPXIDQXwonLPMJnJAPOrPNINEmv0_H_B6rVFh0uTWDLQ5lyx5083TB9myU5Ealy40EAHux9pi6TUf_Xu79XQ6SUK-Gt-c2e4CrHeiZyiuQWdqtA68tQ7UHNq40LfLdr7FdbrDU1Ykz4yJtuiDeAKKg2XmEleS8nqWcGwIsN3JCUr5qiIOqNuKfWuyS8aC1WxSvwQ5dhwaKrYibk1l9AaLzcK6kY3VwLgbnbkwHar2zz2tuWiU5i1Xy_QR6_-xLfy3&sai=AMfl-YRN6FVYs_DjIZyG59VMmrBvuVScRoyLJ1KagMPjxHdDEB4UJQU42WLNNSAR4W5wYb7M5P6PEWI0i4uyh7pZdYKl_hBMgXWqBPYAmR7-doX1TBVLC3-U_I1wjXqQ-EXR&sig=Cg0ArKJSzLChA8_5-O3FEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 27 Dec 2022 12:10:27 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 8F47 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst7GbzYDfsTK57brfm4bicxVAfe6Z4kT6WMiXTqmtpUdgyk00mUtDE0z6DeKFbkoGiJq1-7QCcgmzCgL3wJ5Xu-GE5HkqQWD45lbBYk4b9Hkpcq1iAVVYf1rt9MvG0DUJuzypVB-i90oFnIPicD3G1V7GMoY1aKHnu8uABG5_6IyBQL-7AsZVo9QZqLCqf8JjJDEUzVQWV_BYg2A35xYVrXeQOLs6ko8NKIv8kwOpbyMmX_ZbQtJKn0XVKJwQQTeVZgrFVsXrGkWw290WNk_yhXQtxFgvQrnApdvBuvwvKbfYaVnw7tVWOmoYYS4YaF6aiH&sai=AMfl-YRmSDPLIl3x1NGrPhNQazNbc6HRu3o3B05iTKAMfEQRmsnABxPlxu0RvEVjoO5Rj5Z7dok_49r0rs6NXrGsOMah33nVNdRUqW3rmldzkUhXRBbb-cezAILTfir1q8Xe&sig=Cg0ArKJSzN9UKV5oy2WaEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 27 Dec 2022 12:10:27 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7FBD 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstWp7n2BtK6P3I4XVJ7E6gYQPmuYl2f2WjdsFF85-QGKfWtOuvU74pZRn-6Lx9KVEyE-uo_TwW5h2_B7BSO_HKUuo8Ig-olL16m1ZPICunzu2DNef9yDBEeqODUzVjA5v1j1e1JjqLXVBpAyWX0DV5YV5pn8rPU5DI6b991u-VDqTBQ0kLLlPjUX8vQgVORNfsbviY-y57M8VHM6bg9J58ustV2yj2mas1Q80Tn4jqmnzgw7p5uhbnXN74hAdxYLGCkhRZCDING_G5cVeIXAKFLzSfcB85XFp9FqtLavfLSZut8hNYwvMDRDALXpQYT0vMxVhbj&sai=AMfl-YTc6BDvAOvMJNxp605Q9jRr08V1laO7xoCCvHTdp7TvBTm_dc2sSMLHHASJ866ONLvB37VmkBBSkYAFbE9xUxcTEKRlXgwBBjP4m0ENpiDzD3fC98-Wnj8QiNX14RPk&sig=Cg0ArKJSzNUdRPVutA-_EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 27 Dec 2022 12:10:27 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 0968 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuE8wDeG64hI4-hjumI0KEDlHthHz1x6PAUArf_JvGwylbBc3h9UJacOfP9gZ_4fhmIK9G8nBNZoGufN_9QJ1H3lBkwA1FCNYd73mWIxHhov2czJA1OdsKBcuF0zwZE5UV_rchT_8GEWCLSDnSFtzKsZFugAzXbX1R4wda4KpYuFVT08eBsPc8MQYCC-Cgm4frBV9TXYSXyfHqE9LCXdiB4KoBYB3bYnmSM8ZNUfR_M837gouSKNzIIa4tCTqq8lZmOT1GWwXhIzBm3YA5PaCYsFJ2KGrNktGrk4GX7oh5itsAaNLPJi3ebN3lM64VLTTarDJS0&sai=AMfl-YRbwjJi_1Mf7EXHqZIgFmg1q16AX9lEFyvLFNgP6CyUWbTY9gMRbEfFdmoEOtyLpKYcytqG1k_-DK8KE5Z39fT1F7aN7STfoTT1NjQkcX9XUf90XRawNe-vFQUz4ocO&sig=Cg0ArKJSzAaDFTn60A4KEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:27 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 27 Dec 2022 12:10:27 GMT
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjoiNjE2MTg3MjA1NCIsImVidXkiOiIyOTYxNzg3MTgwIiwiZWFkdiI6IjQ3NzA3MTczMjYiLCJlY2lkIjoiMTM4NDE0NTM2OTIyIiwiZWVudiI6ImoiLCJlcGlkIjoiOTQxMjU1MzciLCJlc2lkIjoiOTMyMzgzNzcifQ&tv=js-3.0.146&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=18&tid=775daccd-109c-4e9c-a070-bead3c4599c3&pid=b6898986-e438-4688-961d-1fd20b11321c&dtm=1672143027742&qnm=_matherq&visible=1&tabid=6ca31d76-ee54-4a72-8f76-1b022d37408c&url=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Fnews%2Fduis-fall-48-in-sonoma-valley-in-2022%2F&vp=1600x1200&ds=4000x5872&tofa=1672143027&vid=1&lvidt=1672143027&duid=37ab921dfcbf0be0&fp=983239506&cid=ma16916&mrk=901956900
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.217.241.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-241-65.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Tue, 27 Dec 2022 12:10:27 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjoiNjE3OTM4OTg3NSIsImVidXkiOiIzMTIxNjM4MTQ0IiwiZWFkdiI6IjQ5MjAwODE1MzAiLCJlY2lkIjoiMTM4NDE3MTI1NDI1IiwiZWVudiI6ImoiLCJlcGlkIjoiOTQxMjU1MzciLCJlc2lkIjoiOTMyMzgzNzcifQ&tv=js-3.0.146&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=18&tid=b4681ef3-c20f-4763-af98-72fb62ff093e&pid=b6898986-e438-4688-961d-1fd20b11321c&dtm=1672143027798&qnm=_matherq&visible=1&tabid=6ca31d76-ee54-4a72-8f76-1b022d37408c&url=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Fnews%2Fduis-fall-48-in-sonoma-valley-in-2022%2F&vp=1600x1200&ds=4000x5872&tofa=1672143027&vid=1&lvidt=1672143027&duid=37ab921dfcbf0be0&fp=983239506&cid=ma16916&mrk=901956900
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.217.241.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-241-65.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Tue, 27 Dec 2022 12:10:28 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		23 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Fnews%2Fduis-fall-48-in-sonoma-valley-in-2022%2F&pid=XONpwVcKPOr4r&cb=7&ws=1600x1200&v=22.1213.2134&t=2000&slots=%5B%7B%22sd%22%3A%22ad-15-600x1-desktop%22%2C%22s%22%3A%5B%22600x1%22%5D%2C%22sn%22%3A%22%2F94238257%2Fsit%2Fnews%22%7D%5D&schain=1.0%2C1!yourbow.com%2C63%2C1%2C%2C%2C&pubid=db83f9c6-a698-4a6a-89fb-c29c85426748&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-150.fra56.r.cloudfront.net
Software
Server /
Resource Hash
8ec3cdfcdc79223ee04ed060812314854cb3b3d9d1914390c755934366fc3693
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:28 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 a2eae5bb517678c9d6b43a2731b4462e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
QTQSERFMX5RQDYVHMYEB
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.sonomanews.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
dzGa3CvnqgBt77YoboEPF1blQyj0cciD_Le11UsaCpzJMkvuxnw_tg==
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjoiNjE2MTYyNzQyMiIsImVidXkiOiIzMTEzMzQ4ODI5IiwiZWFkdiI6IjUyMzQ3MjcyNzUiLCJlY2lkIjoiMTM4NDE2NjMxNTA1IiwiZWVudiI6ImoiLCJlcGlkIjoiOTQxMjU1MzciLCJlc2lkIjoiOTMyMzgzNzcifQ&tv=js-3.0.146&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=18&tid=f85d87c2-4d01-4c60-80a9-d01a25ae5ae9&pid=b6898986-e438-4688-961d-1fd20b11321c&dtm=1672143027820&qnm=_matherq&visible=1&tabid=6ca31d76-ee54-4a72-8f76-1b022d37408c&url=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Fnews%2Fduis-fall-48-in-sonoma-valley-in-2022%2F&vp=1600x1200&ds=4000x5872&tofa=1672143027&vid=1&lvidt=1672143027&duid=37ab921dfcbf0be0&fp=983239506&cid=ma16916&mrk=901956900
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.217.241.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-241-65.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Tue, 27 Dec 2022 12:10:28 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.sonomanews.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.sonomanews.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		21 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2439481857926904&correlator=4021077079457870&eid=31071221&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=94238257%2Csit%2Cnews&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=600x1&ifi=8&adks=1999998100&didk=1393649194&sfv=1-0-40&prev_scp=loggedin%3Dfalse%26location%3Dsticky%26type%3Darticle%26amznbid%3D2%26amznp%3D2&eri=1&sc=1&cookie=ID%3D713d0f657e7a0d72%3AT%3D1672143026%3AS%3DALNI_MaLPmPqHFs2ujTX8YJdnJwsiQ4iOA&gpic=UID%3D00000b991ba12ed0%3AT%3D1672143026%3ART%3D1672143026%3AS%3DALNI_MamFbhrtnHwpZU_nAbnVEPMSVgApg&abxe=1&dt=1672143028340&lmt=1672143028&dlt=1672143024729&idt=1383&adxs=1500&adys=3147&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=5&ucis=8&oid=2&color_bg=FFFFFF&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Fnews%2Fduis-fall-48-in-sonoma-valley-in-2022%2F&frm=20&vis=1&psz=600x0&msz=0x0&fws=1152&ohw=0&psts=ACgb8tuRJQV3aL0wM5iAvTk_u1w1%2CACgb8tuRJQV3aL0wM5iAvTk_u1w1%2CACgb8tvTgdNoaf7ddce5acpAop1AOQhjHCcWSPIEBsGcyShVcqvkz6E3AnaQZca39r54aiXEc1nbFW7L7UtRWJvbLLo%2CACgb8tv6yOgAMVs6W9NFuYHsbGa55gpMOlrHjuSzke3VwdPA2bSbDPguAbfUVMcu0glWjLYLKaGF0rQaGM8Cqjkqo4k%2CACgb8tulr7_tU5DKxZT3YvvorEW2DnvMKJL1JeI02kpCkqzNFgPqHFubbSydzwHnuitQa0aeXXOJI_aGSFXE55wY838%2CACgb8tuep00PrqgnXY-3YWA_Bxt3xseh0PCSRtiYW7zX5QEkPcC5qHkDDJ1PAhf8VlMKWXV0zIOQ56SkoOIsCD5Ndq4%2CACgb8tvAF6HXfOCtygOD_HrcN-OEC8_IGnHdnyuT-zXnzEc9MzHYEFvttZkc4U791d1vxDZwPD0fFS24Zmpn4ceJIC4&ga_vid=594819456.1672143026&ga_sid=1672143027&ga_hid=318729312&ga_fc=true
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ee3dcafc7a01f3049a0a411a214704835273102e3c66f198640756f25d8506a7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:28 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9810
x-xss-protection
0
google-lineitem-id
5875170233
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138377472295
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sonomanews.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjoiNjEyNDc2ODI1OCIsImVidXkiOiIyOTg2MDAxNTA3IiwiZWFkdiI6IjU3NjQ2OTc3IiwiZWNpZCI6IjEzODQxNTE4OTE2NyIsImVlbnYiOiJqIiwiZXBpZCI6Ijk0MTI1NTM3IiwiZXNpZCI6IjkzMjM4Mzc3In0&tv=js-3.0.146&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=18&tid=a5756e7c-cd93-4123-b185-d9d9c11b8b93&pid=b6898986-e438-4688-961d-1fd20b11321c&dtm=1672143027840&qnm=_matherq&visible=1&tabid=6ca31d76-ee54-4a72-8f76-1b022d37408c&url=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Fnews%2Fduis-fall-48-in-sonoma-valley-in-2022%2F&vp=1600x1200&ds=4000x5872&tofa=1672143027&vid=1&lvidt=1672143027&duid=37ab921dfcbf0be0&fp=983239506&cid=ma16916&mrk=901956900
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.217.241.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-241-65.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Tue, 27 Dec 2022 12:10:28 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
view
securepubads.g.doubleclick.net/pcs/ Frame CA0A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssJXslOSI3cvStiY6Vdn0vS5TZqf88AW0iC7RHJ07WOEAHdneRQmVgpZpaoh3Ly4Ysc_I-SIowKeBsxr-sJ35C3MF7hhn6uE1zIC7YzysEh6sruyGhx29beyOFGIRTgclYUV49P3AnTvsEYOual1GuphA0qmaOQgcxoVRkicsYlzYbEL6mAZ_sUpUVLzKBtgFXtSCpVm-UNNcUkWx6hZb_YJS_Gfikd5e2Hp9qVuda71S3o80gMxgRLwMQ8zwQyRVrBjDvvoYwv3tvJDuE_GlsFOpvf8ngrkhINBWgefUwlZxtgnqzVA_kCzXxlQRlezA&sai=AMfl-YSyD1bOgEboBmyJ2h5psP_ngpfA9GGROnZR8Z4Bzpm8WmDQKB1K1ymUj6v7rUwzYaTRpMKl9MOCgMLcd0-roWtoDgZxkElBQaMqJQVwvcASztjjjq_X5AF4w_8oZG4b&sig=Cg0ArKJSzIcelkxjLiHJEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
b71320bf-a887-4bbf-b977-d585281f3ce6
player.ex.co/renderer/ Frame CA0A 		194 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.ex.co/renderer/b71320bf-a887-4bbf-b977-d585281f3ce6
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
9052c0e0c63c317746b7c22b63f2871b2273e727c6cb1934c108fa2f4e5e488e
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 27 Dec 2022 12:10:28 GMT
via
1.1 varnish, 1.1 varnish
age
48
x-cache
HIT, HIT
content-length
69107
x-served-by
cache-iad-kiad7000054-IAD, cache-hhn-etou8220033-HHN
server
nginx
x-timer
S1672143029.515134,VS0,VE1
etag
W/"30861-Nh+ZFxAGgBnpLrZRFGUC3Q3ynQ8"
access-control-max-age
600
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
vary
Accept-Encoding, x-pb-country, x-pb-connection, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-bot-name, x-pb-is-bot, x-pb-country, x-pb-connection, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-bot-name, x-pb-is-bot
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Content-Type
x-cache-hits
1, 1
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame CA0A 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 27 Dec 2022 12:10:28 GMT
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pv&page=DUIs%20fall%2048%25%20in%20Sonoma%20Valley%20in%202022&wrdcnt=519&sec=news&pubname=The%20Sonoma%20Index-Tribune&paracnt=16&ptype=article&metered=1&hier=news&cms=Naviga%20Web&chrcnt=3646&auth=CHASE%20HUNTER&artupt=1662401163&arttype=article&artsrc=INDEX-TRIBUNE%20STAFF%20WRITER&artpubt=1662217200&artid=13046a4e-b254-47f3-b6f2-0da1ab0223fe&tv=js-3.0.146&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=18&tid=0b61ee0c-42fa-4c06-b1e7-3d1ac84c5570&pid=b6898986-e438-4688-961d-1fd20b11321c&dtm=1672143027938&qnm=_matherq&visible=1&tabid=6ca31d76-ee54-4a72-8f76-1b022d37408c&url=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Fnews%2Fduis-fall-48-in-sonoma-valley-in-2022%2F&vp=1600x1200&ds=4000x5872&tofa=1672143027&vid=1&lvidt=1672143027&duid=37ab921dfcbf0be0&fp=983239506&cid=ma16916&mrk=901956900&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTY3MjE0MzAyMzEzNyIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiI2OG1iIiwiaGVhcFQiOiI4MS40bWIiLCJmc3RQYWludCI6IjIyNzEiLCJmZXRjaFMiOiIwIiwiZG9tYWluUyI6IjEiLCJkb21haW5FIjoiOTIiLCJjb25uUyI6IjkyIiwiY29ubkUiOiIxMjYiLCJzc2xTIjoiMTA1IiwicmVxdVMiOiIxMjYiLCJyZXNwUyI6IjE1NzkiLCJyZXNwRSI6IjE2MTIiLCJkb21Mb2FkIjoiMTU5MiIsImRvbUludGVyIjoiMjUzMyIsImRvbUxvYWRTIjoiMjcwMSIsImRvbUxvYWRFIjoiMjcyMCJ9LCJpZGVudGl0aWVzIjpbeyJ0eXBlIjoiZ2EiLCJpZCI6IjU5NDgxOTQ1NiIsInJlZlRpbWUiOiIxNjcyMTQzMDI3OTM3In1dLCJjYXRlZ29yeSI6eyJjYXRlZ29yaWVzIjpbWyJuZXdzIl1dfSwiYXVkaWVuY2UiOlt7InByb3ZpZGVyIjoidXNlckRCIiwic2VnbWVudHMiOlsiTUFUSEVSX1UySV9GSVJTVFRJTUVfMjAyMDA1MjIiLCJNQVRIRVJfVTlJX1JFR01FVDNfMjAyMTEwMDEiXSwicGFnZUlkIjoiYjY4OTg5ODYtZTQzOC00Njg4LTk2MWQtMWZkMjBiMTEzMjFjIn0seyJwcm92aWRlciI6ImlTZWdzIiwic2VnbWVudHMiOlsiTUFUSEVSX1UySV9GSVJTVFRJTUVfMjAyMDA1MjIiLCJNQVRIRVJfVTlJX1JFR01FVDNfMjAyMTEwMDEiXSwicGFnZUlkIjoiYjY4OTg5ODYtZTQzOC00Njg4LTk2MWQtMWZkMjBiMTEzMjFjIn1dfQ
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.217.241.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-241-65.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Tue, 27 Dec 2022 12:10:28 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
events
prd-collector-anon.ex.co/main/ Frame CA0A 		0
139 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/renderer/b71320bf-a887-4bbf-b977-d585281f3ce6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.2.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-2-157.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.sonomanews.com
date
Tue, 27 Dec 2022 12:10:28 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
b71320bf-a887-4bbf-b977-d585281f3ce6
player.ex.co/player/ 		1 MB
337 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.ex.co/player/b71320bf-a887-4bbf-b977-d585281f3ce6?passToSdk=true
Requested by
Host: player.ex.co
URL: https://player.ex.co/renderer/b71320bf-a887-4bbf-b977-d585281f3ce6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.130.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
67f453427ea9d89fbd3fabdd7e115bb4eb194912e8a914c71ddd289db8db253c
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Tue, 27 Dec 2022 12:10:28 GMT
via
1.1 varnish, 1.1 varnish
age
48
x-cache
MISS, HIT
content-length
345141
x-served-by
cache-iad-kiad7000047-IAD, cache-hhn-etou8220033-HHN
server
nginx
x-timer
S1672143029.576046,VS0,VE2
etag
W/"10ab0f-P7LveQtw9YFL9c6qd2WapDVDPLw"
access-control-max-age
600
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
vary
Accept-Encoding, x-pb-country, x-pb-connection, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-bot-name, x-pb-is-bot, x-pb-country, x-pb-connection, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-bot-name, x-pb-is-bot
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Content-Type
x-cache-hits
0, 1
truncated
/ Frame CA0A 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3ca9224ed2f66608c770355b1177767c911e6b6ba02d5bdcb2de60ccf348cdbf

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame CA0A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuBVlyMdv3xo2-ne3O-X2Nh3BiwybFohmEJ0C20ATVIFi5ROLPFSdjKrkjjrYNRSchG6u_aldy-IEb5EAg-87Bb9LmIdM20x62917FDPKBL7VIjtToq2gDm6JWEg0tkYHIRNXKwWCuvcm5tBenW0VSRmOWau2b_FbUbEIuSrxRjCACKdylWtYQuSHkG3WKXBYRB8PwbMTlAebf_QalEours8q0WJJ9fByOF2klk8xJzbJOf2_hvLzwbXzGkKhtpzH2m_NF5oAOC_Zo0bYx33_7mBHAggLSiUOmSrUB_bVN8iObrw9mbXgw8AmlKnhxwb1pO&sai=AMfl-YTLoKWDch7yEzHCuJxIsRPcSX7mKe5I_RhkoaRwjSnQbXQHBot_QudpS3zq910K26UFSJjQZZv3TJmwyy0mYJK25QBPpx6sjSORDyl6Bl3O7DyarZzN3DR3CixefOzR&sig=Cg0ArKJSzOLi9Pd1H5yWEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:28 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 27 Dec 2022 12:10:28 GMT
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjoiNTg3NTE3MDIzMyIsImVidXkiOiIyODIxNDE0MjEyIiwiZWFkdiI6IjQ5NTIzMjI4ODUiLCJlY2lkIjoiMTM4Mzc3NDcyMjk1IiwiZWVudiI6ImoiLCJlcGlkIjoiOTQxMjU1MzciLCJlc2lkIjoiOTMyMzgzNzcifQ&tv=js-3.0.146&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=18&tid=be921d5b-3f79-4683-a905-f8b74d61a351&pid=b6898986-e438-4688-961d-1fd20b11321c&dtm=1672143028600&qnm=_matherq&visible=1&tabid=6ca31d76-ee54-4a72-8f76-1b022d37408c&url=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Fnews%2Fduis-fall-48-in-sonoma-valley-in-2022%2F&vp=1600x1200&ds=4000x5910&tofa=1672143027&vid=1&lvidt=1672143027&duid=37ab921dfcbf0be0&fp=983239506&cid=ma16916&mrk=901956900
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.217.241.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-241-65.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Tue, 27 Dec 2022 12:10:28 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
events
prd-collector-anon.ex.co/main/ 		0
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.2.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-2-157.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.sonomanews.com
date
Tue, 27 Dec 2022 12:10:28 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
css2
fonts.googleapis.com/ 		2 KB
552 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto&display=swap
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
df3ba57c1234e50c05735a0dedc033f43d5e638a97d5c51583cac8411d2ea34f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 27 Dec 2022 12:10:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Tue, 27 Dec 2022 10:53:02 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 27 Dec 2022 12:10:28 GMT
player.js
p.channelexco.com/player/ 		37 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.channelexco.com/player/player.js?pv=117.25&p=1380393729&ni=1340160700&ui=5fpo92vhiqm3kcgt&cb=9d05b598-de08-41df-8f0f-ddbb7c6dd09d&d=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Fnews%2Fduis-fall-48-in-sonoma-valley-in-2022%2F&schain=1.0,1!playbuzz.com,0016M00002HONu5QAH,1,,,www.sonomanews.com&w=600&h=337.5&asr=1&impDetail=1&auction=1&auctionFast=5&publisherType=publisher&puid=1a1af74f-b522-4181-9867-0b49a445e10f&geo=DE&browser=chrome&os=windows&jsv=false&gdpr=-GPV_GDPR-&gdpr_consent=-GPV_GDPR_CONSENT-&us_privacy=-GPV_US_PRIVACY-&isAmp=false&rv=true&device=desktop&sid=&sid2=dfp&upx=1
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/b71320bf-a887-4bbf-b977-d585281f3ce6?passToSdk=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.59.1.119 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
openresty /
Resource Hash
be031cd68886a88670791482517174a107e3c65c3a757acf9a2a84a404afad0d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type
application/x-javascript
date
Tue, 27 Dec 2022 12:10:29 GMT
cache-control
no-cache
content-encoding
gzip
server
openresty
vary
Accept-Encoding
expires
Tue, 27 Dec 2022 12:10:28 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.sonomanews.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 19:33:00 GMT
x-content-type-options
nosniff
age
491848
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 21 Dec 2023 19:33:00 GMT
d
gpv.ex.co/player/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gpv.ex.co/player/d?v=2&b={%22pageLoadUid%22:%221a%C4%90f74f-b522-4181-9867-0b49a445e10f%22,%22country%C4%8D%22DE%C4%B3%22browser%C4%BDch%C5%84me%C5%81os%C4%BDwind%C5%85%C5%92%C4%B4networkI%C4%8C:1340160700%C4%B4hu%C4%8D%C4%BAue%C4%B4p%C4%8D%C5%A580393729%C4%B4%C5%A3%22https://w%C6%8D.sonoma%C5%9B%C5%86.%C4%B6m/article/%C6%96s/duis-fall%C4%9C8-%C5%95-%C6%90%C6%92%C6%94-v%C6%AD%C6%A1y%C6%B2n-20%C4%9A/%C5%81u%C5%87r%C5%A2%C4%BD5fpo92vhiqm3kcgt%22}
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/b71320bf-a887-4bbf-b977-d585281f3ce6?passToSdk=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.87.52.15 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-87-52-15.compute-1.amazonaws.com
Software
/
Resource Hash
acc64b45fb3dee8f3ed91cf992a50730cb27178e6c65d50adf47c19ad2a66540
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:29 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
etag
W/"69f-ObR2J5jLCCuGeBT/kr/oDg"
access-control-max-age
600
access-control-allow-methods
GET, POST, PUT, DELETE
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Accept, Authorization, Content-Type
content-length
1695
sodar
pagead2.googlesyndication.com/getconfig/ 		14 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022120501&st=env
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6021c4933bd2033d90422864eb82293481f1fc73e8b170f991dd89d4afb9f3ba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:29 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11052
x-xss-protection
0
track
dc.services.visualstudio.com/v2/ 		415 B
600 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.106.89 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
feb16b2155b0e928d6b042e2f51bdae41580afd66888402dc1ec151cea6690d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
accept-language
de-DE,de;q=0.9
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
A316495D-E49C-4A71-A350-624D6F72F81A
strict-transport-security
max-age=31536000
date
Tue, 27 Dec 2022 12:10:28 GMT
x-content-type-options
nosniff
access-control-max-age
3600
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length
415
track
dc.services.visualstudio.com/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.106.89 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://www.sonomanews.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
date
Tue, 27 Dec 2022 12:10:28 GMT
x-content-type-options
nosniff
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:29 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 27 Dec 2022 12:10:29 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B814 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
556316
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Wed, 21 Dec 2022 01:38:33 GMT
expires
Thu, 21 Dec 2023 01:38:33 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 8C1E 		783 B
535 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
f0ff4761804a5ca71284715d263a7f422391c77f06c29d3b123124ce7ada024e
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-5K67b9m9qxJhs13lrs7sOA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
private, max-age=300
content-encoding
gzip
content-length
513
content-security-policy
script-src 'report-sample' 'nonce-5K67b9m9qxJhs13lrs7sOA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Tue, 27 Dec 2022 12:10:29 GMT
expires
Tue, 27 Dec 2022 12:10:29 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js
pagead2.googlesyndication.com/bg/ Frame B814 		36 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/GC5M5N_VN3lVd7ErmxmldCKoshgV9d2S74rLP9hyoZw.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
182e4ce4dfd537795577b12b9b19a57422a8b21815f5dd92ef8acb3fd872a19c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Wed, 21 Dec 2022 01:38:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
556316
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16025
x-xss-protection
0
last-modified
Mon, 05 Dec 2022 17:18:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Thu, 21 Dec 2023 01:38:33 GMT
sodar
pagead2.googlesyndication.com/pagead/ Frame 8C1E 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022120501&jk=2439481857926904&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
starti
s-23.channelexco.com/ppx/ 		0
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-23.channelexco.com/ppx/starti?sid=&domain=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Fnews%2Fduis-fall-48-in-sonoma-valley-in-2022%2F&se=0cbae507-af91-45c7-b28d-39a534c8405e&pv=117.25&dd=www.sonomanews.com&sa=shd&s=0.5&p=1380393729&cb=1672143029665
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.59.1.119 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 12:10:29 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
server
openresty
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
405 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
f2899f91dc32f3faf99899fcbb754711dc57aca020fd693ed722ccadb073f8ab
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sonomanews.com
date
Tue, 27 Dec 2022 12:10:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
v1
lbs.eu-1-id5-sync.com/lbs/ 		54 B
233 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lbs.eu-1-id5-sync.com/lbs/v1
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2001:41d0:701:1000::31d2 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
04e9fca2ec42f21f7fc23df6f5e7b0fbb4a087d9087bfbb0c7678c5abaac734c

Request headers

Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sonomanews.com
date
Tue, 27 Dec 2022 12:10:29 GMT
content-length
54
vary
Origin
content-type
application/json
1235.json
id5-sync.com/g/v2/ 		216 B
628 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/1235.json
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
a0d4bba6850fb08f6a937b0ab60f7dba7def3dcc0205f5dfeb16db4393005d30
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sonomanews.com
date
Tue, 27 Dec 2022 12:10:29 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
hls.min.js
cdn.ex.co/player/hls/ 		247 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ex.co/player/hls/hls.min.js
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/b71320bf-a887-4bbf-b977-d585281f3ce6?passToSdk=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.101.23.91 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-23-91.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
87bdf34d158b451ca6e6113760d8f959d43ad17373c7ac0aa70b6789f21a26b8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:29 GMT
content-encoding
gzip
content-length
72020
last-modified
Wed, 08 Jun 2022 07:43:05 GMT
server
AmazonS3
etag
"e09058f03d6f30d32f677a963cc1572b"
vary
Accept-Encoding
access-control-max-age
86400
access-control-allow-methods
GET,POST
access-control-allow-origin
*
content-type
application/javascript
cache-control
max-age=604800
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Tue, 03 Jan 2023 12:10:29 GMT
rtb_vast_proxy
p.channelexco.com/ 		60 B
439 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.channelexco.com/rtb_vast_proxy?ap_size=3032&ap=Sy53bDc8XUlyTGhwJ3dpdz55OUXS1bjq3RZr9W4qWQ2cvO_BwPK2mLUOMnyAMllfLi3kgFyEekB2ACiKxP6nlWoO-wiE6kBBRfHwT2XLUgvm89hx5KmJTqUao1__k5H_ji1fQLYdDDnq_YGGP9tlnP2KItqaf7qqPoZgfSmn4a10rPYBwtp1fNMvnChT5LBIqJroDZBYa5xpywBsdcVDa6Y8pAIb9jQPVG4wrnuF8kBbBSzvbRPfqiPOUHa77L84tdZe9f9DsrQDFEYI2hIPD8PiJ8c8CADiIWeaVv8fMaJUj_M4tlLhn7uVkGap95pd6x3tHwYrl6OXDAw5_uuMfAA8hSdmCBV2Fh32H4KvNtjSImn8c6xkddX1Cty5INMmVtCXWAYj85oiIT_UxQEaaanYsAVQHsaSNSjXYni75Ztxuv34DC9EoCTnvvNWtwXd3DpvmoevUX2FacNfN1is06Nt7QgkX4YMm6CKiMWm0WCfp0LOBDJNRDMJpZgV9FHFKrhtxodPZQ2Bknk-1EP0jwCdvxkHKgG7QoT5-KAjE21Ko3_h4e1WPwI3uHT934ov4LH-V6hW8ieUbz4HLtSLPyui2mmqivMH7GOFrIQrGLbBwSUndJPM6a-ZsKVY8SxfhXA7h40AErT5WeuS756QHhnUZ81JX8Go6awwpNWAwMoRfW98I4-ZVrvENJapmFoUkPSlH-u2w__kAHxZee4gLmndFUwSzPflbKEu1VwIMxHMH0QOnFVgWh2FAHnDaUzjXLUMcfWF-LNso-1-Rrs-_9pTDg6g7f4LiCANLt5PAd3Jt4m4cljtW0Hm6p3DRALYK5Ii8rciknmxPi_8x_kY2nhzA8ijH1XP1y8NYlyiJQ9Cu6GTHgmXVcA3NlfEc3SNgNfsNMaHbewfZ9xkPoMREZmqJIb8F3Ov3mMYSAW09750FhYXv_uYFxF3PGCD8yhWO_imBU13e43rFO_dLrOvrtc5tXOdc3ncngrsy2pW_irKRnACr4q6ji4SR-CeB3eRzwQLyGy357xgYJlrXOw8xaWalMvnXB42Ibfe5cykssK6nqr04T_kO1DS3S6uyou9I55-p-baTH5cJs8NeoMMzApPnlrt0KgFUl_RajY6wmth8bEPt3zta-2Og-XIzodB9eA9-PvnuCTZnzjQzk27ci80Iii21ArupLAuU7GAdx7LdnVhq49SdDd-OCdRMKEvCkywe2aSrnm4rxvGzpxVk-CEEUZGRHof85GlBe-153z42D3NzIlskI-F9EOOHXfkLMDfuCECAjprk2KKzGqRc9k06kIp45BAbNAOreGrJaWDawqVT_Una1imIToLJwZ-KueW9MQ6dAJNx9FlUh52QD3FfN7mhVFZlnv_AJIqGvrC0KMhawo8zCWEh8Afa2vBQSSoKuVdUw3iM_mK1i5rAg41FykSlVCQ6PYt-uVvGHSaTgJWv_te4ebPhyzl3jc3OLZXlcUnK1CTTQV2EIYq9b1TCuSi-ZUtNRpMoxq22GWiVhbGKMQO60O2L3-w0K6NLAUVdAoryB5O6ro0M0ECb6B13Ve5Kf9mpaI6vZ9QRy2eK3WB6u_ofybeXaHZ3Wuk6j_Rkf7jym-BXlsV3Dg9FyLfnw03TfhcnxBEXGrd6yxRZKVCofj40MPLypvYTI04Ji3hmDq7B-63gfsT5eBejgitEig1oLtaVB_Il-4gcr6MJvAp95TYjCQpC-WNxG0u9HJw8qAIxNbcre8dWlap2mPXB_EhzQcNWbI1meCCO4rn9d8EsiPU5yuzgg-oskbagD93KDgGdQF2qRSDkve-jrHNcr-88f_wAn_pUjUEXicsGoTDS5digRRnDkdEsjp82Et10InitW8VgWkfxreCozemEnYwDsi75vtT9EBWb_dTX4g2pNydZB3aGm6lgf2Vx3KATdN_ldIJ355ok4a9hsmFgx_ChwCF7LhciPj39IlHQdNkVLswig3sua_mIMreXVGacEVVN9eMHcM3bjEXGKkspNUUr5lcpwnNH47cqhJvQG58MUDXByCsrcHGtMJ7Q0Bk9aUaSaiMUkNxO439JOXy2c-rh1Dsgyku5L5mMWLkKsXXib_KLEq9Iilz0VyFt3sviH4kk7JrPaMgbozB-K6peBAs6RRaNIraCr7wL6spZ1XkrygGry4bVai6KydbWXDMcf1OchXRTrJOT4O0Bd5dGs1h9TWILT_Key63qP2RBOhjlBDve61ONQlx7PdLHEUW7O-VPWO05eUJMdkmiBq-QOJhyIMBKV7Hd4tKseASFmj-nwC-yMaggxRI2Y6I7h7QqXskG7Lj14nfBUtueZu1TIInIHr0RO2_-eOngL2oPWsE6wd9HxUeXeX6kGWL1FZe1hHTz4f0nSjEXc-md7S1uhg6hXfoS-l3EtUves5mHpD6ck1UUKnFeT-G2Ds5H5gYGJJkl6xIqFOBNMOzx9n94JrR-mwbEnj5zF1NcCI9opFXmZKiwpTfqx1V4Z_Vozya-URZ-5RyrMwQatRBp55esbczi15h7n4Bs_Fhnpk_98elwOPm1Q-hQgzrRWCLqHYH5KuoRK7NgGlDMkTC5DBDNKk4KkNSgNG6blb88Wa94uHSrjOcjhCtYp2prde_kC1h5AAbYc0kK5Oz_g2DdsgP2ullk8csg23McIm6eyzz-3B05rBSQbKrrW8zs6rtIiBanYqt1Ht3hLGfMhvS4jFhyn27EoZT6M7RfDunbSep6HQ_ifbi_O8dE7vx5nsRwZ6skTsc0FLF4aWaAhke0Oz1zKf5L_a8NXl1L1f98Ia7kLB9u1Nb4TpdCM0I2yWYpbkm1VyluB37T0VaUED2SoLqm8hno5-FzXPD1Sdn0H3mFzrJZ_77rEB53lE_QmO6xegyRKBiYiAC9vBN13N1EeylRkb6RAi5DbogFpMu8oZ4flISeZxpyp6VdkPhSKdJjv3Una_CIy_zLFn9aVzqkcbBDVAXCS3flaR_a7dyrNI8xcYjeiO0eMuqrdNFzsQGtvH3htLR8YeONZ9H0JFK5Q~~
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.59.1.119 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
openresty /
Resource Hash
696ee2ff10f4d06272e23a40622ce122854f2f6bf39a7166179b79b78cdf9285

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 12:10:29 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/xml;charset=UTF-8
access-control-allow-origin
https://www.sonomanews.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
0
events
prd-collector-anon.ex.co/main/ 		0
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.2.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-2-157.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.sonomanews.com
date
Tue, 27 Dec 2022 12:10:29 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
landscape70bb198a-2a02-43ab-8086-d7253c1c691f_1672102305253.jpg
mcd.ex.co/video/upload/so_4/v1490095101/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mcd.ex.co/video/upload/so_4/v1490095101/landscape70bb198a-2a02-43ab-8086-d7253c1c691f_1672102305253.jpg
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.23.88 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-23-88.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
b3eadee87e4bd515ddb5680318df4066f5f84dd323ce48766cce6364cef65869

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 12:10:29 GMT
Cache-Tag
190331882429299698350243005207431615342,500985839247587350039760902055362878337,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Connection
keep-alive
Content-Length
28198
X-Served-By
cache-iad-kiad7000085-IAD
Last-Modified
Tue, 27 Dec 2022 00:53:17 GMT
Server
cloudinary
X-Timer
S1672120699.569865,VS0,VE1
ETag
"84c19910ff61d6f9280a8adc08b19651"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31535205
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
rtb_vast_proxy
p.channelexco.com/ 		60 B
439 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.channelexco.com/rtb_vast_proxy?ap_size=3008&ap=MD4uTHA_fllBTGImLWEvK-8fBzpwNaoeiIoXhbXClosq0K58jTB7ctFC3fsqsXM33dk6IlajZREoqu7yiFgSxteIGuoNREkVOvgR6LmNF74q-BBBHJ-IvthsX5W34caaJ21458rIk68zlde5xOfT7-VKR0qSbLiPrQNsG-isoG7ulBukLfU96bVleJ061KBaE5SXW8KigQgaX57UYY4cmsKjeSAcC8onk52m5-z53pR9Q-ghyOzhD9lOxa3C4m7Itqgd8Nq4VaGXna4GyNAT-1U6v440nAbXj5rUwwNKtnGjsHhM7dG4vE25V7n9fiVFle5v5Nd0lYsYkQjjx5BVpJ0bu0sylVQD_zlGt0t2KHYDWOQNOJ0wCY6736qx9fr36rYPV4jpaaUZnWJj_M5UsHXGG2nFieLvuUDwTelvPtKvMJrdVVNrQ--cECpFZlHL3H9OuuNAvwyndhAlKKWdVe73TtpE3-C19Z1IAzqLX0CJFbmAxI3B9r-egQLeFwMQV5mIuG32Kua3CiR4Xbhd5strLEVOP4ymiVa8aFGyphq-YIW1P7VIkNg5zWKHc9c26ALz2SSj2FVBvssfzYMiHG2_sDZy2vAmQrflH2XYXQttKWF0dHlgZkv4FgDixyaJXBRjVrjwKjy8b_DqNW1CCs0uJAQx0QPNSa3_g5Yo84yydCEKOgbvwtOLWYVMceg45RDKwSZhUroKt8F3QWu40f2Esrk7BMJG2cD6Y6Y49InO8olZdf9QpF-Y914bYsn2FOfSWnc4_zfif871DpzNTpL6GpZ7kp9gJ8ty36pJU5gzQq5jSuqy8MYgrGAiO7V5tGIqnLRYUGm3iYANJE7HZeeZgeGdD-g7faClFK0L3mzl-lWEDmywnczgZZj_eIuRFCQuL72dCsEWuZPDWWbEZ4aPHlX5-pGls443l2oR0i6SXZ_Pe6Wm43EX75FpZFizbUixzIAPA50JxZnSLjzfD23j1yBSQwWURd2NwGsCMXv1nxNcuBGyq94Z8qdVfCUMAFzj2ZeV16oDzwbxBpKANMTrixeOBZGl7GBJKU_GfyNlHQP87Q_wm0R-qX51zaI7fTrtMwEV5P0trgGoQt7ogOM3yK025rxLOnEsuDUcbI-J0flymnj6xK9tbMhmN5DMbtf7e4Of_inFtOu4iLLQAbjvW7cL9yhV2TF_SOAobMpmQaaGpSXDNXe3c7H_Lgh829x2w8nFGoZQK7dBKOfKJ5pBoKaGx5rJMEmG1_zWNKUWYInWoOjpIFeDuReUEAfANtCboVmygPMG45DeMDDgNs_kOh3Ij2H3DMGgFb_bI9SKg520xTppE6Q5IvhRuBQ0doZVSizG0A5aT1yIEPfQvSNneQNiR6Mn0rFHoAt3Kh1dz8kbpa4UZOO9KJSfFsGLxWqS8m67Z1E2EWjVL-EGqUoj2MLQbz1Qv50aBp5OxaEpQAPeTtYf30LZIjlxxODnJFxgS3CWUs0WbNRLF0x6F_G0GzzXb-wOWhBrKy5OM7TC3akqLwnO1rlI-ga47VKegDLkDF1kwcdZYRE7GE8FjjcSFai1pGeFHvhI6xm48-IlWWfWsztrxBE0FMEGciVz05SoV9z_TzS0Vg-sSUQ2gUPEMnlV8209shEO5P2tlmxzfiZ4nPpYt4mjy9MkW3MbZLrltPYzIhHiHB2hirzVEm8u105_S8tZ6uxYwUzDHBGW8u9MPtI12iph_zX3JL0xPOyuYcFcwJdQ8VtLnRU6acDGmqrWJmVwJuaU5M3OqdcOgsrfLqKJz_wU7uszZWyXDy29nUVShVSwMUUo-l6PbTfgV6z-X-oCiWQYCzkLkiWZiNbGENXJfwRPTwMjT7XXV7nIoegjcbE4G5tg4INcP4Y_B8AyIqFLk_wPkfGdi_GeoZpcMXta9lLa5q-IWWiwIiUL5bF5Lne7ymRc9_lJCV8KYd-5tpN5LnvYSKO0YiVAl5jVMJrRCn6YvMEBXSgfO5JZ1hlmThfUZGoUYgce2H6HKFPUS9x2RRT5sl-ok35EAyQr9obEOT7AP7RYyKZOp6YzwvMrsuoPpFvzQH_1fE3Ap80idjQ_aCY5HupobcqxQ52kTYWMZxoKmzRXwvVVh37bPKSSLRvJ7dlYZaj40clyYprsvwtNaTd3SH8QSkwfeoEv4Ju0TpFmBE-eaLggWMY-3sE9eBGOvq1K2JUorR9Xr8VcQNl3xLX4lu3CzhzPwfolabypmdi2zSH5vZ0krPKFe4Yas5_S9imT6Ji766EdQHVXj9XwDF42Rt2Q4pn_vkuDCzLZAKCgritYdW04Nxr5ybj6v01NjkOL1dW3TVnLCF4bDeEUUKeMvFu90XtKJm0SxvHFvdP_Dk3gxQkSZqL66eYt3TCy23_kp4iWbR7Oam1IaLHZ0xdZPPjkHXcyP7ZVaaeyCgJEtf-wk_6jRrpIXa2x1HkfIq8J3P1RSRllT4Bf3vhyx7NmWa-yHSv_zlX87F4Rgq-ehNAeH0rE1UzE-yZwRyfO_oF5eAxqgSm5wfCA-mxckCsu9h_Hbuy4Z2jBEQfk-AkAA9hVjTgnBmidHBrG6lm0c4PdIMIQFTAK63K-BgS0dLpffgfniZc28rvxjHewxNYGRewLmq6RvBI5GMPv39Q4DqIN-zfj7DrYmoUDlajJffy-K-6IpfOg3Wp24ZXtKHfeFEkRf-Fg4Ym8tFin-7zvnlP__JL33B1BCuangLVjgga-mXA_CSzfcbBgJg9NyzbFoiJnOqi-ppzkcrRlgkjGau4qlxerJys4ppn9Tlg4kmUHO9NjU2-baV3kK7veJjTvTQk5FNvwGympvsCk_z7vr3xgfRcWwDZYohXRf_6FKNQK62TmrBnoLW9APY97OptPUaZhcoE25q9-D8z7GSHdwgE7f6TV0IY5u0ARrHEZwclEhlE3U-LkeGj33iCFJP5hBkcZi-Kn5BZCO3ibFxJuaG7NLMMSCjagIz_r8t5PzjyITYtSrgbb0l-R1hvPL7mjF-qU-FHh
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.59.1.119 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
openresty /
Resource Hash
696ee2ff10f4d06272e23a40622ce122854f2f6bf39a7166179b79b78cdf9285

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 12:10:29 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/xml;charset=UTF-8
access-control-allow-origin
https://www.sonomanews.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
0
rtb_vast_proxy
p.channelexco.com/ 		60 B
439 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.channelexco.com/rtb_vast_proxy?ap_size=3032&ap=UWUsVTNwQWVUNT5xNXlNW3pAb1rxuOzy4PIvs1ilPWnRkC44n0O_XUUcmPWe2o2HFPAvO_DuFFJ8Rx04dPdIKJ_oYBzHa_QKce2Za4VNQLylOjq-Y1i6Q0z9omCTdWiPRZK-fn92g2PI8Qp_G_I7VheCslWGwYy9Nyj7OLMVFC0SB8BHFzpkqnBUAjll1OvSsikyrtU-pDplaR9eNt4Eeksx5cS_gT3dNRqUISKmIMTPTjuoxhMXaZZr-7_9BE5vnHjvespA2-cvmvb5kYVEn8Hg0FNuMH7Rxm8euleKo1JGtdRK3xyxixsjVrIkfn2Ajukzf8_8NHafXf7ySjnzi0n4PcSTkECjXh9TXolZToseqx0xeXPpdtLgVWKobj_-XyECdQM037NXHHdDzT59zc7FEc7dkjsy_CSgNHIguhv0Up0775XL4mfxvM0rriSM4_m3o6t01QY_57oH-clRx1bA35si3hBWaW782gJBha5a4DCU5evC9DS9vTpJIZ9HpvlN3Gwd4RFaRAf3O_sqlX-whfABi4DlD7JQlYvOhJP4eLMIKNn4RgF0zVutT51hXOlP4qWRsI1AzvynBNswJvW4kWlbvEtncJl6mbCtbuhsadDDgBYHM0I82LNUGZdtHBqZBQyFuo2hJHHrdAePgFLf02nLubXQuYrUKtlpbnwz0vh6Ne05fTrzfkwcMVAAH99DjWUj9JdEmqFL60302vIiJfwnvZvSNArj_W5jVTJDQvHo7psSlOJuiQNzXb3ZdUyTgGr97gDlbpFBHNG9224sY8CiFjYXecttzz3xtYcTVfvA6wIztqgphC2vbyXkQewpq-VgOMF1DRbuuJKrW3M6lhopi0axZofi1rJ9YLURzhdP0bmejYPwRAoyuX06ef6HwEGjYLQVAkayYiqt3qzzGbff4KDrw7RqNl0kjWhuf_-fInr4pLzqkIRPA2D1g5htx8wo0ijCMzbpanVvX-pxmsC9WpOSGPpQXDmo_IwIeaOOaukZVH0yvSmaVzAPRDjxeXQ1w-AJ_NeQfoUOHC1m_YFn5ZNvQ9YIuAQLeadrfwubviL_gtr7i6dAgXUYbvVhjZaL9I23U-by6xbBX4PAEK8moA7opgp5DgpRlUxiwBkeRu6EAQXndK7QAklDPMLyh8VuSqYHdqFEvSYTixwMne_NOtSHWXmHiO0uRBtHZhZ5fc78_pGSwJOS80zQUYvVnO_z5L6HbRO4DJeH8JEdc92BI-Wqp2RtAJxT138w6QL-OM8Op9vIU899gNKJROTN5xDVc36A29cC3SMN2tv8OSiwBm9nk3lSkbA88WHPEP-h31apUH9VTag_aXElLHwQ5xzJ9KrFW7uBB3yUmx6f5HQNKEuh22M3WDbmvfMDxUH2-27FOsAEDPvK6KnEgir8BwMKLE32M54cE_mRUbWS6wdxtE6zUHxSRwo5gbvpE7TJFNJ7xlaDCzLWmJeVK2_xpu_neGrrzc8JMIxhiRBElw7MI2WeDRuYC54HU8w2Bd4w2NVTOFHu1NJ4cfGgR-lIbyJNi5rjTq_3su5cIU78Rjp3CrNk8-cw2qgGsBsr9EmKZLYmBkYxx46J8DNSWAghTjU_crtFrxDgGCxWu9EicjJoBHGUnu1ObNLawBZQVRleZkl3vEtyr03en-_liafY5UFcKCj3tK9qUCVT9SXbRbw1BUoGQXk0WVI0ZZXFyQ1RcMA_VeLNlWrEXwOuycMFxXJhics_nULelZzvsNOrs9gV9RDfAcYiZW4Bj4oKjLclnxrMt0TkOoIU2cZyMBnDn0BCnLp33aLHFtEfpUvLETpx2skcOsnU-8QNMYQlHgkbUoViSPdqnNlCrLvlDNnyLtvsyJcddxQANJVdNaCrxbCX_QrXp3-YvTHJ5ISMXOxR9-4AnEkzaROYoWGNSv_U7Cj4UezHhGlH6yHtfZ8nVUqu2jSKREFgpKrS7izGOznA9oXblcZX7Ca-ipdTlTX6hEtBAim5auu1d-8DGZnQmjPa8sd3cNELb8AoEy8O1zef9XpaR51lP7EHYt0PSZ9LcimV4HLbti28Xu2Sd48Wax3X2lF7zcK7SrY38xqZqrAqugGFm_cBFV5ZHlvW3X5INsMSGqJ4qiFmLvAblSrXA011e7eovv3H3l0Qp_UEhAkYFa3TNWpJqgugts3oEE-E61LSY3VbgL57QKFInssH51EH-eDWRrTa83hbbo00TFHKZ57dl0g972C-F1DoyfXQv5yqKoqG6QQ67JsDURkFewlgMF-FSkms0aVePzoKQtLZaMQhLsNirlaDB5-KJw2GDp0TGoT3262Sf44uFjkHsu9GDnZ0Gfa2f0Swvpo2HWTrLWHenmYv-6tp4yDlfYLkQcQEkFzzl8SVJT30vhM37icZMFi7wV6LlKI-ZARStS3AYRJNYeZBrVUyNhgdFDZkZiIRf9koU3aoPJ71huJzp450WRoMTT6A6gOFEcXhIgVIRyZuzk8alMz0m7NY1yhHS5RUJI2QImlVxm9izo8J9ebU2caoJ31XTYQ2Z746LdA7or9pUwXONebdSjLc0Q2eehXZ3KDFQn1jnu25VwT2LIKgwOptSMS0UVwHxNLsCKEVQ1orGuX2E9II1ZKVK2nXh0eAp0lraOy0doEvy6FJ3RCoSt2dO2XofG7-6sw_GcmbsCIEs4DgQNwpMVj5sJe7xkubxtA3g3KGISLT5g5xQJcMysHjsr2ko3TCLvSmOf7mkzxjkSvS1Uk98dv0ukZ86uC4HqJtB3RuDg4DJi3j6XEjYE1892du_ZwBVRzQOVsFMYnoIgaXkLSBmutwGMjaHwm0h5FpzRZof6HooT_BVbQ8log-08qXv5nW2sax-O-YzvewuyEasnb8mH1yk5SZz3c0ka1bEd9G8D1QzfynhYv_Q1bgQe723GfJYNcfuXHWQeJvRCln_LmjbldxInmiab43DLra1uYIxGd5XeWFn87_qLxvARyiMZXwSXnov4-zHakGOTC_RJ5wI89X5IYiKG_bl0glc6-kcsSuKg~~
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.59.1.119 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
openresty /
Resource Hash
696ee2ff10f4d06272e23a40622ce122854f2f6bf39a7166179b79b78cdf9285

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 12:10:29 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/xml;charset=UTF-8
access-control-allow-origin
https://www.sonomanews.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
0
generate_204
tpc.googlesyndication.com/ Frame B814 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?S3vDUg
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:29 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
rtb_vast_proxy
p.channelexco.com/ 		60 B
439 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.channelexco.com/rtb_vast_proxy?ap_size=3008&ap=cFZbRH42IDk0bUUlTmhuY_f3BlD7a-2P44fT-O8fBlTuzNWIbVZE5VF5ZG4IONcwd4apGRyH1LesDEyT-MkNTh1cbg3q7AsAqqPGn3ulzXYo0yj8k3m-dfH4IhF6958jEHFbl6fnKe7nnsB9Hj13iYGKV5J5fMpkUs5OekLTr5pfq2xSNhChp8hUNUXXEkmYYkwd23-wTXdoW3_3QQCFXD_J2pmm3Uv2Pi1oymycOZYxOyBKo5AdHflEKd1RoGPzs2wOFh_cb892k_mkezuNPQgmty9IFK_EzjQU5ggGsY55oOjxd0hM8nbDwVTT30eSQnQKAY2EgyAXoQoRePSxIvUCyNJKv8uj9uMlOPTA1eg-sLjZGGWe-wWzBr26Irt6R1EeRL2naIa4BXlNntXRZSuYym8048kwwqAaLRLbBUD08qpYKmH4VAP1a08WS5ksZPtQ3nn1Z0RRIkYWSaxqFoH2Iu1qdvpEGRnPH_jbS3tvQRIu3RiuhyiGmM8Uop5yrVb5ibV3qbYno1gbqhhIBKtjLDA18kZIOhwZTKQQqqQPR-PmYaus3wENtftECNrLWQrCzsF7wh4JL-8FKwIs1aV4EowcWXyOvz6fxkjmf0VZeMpvt1lgSUx43_BLhuVYLnktIocgIv6XZKgQoEGdWixI1m9XP5SE2tdJxYuG20qNvRBthnrQwKN2bXsn3p7kicKaURA06KVYRLjf3x_2K-KrRoQrm8d7uIVnIel6PH9_r7IWuupYsL5QyfS9Bm6WhNE2nyTpLu7hTtSWX_Q-0w-7RElT_rl3Z8hvVePqx_6uXVXVDhVEyamJ7rObGRp9zQ59MB-nlb0ID8jNTpY1iCBu2INGN9SYr4owZO3yITjSVUsEf6U8VVLe_liRz6V1zoXMce8ndx2UtvKXp4G3fJep1U4D1OcJ_InFQ6Rr-g0i214rTkCkrGkOd4RdX1sPDu4Ps6ETcude89NyqrOsxAM68peHEk4T5hvuW0_vqSLvAPk4Et6KVZ0iubxeb5PyFfbBU5oMndmKQhVGt7uQ1Dtq6YJgl0pwa6mFxpBoLWu6o_aNOPZXhqThy5BpIVuCA1tK90-PBmUl3m9tD_Yidkz5IVgcMQdgGeWAnwgrwjCqzQxeSBxbcodXTWQO_10Bs_VgJ0UmiJGxtjzkvvKSaQa_OujSvdNvYYaZqh_YybptU3o2tn4t9qeO3NO7Hrd5woKYadAUlpNk2b4RpdDnl4spxyKvn8BzMXZu1JpVkaOSDm7jsw3iT3o3Pu6xcC2t2apfZVHDIWDFG3b4OqZiPo7ldNpT2EElxqQWYwiKvCHO3chPFhtV03uuNlbUygeOgJfTX4Azn4QFbYY6TRWeyeJZCiNrBosHiuxxQFGtlllrciYiAsqp3doMkRJhpZ3PloyUmDW_rMGp5UeLJVEeFVq4IminExVrCb-dZD1yD1oIoDimtLh4kFtcB4EaMDc_NtH6V6Hfnm2YG5zkUoA7Q1kz8Gd9aDErzw446U4-grS3xC4QH3li0VchAA22_mjvX-xKeab6XzJGzw8qKldbwSkVJLjn9-668F3yBXuK34wgwq86PJIwa0C2x1Sgvz5QQ4sHyYxyDv8tAbTwyVclf45z-9U7jZ3ioAsyZZF-3bAbL4-W8drCbV_MUk4oWPpIKegp1DDHkuAhXTTMzRc-Df_1-2hh-XmCmVTXEl5dVJNIGIEvBsAHQJLuRoX20F5nbBQik_QIxElGAHoyvjHue5TEUgHpxVqovrncLiGRUjTbVRl7YbXr6-PFUDgG6otKLqSU4u5HTNVx_Be58m0ZM_J-VvWk49neYUXewPzgIgBBhVKpccCt24ch8u4Q1qCEEfR54g8ZsoUO0-AQZGQByphZCXLsKFN81iuHVsfZYtAmiMmiSPD6RluQYpoXWthmJzp5Wa4KL1LiyPsJuGgk_FAZ2HHitRGSvroVvfXgcLdwyU1BUX-VDxL-QdJ3Brj5_1UHwvWwZl9dKKxqfQ_Fv01IXlwKx0USc6ONzFZsNbVAigPonwMyc2JHmfdOeU7HjwVhb5dQd3mlFb11fpTqzCYbN7RG2rRHcU9ga1p72EGXA7-gesXfjF0f0xtkff6eTa3QQqqA013i0uEh7IqwWBNLwJN6pV6BADU5YfBjpv3WDrYdGtTJXbPzO-z3aqvqJHN5s4VN0sN6pOkdMk8FngfWrJxxKHlXY5yek6Y2hPF4euCw325lt8Yo7sklDTCOCZ4qsk704L_AKvUZYkYMj4nB4nAjhdwRwfRi2g8M-IieWOHElbARU2uzkUA2rn7MxdmrKa37fHPPig_R8Zw3RjP8XfyDY9fYzuWlQmhNxUYjO3bklde-9urQgC-kzO5RKS-SIQ2Je-dYTR40G0ym1LRHUT986VU_julL0jWCGvcqYb5seWsF4AXUPO_2fmOFBv9gHMrW_iyu9fNTsuBVSWl0oCyIg33zA5UgunDmmTqL9JwA360hiHgJm1w_YnJI27FGFtsMlrWxfNON66agcUem7dR5IzInl1PhaMPi4xraeHwuRN8ccxhggs-Nn6mwsTWuUZf623kpDeqa2WNhoAIhmTVfEeA0bfTAHqzGgaSavH5etCxVYQlSYoAX--z3YRU4WsYMl2bA3gdXvyMNmA1_pT5Kzyw1nbiw4Xh_3L92YP0ujD_7plin-ouEHhzbLTEDtzWVm1zJJl4FZ04e6fO7r7f_6NXWHm2q1jDw_kxWFY9w-yYVD_aE8yrmcaRbcOzHRM6tr9rkP8YAvPusyAwMeWYMEDx_sSMoF_t1i7lzjb28Ns1DiVDBfT4SjgqX1nyn8FRLR5MO9NiXgxv3kGSm6g714kbe-IBJAQ3GFG_fJh6GVFoE6BZmcGpUT6yS3xHXrGfsXf3xGdqunh_zKsIQY6xZanb14abyml0Minubvxo9T57DrOqA_A3PAf2VMslaOAHVsC0_kHSsEFUyjN5Te8WY5PGT0nQ2IJNujB8Kmkjl5Bw5O3rdIP2sudav
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.59.1.119 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
openresty /
Resource Hash
696ee2ff10f4d06272e23a40622ce122854f2f6bf39a7166179b79b78cdf9285

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 12:10:30 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/xml;charset=UTF-8
access-control-allow-origin
https://www.sonomanews.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
0
landscape70bb198a-2a02-43ab-8086-d7253c1c691f_1672102305253.m3u8
mcd.ex.co/video/upload/sp_sd/v1490095101/ 		651 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/sp_sd/v1490095101/landscape70bb198a-2a02-43ab-8086-d7253c1c691f_1672102305253.m3u8
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.23.88 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-23-88.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
86e91df4890e49da237fdc00bc50af3a5fa0ced7a27f5f75036b2e7695fe2054

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 12:10:30 GMT
Cache-Tag
190331882429299698350243005207431615342,327961014079627028052771905279638174707,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Connection
keep-alive
Content-Length
651
X-Served-By
cache-iad-kiad7000149-IAD
Last-Modified
Tue, 27 Dec 2022 00:53:14 GMT
Server
cloudinary
X-Timer
S1672120699.599633,VS0,VE1
ETag
"909e3001f7b9e024a01ef611afc30902"
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31535222
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
rtb_vast_proxy
p.channelexco.com/ 		60 B
439 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.channelexco.com/rtb_vast_proxy?ap_size=3008&ap=NUcvRCpCRG5vYmhLWjNrTRT-CIrP774q_Q9VQ2xQEKXQcb1rQtg1bPtYyJINQXZnhLFfB24Qhymj2a56BLhJtJyGiU0EVIuUW7sZ8D4NLOxD2UJS8B_1QfYl_oqd0xQFQVwGOG6oJmOCQxYg6EFxVwqTdLZRDvA3jC1RKIZxjfxbS_5-6ifbRY76nDeHQFcDkdQ-IVoK70-uRithLSoS6KAy4Kgf66b51XLnqmQcdOkuk7Da1jKGVqB2anwlPmHIfltdWyGZNW1KWXzfPeimvYrZKj7XtMgVg978YXBYxlEFulg9YN1d-fNEJxOpTq-MQ9OI2qlhx2k0kH96NB7p0G6oc4DeQGolZEcJ-0D5qxhfKWtSYZmdFRMx6eAJrZi1BKDPEe4W36YEWG2z3e1AulM5F7p47GrNG4ToKULUACovBnwCtYaFLMSN3WenMWXBFqTn8ACKiGn_15uy21COVSMX7bu0u8sMxqwqA4vXU4ChqczPhkgN1jAQTHAzxQt4Ba4dWYKJefdRH7xJKQtSKWvNUt6vjqFvF3rEeOBXWXjUXvIaQ3rgXQFU4nHpz_1e9Ahds-ylorBExljHM7VbcbY1PbUlFaCjYdNWKD_JWHBVAty7eARECyo3-XfHmcuowR23xBrdYQGVg4T3_6PfdDJHyrhqJKoPGelbDyWtBhW9pRGvNIA1pCpzaMulqXnT7HD0EIbPnKfW5_b8avw4xpP62Ot9NJCx_RuU0jpz5Ty1nEC8zYq6Zh0tjhziPn9OzzRe2K7in-0XFrAp4toUc5LIg8IQC1pLuvjr49prSAUvZTgmS9dMr7-BD5eMGsW8p6erxvRZSinSLTm1Ng5u8SciG9gOx0lEbK4seVuOLBFSU5wwwzZ81O_-rvuUSsBU7hM0fGLpwqljJIUYl8PKD1L5YSsCS7YhJcTaJT5xcFn0ymnG8kOPVMdB85TM21CgFYU0kaWgg1hfmBAlgzk2EMkfm-RTIpVajvWkka8R9Nq8o1RQrzBccFMydRiTnKgmEpDtOv8Cdt6Ct1wDxT7w8mLp7Lbn5F1Ajik5-NNWIOnj2gYDWdflVt1gIc7NxM5f5gYBN8nr2EBHhwWQcHPuHm7AlAPe6kyqqbwUXat7eumRNshGj4K1AJLYg9ji4Ha6Y0zFSOUVUvwIhRRgDe6VEKWw56CgG3khqxQg9IvhvwURKO3LuTkhcO0wZ0_4MY8V3P0pvnx2Bso8mVAZoT84yMACUgAi2ikWg5j0zIoqR6khIJGeZdCPD_UgnVI6XgDVLBZixRwO8_s1en-GYTHEJuOFUfbS-kZ4lwTuYE2oHrMNiVhPr39pr2OfXmbsRYR36TG4VwdhbA2Thw3SCnODOoHziubF6szsKlLLNmWwvb81BrDbuLyRniSu7toBsok6arOvOxIox-4kAq2glStNm9GR7C9d2bEwY-dnXjSLFUsGKVG7Vk_mkNxzHnGn7grdvPL8hSgUR_Nb73eTCGef0om5spHj6yscsdgGgSiC3adAYyvn6WynavKL3BpiMHnsxVprp11k-7ZA_qjMjsSQMaobG5DeulsmFHyKmMJ6afY8Ti9fQsrLEsmQh8e__ojRZ8rUZitSaxe_c3shmqeEQa0xD77dh4q8z7dhWYNS4df28KAvFlpQpdIIwswKXL_fKko0Fn7icakS4283XyXl1ox99ximLSnbJj31cLiK4d9CIt7ApWGeJfpoe_NoCLOtNRIGfxmdc1UHKarOIOlP3pX4pUntB4QTcefYLHXLm40YMVmI515BePo-OMF8dLj69bJDnZ6CN7zzs1u9odHBQgvGKEfget57Nihptk92IAaVaZ7iwjTukhNdCTmWtQPd1AeGW_-0rDaSQedneb5-yuj4F1sZOyci0Y6ZpohBGQUPDZxSAT6Mvy_6OscqS8lrpFnAjxf7hIhgAqXEDu-eMLBKGxfaXX9ZWG4yBsa7eE23P59E0th0Fx19pnnJAwK03ndKvye5VxFTaOV56yp72f90fBb3z4iqsy8tvbvhd4IOYOiDc8ckjRAf-vZHf8qCpTPcepzCxD8MB65fULlV87H4bFLaf505YFgZtnw2vVxPn5zyebaelBV_SLGp-R0iARACiupVp_47znvhmIa1RiWZSxlCNo91jJ54YVgMaobht2dS1A303tlhORiVsUG9jhfXfsAwvxVmEL86BNZDy_krhQNHoGh8zaHf1axt5Qsy3PzOBio_LYJTW981qRHktLVoCWMPAVnM2A32euJqfPJuLCN108j3Ygj7T8pJVPtoOLtW_kwjY5qUqPWa21UP5kjw6fVOEPSl4YIkDwJnW_cdwhyOESR9mMTwdNoX0EGoN7sA_9bGMT5hNOQkvjhTphKaXmiu6w6LilDBtEVZ_l_7NMr7OP1zPZgcHzd83AyHde8qK-DB_ZdMkpPDcZp4g5Kam0Ou9zPO01ZWl-vhP1sJGzgXflXZwa0_QnG_00raLgMSKz5Tn9xFS8uEC3TJYTNube575TOg4kaRC35XdpNAoGuysadl9kqfAFwWR-5OXTW2zYrBULHLmB4TiTMs3hEB5_KbaBaNAvFOIyVIq7jJSJpBNHOu8Bi771R4SLJ69KEF0qLzdY2Zc8oWK0ucp2I3y_ei8F6sQ0I7bi91fBqXNogCPqXrmTjBlbf9vvWyIjhAt4kJpME2j53xn6mbQMOXXLF3xAECMuxvQsZgSsJJdJ8Npnkd4o-m2hGW9DZe2n2bbWJwwmq27tN9hgz7wJcTP96et2LRQ_ZDi07H7qpq3q-RojjQ_14gdKoHPtt5yi6GWfcyoYrU8ORoemEBGOCzbfi-BPbHtURybudp7pKJbMPXnnxJrYSel_1LHqJz-4734NNtCs9A15-n_A4--_nnVjmL43qpCALZJI0wu3Gww9kKWE4CesJrcHwluIGxHzl3pEiqb1hZZ2tdIBT4Mt8YgZZjUP1uvfMQhUUhpO7RGeaqGwf1Kp8d6vaEBw5PnR7yDVY7aw4URYMCmqKn
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.59.1.119 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
openresty /
Resource Hash
696ee2ff10f4d06272e23a40622ce122854f2f6bf39a7166179b79b78cdf9285

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 12:10:30 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/xml;charset=UTF-8
access-control-allow-origin
https://www.sonomanews.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
0
landscape70bb198a-2a02-43ab-8086-d7253c1c691f_1672102305253.m3u8
mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1672102384/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1672102384/landscape70bb198a-2a02-43ab-8086-d7253c1c691f_1672102305253.m3u8
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.23.88 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-23-88.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
dca82f019f667bf7cdba8957c4fd7ce37324d3ef567678295b5697601dfff216

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 12:10:30 GMT
Cache-Tag
190331882429299698350243005207431615342,484104238383510269782950376486441993307,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Connection
keep-alive
Content-Length
1217
X-Served-By
cache-iad-kiad7000173-IAD
Last-Modified
Tue, 27 Dec 2022 00:53:09 GMT
Server
cloudinary
X-Timer
S1672126255.359523,VS0,VE1
ETag
"26956538f09777cf7c67ed4d5b13793d"
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31540791
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
rtb_vast_proxy
p.channelexco.com/ 		60 B
439 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.channelexco.com/rtb_vast_proxy?ap_size=3008&ap=WTV1IkBMSC1WYjRUZ0c8S0QIzW4oZwIi81Xvdh30CZxFt0kJA2PaTtjed5gAReSK_TtNRComvSYHB7VeAP0Gzy0Sf7A22Cad2GR0nKPX7QVsYr3htyd3ol0DZkBKVeviYuE-KlPZhEWW21f8-t79QWGFYeartUjS3VGY-krk6aw74QCROdm0o3fRvgsxScJAwn9bMDYNMuWAlhQ8hzWzZS4nUcT4ALVPOvgONL5Lkg_IHM_xEKHmQJosxS-4JO6hc8EHTtxWtrmhF-_Ql112FRLpSmeWdNjhh8IRIlycaZW79orxOTUhr0eFbomJEcmV5KZnAR5vymsLus5SINOBMJzs4fRP5AXH7AGHloUp7-1Ys1Zb6gKJ-1zdveM037SlsDp7FQ-BCaCJytHpT9tuOjtvZ4LPbZlfTEhAiu1bNS5i_GJGL50Hww-czN8fKpnDMS6WYkW_NSkwdnuaFO8ND6f5KpqLJXmpVecL86V89SboSqROYrA1AsNQl-3fkau2FbokLdCxza7KTu1d2FWQqyYTGxDtMGHjKTGlooRV9VjjMjYaTRhy2-52RejBRcGw8VfYCxg0PE8bKzw2-q5MeN8L_fPcgGfhaGh5Re6oUiYEgTpdIfo4Ru1Z7CEAgmcyUUVSM7UN-goqZEngaWpz_Zxagpzxf47YvZoRjx9zA8TLMScoQeXKfdBCeoM0022nsNp2ciGHHlYF_XhJL2VB7FuMKAlSPMMQAstyFRBQ3TOBjVRbPEHQouWLftiu2lGSSmq8L2efpdEjhm03qrL0MlSMtmFkTOACN0F4tOGPViwKyyu3Ukl3XGj0ocDxKaBzsnmO5MGU2NT2ng7aMaTxqS3BCpae9py1RbiIdFI4KnkQeanZ1cNm3YtCfTRBwNEAg8sdni34u8_l_JVOJKZOafwIOEn2vl8lmeShNswmAM6p_umef-k5L1Z-rGdC7OxvM8WBZ_Q0U2WnU8BBcy2WZKAoQdv5JFZs2LC-jWcg6haYCg-020zyDK_-eoJjFIpIABmkwwrgHjEZpPWo_3taH3aI3TjTa13mmGTvmcBt_T1vcjs_TCSWC-nu7oGpgip1KHX35PHNkY8OFz43q314erYLKFuY5GSAaW9E5V15rUdSSbgog9VgVBW7jh0HQ-OAGmz3LyhVpyCm0xCbwN2QU4mF4RUJPvOjPft_lIWTkmlqEAV20sYooZKFacVBQpb4On6071PQa7YXm3vZ3gm007WvVTkaC12RrnDGgwfgoToCIMLc888q98ka3kOl98UhEJ3tZtcSL8SnMCnrAZgo8A15yw9YDfjQJHIZJzVprST1OvGAHSntIgaDKPqaBwwTZ06CvWUyXFpzYlR8726o3yiVwbgycZQ8x2C3GBxRTJCA5nQOttvBoM6wKvaPlF75JJ7NXx7rzTQ-QB_JbSXQHsEE4ZLRTdhcHByrzWo14Os-HMwDChbg6FZF9X1MfzqMfFM6GnhBB6XNdJxbc6jCHfmS7WuP7QaUt8kwdHx6qtxmWPKJkajd62hxn5MNxgkYIbo9gjc6PBjIx8-JsP-vWDt_yx7VAAzMnZuSlj29QhgmE2VAYpIit1FpslaNYr2eQpQkixIqJ40Sh9JVOihd-jmJOikx3MJQ1pUxEgC-km8jEu_vJOppCsUavH5cbaCbtgcmySXZ9rOuH9cCZzhGyvHy7BJRQzsbmG6-5d6fyPYhElwOoWUlj9r3bX-V7D6ovBraN5vEJg3ZvCTwXj0GG_y3D-irIQ5rDffsAAwx11g4vxXBUbxw_HreLkg7uoFiJimfUyocN7nsJR_hFAMj1l35t5L-Y9e5K0Cm2VOJsQvXXdZMki9sQY8bmDyopsmed5_Px6EgMd5o6mJ4CUQVkDJxLUNYnSJf0tg0mxIHAIwmiEx8e5zTaQmdLVU2vze13wUdopcVm7MNsTq6S1jogKo_pdr3-Jq0G7WBIyEhI6r1C2AkK023ULY8l30v1j6oPHOnLpQ935ul5rOljtXWPTeQLQsR5PKSo4Gwh5ZgWo9YsuQ9bMeomVjGTkvKY86O7txnUX808h8BfJV3pR7QjQpbSVJFg9286RALPaMS31SaU--EmSOaXyU3RRHvr9ijtabSjvD5yj3MHOjMH1rWQV444r0O17Sfnww2OKxlvt6LgH3ssYRmlWeOhk5gnX1W59N3Lf5BoQFse2PGe5P8Q0TUifQsUm0rE2_WE5TzBREOENFBDz1hMKZkvO4bwTMVYcMZUCXa7HIyJsSBzQmkhsm_9lGeQ24pLGJj9xpQcuXpLTG9BlgtY3Dex42uV3i-OFRB7F-gQuI7X5tLDYkIcKEXsD6HBgP2XtjbS4aymwD76V0eEHMSa2ubGqC7kTXry4daAGjgv2NzyfdoN2MaNYre4ipuMTbAr0C-1uTM1JLOF5Yt2aom_EVKhosDo_VKtwvsldM3If_OV7bQ-Oa9uKyUn8mkPYnSrhb1y5I2Rs5ntIR8R1hqBOd6Xt5h8WAXhodqnb7EZrj-wQ6hYtNCyV35d3YkOavia4o0fNANVJc_tr8io7iI9zsVsAlfKOA3f-PkZCm4RauZfwj6aljeW6rmtNxj2E0tDIRuFXm7S981jCf8CDI7Np8_FO_JXWXpuaJ7L93uUOhdyCXkn63y0r7MGoPOuhWht8JDcyhT4m7YC3_3CHGqTP6e3cDFO5MB3v858vU8d5YbX9_6gJH4sdfGYOe4A8iI2TMjTEpq3TiVYg4KZyJaKKW0C_0MV50Bdq7bNfGNotEkIMvv5B_B5LaOYwtvnf8gHE6QaqhveRodk3Z9xOgtklw_DEikfFViURGUFPRF0F71y3p2GbSf-5Wx9JQDZqbX3sD2SZ67QbXYT6o-E4KrzcUP5gRs8sEx-fT1tnH5asJIjvKkP2JqJs_89GngV7ioNJ5jYsSppg2uMUPNQgwGh2DbNUE2k0-_qVceJhYq1ks_YQwULQFAXZF4Yl_-EYmapgZLHCre_AP8GUsyeQ443-opF1psPM7a
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.59.1.119 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
openresty /
Resource Hash
696ee2ff10f4d06272e23a40622ce122854f2f6bf39a7166179b79b78cdf9285

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 12:10:30 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/xml;charset=UTF-8
access-control-allow-origin
https://www.sonomanews.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
0
landscape70bb198a-2a02-43ab-8086-d7253c1c691f_1672102305253.ts
mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1672102384/ 		68 KB
68 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1672102384/landscape70bb198a-2a02-43ab-8086-d7253c1c691f_1672102305253.ts
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.23.88 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-23-88.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
093a1c4da28ff6ba5330bfb7596592a0d7f7c202e1cdb83c279f3dc44d7418cd

Request headers

Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range
bytes=0-69183

Response headers

Date
Tue, 27 Dec 2022 12:10:30 GMT
Cache-Tag
190331882429299698350243005207431615342,484104238383510269782950376486441993307,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 0-69183/609308
Connection
keep-alive
Content-Length
69184
X-Served-By
cache-lga21946-LGA
Last-Modified
Tue, 27 Dec 2022 00:53:08 GMT
Server
cloudinary
X-Timer
S1672126256.803709,VS0,VE1
ETag
"fb9b24fb5a35dfbe5b5636d7bb48f6b6"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31540862
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
abd292c1-b70d-459c-a352-658070a55eee
https://www.sonomanews.com/ 		63 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.sonomanews.com/abd292c1-b70d-459c-a352-658070a55eee
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Length
64352
Content-Type
text/javascript
rtb_vast_proxy
p.channelexco.com/ 		60 B
439 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.channelexco.com/rtb_vast_proxy?ap_size=3008&ap=RHRub0lyITxifXtWRC5MJdB85bj98VadQ2LJ2eFor79nlxkMsPo7Lh4MNIePvCDAA6_fLhG4iSvhqtP7YXRHc7T4Vqu6X8oa4lbc5ZiYLfpS3KH6jjXLNDhX8snUQ8IVaeaMmvBe0Wzun3L4l_UDbEKNnhfei5BWF8hGoT9JW1RF7xwAUKDFAToGHSunOeDLDfl14KtKdxCY2kMwVYDOjoxYWmnbSkzumHKdqf8MEXPk8A-QUvzBtLDRrUIjuNXMbNzHND0x48hG6PdaeMhWwq8zIHFYBumcApqlTwWwt7VvX7JHxybFXrQnPgy9019f--OgjT6Zz09nOtwxIoka54ENSGYjKqQ8NqzZyIvLml8Wh5sWlKecNZyQid1AIi9aeSXlkvS_BDVq_jTCMZ410_aiOvX_DYuiLCiOvF19rn_vhSi1BXq5DoxzespYZNS9BybpsMw1PiyjumGG_ZutK1rjP7PA_6UPWiP8g9BhypnI6naGFdlkQMd3US95FuR0_7jiEkjLgI8AVigIES27VmUFMEuhJUDzvXVPcv-uJDVIFtG108VFZuy2mSnGKD-9_uP4fGPrXywhIxXTk4ltcsubd6_LZxRcvsJZKzzqMeMG036ODu19G8ynCTMYoOp_UWJJ8vddLt0zY2-dVqRiIBDS6Nky_1PCGM_lCsgJiQn3dLlNF9jM_KrmgKSbysWXqKigguome3K6862qHShFTu8h4pA1jIAwQLcZrOme6e2nJuydEq-RIdUHUlwNj_8zdoyLVcEAJWoTLZz1CbO9xuMIC3Zow7L5evduAyDY65juE6iJfXr97z2zOquBzLrYnXZm2dNkrLc55YyeyLYWOJNOR9F9paPoqVHe5hxFQSlQE9AGlTZBpQvhzgYnlfV1tH3KTbhj9zb1AL70X3dvqnwwPJyqQo0N1JJHJlRsdriOG9dJXYZc0yLcqoDOE-zWFWujUw1n0OYcbuD2Vp3gpFQtZo-AxRC2nNSTJusVD6UXF646tUBTcU-jxRYjORruHixxrjxn9hkpu9RNfTyHbUlc-p2yIPmyvvzCmfuqVDa1iN3bTt3W8ZVaKsUhq0fUgPncA8P1CahQMKUOQ_sFj5ocR2xDwLwcw1fQXdO5ApyTg6vjYZwPf_CjKtHXV-OXt-Cgb412FD3HFd3dlqhhJwxDrmGYkhcvj7A1g3Bu4IpqGJ65tEBYmGnJDaN5Qwq5lJq74k-IRAr-X-rhy-TifB2M3Dr4gADLNlX3JNWZYvOJUFgIHuf-2mC5oV80p33zFO4r7CvEWPhoai4C57gzapEDOfirxEzDdG_D97yFfLE2iBSVHoZVGhHG3QJExxtZ0RKYBWmRffHCEzjuB2k1-cF5I7jk2csEGcxsq-J2UyI5r29064gVgZzq9GuSly52oARNFrgXopkeC0GpLgLkc_Cn7fInMYkT4VLBfvg2X6_CGE8-_HHiP-WLbvR5n-OnABHV9XD-C8BlU_5weYgtMGPBG5139XQ_wBxwrr_N3NOXjuFhqCF66Fs8cuNdXhs1c653HKev2EFvrAHj75BDjrNfWO0oH438xsyD0R6pFvpzm2ZNNl-9pazouawNQFfWHWP0w15m9ySAmv8bIR1LSs8sGPwv91381vgamp8oahamgDmKs8ccIDIyw0Tl_OClPJOnwdd0TK_HOXOEHs86PS2Wa_oLqar5sX7ohTSkUyHW9RDxs_NHZdvD2FYHG0ceiAiPd4EqL0xlBt1cPJlrIgQLT28rIbPZpPgDJNuCsdnF6J2HXGMXPiiH-pyo_oZE6Aw6uVTxFEcYmRPw9uHeVRtIlmW-YMAn_dmsWidMhdSQQQgDgG6e5DBdj1qeMUfcZgvsnzSypi06RLi69zlJl-_UoPL3kvnmvcum0bOQCQeJPzq4wB4tOenTWGiGZCXQ_7dPze3sd_1ivMoiauf-zTAv-0kDRIoag25DmvsOhMWwgy-GBKMd26q6-Xp0apsw_hPZmtebaWGRGNgSU_qDyeql65CEgJpXLc5Q2gY0PXhPLVIYuCm49ScLhg3DbMwx-iFXJqPKuaB501FCKPE0uXmeNfI9eNFE2uBmUudGAM5MWewV62B0XKReg7sBbWU1KW1dIeE9SmyWPsg1d0fxGj9fcTrJyj_LYRW0nHUu9kaGRRcJjbIX3Enbv4nX8siGkqy5wGACm6jjl1MIBK6ahIY4G06aS0AC5aKG5OqRaR64iJUAOw20TkpKI78H59K1ozp4nYLTCo9jP6TIkqtddfox2LzJYjnap-ry7xSj52ED0adiRn7bo1Zvyrr0qqu5eoLhXMV5jdqpwNDo6PbKYDAA8JFds_D4RLau7EQay425IsgkAYlSQTQKV7PS5h_o9i07S4ezKovZU-Y6H_HjG5p0UI_pQj7vFdQUOtYHADUfIzI4BkZFx2O-gMhypcZ7GLSFCh83vBeu1GDWik2Pcb8h_EtB8eGjQXTnJ49_Agic2ONO-RSsAe45KSlsyqab9BgsROLebJOLT53PfqJPEeh-g0I97fRlOzFoh1orWprbyto7S-3LW4RshDezf19MdNtf5neEFOQJkqCpYZXkif886iOOyJkR9at0HaXvArSGjgfIh_Yav4DMUHZ3kXuhDac5XlztjjDkL7cJCssuM_oIdgcVY8AH6xUprNId8wCdF82p3C77oXnUrDZ42AUUJE2I-teOXQZG1vtfnhcG79lTgGbSp0ojY0tYlaI9ynG322-xaFOyI_bRCv-r9Onuj1OQwK0QTsb3kdOHdjDJmbqh8d-lr2C0ehl7_QQLUYZSDHwpgO7ZnXQsR5yR9Ac4lTYiOF1doMhWAXWmGX-1nHMJvwTr4bSrW046u-9thNtVAsdWn5Vu1VmyZpbzkjJkqe7pCKUiQ8mf0D4K3o9_z1QvL-KjyOUh4mgVkTcTookNR81iOc5hs0MRL37TPBHlBuCVUZalqtYEUpHYqSVPCO-jz99lEekq5JvLX-73e-fOgj2NFZ7vQMPOyBi7dUu-
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.59.1.119 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
openresty /
Resource Hash
696ee2ff10f4d06272e23a40622ce122854f2f6bf39a7166179b79b78cdf9285

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 12:10:30 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/xml;charset=UTF-8
access-control-allow-origin
https://www.sonomanews.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
0
views
prod-smi-proxy-connext.azurewebsites.net/api/ 		90 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://prod-smi-proxy-connext.azurewebsites.net/api/views?UserId=6d2f18942a6f96a0f9a2f44e76142c33&ConfigCode=SIT&SiteCode=SIT
Requested by
Host: cdn.pranmcpkx.com
URL: https://cdn.pranmcpkx.com/prod/smi/t8y9347t.min.js?20221127
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.85.16.224 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0, Microsoft-IIS/10.0 / ASP.NET, ASP.NET
Resource Hash
bf7da55ef6be4cdd0d0932dd1e689a423b9b04c68e3cc9b083d4c099bf0e0ec9

Request headers

source-system
Plugin
site-code
SIT
autoqa
false
accept-language
de-DE,de;q=0.9
settingskey
null
authorization
Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1bmlxdWVfbmFtZSI6IkNvbm5lWHQiLCJleHAiOjE3NDQxNDMwMjd9.NIP0X5I4gpuSfP1Vmm28U1euTC2nYmQDpO0hJTl0pNo
ssid
567ea6da2e0f23aafb018725679d4e16
environment
prod
config-code
SIT
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
content-type
application/json
access-control-allow-origin
*
accept
application/json
location
System
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
version
Version: 2.8.3.4

Response headers

Expires
-1
Pragma
no-cache
Date
Tue, 27 Dec 2022 12:10:29 GMT
Content-Encoding
gzip
X-Server-Time
12/27/2022 12:10:30 PM
Server
Microsoft-IIS/10.0, Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET, ASP.NET
Vary
Accept-Encoding
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
X-Server-Time,Request-Context
Cache-Control
no-cache
Content-Length
193
Request-Context
appId=cid-v1:b3b1c194-8bfe-45e5-8168-866947d4f019
views
prod-smi-proxy-connext.azurewebsites.net/api/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://prod-smi-proxy-connext.azurewebsites.net/api/views?UserId=6d2f18942a6f96a0f9a2f44e76142c33&ConfigCode=SIT&SiteCode=SIT
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.85.16.224 San Antonio, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
access-control-allow-origin,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
Access-Control-Request-Method
GET
Origin
https://www.sonomanews.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Access-Control-Allow-Headers
access-control-allow-origin,authorization,autoqa,config-code,content-type,environment,location,settingskey,site-code,source-system,ssid,version
Access-Control-Allow-Origin
*
Content-Length
0
Date
Tue, 27 Dec 2022 12:10:30 GMT
X-Powered-By
ASP.NET
landscape70bb198a-2a02-43ab-8086-d7253c1c691f_1672102305253.m3u8
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1672102384/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1672102384/landscape70bb198a-2a02-43ab-8086-d7253c1c691f_1672102305253.m3u8
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.23.88 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-23-88.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
ba6dccfe0b3165a6f94015d4362d6bf1b4fd609ad6dedbec38ef1aa78c7d395d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 12:10:30 GMT
Cache-Tag
190331882429299698350243005207431615342,442961335422536579016385698101530148939,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Connection
keep-alive
Content-Length
1232
X-Served-By
cache-iad-kiad7000149-IAD
Last-Modified
Tue, 27 Dec 2022 00:53:12 GMT
Server
cloudinary
X-Timer
S1672120700.529326,VS0,VE1
ETag
"0b2f4993a487e544b3233b95e6654850"
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31535313
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		372 KB
124 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/b71320bf-a887-4bbf-b977-d585281f3ce6?passToSdk=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:80d::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
2b0e18d026f801cfbb4fdf886e99a811a4befbeb289daf315a8d30c963242943
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126857
x-xss-protection
0
expires
Tue, 27 Dec 2022 12:10:30 GMT
landscape70bb198a-2a02-43ab-8086-d7253c1c691f_1672102305253.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1672102384/ 		168 KB
168 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1672102384/landscape70bb198a-2a02-43ab-8086-d7253c1c691f_1672102305253.ts
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.23.88 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-23-88.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
ffa49c49ef28dba95afd6a5cdb579233b912f54b7d8380283845991c303e1ec6

Request headers

Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range
bytes=0-171831

Response headers

Date
Tue, 27 Dec 2022 12:10:30 GMT
Cache-Tag
190331882429299698350243005207431615342,442961335422536579016385698101530148939,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 0-171831/1555324
Connection
keep-alive
Content-Length
171832
X-Served-By
cache-iad-kiad7000149-IAD
Last-Modified
Tue, 27 Dec 2022 00:53:12 GMT
Server
cloudinary
X-Timer
S1672120700.686877,VS0,VE1
ETag
"356f11d6a654aa6c3b19f30ea450569e"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31535180
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
ac
www9.smartadserver.com/
Redirect Chain
  • https://www9.smartadserver.com/ac?siteid=215340&pgid=1352541&fmtid=63953&ab=1&tgt=&oc=1&out=vast4&ps=1&pb=0&visit=S&vcn=s&tmstp=1672143030207&pgdomain=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Fn...
  • https://www9.smartadserver.com/ac?siteid=215340&pgid=1352541&fmtid=63953&ab=1&tgt=&oc=1&out=vast4&ps=1&pb=0&visit=S&vcn=s&tmstp=1672143030207&pgdomain=https%3a%2f%2fwww.sonomanews.com%2farticle%2fn...
129 B
535 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www9.smartadserver.com/ac?siteid=215340&pgid=1352541&fmtid=63953&ab=1&tgt=&oc=1&out=vast4&ps=1&pb=0&visit=S&vcn=s&tmstp=1672143030207&pgdomain=https%3a%2f%2fwww.sonomanews.com%2farticle%2fnews%2fduis-fall-48-in-sonoma-valley-in-2022%2f&vph=337&vpw=600&gdpr_consent=&us_privacy=&schain=1.0%2c1!playbuzz.com%2c0016M00002HONu5QAH%2c1%2c%2c%2cwww.sonomanews.com&gdpr=1&cklb=1
Protocol
HTTP/1.1
Server
185.86.137.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
41d511bcd8511da9cb1f673d030c44fbadb09271c96e4fbb40bfa306572dcca3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 12:10:29 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://www.sonomanews.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true

Redirect headers

pragma
no-cache
date
Tue, 27 Dec 2022 12:10:30 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.sonomanews.com
location
https://www9.smartadserver.com/ac?siteid=215340&pgid=1352541&fmtid=63953&ab=1&tgt=&oc=1&out=vast4&ps=1&pb=0&visit=S&vcn=s&tmstp=1672143030207&pgdomain=https%3a%2f%2fwww.sonomanews.com%2farticle%2fnews%2fduis-fall-48-in-sonoma-valley-in-2022%2f&vph=337&vpw=600&gdpr_consent=&us_privacy=&schain=1.0%2c1!playbuzz.com%2c0016M00002HONu5QAH%2c1%2c%2c%2cwww.sonomanews.com&gdpr=1&cklb=1
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
landscape70bb198a-2a02-43ab-8086-d7253c1c691f_1672102305253.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1672102384/ 		238 KB
238 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1672102384/landscape70bb198a-2a02-43ab-8086-d7253c1c691f_1672102305253.ts
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.23.88 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-23-88.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
a8002e45524a9391e04819450275986d38f72f83a369fe47ffe78964fa917eb5

Request headers

Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range
bytes=171832-415103

Response headers

Date
Tue, 27 Dec 2022 12:10:30 GMT
Cache-Tag
190331882429299698350243005207431615342,442961335422536579016385698101530148939,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 171832-415103/1555324
Connection
keep-alive
Content-Length
243272
X-Served-By
cache-iad-kiad7000149-IAD
Last-Modified
Tue, 27 Dec 2022 00:53:12 GMT
Server
cloudinary
X-Timer
S1672120700.686877,VS0,VE1
ETag
"356f11d6a654aa6c3b19f30ea450569e"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31535180
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
landscape70bb198a-2a02-43ab-8086-d7253c1c691f_1672102305253.jpg
mcd.ex.co/video/upload/so_4/v1490095101/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mcd.ex.co/video/upload/so_4/v1490095101/landscape70bb198a-2a02-43ab-8086-d7253c1c691f_1672102305253.jpg
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/b71320bf-a887-4bbf-b977-d585281f3ce6?passToSdk=true
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.23.88 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-23-88.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
b3eadee87e4bd515ddb5680318df4066f5f84dd323ce48766cce6364cef65869

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 12:10:30 GMT
Cache-Tag
190331882429299698350243005207431615342,500985839247587350039760902055362878337,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Connection
keep-alive
Content-Length
28198
X-Served-By
cache-iad-kiad7000085-IAD
Last-Modified
Tue, 27 Dec 2022 00:53:17 GMT
Server
cloudinary
X-Timer
S1672120699.569865,VS0,VE1
ETag
"84c19910ff61d6f9280a8adc08b19651"
Content-Type
image/jpeg
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31535204
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
events
prd-collector-anon.ex.co/main/ 		0
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.2.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-2-157.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.sonomanews.com
date
Tue, 27 Dec 2022 12:10:30 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
events
prd-collector-anon.ex.co/main/ 		0
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.2.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-2-157.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.sonomanews.com
date
Tue, 27 Dec 2022 12:10:30 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
landscape70bb198a-2a02-43ab-8086-d7253c1c691f_1672102305253.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1672102384/ 		118 KB
119 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1672102384/landscape70bb198a-2a02-43ab-8086-d7253c1c691f_1672102305253.ts
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.23.88 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-23-88.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
78b99b9a1bc02d45176ccae65753e89ec24774ac701c5e06d381020828b0ce75

Request headers

Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range
bytes=415104-536363

Response headers

Date
Tue, 27 Dec 2022 12:10:30 GMT
Cache-Tag
190331882429299698350243005207431615342,442961335422536579016385698101530148939,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 415104-536363/1555324
Connection
keep-alive
Content-Length
121260
X-Served-By
cache-iad-kiad7000149-IAD
Last-Modified
Tue, 27 Dec 2022 00:53:12 GMT
Server
cloudinary
X-Timer
S1672120700.686877,VS0,VE1
ETag
"356f11d6a654aa6c3b19f30ea450569e"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31535180
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
landscape70bb198a-2a02-43ab-8086-d7253c1c691f_1672102305253.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1672102384/ 		175 KB
175 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1672102384/landscape70bb198a-2a02-43ab-8086-d7253c1c691f_1672102305253.ts
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.23.88 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-23-88.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
a22ff48e519f17d7d53e64011357be31194d8cf8c590e99dbeaefe5fc9649e70

Request headers

Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range
bytes=536364-715151

Response headers

Date
Tue, 27 Dec 2022 12:10:30 GMT
Cache-Tag
190331882429299698350243005207431615342,442961335422536579016385698101530148939,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 536364-715151/1555324
Connection
keep-alive
Content-Length
178788
X-Served-By
cache-iad-kiad7000149-IAD
Last-Modified
Tue, 27 Dec 2022 00:53:12 GMT
Server
cloudinary
X-Timer
S1672120700.686877,VS0,VE1
ETag
"356f11d6a654aa6c3b19f30ea450569e"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31535180
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
events
e.channelexco.com/ 		0
247 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://e.channelexco.com/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/b71320bf-a887-4bbf-b977-d585281f3ce6?passToSdk=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.82.15.162 The Colony, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 12:10:30 GMT
access-control-request-method
GET, POST
server
openresty
access-control-allow-methods
GET, POST
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
*
landscape70bb198a-2a02-43ab-8086-d7253c1c691f_1672102305253.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1672102384/ 		155 KB
156 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1672102384/landscape70bb198a-2a02-43ab-8086-d7253c1c691f_1672102305253.ts
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.23.88 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-23-88.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
3c1df10a34a0fc37c3f0b27bc00ab912c3c8c217796ac6674c083442c7e09b7c

Request headers

Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range
bytes=715152-874011

Response headers

Date
Tue, 27 Dec 2022 12:10:30 GMT
Cache-Tag
190331882429299698350243005207431615342,442961335422536579016385698101530148939,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 715152-874011/1555324
Connection
keep-alive
Content-Length
158860
X-Served-By
cache-iad-kiad7000149-IAD
Last-Modified
Tue, 27 Dec 2022 00:53:12 GMT
Server
cloudinary
X-Timer
S1672120700.686877,VS0,VE1
ETag
"356f11d6a654aa6c3b19f30ea450569e"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31535180
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
ac
www9.smartadserver.com/
Redirect Chain
  • https://www9.smartadserver.com/ac?siteid=218209&pgid=1426227&fmtid=63953&ab=1&tgt=&oc=1&out=vast4&ps=1&pb=0&visit=S&vcn=s&tmstp=1672143030353&pgdomain=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Fn...
  • https://www9.smartadserver.com/ac?siteid=218209&pgid=1426227&fmtid=63953&ab=1&tgt=&oc=1&out=vast4&ps=1&pb=0&visit=S&vcn=s&tmstp=1672143030353&pgdomain=https%3a%2f%2fwww.sonomanews.com%2farticle%2fn...
129 B
530 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www9.smartadserver.com/ac?siteid=218209&pgid=1426227&fmtid=63953&ab=1&tgt=&oc=1&out=vast4&ps=1&pb=0&visit=S&vcn=s&tmstp=1672143030353&pgdomain=https%3a%2f%2fwww.sonomanews.com%2farticle%2fnews%2fduis-fall-48-in-sonoma-valley-in-2022%2f&vph=337&vpw=600&gdpr_consent=&us_privacy=&schain=1.0%2c1!playbuzz.com%2c0016M00002HONu5QAH%2c1%2c%2c%2cwww.sonomanews.com&gdpr=1&cklb=1
Protocol
HTTP/1.1
Server
185.86.137.113 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
41d511bcd8511da9cb1f673d030c44fbadb09271c96e4fbb40bfa306572dcca3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 12:10:30 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://www.sonomanews.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true

Redirect headers

pragma
no-cache
date
Tue, 27 Dec 2022 12:10:29 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.sonomanews.com
location
https://www9.smartadserver.com/ac?siteid=218209&pgid=1426227&fmtid=63953&ab=1&tgt=&oc=1&out=vast4&ps=1&pb=0&visit=S&vcn=s&tmstp=1672143030353&pgdomain=https%3a%2f%2fwww.sonomanews.com%2farticle%2fnews%2fduis-fall-48-in-sonoma-valley-in-2022%2f&vph=337&vpw=600&gdpr_consent=&us_privacy=&schain=1.0%2c1!playbuzz.com%2c0016M00002HONu5QAH%2c1%2c%2c%2cwww.sonomanews.com&gdpr=1&cklb=1
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
landscape70bb198a-2a02-43ab-8086-d7253c1c691f_1672102305253.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1672102384/ 		156 KB
157 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1672102384/landscape70bb198a-2a02-43ab-8086-d7253c1c691f_1672102305253.ts
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.23.88 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-23-88.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
ebe0aa538549d833afa326aecd60a2f9ce85237d72894bf60cfa5e653c26daa7

Request headers

Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range
bytes=874012-1033811

Response headers

Date
Tue, 27 Dec 2022 12:10:30 GMT
Cache-Tag
190331882429299698350243005207431615342,442961335422536579016385698101530148939,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 874012-1033811/1555324
Connection
keep-alive
Content-Length
159800
X-Served-By
cache-iad-kiad7000149-IAD
Last-Modified
Tue, 27 Dec 2022 00:53:12 GMT
Server
cloudinary
X-Timer
S1672120700.686877,VS0,VE1
ETag
"356f11d6a654aa6c3b19f30ea450569e"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31535180
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
bridge3.549.0_en.html
imasdk.googleapis.com/js/core/ Frame 1A26 		693 KB
222 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
95b968e13d205a7842b355f9bd82f9f64f6f272ff0810734c49d2bb89d64a336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
557833
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
227324
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Wed, 21 Dec 2022 01:13:17 GMT
expires
Thu, 21 Dec 2023 01:13:17 GMT
last-modified
Fri, 09 Dec 2022 15:29:50 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400d:808::2006 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 27 Dec 2022 12:10:30 GMT
bridge3.549.0_en.html
imasdk.googleapis.com/js/core/ Frame 16E2 		693 KB
222 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
95b968e13d205a7842b355f9bd82f9f64f6f272ff0810734c49d2bb89d64a336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
557833
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
227324
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Wed, 21 Dec 2022 01:13:17 GMT
expires
Thu, 21 Dec 2023 01:13:17 GMT
last-modified
Fri, 09 Dec 2022 15:29:50 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bridge3.549.0_en.html
imasdk.googleapis.com/js/core/ Frame 0DBF 		693 KB
222 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
95b968e13d205a7842b355f9bd82f9f64f6f272ff0810734c49d2bb89d64a336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
557833
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
227324
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Wed, 21 Dec 2022 01:13:17 GMT
expires
Thu, 21 Dec 2023 01:13:17 GMT
last-modified
Fri, 09 Dec 2022 15:29:50 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.sonomanews.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.sonomanews.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:30 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022120501&jk=2439481857926904&bg=!6eql6q7NAAYgquz3AKo7ACkAdvg8WgJkWEQpFh6Zn3P5jDvPI_YWlSRE6RlDfOYM602mCNPmvTBdIgIAAABNUgAAAAJoAQeZAxgL_dixG4o9c_EiRILdBsypW3R-uEWnpQCfOuvNhyhUuasdIXnz6ZpOFxZt2jrLhqmnBqlf6fxcngzXh8rHcqlITMniXTBAEkxLcEXmRr6nhXLze1UwS2UX9_NnJuYCLi0BPjmaeOCVc7sO-jSPIj4WJ_SskngR50_Po3dw4OEPJQvX7hVLFm8q-sCJGm1JMdESqwonUHznt8IYbkCbdgKBFn2ypsXKGPZlKxcUrCYrqpR8GpeiiXM_kVXH6fGEfbdn8mZrSWL25ruGQZm7kxVs0i-liTMCMh-08aP9ZZQ5yJl4f52_mfMo8ZiNiYzXvhBN2QHNityxQHSbIhEvxaNptB1kOs0tk73XRA6jTD-SN7JjoDYiGNyy-FG0Yzk3iYa_X8usVnsE0Cv0PDhF34T_Sinil2NKC2ZxXQJcE9YAZy1ejQT9ZP4B1U76k85y-h1HsdYjrrJezkzUbEcy2fR_yTycD70GPbWFTVJkutNQa6ud02REfKXLKmDHpX2V4NB2xv3qTSIK3O0ofTDZnE8R0ukfE11lm-ol-cdHsfdP1ERvN3eXx-HrkhS2YaK3e5N5MB6qYyq5Z7qJReyaOBCxbN_jnrJvmNhOGgAp9zIgBl5-tapwuQK4XNhosEYYgVL9ASCeHMEs7NnlGOPXU6en1DvorBHYndEnMOJoiZkcTSbpaMWSBgcUXV_XSEO_p-TJO_JApvgaud526wiixb7lPgt3CYKggJ6Jl22i7znx1MtyrIcaw95iINzpgO_2JAPD-P1cEwD_D3WVFNlN3APbMRy5Ub3K5XuOAv_wwDYK1rN91jAltIWkNs01uO_ma0fSKc8M9bVbeN-IfVMOJvimXSFSt7UB2SNQ6zbl4Yq-teFvXIdNkNsS6tDFr02PUGjVw7eL54oko0UXXtSSCtzRusAgo0kipKf8D1SkoTpYzXxCUr1ow4_9sDA5iONWwM2naN_h65F9Oq-Ww6kQXrJIElERu4mTaPctsAWfsGMwEhjVM-rERAu3sbbURWaLZCM6SEWmr-TIf8DPjz_1ZhCXsrMmnvb-EGQ
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
shim.gif
creatives.sascdn.com/ 		43 B
388 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creatives.sascdn.com/shim.gif
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:dc::217:6110 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 12:10:30 GMT
Last-Modified
Fri, 17 Aug 2018 12:23:00 GMT
Server
AkamaiNetStorage
ETag
"221d8352905f2c38b3cb2bd191d630b0:1534508580"
Content-Type
image/gif
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Wed, 27 Dec 2023 12:10:30 GMT
multiple-events
s-23.channelexco.com/vpx/ 		43 B
142 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-23.channelexco.com/vpx/multiple-events?events=errori%2Cerrori%2Cerrori%2Cerrori%2Cerrori%2Cerrori%2Cerrori&data=mu%3A%2Cp%3A1380393729%2Cv%3A1477400787%2Cdmid%3A1380393729-1016326434-83826257-1477400787%2Cen%3A21%2Cem%3Ano%20%3CAd%3E%20element%2Clr%3A1%2Ct%3A0.1%7Cs%3A0.8%2Cmu%3A%2Cp%3A1380393729%2Cv%3A270364595%2Cdmid%3A1380393729-1016326434-83826257-270364595%2Cen%3A21%2Cem%3Ano%20%3CAd%3E%20element%2Clr%3A1%2Ct%3A0.1%7Cs%3A0.8%2Cmu%3A%2Cp%3A1380393729%2Cv%3A1618640937%2Cdmid%3A1380393729-1016326434-83826257-1618640937%2Cen%3A21%2Cem%3Ano%20%3CAd%3E%20element%2Clr%3A1%2Ct%3A0.1%7Cs%3A0.9%2Cmu%3A%2Cp%3A1380393729%2Cv%3A591280398%2Cdmid%3A1380393729-1016326434-83826257-591280398%2Cen%3A21%2Cem%3Ano%20%3CAd%3E%20element%2Clr%3A1%2Ct%3A0.1%7Cs%3A0.9%2Cmu%3A%2Cp%3A1380393729%2Cv%3A820530290%2Cdmid%3A1380393729-1016326434-83826257-820530290%2Cen%3A21%2Cem%3Ano%20%3CAd%3E%20element%2Clr%3A1%2Ct%3A0.1%7Cs%3A1.0%2Cmu%3A%2Cp%3A1380393729%2Cv%3A421257535%2Cdmid%3A1380393729-1016326434-83826257-421257535%2Cen%3A21%2Cem%3Ano%20%3CAd%3E%20element%2Clr%3A1%2Ct%3A0.1%7Cs%3A1.0%2Cmu%3A%2Cp%3A1380393729%2Cv%3A581266452%2Cdmid%3A1380393729-1016326434-83826257-581266452%2Cen%3A21%2Cem%3Ano%20%3CAd%3E%20element%2Clr%3A1%2Ct%3A0.1&sid=&domain=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Fnews%2Fduis-fall-48-in-sonoma-valley-in-2022%2F&se=0cbae507-af91-45c7-b28d-39a534c8405e&pv=117.25&dd=www.sonomanews.com&gpvck=v022786905__600x337______DEF__nil__438&sa=shd&s=0.7&cb=1672143030558
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.59.1.119 , United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
openresty /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:30 GMT
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
server
openresty
content-length
43
content-type
image/gif
ad_300_250.jpg
paywall-ad-bucket.s3.amazonaws.com/ 		631 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paywall-ad-bucket.s3.amazonaws.com/ad_300_250.jpg
Requested by
Host: cdn.pranmcpkx.com
URL: https://cdn.pranmcpkx.com/prod/smi/t8y9347t.min.js?20221127
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.78.36 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
0859f5f9bf49348ef81d01f953d520c10a2a857961ef1bfad4a7903609889de5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date
Tue, 27 Dec 2022 12:10:31 GMT
Last-Modified
Tue, 15 Oct 2019 13:44:16 GMT
Server
AmazonS3
x-amz-request-id
NHKENPGR8YW853K4
ETag
"ef2cc7f55b7ab677b023e36033e26471"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
631
x-amz-id-2
B6x2f2yZFPlRv/0IeDcu2ovosaQOI4g6e2Vo21BfZ6jPCPDXB7XnDCLO4cXpBzOt9HHhprBdUbQ=
x-amz-meta-s3b-last-modified
20191015T134358Z
index.js
cdn.czx5eyk0exbhwp43ya.biz/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.czx5eyk0exbhwp43ya.biz/index.js
Requested by
Host: cdn.pranmcpkx.com
URL: https://cdn.pranmcpkx.com/prod/smi/t8y9347t.min.js?20221127
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CBD) /
Resource Hash
6941d870c4bac732a6ed7718c594a73cc27000379eaaf241c9e47d982e44f407

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Tue, 27 Dec 2022 12:10:30 GMT
content-encoding
gzip
content-md5
nynBpfvYghYqzIzsvfssRw==
age
519930
x-cache
HIT
content-length
2382
x-ms-lease-status
unlocked
last-modified
Fri, 17 Jun 2022 17:08:13 GMT
server
ECAcc (frc/4CBD)
etag
0x8DA5083F65AD9E0
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-ms-request-id
b377606d-b01e-0056-3b31-150651000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
ads
pubads.g.doubleclick.net/gampad/ Frame 1A26 		156 B
185 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22597404845%2FSMG_Playbuzz%2Fpreroll%2Fsyndication_5&description_url=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Fnews%2Fduis-fall-48-in-sonoma-valley-in-2022%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2265268390387213&sdkv=h.3.549.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=445&ptt=20&adk=3482632833&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.549.0&sid=9B9C2CC6-CD59-4EF2-961C-2E1A306A918B&nel=0&eid=44748969%2C44750823%2C44765701%2C44777647&url=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Fnews%2Fduis-fall-48-in-sonoma-valley-in-2022%2F&dt=1672143030875&cookie=ID%3D713d0f657e7a0d72%3AT%3D1672143026%3AS%3DALNI_MaLPmPqHFs2ujTX8YJdnJwsiQ4iOA&gpic=UID%3D00000b991ba12ed0%3AT%3D1672143026%3ART%3D1672143026%3AS%3DALNI_MamFbhrtnHwpZU_nAbnVEPMSVgApg&scor=2924671865787360&ged=ve4_td6_er944.1255.1099.1555_vi0.0.1200.1600_vp100_eb24168
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:31 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 16E2 		156 B
748 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22597404845%2FSMG_Playbuzz%2Fpreroll%2Fsyndication_150&description_url=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Fnews%2Fduis-fall-48-in-sonoma-valley-in-2022%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1881993399682245&sdkv=h.3.549.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=445&ptt=20&adk=2978923974&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.549.0&sid=9B9C2CC6-CD59-4EF2-961C-2E1A306A918B&nel=0&eid=44748969%2C44750823%2C44765701%2C44777647&url=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Fnews%2Fduis-fall-48-in-sonoma-valley-in-2022%2F&dt=1672143030895&cookie=ID%3D713d0f657e7a0d72%3AT%3D1672143026%3AS%3DALNI_MaLPmPqHFs2ujTX8YJdnJwsiQ4iOA&gpic=UID%3D00000b991ba12ed0%3AT%3D1672143026%3ART%3D1672143026%3AS%3DALNI_MamFbhrtnHwpZU_nAbnVEPMSVgApg&scor=2710327515727689&ged=ve4_td6_er944.1255.1099.1555_vi0.0.1200.1600_vp100_ts0_eb24168
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:31 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 0DBF 		156 B
185 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22597404845%2FSMG_Playbuzz%2Fpreroll%2Fsyndication_3&description_url=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Fnews%2Fduis-fall-48-in-sonoma-valley-in-2022%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2067035860237290&sdkv=h.3.549.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=445&ptt=20&adk=2058074073&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.549.0&sid=9B9C2CC6-CD59-4EF2-961C-2E1A306A918B&nel=0&eid=44748969%2C44750823%2C44765701%2C44777647&url=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Fnews%2Fduis-fall-48-in-sonoma-valley-in-2022%2F&dt=1672143030931&cookie=ID%3D713d0f657e7a0d72%3AT%3D1672143026%3AS%3DALNI_MaLPmPqHFs2ujTX8YJdnJwsiQ4iOA&gpic=UID%3D00000b991ba12ed0%3AT%3D1672143026%3ART%3D1672143026%3AS%3DALNI_MamFbhrtnHwpZU_nAbnVEPMSVgApg&scor=3978775084032520&ged=ve4_td6_er944.1255.1099.1555_vi0.0.1200.1600_vp100_ts0_eb24168
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:31 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=318729312&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Fnews%2Fduis-fall-48-in-sonoma-valley-in-2022%2F&ul=en-us&de=UTF-8&dt=DUIs%20fall%2048%25%20in%20Sonoma%20Valley%20in%202022&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=G2I.Connext&ea=MeterLevelSet&el=%7B%22MeterDetermineMethod%22%3A%22Default%22%2C%22MeterRuleName%22%3A%22NA%22%2C%22MeterLevel%22%3A%22Metered%22%7D&_u=aEHAAEABAAAAACAAI~&jid=&gjid=&cid=594819456.1672143026&tid=UA-143600161-1&_gid=510789851.1672143026&gtm=2wgbu0T89FCNT&cd1=1672143030956.biil7ikv&cd2=6d2f18942a6f96a0f9a2f44e76142c33&cd3=Not%20Set&cd4=Not%20Set&cd5=Not%20Set&cd6=Unknown&cd7=Metered&cd8=Not%20Set&cd9=Not%20Set&cd10=Not%20Set&cd11=Not%20Set&cd12=Not%20Set&cd13=Not%20Set&cd14=Not%20Set&cd15=Not%20Set&cd16=Unknown&cd17=1672143030957.0.7iefsouwovr&cd18=Not%20Set&cd19=Default&cd20=1.2.7.1&z=597745911
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 02:42:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
34079
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=318729312&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Fnews%2Fduis-fall-48-in-sonoma-valley-in-2022%2F&ul=en-us&de=UTF-8&dt=DUIs%20fall%2048%25%20in%20Sonoma%20Valley%20in%202022&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=G2I.Connext&ea=MeterStart&el=%7B%22ConversationName%22%3A%22Not%20Set%22%2C%22MeterLevel%22%3A%22Metered%22%2C%22ConversationDateStarted%22%3A%22Not%20Set%22%2C%22ConversationDateEnded%22%3A%22Not%20Set%22%2C%22ConversationDateExpiratation%22%3A%22Not%20Set%22%2C%22ConversationPaywallLimit%22%3A%22Not%20Set%22%2C%22ArticleViews%22%3A%22Not%20Set%22%7D&_u=aEHAAEABAAAAACAAI~&jid=&gjid=&cid=594819456.1672143026&tid=UA-143600161-1&_gid=510789851.1672143026&gtm=2wgbu0T89FCNT&cd1=1672143031070.b63260y&cd2=6d2f18942a6f96a0f9a2f44e76142c33&cd3=Not%20Set&cd4=Not%20Set&cd5=Not%20Set&cd6=Unknown&cd7=Metered&cd8=Not%20Set&cd9=Not%20Set&cd10=Not%20Set&cd11=Not%20Set&cd12=Not%20Set&cd13=Not%20Set&cd14=Not%20Set&cd15=Not%20Set&cd16=Unknown&cd17=1672143031071.0.pgaqrmxvxtn&cd18=Not%20Set&cd19=Default&cd20=1.2.7.1&z=960693716
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 02:42:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
34080
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=318729312&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Fnews%2Fduis-fall-48-in-sonoma-valley-in-2022%2F&ul=en-us&de=UTF-8&dt=DUIs%20fall%2048%25%20in%20Sonoma%20Valley%20in%202022&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=G2I.Connext&ea=ConversationDetermined&el=%7B%22ConversationName%22%3A%22Default%22%2C%22MeterLevel%22%3A%22Metered%22%2C%22ConversationDateStarted%22%3A%222022-12-27T12%3A10%3A30Z%22%2C%22ConversationDateEnded%22%3A%22Not%20Set%22%2C%22ConversationDateExpiratation%22%3A%222023-01-26T12%3A10%3A30Z%22%2C%22ConversationPaywallLimit%22%3A%222%22%2C%22ArticleViews%22%3A%221%22%7D&_u=aEHAAEABAAAAACAAI~&jid=&gjid=&cid=594819456.1672143026&tid=UA-143600161-1&_gid=510789851.1672143026&gtm=2wgbu0T89FCNT&cd1=1672143031075.dyiu9tk&cd2=6d2f18942a6f96a0f9a2f44e76142c33&cd3=Not%20Set&cd4=Not%20Set&cd5=Not%20Set&cd6=Unknown&cd7=Metered&cd8=Default&cd9=1&cd10=1&cd11=2&cd12=2022-12-27T12%3A10%3A30Z&cd13=2023-01-26T12%3A10%3A30Z&cd14=Not%20Set&cd15=Not%20Set&cd16=Unknown&cd17=1672143031076.0.y3e6rjt6sfb&cd18=Not%20Set&cd19=Default&cd20=1.2.7.1&z=1654577219
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 02:42:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
34080
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
100016sit-speed-bump.jpg
cdn.czx5eyk0exbhwp43ya.biz/upload_images/ 		65 KB
65 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.czx5eyk0exbhwp43ya.biz/upload_images/100016sit-speed-bump.jpg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CC5) /
Resource Hash
3f8fa488e1d0927ac3b44d53dc52022817198da93ee31e76238c5ead247027c6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
AppendBlob
date
Tue, 27 Dec 2022 12:10:31 GMT
age
506636
x-cache
HIT
content-length
66133
x-ms-lease-status
unlocked
last-modified
Tue, 29 Jun 2021 02:25:04 GMT
server
ECAcc (frc/4CC5)
x-ms-blob-committed-block-count
1
etag
0x8D93AA51AC751FD
content-type
image/jpeg
access-control-allow-origin
*
x-ms-request-id
69b37406-c01e-003e-1350-1560c1000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,x-ms-blob-committed-block-count,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
accept-ranges
bytes
100016SIT-url-B2CLogo-2016_Revised.png
cdn.czx5eyk0exbhwp43ya.biz/upload_images/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.czx5eyk0exbhwp43ya.biz/upload_images/100016SIT-url-B2CLogo-2016_Revised.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (frc/4CA7) /
Resource Hash
817d8e17fa9b007bd98618831cd4d3d63b5b61cdc254f5c595cf5eb1a83ecaed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-ms-blob-type
AppendBlob
date
Tue, 27 Dec 2022 12:10:31 GMT
age
434759
x-cache
HIT
content-length
9702
x-ms-lease-status
unlocked
last-modified
Fri, 20 Sep 2019 21:54:33 GMT
server
ECAcc (frc/4CA7)
x-ms-blob-committed-block-count
1
etag
0x8D73E151F16C3AE
content-type
image/png
access-control-allow-origin
*
x-ms-request-id
f53da05d-601e-0037-15f7-152512000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
accept-ranges
bytes
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pv&page=DUIs%20fall%2048%25%20in%20Sonoma%20Valley%20in%202022&metered=1%7C2&metername=Default&tv=js-3.0.146&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=18&tid=67b55f1b-0186-4025-af93-5131d56aa42c&pid=b6898986-e438-4688-961d-1fd20b11321c&dtm=1672143031124&qnm=_matherq&visible=1&tabid=6ca31d76-ee54-4a72-8f76-1b022d37408c&url=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Fnews%2Fduis-fall-48-in-sonoma-valley-in-2022%2F&vp=1600x1200&ds=4000x6257&tofa=1672143027&vid=1&lvidt=1672143027&duid=37ab921dfcbf0be0&fp=983239506&cid=ma16916&mrk=901956900&cx=eyJhY3Rpb24iOnsiY2F0ZWdvcnkiOiJkaXNwbGF5IiwiYWN0aW9uIjoibW9kYWwiLCJkYXRhIjp7Im1ldGVyIjp7ImlkIjoiMiIsIm5hbWUiOiJNZXRlcmVkIiwibWV0aG9kIjoiRGVmYXVsdCJ9LCJjYW1wYWlnbiI6eyJpZCI6IjEwMDA2NyIsIm5hbWUiOiJTSVQgTWF0aGVyIElQQyAyMDIyMTIwOSJ9LCJjb252ZXJzYXRpb24iOnsibmFtZSI6IkRlZmF1bHQiLCJvcmRlciI6IjYifSwiYWN0aW9uIjp7Im5hbWUiOiJNb2RhbCBBcnRpY2xlIDEiLCJ0eXBlSWQiOiIyIiwidHlwZU5hbWUiOiJtb2RhbCIsIm9yZGVyIjoiNiJ9fSwidmVuZG9yIjoibWcyIiwidHlwZSI6InVua25vd24ifSwiaWRlbnRpdGllcyI6W3sidHlwZSI6ImdhIiwiaWQiOiI1OTQ4MTk0NTYiLCJyZWZUaW1lIjoiMTY3MjE0MzAzMTEyMyJ9LHsidHlwZSI6Im1nMiIsImlkIjoiNmQyZjE4OTQyYTZmOTZhMGY5YTJmNDRlNzYxNDJjMzMiLCJyZWZUaW1lIjoiMTY3MjE0MzAzMTExNiJ9XSwiYXVkaWVuY2UiOlt7InByb3ZpZGVyIjoidXNlckRCIiwic2VnbWVudHMiOlsiTUFUSEVSX1UySV9GSVJTVFRJTUVfMjAyMDA1MjIiLCJNQVRIRVJfVTlJX1JFR01FVDNfMjAyMTEwMDEiXSwicGFnZUlkIjoiYjY4OTg5ODYtZTQzOC00Njg4LTk2MWQtMWZkMjBiMTEzMjFjIn0seyJwcm92aWRlciI6ImlTZWdzIiwic2VnbWVudHMiOlsiTUFUSEVSX1UySV9GSVJTVFRJTUVfMjAyMDA1MjIiLCJNQVRIRVJfVTlJX1JFR01FVDNfMjAyMTEwMDEiXSwicGFnZUlkIjoiYjY4OTg5ODYtZTQzOC00Njg4LTk2MWQtMWZkMjBiMTEzMjFjIn1dLCJtZzJEYXRhIjp7InZlcnNpb24iOiJWZXJzaW9uOiAyLjguMy40IiwiZW52aXJvbm1lbnQiOiJwcm9kIiwiYXV0aFN5c3RlbSI6Ik1HMiIsImNhbXBhaWduTmFtZSI6IlNJVCBNYXRoZXIgSVBDIDIwMjIxMjA5IiwiY2FtcGFpZ25JZCI6IjEwMDA2NyIsInN1YnNjcmlwdGlvbnMiOltdLCJjb252ZXJzYXRpb24iOnsiSWQiOiIxMDAzMjciLCJDb2RlIjoiMTAwMjQ3IiwiTmFtZSI6IkRlZmF1bHQiLCJPcmRlciI6IjYiLCJQcm9wZXJ0aWVzIjp7IlBheXdhbGxMaW1pdCI6IjIiLCJWaWV3cyI6IjEiLCJEYXRlIjp7IkV4cGlyYXRpb24iOiIyMDIzLTAxLTI2VDEyOjEwOjMwLjk4NFoiLCJTdGFydGVkIjoiMjAyMi0xMi0yN1QxMjoxMDozMC45ODRaIn0sIkFydGljbGVMZWZ0IjoiMSIsIlZpZXdUeXBlIjoiQ29udmVyc2F0aW9uIiwiUGF5d2FsbEluZm8iOnsiQXJ0aWNsZUxlZnQiOnsiQ29udmVyc2F0aW9uIjoiMSIsIk1ldGVyIjoidW5saW1pdGVkIn0sIkxpbWl0Ijp7IkNvbnZlcnNhdGlvbiI6IjIiLCJNZXRlciI6InVubGltaXRlZCJ9LCJNaW5WaWV3IjoiQ29udmVyc2F0aW9uIn19fX0sInVzZXJEYXRhIjp7Im1nMkRhdGEiOnsiT3duZWRTdWJzY3JpcHRpb25zIjpbXSwiQXV0aFN5c3RlbSI6Ik1HMiIsIkRpZ2l0YWxBY2Nlc3MiOnsiQWNjZXNzTGV2ZWwiOnt9LCJTdWJzY3JpcHRpb24iOltdfSwiSWdtUmVnSUQiOm51bGwsIkVtYWlsIjoiIiwiTnp3TGlkIjpudWxsLCJNYXN0ZXJJZCI6bnVsbCwiRGlzcGxheU5hbWUiOiIiLCJFbWFpbFByZWZlcmVuY2VzIjpudWxsfX19
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.217.241.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-241-65.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Tue, 27 Dec 2022 12:10:31 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=318729312&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Fnews%2Fduis-fall-48-in-sonoma-valley-in-2022%2F&ul=en-us&de=UTF-8&dt=DUIs%20fall%2048%25%20in%20Sonoma%20Valley%20in%202022&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=G2I.Connext&ea=ActionShown&el=%7B%22ConversationName%22%3A%22Default%22%2C%22MeterLevel%22%3A%22Metered%22%2C%22ActionName%22%3A%22Modal%20Article%201%22%2C%22ActionType%22%3A%22Modal%22%7D&_u=aEHAAEABAAAAACAAI~&jid=&gjid=&cid=594819456.1672143026&tid=UA-143600161-1&_gid=510789851.1672143026&gtm=2wgbu0T89FCNT&cd1=1672143031132.kafahgyl&cd2=6d2f18942a6f96a0f9a2f44e76142c33&cd3=Not%20Set&cd4=Not%20Set&cd5=Not%20Set&cd6=Unknown&cd7=Metered&cd8=Default&cd9=1&cd10=1&cd11=2&cd12=2022-12-27T12%3A10%3A30Z&cd13=2023-01-26T12%3A10%3A30Z&cd14=Modal%20Article%201&cd15=Modal&cd16=Unknown&cd17=1672143031132.0.cbhmkdi2zid&cd18=Not%20Set&cd19=Default&cd20=1.2.7.1&z=1564886338
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 02:42:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
34080
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j98&a=318729312&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Fnews%2Fduis-fall-48-in-sonoma-valley-in-2022%2F&ul=en-us&de=UTF-8&dt=DUIs%20fall%2048%25%20in%20Sonoma%20Valley%20in%202022&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=G2I.Connext&ea=PageView&el=%7B%22Page%22%3A%22DUIs%20fall%2048%25%20in%20Sonoma%20Valley%20in%202022%22%2C%22ContentType%22%3A%22article%22%2C%22MeterLevel%22%3A%22Metered%22%7D&_u=aEHAAEABAAAAACAAI~&jid=&gjid=&cid=594819456.1672143026&tid=UA-143600161-1&_gid=510789851.1672143026&gtm=2wgbu0T89FCNT&cd1=1672143031152.ko9ld26&cd2=6d2f18942a6f96a0f9a2f44e76142c33&cd3=Not%20Set&cd4=Not%20Set&cd5=Not%20Set&cd6=Unknown&cd7=Metered&cd8=Default&cd9=1&cd10=1&cd11=2&cd12=2022-12-27T12%3A10%3A30Z&cd13=2023-01-26T12%3A10%3A30Z&cd14=Modal%20Article%201&cd15=Modal&cd16=Unknown&cd17=1672143031152.0.i1nhn98jbof&cd18=Not%20Set&cd19=Default&cd20=1.2.7.1&z=1965449095
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 02:42:31 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
34080
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
bid
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 		23 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Fnews%2Fduis-fall-48-in-sonoma-valley-in-2022%2F&pid=XONpwVcKPOr4r&cb=8&ws=1600x1200&v=22.1213.2134&t=2000&slots=%5B%7B%22sd%22%3A%22ad-4-728x90-desktop%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F94238257%2Fsit%2Fnews%22%7D%5D&schain=1.0%2C1!yourbow.com%2C63%2C1%2C%2C%2C&pubid=db83f9c6-a698-4a6a-89fb-c29c85426748&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.150 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-150.fra56.r.cloudfront.net
Software
Server /
Resource Hash
c905a799c91593b68a840f7aae0bd411b7f0d2d475c8f5f5a780d54018fb61b8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:31 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 a2eae5bb517678c9d6b43a2731b4462e.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P6
x-amz-rid
W846AR03KJKS2JP9DWK8
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.sonomanews.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
rJragFgVjXqBTnYpPD_aYrOoIBSt4QKkbreKLB03cJNB32_yziW5Yw==
areq
a.channelexco.com/ 		0
92 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.channelexco.com/areq?sid=&domain=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Fnews%2Fduis-fall-48-in-sonoma-valley-in-2022%2F&se=0cbae507-af91-45c7-b28d-39a534c8405e&pv=117.25&dd=www.sonomanews.com&gpvck=v022786905__600x337______DEF__nil__438&sa=shd&dmid1=1380393729-1016326434-83826257-1477400787&dmid2=1380393729-1016326434-83826257-270364595&dmid3=1380393729-1016326434-83826257-1618640937&dmid4=1380393729-1016326434-83826257-591280398&dmid5=1380393729-1016326434-83826257-820530290&dmid6=1380393729-1016326434-83826257-421257535&dmid7=1380393729-1016326434-83826257-581266452&dmid8=1380393729-1016326434-83826257-1233971748&dmid9=1380393729-1016326434-83826257-161327955&dmid10=1380393729-1016326434-83826257-915146560&cb=1672143031456
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
209.58.147.67 Dallas, United States, ASN394380 (LEASEWEB-USA-DAL, US),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:31 GMT
cache-control
no-cache
server
openresty
expires
Tue, 27 Dec 2022 12:10:30 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.sonomanews.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.sonomanews.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		31 KB
13 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2439481857926904&correlator=3297512119530338&eid=31071221&output=ldjh&gdfp_req=1&vrg=2022120501&ptt=17&impl=fifs&iu_parts=94238257%2Csit%2Cnews&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90%7C970x250&ifi=9&adks=1280480236&didk=3620416529&sfv=1-0-40&prev_scp=loggedin%3Dfalse%26position%3DBTF%26loc%3Dbottom%26type%3Darticle%26amznbid%3D2%26amznp%3D2&eri=1&sc=1&cookie=ID%3D713d0f657e7a0d72%3AT%3D1672143026%3AS%3DALNI_MaLPmPqHFs2ujTX8YJdnJwsiQ4iOA&gpic=UID%3D00000b991ba12ed0%3AT%3D1672143026%3ART%3D1672143026%3AS%3DALNI_MamFbhrtnHwpZU_nAbnVEPMSVgApg&abxe=1&dt=1672143031466&lmt=1672143031&dlt=1672143024729&idt=1383&adxs=1636&adys=5258&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=6&ucis=9&oid=2&color_bg=FFFFFF&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Fnews%2Fduis-fall-48-in-sonoma-valley-in-2022%2F&frm=20&vis=1&psz=4000x0&msz=728x0&fws=1156&ohw=1600&psts=ACgb8tuRJQV3aL0wM5iAvTk_u1w1%2CACgb8tuRJQV3aL0wM5iAvTk_u1w1%2CACgb8tvTgdNoaf7ddce5acpAop1AOQhjHCcWSPIEBsGcyShVcqvkz6E3AnaQZca39r54aiXEc1nbFW7L7UtRWJvbLLo%2CACgb8tv6yOgAMVs6W9NFuYHsbGa55gpMOlrHjuSzke3VwdPA2bSbDPguAbfUVMcu0glWjLYLKaGF0rQaGM8Cqjkqo4k%2CACgb8tulr7_tU5DKxZT3YvvorEW2DnvMKJL1JeI02kpCkqzNFgPqHFubbSydzwHnuitQa0aeXXOJI_aGSFXE55wY838%2CACgb8tuep00PrqgnXY-3YWA_Bxt3xseh0PCSRtiYW7zX5QEkPcC5qHkDDJ1PAhf8VlMKWXV0zIOQ56SkoOIsCD5Ndq4%2CACgb8tvAF6HXfOCtygOD_HrcN-OEC8_IGnHdnyuT-zXnzEc9MzHYEFvttZkc4U791d1vxDZwPD0fFS24Zmpn4ceJIC4%2CACgb8tspmSUlEXbUt25MjW0BPpEsK1vMsca2e69WRCsmtXRFZoEm8fVTNbil2uQo5RMM6klOrZYP9PxSLsmZjkxt49Q&ga_vid=594819456.1672143026&ga_sid=1672143027&ga_hid=318729312&ga_fc=true
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f281e2ca97781c91ae19675a803282c8dd524db96b98845267494cc282cfe89e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:31 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13181
x-xss-protection
0
google-lineitem-id
6179389875
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138417125431
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sonomanews.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
bridge3.549.0_en.html
imasdk.googleapis.com/js/core/ Frame AB78 		693 KB
222 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80d::200a , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
95b968e13d205a7842b355f9bd82f9f64f6f272ff0810734c49d2bb89d64a336
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
557834
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
227324
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Wed, 21 Dec 2022 01:13:17 GMT
expires
Thu, 21 Dec 2023 01:13:17 GMT
last-modified
Fri, 09 Dec 2022 15:29:50 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.sonomanews.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.sonomanews.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
4.9e54de582f68c7c62e02.css
cdn.viafoura.net/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/4.9e54de582f68c7c62e02.css
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:dc00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
70cf10625d5fb5f040d803947fe94ee233e5afeaecd19aaa258398ae2a4bda9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 18:03:32 GMT
x-amz-version-id
48yjPb47siBwwDCZ30IWK.PJ28fFMDdY
content-encoding
br
via
1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
age
583619
x-amz-cf-pop
FRA56-P2
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 20 Dec 2022 18:02:54 GMT
server
AmazonS3
etag
W/"3ea70472e056e0a62887a2a959f71341"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
odAsNX4W4wmiiHVbLZeHuaOuyA85rLq0AxIok1qw2H8wHb9PMjimcA==
default~comments_js~conversation_starter_js~liveblog_js~standalone_ad_js~trending_articles_js.ffb08d458114364322a0.js
cdn.viafoura.net/chunks/ 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/default~comments_js~conversation_starter_js~liveblog_js~standalone_ad_js~trending_articles_js.ffb08d458114364322a0.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:dc00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
da6b00e60fd7f44bc35c482222c5d15a0ce187589c344081655b7cf01dcd0a54

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 18:03:32 GMT
x-amz-version-id
0NB4gV1uBdqhN4AJr4os7Pzxwhc_k5rU
content-encoding
br
via
1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
age
583619
x-amz-cf-pop
FRA56-P2
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 20 Dec 2022 18:02:41 GMT
server
AmazonS3
etag
W/"73298c3b6b4f28cc5000f52204e62db0"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
bGW8IL3x5jASdC8TmLcSgjyOr-5ovsZMi2aPNHrFCPP0-aRAnARi8Q==
168.dfe91e0994f4ad964576.css
cdn.viafoura.net/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/168.dfe91e0994f4ad964576.css
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:dc00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c0d4c9d4a0917467abcb650f6ed2ae82017b7d3c312dfa4c16f9aec4b7a08694

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 18:03:33 GMT
x-amz-version-id
lulaOYDBznVKdy02_Jzecfnh6Dtjgp.g
content-encoding
br
via
1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
age
583619
x-amz-cf-pop
FRA56-P2
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 20 Dec 2022 18:02:52 GMT
server
AmazonS3
etag
W/"5f94e6b8f600d19fd592b41f8d2d304c"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
pvB0IGEN8oiGyzmHeWarkqrF5Ic9lNPO4nT_Na0C3nP7wUOiSTc1Xg==
trending_articles_js.986d59926a9eac25dc79.js
cdn.viafoura.net/chunks/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/trending_articles_js.986d59926a9eac25dc79.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:dc00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0f3a622bf77935b194a4b8ed221f5606b0251d0a997bc3f7dc4b50869c104bae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 18:03:32 GMT
x-amz-version-id
OcM1BvyRmm3T3LnjV1HjzdFnK6k5Vddd
content-encoding
br
via
1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
age
583620
x-amz-cf-pop
FRA56-P2
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 20 Dec 2022 18:02:43 GMT
server
AmazonS3
etag
W/"9985fb53db8bd8684207702c50d17d16"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
mAR6NVUa3ChmEp2iSg5pj6kYW5IQWd-ot4UHjkJoao7eQhsJSnTUMg==
trending_articles-module-js.f94e2b9282e58aaf4880.js
cdn.viafoura.net/chunks/vuex_store/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vuex_store/trending_articles-module-js.f94e2b9282e58aaf4880.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:dc00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
338f5f12f82aacd7f851ad91b861a5b95ae6ce852687dee9e026fb3b1ab81eee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 18:03:32 GMT
x-amz-version-id
D6aUml_p9h6Dd8tAd0DVMIYbdD4iB1sV
content-encoding
br
via
1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
age
583620
x-amz-cf-pop
FRA56-P2
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 20 Dec 2022 18:02:39 GMT
server
AmazonS3
etag
W/"156142f5eead9697d5edec54052ae5a9"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
i9Fm4zUA43oWOIRMP3OzbPhiv43w5FSOZvhKrsexNE1APgJFI7Bmrg==
ads
pubads.g.doubleclick.net/gampad/ Frame AB78 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F7103%2C22597404845%2FSMG_Playbuzz%2Fpreroll%2Fsyndication_150&description_url=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Fnews%2Fduis-fall-48-in-sonoma-valley-in-2022%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4365146187958847&sdkv=h.3.549.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&u_so=l&ctv=0&sdki=445&ptt=20&adk=1186553266&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.549.0&sid=9B9C2CC6-CD59-4EF2-961C-2E1A306A918B&nel=0&eid=44748969%2C44750823%2C44765701%2C44777647&url=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Fnews%2Fduis-fall-48-in-sonoma-valley-in-2022%2F&dt=1672143031695&cookie=ID%3D713d0f657e7a0d72%3AT%3D1672143026%3AS%3DALNI_MaLPmPqHFs2ujTX8YJdnJwsiQ4iOA&gpic=UID%3D00000b991ba12ed0%3AT%3D1672143026%3ART%3D1672143026%3AS%3DALNI_MamFbhrtnHwpZU_nAbnVEPMSVgApg&scor=299855248199671&ged=ve4_td7_tt1_pd7_la7000_er944.1255.1099.1555_vi0.0.1200.1600_vp100_ts1_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.549.0_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:32 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
en-us-privacy_policy-json.3c1079f0fb4f52eb2cdb.js
cdn.viafoura.net/chunks/languages/ 		1 KB
909 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/languages/en-us-privacy_policy-json.3c1079f0fb4f52eb2cdb.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:dc00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
55e564a7aa1896453c5eeeb8a8208ae6befe4bd29c83652759998780e1f275a7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 18:03:32 GMT
x-amz-version-id
6ZxaKaWI7KDCwDYBlUSqgJM0JIy.4tJz
content-encoding
br
via
1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
age
583620
x-amz-cf-pop
FRA56-P2
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 20 Dec 2022 18:02:32 GMT
server
AmazonS3
etag
W/"d4f34429b355512b04b8979c7a3037f8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
cKKvSfQg45f9vtV9k1-okccplWntXHN1j0jyUMlnT31jfG0iAv4MKA==
trendingrecommended
livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-f9a45be2b954/ 		5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-f9a45be2b954/trendingrecommended?limit=6&content_container_window_days=7&content_window_hours=1&sorted_by=total_visible_contents
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.198.19.104 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-198-19-104.compute-1.amazonaws.com
Software
/
Resource Hash
c405b5a05485999ec5d83ec3913da1ecc4412d2d73da90bfdfe9ccf3fc75912d

Request headers

Accept
application/json
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
X-UNIQUE-ID
8c27dfad-034c-42c5-b851-fed46cab6dbf
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
application/json;charset=utf-8

Response headers

access-control-allow-origin
https://www.sonomanews.com
date
Tue, 27 Dec 2022 12:10:31 GMT
content-encoding
gzip
access-control-allow-credentials
true
content-length
1962
content-type
application/json
trendingrecommended
livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-f9a45be2b954/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-f9a45be2b954/trendingrecommended?limit=6&content_container_window_days=7&content_window_hours=1&sorted_by=total_visible_contents
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.213.39.37 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-213-39-37.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,x-unique-id
Access-Control-Request-Method
GET
Origin
https://www.sonomanews.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
authorization,X-REQUEST-SIGNATURE,content-type,X-UNIQUE-ID
access-control-allow-methods
DELETE,GET,PUT,PATCH,POST
access-control-allow-origin
https://www.sonomanews.com
access-control-max-age
43200
content-length
0
date
Tue, 27 Dec 2022 12:10:31 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 4C84 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstcqgJZKAzKT3jdHiiHxzmuSH_k7Ktzi0hblpfy0RUNtp32o-pKBe_8MRJHAPNdwdGc7EcgDvCIX0C16w8dECxSTQU5cKxWDjNkj8DY-ylT-zX2QhypHH5wkU2cj67_IGNkffwUUY_mTkm1q4ohh_uLmZ21UIEwYdOoDtK4P2o3U9tMhGTpGMHTFAF-1J6YiMF_F9ixzOoXze2uoE5a3Gbbt3bBUZt6QVrWkoU_rhE336YNC1iDQPGdxGLqpXjD2mti1SLq1NoNUJ0Hf77PxoyOQSHPSkWFL73p5AfPC5nVEZz3rGFnM88pSGJwfkwYUQ&sai=AMfl-YTCowDNtJCxzj2OLH7ew66AGs_XUXOvQ_1jKS2OJdAYS-mJljgPZ4RjD-y1rrgwCWr9tSYqOP-14Uslhb_QnbUi77-cwQzluL5BNs6pTgkRbqhTvqomaTWnNPEdBM_r&sig=Cg0ArKJSzHor_7H2EmRIEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.sonomanews.com
URL: https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/ Frame 4C84 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20221207/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 01:38:32 GMT
content-encoding
br
x-content-type-options
nosniff
age
37919
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Tue, 10 Jan 2023 01:38:32 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4C84 		153 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80a::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
47725
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1670417373259609"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Tue, 27 Dec 2022 12:10:31 GMT
7038088694805468029
tpc.googlesyndication.com/simgad/ Frame 4C84 		110 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/7038088694805468029
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:806::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6e9db089fae03555c3689c823e020f9ac7fec845f0a09845aea6e3319c264504
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Fri, 23 Dec 2022 21:34:16 GMT
x-content-type-options
nosniff
age
311775
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
112905
x-xss-protection
0
last-modified
Fri, 23 Dec 2022 18:25:06 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 23 Dec 2023 21:34:16 GMT
l
www.google.com/ads/measurement/ Frame 4C84 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaSyI2Av-NlyAl6FaOKiNGVqJkh4PzuCmwtyy9ApBFushwfMMe__PSLqbkJ1R77uZwKOdtg8
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js?cb=31071221
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:80e::2004 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers
truncated
/ Frame 4C84 		208 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
95a2e00950ddd720eb0de60b9bf255a361c6ffebe2b0e855127babc1b7d7e8d7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 4C84 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstMUrfNy-Ye5pAZ6M-cQOe7hhNj0pp8NyI-0Q685_QpnGFbUCQBC1U7N3OgrYjOO7qNArgVkUFb5GykTLbZD6nifrky7sq2afpgJp817OyyLonVDOofsj0f6ivLhgicDEkEZUWBu99LD5dhfnq9gt8Vis3DeqT3ckZTNMc3eR3q-zLunRnSBwNhqoTG_nXzrEpE4iob54eo1H3p4V-R0jcUHeGKerIhmj8G5XcI8SPgE37PouZV228044TLbh9c6hbynx-NewYFN2EBUcATNETULm6dzGgKSw1EF3H1SevNNQedlJLr93IOrOc69dQJeMVs&sai=AMfl-YROsAR2a5GX9G4YZA2TWoZF_J56n_nBGnaERva2mBmIU72yHfKuK_A32DjrVX0Tei2M62m3Uf8Lh3KCzskwRNeUS7vEREPnpZII5k5mPeVljRq2SJPW5ecU5XtEutWe&sig=Cg0ArKJSzHETAhfsj0JcEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400d:808::2002 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 27 Dec 2022 12:10:31 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Tue, 27 Dec 2022 12:10:31 GMT
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjoiNjE3OTM4OTg3NSIsImVidXkiOiIzMTIxNjM4MTQ0IiwiZWFkdiI6IjQ5MjAwODE1MzAiLCJlY2lkIjoiMTM4NDE3MTI1NDMxIiwiZWVudiI6ImoiLCJlcGlkIjoiOTQxMjU1MzciLCJlc2lkIjoiOTMyMzgzNzcifQ&tv=js-3.0.146&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=18&tid=67fdf6e7-29ad-47eb-aaa8-cb23fc91a466&pid=b6898986-e438-4688-961d-1fd20b11321c&dtm=1672143031939&qnm=_matherq&visible=1&tabid=6ca31d76-ee54-4a72-8f76-1b022d37408c&url=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Fnews%2Fduis-fall-48-in-sonoma-valley-in-2022%2F&vp=1600x1200&ds=4000x6417&tofa=1672143027&vid=1&lvidt=1672143027&duid=37ab921dfcbf0be0&fp=983239506&cid=ma16916&mrk=901956900
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.217.241.65 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-217-241-65.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Tue, 27 Dec 2022 12:10:31 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
170.bacbaddae828218d5d29.css
cdn.viafoura.net/ 		15 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/170.bacbaddae828218d5d29.css
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:dc00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8b41cdb3b4f114ba8f88f818247f653d146adc1e01aac0fbb2f74083ae197bf7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 18:03:34 GMT
x-amz-version-id
BNMtLNc0YobBUzMXWGsWh5LxEupZJJ4z
content-encoding
br
via
1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
age
583618
x-amz-cf-pop
FRA56-P2
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 20 Dec 2022 18:02:53 GMT
server
AmazonS3
etag
W/"9cc2d8dcd0c056167dd46f66fb15747b"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
Dy1zqflJ14ReZIZ48bkNuQCt5G-2fvPBFwUOCqxpt3irZvn58HW8mg==
vendors~content_recirculation_js.f5b106479386a0e46230.js
cdn.viafoura.net/chunks/ 		139 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vendors~content_recirculation_js.f5b106479386a0e46230.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:dc00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
17997561402df35b164355af44f969047f1c0773078fe625f9f86fb685c0e1b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 18:03:33 GMT
x-amz-version-id
eHUeEcYGBmFPfBDD.84RrKkQbIsMTcS9
content-encoding
br
via
1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
age
583619
x-amz-cf-pop
FRA56-P2
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 20 Dec 2022 18:02:48 GMT
server
AmazonS3
etag
W/"0d8afb351f8f817ba3ddb84361988d26"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
0ElpWh1Kf7tHAzRi5U8pCFNZ-Cox7e-_iM6L2R7ehOpbZXpK782I6g==
35.2b4e60e51fcb7c9c4641.css
cdn.viafoura.net/ 		7 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/35.2b4e60e51fcb7c9c4641.css
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:dc00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
e0c01782d6198238b558f7ea731b53a280ec638836cf706535d0c3744d0f648f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 18:03:34 GMT
x-amz-version-id
.HQ3jH8oyaML84FlCCt55eQQvyCdj7cQ
content-encoding
br
via
1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
age
583618
x-amz-cf-pop
FRA56-P2
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 20 Dec 2022 18:02:53 GMT
server
AmazonS3
etag
W/"2f29ca5b35114b557418fbfa07e4eb62"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
7i0RZgqqYq71mbsnAHKTY4TU_ggEriA-hurCUvoVmyfpI7TAlFwZIg==
content_recirculation_js.262c3f5e69831b36b628.js
cdn.viafoura.net/chunks/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/content_recirculation_js.262c3f5e69831b36b628.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:dc00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1c8b57e8972aaa31245e046ddf41f158935c8e76516e742f05583c6bc2976139

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 18:03:33 GMT
x-amz-version-id
JtLWOhCe4VW7_G1Ds0iCvGiwjFLIqLQp
content-encoding
br
via
1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
age
583619
x-amz-cf-pop
FRA56-P2
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 20 Dec 2022 18:02:50 GMT
server
AmazonS3
etag
W/"874088edfdbfb0558efb3b7766312272"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
sIXfe8eYbFWN_f_0f2QrAL5Hj_v_YFhLt1KR185-AQCL75-5hTbiZw==
collect
region1.google-analytics.com/g/ Frame 5CCE 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-5SVQVJW3D6&gtm=2oebu0&_p=952440186&cid=594819456.1672143026&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1672143027&sct=1&seg=0&dl=https%3A%2F%2Fnewsletter.sonomanews.com%2Fframed%2Fsingle%2Fa3adc18b5cb65f9d29d5f908b3bdadc1%3Fpref%3Dsit_daily%26hideImage%3D1%26padCopy%3D0%26fid%3D4643&dr=https%3A%2F%2Fwww.sonomanews.com%2Farticle%2Fnews%2Fduis-fall-48-in-sonoma-valley-in-2022%2F&dt=The%20Sonoma%20Index-Tribune&en=scroll&epn.percent_scrolled=90
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5SVQVJW3D6
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsletter.sonomanews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 12:10:32 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://newsletter.sonomanews.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
events
prd-collector-anon.ex.co/main/ 		0
138 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prd-collector-anon.ex.co/main/events
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.204.2.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-204-2-157.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.sonomanews.com
date
Tue, 27 Dec 2022 12:10:32 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
content-type
text/plain; charset=utf-8
/
imengine.prod.srp.navigacloud.com/ 		166 KB
167 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imengine.prod.srp.navigacloud.com/?uuid=8448c10f-5728-54cc-a680-7fb1593dff3c&type=primary&q=72&width=1200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-97.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
fe17b6d2e67ad4e1aa0ad850ebc17a79edf8a9ec64c7557642859a2c149be67c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
public
date
Fri, 23 Dec 2022 00:05:50 GMT
via
1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
last-modified
Fri, 23 Dec 2022 00:05:50 +0000
server
nginx
x-amz-cf-pop
FRA6-C1
age
389082
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=15552000
x-amz-cf-id
asiSmxJEXW4TfEsMMyjqVgrReCmIl7ypdgYsgxaYYi6vyACORS6EKw==
expires
Wed, 21 Jun 2023 00:05:50 GMT
/
imengine.prod.srp.navigacloud.com/ 		79 KB
79 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imengine.prod.srp.navigacloud.com/?uuid=ab235039-6ba2-520a-bda0-6ee9ac4a9624&type=primary&q=72&width=595
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-97.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
2032b5d1483674345f03bdfddc0b622aca78dbd37fccd864f4fd86bc85a22bcc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
public
date
Fri, 23 Dec 2022 23:55:44 GMT
via
1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
last-modified
Fri, 23 Dec 2022 23:55:44 +0000
server
nginx
x-amz-cf-pop
FRA6-C1
age
303288
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=15552000
x-amz-cf-id
Woy-aNZn4JFZfGgZHk2WumvcFkMmhw5kOofGcxXw7eAR82smzxDxWw==
expires
Wed, 21 Jun 2023 23:55:44 GMT
/
imengine.prod.srp.navigacloud.com/ 		183 KB
183 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imengine.prod.srp.navigacloud.com/?uuid=f724476e-f106-585a-8f7a-5e8616181003&type=primary&q=72&width=1200
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-97.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
07720d31f329bc8896238baefdf92f83c9f9a472dc07a04fd4c423bc49f23c6e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
public
date
Tue, 20 Dec 2022 16:05:29 GMT
via
1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
last-modified
Tue, 20 Dec 2022 16:05:29 +0000
server
nginx
x-amz-cf-pop
FRA6-C1
age
590703
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=15552000
x-amz-cf-id
Yn_ckRlsbnuBUjce0Kq9K4Zk0yI6m4DJi4LwUYX1tKHOqfmct3BN-w==
expires
Sun, 18 Jun 2023 16:05:29 GMT
/
imengine.prod.srp.navigacloud.com/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imengine.prod.srp.navigacloud.com/?uuid=3966df6e-5dab-5553-ba7f-3a98511305a4&type=primary&q=72&function=cropresize&crop_w=0.99999&crop_h=0.56285&x=1.0E-5&y=0.26923&width=239&height=179
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-97.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
8d662c76678f8667b7aa6a17880e8648d71df7f9d41c9d972eec878339d4546e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
public
date
Thu, 22 Dec 2022 01:54:57 GMT
via
1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
last-modified
Thu, 22 Dec 2022 01:54:57 +0000
server
nginx
x-amz-cf-pop
FRA6-C1
age
468935
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=15552000
x-amz-cf-id
1sz5uzPodHUwUB2g9egIyzNTw-S7LYnvboPg9txyH-sOebj2sXHFJw==
expires
Tue, 20 Jun 2023 01:54:57 GMT
/
imengine.prod.srp.navigacloud.com/ 		51 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://imengine.prod.srp.navigacloud.com/?uuid=7957efff-d1e7-530d-b60e-125f63fdf694&type=primary&q=72&width=1023
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-97.fra6.r.cloudfront.net
Software
nginx /
Resource Hash
cfd72708d3c986a47c98c4b74d4c76a41b9ab8367987c266db7021ab25106694

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma
public
date
Mon, 19 Dec 2022 18:48:42 GMT
via
1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
last-modified
Mon, 19 Dec 2022 18:48:42 +0000
server
nginx
x-amz-cf-pop
FRA6-C1
age
667310
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=15552000
x-amz-cf-id
CDZYI_gztWzYKwprMWqWzcrmkDD5-alwWBYX8EqLFXKGhjk2Ai5uUQ==
expires
Sat, 17 Jun 2023 18:48:42 GMT
events
e.channelexco.com/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://e.channelexco.com/events
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/b71320bf-a887-4bbf-b977-d585281f3ce6?passToSdk=true
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.82.15.162 The Colony, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Tue, 27 Dec 2022 12:10:32 GMT
access-control-request-method
GET, POST
server
openresty
access-control-allow-methods
GET, POST
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
*
landscape70bb198a-2a02-43ab-8086-d7253c1c691f_1672102305253.ts
mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1672102384/ 		168 KB
168 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_480,vc_h264:baseline:3.0,br_2m/v1672102384/landscape70bb198a-2a02-43ab-8086-d7253c1c691f_1672102305253.ts
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.23.88 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-23-88.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
6e7dcb0a5c18ee5673f27811af5057ec5dad4575be33cfbe2d08c630b5242c98

Request headers

Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Range
bytes=1033812-1205455

Response headers

Date
Tue, 27 Dec 2022 12:10:34 GMT
Cache-Tag
190331882429299698350243005207431615342,442961335422536579016385698101530148939,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 1033812-1205455/1555324
Connection
keep-alive
Content-Length
171644
X-Served-By
cache-iad-kiad7000149-IAD
Last-Modified
Tue, 27 Dec 2022 00:53:12 GMT
Server
cloudinary
X-Timer
S1672120700.686877,VS0,VE1
ETag
"356f11d6a654aa6c3b19f30ea450569e"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31535176
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
vendors~comments_js~conversation_starter_js~liveblog_js.cde1c2e9e0a57cbea0e2.js
cdn.viafoura.net/chunks/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vendors~comments_js~conversation_starter_js~liveblog_js.cde1c2e9e0a57cbea0e2.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:dc00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7143bfc56b97451a59a6e2b7c73941d8a35b894dda0aa48c8eef162ea0f403f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 18:03:32 GMT
x-amz-version-id
4v63bCO3hEoRehiC400GeKAxgXc4T_od
content-encoding
br
via
1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
age
583625
x-amz-cf-pop
FRA56-P2
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 20 Dec 2022 18:02:46 GMT
server
AmazonS3
etag
W/"922509540a0d1a1c99bbe0672042dcf5"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
lNaMsOh9DtnUfJkcMcC8ppqWJIappeaM_6AByJe_HM57Dj-8lEYJFA==
vendors~comments_js~liveblog_js.862a0b7921c3b7a46b74.js
cdn.viafoura.net/chunks/ 		264 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vendors~comments_js~liveblog_js.862a0b7921c3b7a46b74.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:dc00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 18:03:32 GMT
x-amz-version-id
rqqrXEW8ulxl3kvey5FGXSoSA3RpU6MO
content-encoding
br
via
1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
age
583625
x-amz-cf-pop
FRA56-P2
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 20 Dec 2022 18:02:43 GMT
server
AmazonS3
etag
W/"2cc7687cca94d58a04e47274b1717970"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
e6u5rfs4MLAEV3UlDReFAUlCu0zKQ7tKKE2VdvUJrWK75eOrEhBZ6Q==
32.018b4ac9a295433f926b.css
cdn.viafoura.net/ 		77 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/32.018b4ac9a295433f926b.css
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:dc00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b3d548c58ddba2b7ca32cba41e304e94589882500c4b587194072738afcf9e8f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 18:03:32 GMT
x-amz-version-id
NNKkV.9M_gMMnduWUqC65tsNQzTBa1TV
content-encoding
br
via
1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
age
583625
x-amz-cf-pop
FRA56-P2
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 20 Dec 2022 18:02:54 GMT
server
AmazonS3
etag
W/"6440fc146a8a25ebe6b867b9409c04f8"
vary
Accept-Encoding
content-type
text/css; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
16ZBbdNCjEznrxDUI2ztkvrQwtRb1LLCnaiDNpkP-wsBk69JuQzmfg==
comments_js.9f7c1167d6bb403cd409.js
cdn.viafoura.net/chunks/ 		248 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/comments_js.9f7c1167d6bb403cd409.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:dc00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 18:03:32 GMT
x-amz-version-id
bHCQUbz2Lh3gu1pJo3Rh6kOlLYqTqrZl
content-encoding
br
via
1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
age
583625
x-amz-cf-pop
FRA56-P2
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 20 Dec 2022 18:02:45 GMT
server
AmazonS3
etag
W/"9ef65e609e3bfc4b40097a04e8509ea8"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
zZPFcjF1AV_QRki3ehHSge6ILy0sgyo3cHLCKcCp_3D-TlFr-0aC0A==
livecomments-module-js.10834125f336217a0f6b.js
cdn.viafoura.net/chunks/vuex_store/ 		29 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vuex_store/livecomments-module-js.10834125f336217a0f6b.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:dc00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7cd1aa7ef35860f1ce164922596998ac4aa228b8a1132c45ced265b05893ca44

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 18:03:32 GMT
x-amz-version-id
FdYpEATxZBnJUMIGKtZvxkeoRGvW8cKS
content-encoding
br
via
1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
age
583625
x-amz-cf-pop
FRA56-P2
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 20 Dec 2022 18:02:38 GMT
server
AmazonS3
etag
W/"67ea06402227afccb0b0e02e859c5cbf"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
OR0qg2B3YYlAz0W6kSgBhVMmVim1MUZQbDvjB3HmWVZkb8mYi94noQ==
threads-module-js.2af154cbe250d8cc3eb3.js
cdn.viafoura.net/chunks/vuex_store/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vuex_store/threads-module-js.2af154cbe250d8cc3eb3.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:dc00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0d0419906db37393d78d9d5a5400f56154d4c3611f5861cda7f3b69fd23950aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 18:03:32 GMT
x-amz-version-id
kF6oR88iyOFU4P7fzFZIgyphGtYalya_
content-encoding
br
via
1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
age
583625
x-amz-cf-pop
FRA56-P2
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 20 Dec 2022 18:02:38 GMT
server
AmazonS3
etag
W/"ffecd0d151b8b4e07231a6735c14e696"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-id
GQ60vyVzvrlrMPk1qlEL3S7-yqtUGoYo_gemh1nqBmK4jtevJsAM8w==
interaction-module-js.ec92101d5c87e3f8a3c1.js
cdn.viafoura.net/chunks/vuex_store/ 		966 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.viafoura.net/chunks/vuex_store/interaction-module-js.ec92101d5c87e3f8a3c1.js
Requested by
Host: cdn.viafoura.net
URL: https://cdn.viafoura.net/vf-v2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:223c:dc00:8:2ae1:d740:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date
Tue, 20 Dec 2022 18:03:32 GMT
x-amz-version-id
Yp4PYVuD4IqSYa1hykIFUdEsCNCwHplC
via
1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
age
583625
x-amz-cf-pop
FRA56-P2
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
alt-svc
h3=":443"; ma=86400
content-length
966
last-modified
Tue, 20 Dec 2022 18:02:39 GMT
server
AmazonS3
etag
"15addd0a9a7960d5adfabe49bf417d8c"
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
accept-ranges
bytes
x-amz-cf-id
xXA8ay5Z1o0nniorjHw5iqcUhtDhXYp3MllUPn1upPSA4gyI9ofuiQ==
00000000-0000-4000-8000-f9a45be2b954
livecomments.viafoura.co/v4/livecomments/ 		0
0
00000000-0000-4000-8000-f9a45be2b954
livecomments.viafoura.co/v4/livecomments/ Frame 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
s7.addthis.com
URL
https://s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
Domain
livecomments.viafoura.co
URL
https://livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-f9a45be2b954?limit=10&container_id=13046a4e-b254-47f3-b6f2-0da1ab0223fe&reply_limit=5&sorted_by=num_likes_desc
Domain
livecomments.viafoura.co
URL
https://livecomments.viafoura.co/v4/livecomments/00000000-0000-4000-8000-f9a45be2b954?limit=10&container_id=13046a4e-b254-47f3-b6f2-0da1ab0223fe&reply_limit=5&sorted_by=num_likes_desc

Verdicts & Comments Add Verdict or Comment

272 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| oncontentvisibilityautostatechange object| dataLayer object| widgetQueue function| $ function| jQuery function| Template7 object| pageSections string| pageSection object| pageTags string| adSection string| tplSection string| tplTopSection string| tplPubDir number| refreshAdsEach string| pageType string| pageLayout string| legacyCmsId string| articleUuid undefined| cphPD boolean| cphSIT undefined| cphPAC undefined| cphNBBJ undefined| cphSCG undefined| cphLPS string| cphDomain string| cphCookieDomain string| cphPubName string| cphPubAbbrev string| cphFeedDir string| cphEnv object| googletag boolean| loadAmazonAds number| refreshVisibleAdsAfter object| smiDfp object| cphGlobal object| cphLoader string| smiPromoOffer function| getMIPC object| apstag object| tpl2018 object| smiBlock object| templateMap function| tpl2022Escape function| tpl2022BuildImage function| tpl2022BuildCopy function| tpl2022BuildArticle function| tpl2022VideoClickHandler function| tpl2022ImageForceGallery function| tpl2022ImageAddGallery number| disqusLoaded function| showDisqus2016 function| hideDisqus2016 function| checkmeter function| getpwCookie function| setpwCookie function| setABCCookie string| encCurURL string| encPrevURL object| _sf_async_config object| _cbq object| matherData string| matherEmail object| imageSizes object| siteConfig object| mainGallery object| mainGalleryTSM object| _cb_shared object| pSUPERFLY_mab object| pSUPERFLY function| atwpjp string| _atd function| _euc function| _duc object| _atc string| _atr object| addthis string| addthis_pub function| emdot object| _ate object| _adr object| addthis_conf function| addthis_open function| addthis_close function| addthis_sendto object| addthis_config object| _vf object| _vfs function| vfSetDefaultVars function| vfCookieSet function| vfCookieGet function| vfCookieDelete function| vfGetEmail function| vfKillSession function| vfIsSubscriber function| vfIsEmailSuppressed function| vfGetSessionId function| vfRenewInstance function| vfGetLists function| vfGetNameList function| vfGetBadList function| vfGetAvatarUrls function| vfSetAvatarUrl function| vfGetAvatarUrl function| vfIsGuest function| vfClickAvatar function| vfCommentFocus function| vfNameFocus function| vfNameBlur function| vfSubmitHandler function| vfPickAvatar function| vfInit function| vfDebounce function| vfSetListeners object| _cbm object| sitsectionnews115 object| sitpopularall110 function| loadViafouraIfNotLoaded object| mg2PageData boolean| apstagLOADED object| _vfP boolean| vfLoaded function| setImmediate function| clearImmediate undefined| nQuery number| ntvLoadStart object| ntv object| prdom object| onFocusEvents function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvGetElementViewability function| ntvArticleTracker function| ntvViewableImpressionTracker object| PostRelease object| ntvToutAds boolean| onFocus object| cswidgetoverR object| vfQ object| viafoura object| vf boolean| __@@##MUH object| InfogramEmbeds object| google_tag_manager object| google_tag_data object| ggeac object| google_js_reporting_queue string| GoogleAnalyticsObject function| ga object| TRUE_ANTHEM object| PublisherCommonId object| _mather object| _mg2q object| _matherq object| addthis_share string| IPaddr object| gaplugins object| gaGlobal object| gaData function| Swiper function| disqus_config object| DISQUS object| MG2Loader string| mg2ConfigCode undefined| google_measure_js_timing function| onYouTubeIframeAPIReady function| ccpaIsOptedOut function| ccpaGetCookie object| oattr boolean| nlFrameSizeListener object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| pxSrc undefined| px object| Moat#G23 object| MoatSuperV23 boolean| _lastFocusState string| a object| Moat#PML#23#1.2 boolean| Moat#EVA undefined| MoatOCR function| moatOcrSample object| MoatContent object| appInsights object| Tipped object| AI object| Microsoft function| __extends function| _endsWith string| fpVersion string| fpBuild object| DeviceDetector object| Fingerprint object| g2ExtendInits object| G2Analytics object| G2Insights object| MG2Insights boolean| msgData object| nxtBundle object| webpackJsonpnxtBundle object| NxtInner object| Connext object| CnnXt object| PWT object| madops object| m32shr boolean| M32DEBUG function| __generate_viafoura_tag function| __set_viafoura_euid number| __m32geoStatus object| __m32geo object| __m32consent object| google_image_requests object| MG2DL object| tid function| _____WB$wombat$assign$function_____ function| __WB_pmw object| gPartners object| __EXCO string| pbPageIdentifier string| __EXCO_INTEGRATION_TYPE object| STREAM_CONFIGS string| STREAM_ID object| regeneratorRuntime object| CEDATO_TAG object| ID5 object| CEDATO_API object| CEDATO_INIT object| GoogleGcLKhOms function| Hls object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| module$contents$ima$CompanionAdSelectionSettings_CompanionAdSelectionSettings object| module$contents$ima$AdCuePoints_AdCuePoints object| module$contents$ima$AdsRenderingSettings_AdsRenderingSettings object| ima object| module$contents$ima$AdError_AdError object| module$contents$ima$AdErrorEvent_AdErrorEvent object| module$contents$ima$AdEvent_AdEvent object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google object| closure_lm_283964 object| closure_lm_681874 object| _event

51 Cookies

Domain/Path Name / Value
www.sonomanews.com/article/news/duis-fall-48-in-sonoma-valley-in-2022 Name: exco-uid
Value: 5fpo92vhiqm3kcgt
.sonomanews.com/ Name: visid_incap_813078
Value: 41IHoT7dQqWAaZ51lwkWaK/gqmMAAAAAQUIPAAAAAADsDqIuaUV5jCuOldNbZWby
.sonomanews.com/ Name: nlbi_813078
Value: 6YUEK7G52jNDo0MdHgqpQQAAAAAE56CSt67A+n2AX+pCeCkp
.sonomanews.com/ Name: incap_ses_273_813078
Value: LxL/Ou1fjg1ROt4Q1OTJA7DgqmMAAAAAEf6DMOP6so1VwMQm95c+jw==
.sonomanews.com/ Name: SIT_free
Value: 1
www.sonomanews.com/ Name: ___utmvc
Value: rGKixMeuyrZVj+TbLeDZG9hHRgf44uaAFYJhED3wNj5yUsshjQkmIARfrj1LyiX4d3+3kapAYP3ElPMmSd41RC3uZm22A2TelaS3Zs0aO6aiDDr2Ixx/MH59DRpzkQmuryXlEle5JY5Mc7zW/rLEri4oWATfdlnK5GELlmiRs29PTY4NL3au8loW6s5z+LbWnhvggiPqxm6F0jYUotUO8bKlh2SFL7xfSAhZgoGfDFz4xem+c+49J3DH3bze5DCkv7HaGMmSBEKL9MfkFLxfXgPy5/niX9x+rnZma9bUxcpOGBswxEoQGjrVm4Ru1IN/3n6TOOzXrFcapk/NuB/fmIREN8eiEiZsSseM9C8eV7Lx6PIggWERhmMSvHAF00era3oUxKnvIl7eLG/DgJNdjmQgEGwMNiIm4meqdXLO0Hu0cm98U2OyxqmOnwzZT4ENt5v5W+QsgzMs9WuhJDCN+qT6bXxsWjLo/B2Xao9jcCtVinUZIc+Y39Yu8MVohMsoH6LV1O0l/P8EvNQTL5Qb5iBUIIQTVUv+z3kXbYG8KKPLB597kJKuNtTJpzr25l7Awp53wHOWZ1s+ZqhChC9444SvqOTki6NoDB4xJ6HULenvfQvFzxAQdLSMfriavcUUXigwPppbQQH0e5Jt0M+T+mT5fZd4MwXOoMpdDLzqPFX6H3TOxsAM38LIuGE05APsd3ZH3jS2vCG1tWC235qVLEK1M/KzV2kz/Slb5yIaWJpbWNDwr/gLby+rXC9+iqUaasYHVaAdSOt1n2LMFQuGYiR6hGUe0I7AbBj2yR6ycGjW0TVFfshjpr/WUkQ8c7tmRlZHvBLa+YVwCMib5cilVtfoQXAlhxzaVYb92gWI3p/+cRPWI6C1uckrMEqXML7fuNlSDntjdIycb95m3GkWi7fdfLl1eJX22y8qipAgHufdpu72G64Jrvm4vcb4HJbRfFxpN0xtoA1l6eRLqIRtDkbNZzCmnACEw9xTJBLEL87nazdEVGEqKY4UbzsNtJwB2SlFRVgrhoBQX8Guc6YBPWcSDmtMADg4w38FpJO0m8wFqDc0DfIZ7uVdD4+ETL12miVPaVU2c/NXmaYNxNaV/v2QZ6LfjMo9uv9EWo1ZmJxDfLaeND/UKIxtZ7MlciB3ZXY3VP2HDamM5OI0nRhXP/UFI/8O/9g0VTkJgD83QeoioGVaf+nKGrdl3veGM5nEqMX/iZYgtwF7fiRC6FqgPjbumQbVgynOZ2grLMyzSJm0mo7lN+VjWQaY9l1FaCjEm/p7Y1RLlGx1cqI1cYs/GwMnFFEk2lUmo5+6zQD4W3H1KnTaYNDtUcZaPwIoMWu/3gb2TMs6YLudlIhL8Z5+Hur6pY4e0vVvH8Swz2xpS29WxiOmvAElnPe4BNJAMlA0fqZbhi9Euxgl8UU9/lr2hlDnCCT8F6rB4bi2miLYwmNanafSdEdfcP9w3ffSX9nvhCGqnZzQiAzxRQHT4WcsKVY2BbBbk0gm8m7UNidNtBdD0E8K46+MW8DT/VIuUz84Om5nkwWqKD36/XKMmNwFQQniuDRVoD8YFf3ziAtSGBzHS9+uhUJiS/sFP3IFuo4elnayOtfbVXxT7gyscCqNrI1MrNeG3hLW+rz/ivH05ud3WF8Y3ngb5mzSFnvNqJeDHynsZNqZlnUT7LzMmdb68gFifHMDRDCa2TZCIhvL9Qv4qBc3q9QuGMEOI93qT+RoGNYglgSjxU9v2Ut3t7rEfunwpWMPFN6ZMu8gCmrwv6m72scjSuZPL0ACOQgFMFHTV56y/R1hwEy4TzeA4YwzS6k9wI2UNJCvKo2ZmGbSuSP9elLBPvgvSDuU4ph57cE1kua+FJGrD3zvnDUYK9XZPTQSDTTcdN1NF8QEspxL3iffhSwqUEwvvMnJLpIPhPLnx8CSYi4sJ0P7mNk24Jz5u4wfX2himx+j83he361BxfqJfR/7MBmo7qzbdRaJJbDJoKrRq/erAw1r1BJJ01m8fawQYBVlr6hNuoB1N1kLF7aUIPMqnAtK9vn51+TziiNfVN4SDUuVcE3IcNs4dW8jGzghoWi2ySvP8opUbh9ntCRYFQeEh6CHx/nREVCbSEpxVGMyUT+R5jdpAPwz4kF5CfW1NTHxZkdHJA8w54ChZK006EXCN3t0RNC/fdc5sdqfYItmPOiUjA4nDqJmFBYXGTNjJKrbJ7IqfJ+MswvzapS/2/VxpT9JxIrzz2bF2lzs7V0G676FDjQdWs74UNpaaACDEDxh28V7zpzUsewDUWj1HRDu+MvjBOOVOhUNKazCkMFQh4H9gq8ZUfGMd5joKMPt4SUE7XApt2L4RYhqweWXxFnLQIjq7UMNZCAexTgOzZwn45tIBKXEjVqwI8rwm0MLLckQoxV0cSAe0FiLUQpSJ5D3oDfUIbbKKridpzzaV08l8tpIwaioShFXa0diBq7uvbXRtvy/9lKGY0WGVhosVN/C1P6iHEF+MtiD7X3j92Qe4CVURSaNCur0UHY+P6NJE1UXybff2Nq8eN2QKN227dJ+1xoQDMJVXCVs/Ntf/FUGsmG70JdOrGxRj/IomCnkr9O/tx5yti2gwa3Yeh/PTlp9ILJYBWEZrOtSgSiR1BhwpOixXyKmCl3t6R/eiC/k31CpzBxeXtvsQdxEOMZGCIjnQjE+Vw03APR3HAveLGRpZ2VzdD0xODQ1MzQscz03OGFmODk3Yjc3OTY3NjhmNzk3ODliOTY5NjY3OGU3OTdjOTk5ZjhkNzU2N2FjODY3YzlmODE5ZDg5OTY3YjhlYWU3ZDY3N2I3YzlmNzE3Mg==
.sonomanews.com/ Name: _cb
Value: CE4VsPLal4iCBMsVI
.sonomanews.com/ Name: _chartbeat2
Value: .1672143025840.1672143025840.1.CxB-1jBDmxUsa82p6CovvRFXMX3T.1
.sonomanews.com/ Name: _cb_svref
Value: null
www.sonomanews.com/ Name: __atuvc
Value: 1%7C52
www.sonomanews.com/ Name: __atuvs
Value: 63aae0b1babc920a000
.sonomanews.com/ Name: userType
Value: user
.addthis.com/ Name: uvc
Value: 1%7C52
.sonomanews.com/ Name: _gid
Value: GA1.2.510789851.1672143026
.sonomanews.com/ Name: _gat_UA-39519010-1
Value: 1
.sonomanews.com/ Name: _gat_UA-55293627-1
Value: 1
.sonomanews.com/ Name: _gat_UA-44780506-1
Value: 1
.sonomanews.com/ Name: _gat_UA-37401929-2
Value: 1
.sonomanews.com/ Name: _gat_UA-37401929-3
Value: 1
.postrelease.com/ Name: opt_out
Value: 1
.sonomanews.com/ Name: _ga_K5E335ZW0Z
Value: GS1.1.1672143026.1.0.1672143026.0.0.0
.viafoura.co/ Name: VfSess
Value: osv2hl5hsu8qq671c2spt2mrdr
.viafoura.co/ Name: vfThirdpartyCookiesEnabled
Value: true
www.sonomanews.com/ Name: ntvSession
Value: {"id":3025453,"placementID":837619,"lastInteraction":1672143026443,"sessionStart":1672143026443,"sessionEndDate":1672185600000,"experiment":""}
.addthis.com/ Name: loc
Value: MDAwMDBFVURFTlcyMzIyMTg4ODAwMjAwMDBDSA==
.quantserve.com/ Name: mc
Value: 63aae0b2-7e72d-29db9-4251c
www.sonomanews.com/ Name: _ga
Value: GA1.1.594819456.1672143026
www.sonomanews.com/ Name: _gid
Value: GA1.1.510789851.1672143026
www.sonomanews.com/ Name: _vfz
Value: www%2Esonomanews%2Ecom.00000000-0000-4000-8000-f9a45be2b954.1672143027.1.medium=direct|source=|sharer_uuid=|terms=
.sonomanews.com/ Name: _vfa
Value: www%2Esonomanews%2Ecom.00000000-0000-4000-8000-f9a45be2b954.8c27dfad-034c-42c5-b851-fed46cab6dbf.1672143027.1672143027.1672143027.1
.sonomanews.com/ Name: _vfb
Value: www%2Esonomanews%2Ecom.00000000-0000-4000-8000-f9a45be2b954.2..1672143027....
www.sonomanews.com/ Name: ai_user
Value: IPBxH|2022-12-27T12:10:26.769Z
.sonomanews.com/ Name: _ga_5SVQVJW3D6
Value: GS1.1.1672143027.1.0.1672143027.0.0.0
.sonomanews.com/ Name: __gads
Value: ID=713d0f657e7a0d72:T=1672143026:S=ALNI_MaLPmPqHFs2ujTX8YJdnJwsiQ4iOA
.sonomanews.com/ Name: __gpi
Value: UID=00000b991ba12ed0:T=1672143026:RT=1672143026:S=ALNI_MamFbhrtnHwpZU_nAbnVEPMSVgApg
.viafoura.co/ Name: vfDeviceId
Value: 73af5a91-a91c-4a3a-9411-3765eca64b63
www.sonomanews.com/ Name: m32_pubgeo
Value: JTdCJTIyaXAlMjIlM0ElMjIxODUuMjEzLjE1NS4xNzclMjIlMkMlMjJjb3VudHJ5X2NvZGUlMjIlM0ElMjJERSUyMiUyQyUyMmNvdW50cnlfbmFtZSUyMiUzQSUyMmdlcm1hbnklMjIlMkMlMjJyZWdpb25fY29kZSUyMiUzQSUyMkJZJTIyJTJDJTIyY2l0eSUyMiUzQSUyMnJvdGhlbmJ1cmclMjBvYiUyMGRlciUyMHRhdWJlciUyMiUyQyUyMmxhdGl0dWRlJTIyJTNBNDkuMzclMkMlMjJsb25naXR1ZGUlMjIlM0ExMC4xOSUyQyUyMm1ldHJvJTIyJTNBMjc2MDA1JTJDJTIycG9zdGFsX2NvZGUlMjIlM0ElMjI5MTU0MSUyMiU3RA==
newsletter.sonomanews.com/ Name: ai_user
Value: o1+85|2022-12-27T12:10:27.160Z
.sonomanews.com/ Name: _ga
Value: GA1.2.594819456.1672143026
.sonomanews.com/ Name: _gat_gtag_UA_37668716_1
Value: 1
.sonomanews.com/ Name: anonDeviceId
Value: 6d2f18942a6f96a0f9a2f44e76142c33
.sonomanews.com/ Name: nxt_last_visit
Value: 1672143027378
.sonomanews.com/ Name: _sp_ses.35b1
Value: *
.sonomanews.com/ Name: _gat_UA-143600161-1
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUnM12siKvJN1MvzxKQkFLqddYneoJ13RbYwGB9jCTFlUkNALz18D-lfG7L9Qe8
www.sonomanews.com/ Name: ai_session
Value: c+hae|1672143027567.3|1672143027567.3
.sonomanews.com/ Name: _matheriSegs
Value: MATHER_U9I_REGMET3_20211001%2CMATHER_U2I_FIRSTTIME_20200522
.sonomanews.com/ Name: _matherSegments
Value: MATHER_U9I_REGMET3_20211001%2CMATHER_U2I_FIRSTTIME_20200522
.sonomanews.com/ Name: nxt_upd_ac_SIT_SIT_PROD
Value: 1
.sonomanews.com/ Name: nxt_SIT_SIT_PROD
Value: {%222%22:{%22100247%22:{%22ac%22:1%2C%22ac_d%22:1%2C%22s%22:1672143030984}%2C%22_ac_d%22:1%2C%22_ac%22:1%2C%22_acnv%22:%22100247%22}}
.sonomanews.com/ Name: _sp_id.35b1
Value: 37ab921dfcbf0be0.1672143027.1.1672143032.1672143027

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.channelexco.com
aax-dtb-cf.amazon-adsystem.com
adservice.google.com
adservice.google.de
api-mg2.db-ip.com
api.pressdemocrat.com
api.viafoura.co
az416426.vo.msecnd.net
beacon.tru.am
c.amazon-adsystem.com
c.disquscdn.com
cdn.cityspark.com
cdn.czx5eyk0exbhwp43ya.biz
cdn.ex.co
cdn.godiciardstia.com
cdn.jifo.co
cdn.jsdelivr.net
cdn.mircheigeshoa.com
cdn.pranmcpkx.com
cdn.pressdemocrat.com
cdn.viafoura.net
cdn.wgchrrammzv.com
cdnjs.cloudflare.com
code.pressdemocrat.com
code.sonomanews.com
creatives.sascdn.com
csp.azureedge.net
d265f6d7e57b56fcbd4983888ae7decf.safeframe.googlesyndication.com
d6w29wm3j2vhp.cloudfront.net
dc.services.visualstudio.com
disqus.com
e.channelexco.com
e.infogram.com
fastlygeo.m32.media
feeds.sonomanews.com
fonts.googleapis.com
fonts.gstatic.com
gfonts.jifo.co
gpv.ex.co
i.viafoura.co
id5-sync.com
imasdk.googleapis.com
imengine.prod.srp.navigacloud.com
img.sonomanews.com
jadserve.postrelease.com
js.matheranalytics.com
lb.eu-1-id5-sync.com
lbs.eu-1-id5-sync.com
livecomments.viafoura.co
loader-cdn.azureedge.net
m.addthis.com
mab.chartbeat.com
mcd.ex.co
newsletter.sonomanews.com
nextdoor.com
notifications.viafoura.co
p.channelexco.com
p.cityspark.com
pagead2.googlesyndication.com
paywall-ad-bucket.s3.amazonaws.com
ping.chartbeat.net
pixel.quantserve.com
player.ex.co
polyfill.io
prd-collector-anon.ex.co
privacy.sonomanews.com
prod-smi-proxy-connext.azurewebsites.net
prod.ew.srp.navigacloud.com
pubads.g.doubleclick.net
rdc.m32.media
region1.google-analytics.com
s-23.channelexco.com
s-jsonp.moatads.com
s.infogram.com
s.ntv.io
s0.2mdn.net
s7.addthis.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
sonoma-index-tribune.disqus.com
static.chartbeat.com
stats.g.doubleclick.net
tpc.googlesyndication.com
tru.am
v1.addthisedge.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.i.matheranalytics.com
www.sonomanews.com
www9.smartadserver.com
z.moatads.com
livecomments.viafoura.co
s7.addthis.com
107.154.114.220
107.178.250.234
108.138.4.150
108.138.7.90
108.59.1.119
13.32.28.197
13.69.106.89
13.85.16.224
141.95.98.64
151.101.128.134
151.101.130.132
151.101.2.132
162.19.138.117
172.67.75.166
18.208.87.237
184.169.129.237
185.86.137.113
199.232.196.134
2001:41d0:701:1000::31d2
2001:4860:4802:34::36
209.58.147.67
23.206.210.112
23.35.237.151
23.35.237.64
23.62.220.135
23.82.15.162
2600:1f18:44f0:4832:3ff4:417f:f0f6:3cef
2600:9000:223c:8c00:18:1fcd:351:7bc1
2600:9000:223c:dc00:8:2ae1:d740:93a1
2600:9000:2240:4800:1c:7f52:bb40:21
2600:9000:2304:6800:6:8656:f5c0:93a1
2606:2800:133:206e:1315:22a5:2006:24fd
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700:20::681a:274
2606:4700:20::ac43:4a06
2606:4700::6811:180e
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:808::2002
2a00:1450:4001:828::2002
2a00:1450:4001:82b::2002
2a00:1450:400c:c06::9d
2a00:1450:400d:805::2001
2a00:1450:400d:806::2001
2a00:1450:400d:806::2002
2a00:1450:400d:806::2003
2a00:1450:400d:808::2002
2a00:1450:400d:808::2006
2a00:1450:400d:80a::2002
2a00:1450:400d:80a::200e
2a00:1450:400d:80d::200a
2a00:1450:400d:80e::2004
2a00:1450:400d:80e::2008
2a02:26f0:1700:d::1737:6e8f
2a02:26f0:dc::217:6110
2a04:4e42:200::485
2a04:4e42::282
2a04:4e42::714
3.217.241.65
44.213.39.37
44.234.227.111
52.160.40.218
52.18.228.75
52.204.2.157
52.216.78.36
52.222.214.9
54.163.174.71
54.198.19.104
54.219.243.149
54.87.52.15
95.101.23.88
95.101.23.91
99.86.4.97
02f19d9d8f4ba858d5a9bf15bfe47ec749e8b3c63c1c536dbdc296ad11cdbe5c
04e9fca2ec42f21f7fc23df6f5e7b0fbb4a087d9087bfbb0c7678c5abaac734c
05090f9390f5bc0cd23fe5f432037cc92d7cbce1ced9bfe8faf3d1c9abae85cd
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06e3e1d97816f9a45bbbfd44404d55cc7a33e8e6093890c4b9849d7f45954665
0767c070293f17944c5246f47d8c610131ee16556a032dc3b5820bdac5ec725f
07720d31f329bc8896238baefdf92f83c9f9a472dc07a04fd4c423bc49f23c6e
0859f5f9bf49348ef81d01f953d520c10a2a857961ef1bfad4a7903609889de5
093a1c4da28ff6ba5330bfb7596592a0d7f7c202e1cdb83c279f3dc44d7418cd
0b6e506bcfb98732190b8305693c60ef43d022a9a5e7d403710ac88d92225538
0b9d49a04d7270c46c219b75a2f690a46b5e9ebe528cd8a7208de9c828ef6031
0c714b4baf6a0f94961194d95138016e37ef244cfff529e192aedad9eed26079
0cff03129f16a73a8ff89d06578b0b1a1127bddb582fd05f0ab62f8ccc6b62f7
0d0419906db37393d78d9d5a5400f56154d4c3611f5861cda7f3b69fd23950aa
0f3a622bf77935b194a4b8ed221f5606b0251d0a997bc3f7dc4b50869c104bae
0f53e8b0a717ca4ce313eec62b90d41db62c2f4946259a65c93bf8e84c5b0c44
109c8b35f91d08005ecaaeac456b693e610f3ab8acfad435873a0519584cc696
111041158b9290ae7cc0c6da69d7c4f5600e8a73b4c7399d675df7f15ba7b063
138218ec04996cadf152965ae3c66d846c9aa41daaece69fdaca080f409b9385
14e707178a0b672b479215bb15ed37912fd2a3cbe020d9f4f71269fb89c245d5
153596856753e08bd6e55fe617a349daa4640c4b3e5dc1834798b7298a11792a
17997561402df35b164355af44f969047f1c0773078fe625f9f86fb685c0e1b6
182e4ce4dfd537795577b12b9b19a57422a8b21815f5dd92ef8acb3fd872a19c
196beb31539e747bdf66ddcf9d5f7255eeb42c14210786cb0a93ddbce4664d2e
1a718e27fd0df6d791b9038ae5640afdd677afa35b5e080ce20118a9e11553c4
1a84d4a31ab9ef2e5b93573b808fd414e1017444fcd21ef274fc77f28390f1b2
1aeebc85f0882d98c258a2a8da8a7eef3574d585a8b1d01050d1e1ee6b7b988c
1af0ee2e409d753adfedb8a11628be961881ad5139d1a9252fcc4984cbce5f2d
1b175796185c6f19d5079c42232a86b682c17ab4aa111e34d7526e10783f09d6
1c43b0ad19f388f2381cbbb9ed34cee414d5f74d35897d496f5806c45a02ae0a
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1c8b57e8972aaa31245e046ddf41f158935c8e76516e742f05583c6bc2976139
1ca7cd3c05d3775a9fb9d76d913f58eec264dd6e9a20242c3591825dc57d913b
1cbdc00502545ef02cdb49fc054c74a71de6c78bb6795a76ddb074e11acb55aa
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
2032b5d1483674345f03bdfddc0b622aca78dbd37fccd864f4fd86bc85a22bcc
20705d76419b62721b18b677415d31f85cd51875c835546ba5abec18ae73c344
236e25b960d008114698a6c52705cfd47f404c9825a5ce25483f8fc6d7e8d136
23c1ffea33859d03e09b47ea211060d9fd494ee2133ed2e23431d8392836b731
23edb4e12b128d4b36741d479e9818b6b3b1c757d225fec597d730049751b815
25755c09dd4cc205f40b360b6ff1567beddaa39df908eed0eab5e2abb8499a04
25d18d63d8879fb43f5f7b2ca3c7df4162f418406f4feca69fdecdee11abab02
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
27300bb5a52c724e148c3ca68b4d597394924023b3f01470e0a5449ff950b46a
2841d1028b9fbbca495f5f5f62c4bd3877e075c45d9e83b9280570ae5065e153
2b0e18d026f801cfbb4fdf886e99a811a4befbeb289daf315a8d30c963242943
2c2e1bc729032641f837ea4b1f793c107b0846797fc8b74bc4ed8b5579fd7e97
2e02fc2a011930836ab395848e72c15902d5df9231c04ffb6d94d135b194e009
3149aed62eb79bc871ec662a2307887dfd33f096410e8cb4d33a4fa720fc418c
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
3286e45350dafed1a9a8fb2d7c52c2e1ce6158d0cefe1b10d02fdc926a75d82e
338f5f12f82aacd7f851ad91b861a5b95ae6ce852687dee9e026fb3b1ab81eee
360db2e6a9a001df55e765aebec86019122f26432a9c57b353866e65880174cd
38fda481fd0bc94ec396e6d26c557bd46c1360d5f573fdae05099234848729eb
3c1df10a34a0fc37c3f0b27bc00ab912c3c8c217796ac6674c083442c7e09b7c
3ca9224ed2f66608c770355b1177767c911e6b6ba02d5bdcb2de60ccf348cdbf
3cc32fde868679c57e5131e42f66d72b9de8f7f395b7c80837b84bfc8372e21b
3cdbbb66434fa20a7d953baf3ef1b35c962c266cbbae2b8f92faf0830a2c4ed3
3f8fa488e1d0927ac3b44d53dc52022817198da93ee31e76238c5ead247027c6
401d5c523f0d2dd193df65b0c6f3115f94a8c7c305129df8570072cb05ccff8c
41bef6a0fc14b26c2aa1a1584be48395885c831476c9e8663186e6ece986282f
41d511bcd8511da9cb1f673d030c44fbadb09271c96e4fbb40bfa306572dcca3
4217045a8d701cac3b4a766a11076e7cc5342087464a8a6e3cc7e4f9feec09a3
4351bdc944243b3184174c8b7d027c669f243022287b348d1670b5cf95b52d8c
455e92b8871d2240f63a4a51776ec8717fabbde37adc62f145e21f9aaed3a957
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47f2a897a06af3443437c06bedd8ff30140ce66ee8fba10b19604987887544fa
48cbda8e71a13e1e3a40c6c30bf96b5de10a1c7dc8b84bc6f15006b46d6f74c6
4a1196f380c70433005938279a92454248d28a5248132f4fddc06996b42f8362
4cf8b4da854cac70fb514c2d255e93904353bda1fcc7229de2f59d5971d83028
4d6c20a0e1996b37f1fb033c6df64961e1a28977cac42447b4b0280fb6ff2efb
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
55e564a7aa1896453c5eeeb8a8208ae6befe4bd29c83652759998780e1f275a7
5669564c4add9f169bd160ad74d23577aded6e87144239b165c3daa886da7de1
56c0aba94956ecd35b3ce831d909a9e6b9976cf141841cc2be1fcbedbbb33642
57f2307b8e823f173f76d04fddf39771a5282649ca337be3144634ae3f976c74
5aa784ec046ae4e251eb0f75a097310476f2a39e9ef02eb5ef5b9c85c96e8a67
5ae13c953240a8aa99c57d8bd07c7358593a5e16aa29652edddda99a4eb082d6
5b6040e92ed2ab04a25a918eae1ae24a0ac3564db4908ada0ebe166a26c3e1cb
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5da042d5812f163384470df8b5fbca46e8364922c47407a8dbdcf114066fc6ab
5ed5ca8064edb1d7566bf5628d09a65eb4020802aeff658b099fa9ef898b2032
6021c4933bd2033d90422864eb82293481f1fc73e8b170f991dd89d4afb9f3ba
60280b8ab4c8d489c74567c55e14945b935c2f5937855f808163ee40a65f065f
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84
61a2b2588acde0ccae626edbff25bbe32c1ff43cc0d89859c4ef48af507cd356
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62481370ed59087d216e2d8d8e3142ef08a2dc7ebdf73b13afc94e5a642ad21c
63a18ffa4fcad4f8e5c20b970a2c040de6f5eaec33c58fe2d91d6a49c3a9597b
63ccd08ff2cc4fd3b794408034541723f4ed91f5150ec43ef37795b8996f7707
64df872362c5c0f3794cf8eb49dff5603e5f96427ca6f86686f65201693e56f2
659a8dee04b272c247129ff6513d23c16f4f9c183b5d64e7347815af8861a2a4
6653d2cca03c490c0032cd74205c6c37a494ea31ac1c46aec8e55c7017c1b3f9
66e212a6136ff68d718dab6b1ec2b1bd37b0b3e6d8ad16bd70b29132e293c4d3
67f19cf2ec5994d6b41cf7743299d4ba538a46936d553eb8bf031a6054943583
67f453427ea9d89fbd3fabdd7e115bb4eb194912e8a914c71ddd289db8db253c
6941d870c4bac732a6ed7718c594a73cc27000379eaaf241c9e47d982e44f407
696ee2ff10f4d06272e23a40622ce122854f2f6bf39a7166179b79b78cdf9285
6b4961055b2cce91ed09ecd0b282a81ee4218c09a7590396f286707508b11701
6b4fac99c39b9ee2693d87a2508d0c7d4b4859072966616bd1f6e18c5b2f9d36
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6cebc86e3fe8b8271965c306d0d137dca59b4b56c4441a4e0a2e182383c23d93
6df648a5ec803bbe75e4ad3366c109e1c863fbd07b367f7024da284018e1b4c9
6e7dcb0a5c18ee5673f27811af5057ec5dad4575be33cfbe2d08c630b5242c98
6e9db089fae03555c3689c823e020f9ac7fec845f0a09845aea6e3319c264504
6fa0449f218e55a2ffec74f375691d6fcc928d4fe3d1933e381fdd53f2050245
6fc4353d6d9c54738470eac875d97343aae7a628fb924a98513c008b48c47eb9
70cf10625d5fb5f040d803947fe94ee233e5afeaecd19aaa258398ae2a4bda9e
7143bfc56b97451a59a6e2b7c73941d8a35b894dda0aa48c8eef162ea0f403f4
737b10174311f6f20efa54a1369f58f70d87dda4dcea23946f0949d60967d59f
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
77b1e2dfccabde5e176a1179a030bb27e0d33d0f0c10ae1057cb6249629a35ae
78016dcf3cc0dbc404bf2d29452efa67815d24fc050d9d1203570623a8fb62e0
78b99b9a1bc02d45176ccae65753e89ec24774ac701c5e06d381020828b0ce75
796de064b8d80eba7ccacb8ba67d77fdbcdf4b385c844645d452c24537b3108f
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a20b371f96093be0c049b07134deb9bec533817ce791e865aaab7b60dfe4beb
7b307f2ce73aec07bfa1ab1d6462f491de0497c8819b1d6fed66eda9638a3530
7b6bfa13f0778c40bb2a00af9819bea2f07afcb4d071e7e4f436196953a5db4d
7ba7d2e45f0f982339af039e10e99300c759eb0a78e946f357fa8b82dd009b38
7beb96ef759b267b4159270a64ca009646a2e9a725882896b3dd431198b92058
7cd1aa7ef35860f1ce164922596998ac4aa228b8a1132c45ced265b05893ca44
7e342aa90b4e8e60ab4ad065179117a64b5ef68595890a393ff4f6d5428613ce
7eabd269d94046e76c744518aa01578a00047c238727208cded024567d7a0974
80a3026ee3d22ddd6673bf85673bbb0e3144c4873a1ccf155e883e228a36af32
817d8e17fa9b007bd98618831cd4d3d63b5b61cdc254f5c595cf5eb1a83ecaed
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
86351ce140994cd0d81f854f48f75852eb7ba45aa03298e61b510b040b208472
8646028b718fabbe1f2d290b5708d44476932f611a8bc50935d12262cc5e396d
86e91df4890e49da237fdc00bc50af3a5fa0ced7a27f5f75036b2e7695fe2054
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
87bdf34d158b451ca6e6113760d8f959d43ad17373c7ac0aa70b6789f21a26b8
88ea9f1e981238c0dab217c7364ce82c865e7f18c249a066b0933997f55d9f31
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b41cdb3b4f114ba8f88f818247f653d146adc1e01aac0fbb2f74083ae197bf7
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8cd995c4e1c618d00a87c41d72af699cd21256e512afa30e557fbae54714a7fd
8cfadea1af93dab64219a7eed233fcfea130177d745367eaef0c940c15e0da3f
8d662c76678f8667b7aa6a17880e8648d71df7f9d41c9d972eec878339d4546e
8ec3cdfcdc79223ee04ed060812314854cb3b3d9d1914390c755934366fc3693
9052c0e0c63c317746b7c22b63f2871b2273e727c6cb1934c108fa2f4e5e488e
929bcf2ecb3f915b17584b3e7b1a5feac1040e904d7b1560b09e13fe0b0d3817
9322e7873871e811c9c6b769af1ca776eb5f7307368a697a28c71cb427570be2
93cd4ce14fa33896f4780def1c50d867fe346808450db8cee0295b9a27ad9324
948c224783bfc65ebe57eaca98e5968a10717272ed8120746501997509fa564c
95a2e00950ddd720eb0de60b9bf255a361c6ffebe2b0e855127babc1b7d7e8d7
95b968e13d205a7842b355f9bd82f9f64f6f272ff0810734c49d2bb89d64a336
97ce4e98f3a3be297f48ebd5b771e74928f31754d43324fd795d1cd81cc41b35
98c79c403cbb4a0c321790331af72a914f0231da2736659055fc196597d6c31a
9a3993918629dfd6a59c4563e9b4d464152b51d4113957ab8ebfbdcbcdc7f536
9aea7622c9a16bee1967c911c3a09c2a2cbed020ce71922d7fb56cf68c8c5047
9b78f0e5dafec7984760e02383571794de01e3ee49e3d5f72b4e3cbe9352be77
9ccc0b2a26a9d7813ce2d1669b5d2398c2797a7ef9c7bf498d2ef03d7985a3cc
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0d4bba6850fb08f6a937b0ab60f7dba7def3dcc0205f5dfeb16db4393005d30
a22ff48e519f17d7d53e64011357be31194d8cf8c590e99dbeaefe5fc9649e70
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a7ba05bf1c9a7887b4032d876a6a4a12dcc739f3210b6a13ddeea309cf9bdf2d
a8002e45524a9391e04819450275986d38f72f83a369fe47ffe78964fa917eb5
aa54c29eef43a368ed882f5f39987589cb30600aeadba721cd9c6bd42168d37d
ab4c432dc5313ff43167b911b6be0742a49eb52ccc520124e9a6104e81f72c27
acc64b45fb3dee8f3ed91cf992a50730cb27178e6c65d50adf47c19ad2a66540
acd2f7ad78edeebad4b6b0fdd17ff57d81c3726c60fd5435ee8c5a0115d29403
b030a461ca82417e38e96f91082e6b707f2620a23637ddd04102072065a0d2fd
b27810e53514aee6309f0e2cd89c7f5293a7eab6c2523762ff84664abad2c6e2
b3356e6f16f0b09d4af3424e5595bbbad570eeadce263d74f8befd12405a96de
b345abe33a4f53c748b8b6858bbe2c0380add9fbbec748044d2e76d6f0bd681d
b3d548c58ddba2b7ca32cba41e304e94589882500c4b587194072738afcf9e8f
b3eadee87e4bd515ddb5680318df4066f5f84dd323ce48766cce6364cef65869
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b6dc85459fbb9d03f478d91eae99e6627e04c8f805b08e4b97423ffbc3870d9d
b6f95a52d6a6e0e964b509bf91747afda3d8dd7d85a6d53245f4fc80e5a0c29d
b73c3fdebc70bd7e2ed59e4dbefe358807dbf643be1e6899d32d92bbec68c83d
b817dc11f25f1066fa60bced66d1ae1d4b0bceadef2bd614ecbf5ad35306247c
ba42ec7d198c9032697ba83b9587dbfb575cf26fd756127a0be8833f580b385d
ba6dccfe0b3165a6f94015d4362d6bf1b4fd609ad6dedbec38ef1aa78c7d395d
bab2971e3958c3894d1f9379386d1e1b341da6213d325bd4a23b529ede912838
bb1babbb30ef7df8af5ea5838f48cf6e9b1405ed188e34ca632db0f2d2f6be93
bce2f309470952b7affa62ff4d91b454334c68cefa541429b502904d20696875
be031cd68886a88670791482517174a107e3c65c3a757acf9a2a84a404afad0d
be487c1e4c16a1237d80fa8b4befd8710ba5208eda4f68b37b599301d0468a7a
bf7da55ef6be4cdd0d0932dd1e689a423b9b04c68e3cc9b083d4c099bf0e0ec9
c0afe621261180da80efe761ad6ff69ab018b38c31713448782fe4ed69c83e07
c0d4c9d4a0917467abcb650f6ed2ae82017b7d3c312dfa4c16f9aec4b7a08694
c0f616c8c0eaf35d4ffacd0dcb27a68acb5855fde4df6e3b0ec94ffe9918033a
c137106005502bd2b368f2d1015377b29f7f68dadafd88d56091b4f185106485
c308929ba711afecfa62f4564c4f00cc51332d4c7440435a4934b735d82cbdf5
c405b5a05485999ec5d83ec3913da1ecc4412d2d73da90bfdfe9ccf3fc75912d
c4ae4ce27bb586d22f2717ad56d0386f683520b33d1f3ce7de2d267d032ddcc4
c8309b85a5fc59eab6c75b425f32f89d070fcdfa9498fa3e9eff23fdcbb61a1b
c8eabbb5502fb7a73076383db8e9feaa31a0f14bd82a318e46aceb8144982763
c8f46f3a4470800a0a5ce4e0ad6d4d0c2a8dcd3a5cd8af71e0767b8c49afa876
c905a799c91593b68a840f7aae0bd411b7f0d2d475c8f5f5a780d54018fb61b8
ccec265192dfe3d4e502eb9b4afdfd300ebdefb5cc4fccf2c36edeab5467d85b
cd0b7385c8a691d9b2e7af11f3fbe1e7b1f42ecf11531882594908bf4a1b830e
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf5065c1ca382908e567ca3fdaf02c42fb394659bd2957637c9685fc00bb4e51
cfd72708d3c986a47c98c4b74d4c76a41b9ab8367987c266db7021ab25106694
cfdb7eec9e4ce602e5d4db495ea4763ab5f0512e405712f5a23bc41a6b0fa6a1
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d19425f20bfe1ea505166a8841b2232c795ff72b1c8a34f10a743db915f7494d
d2332508fb5d23dace6ccc8bb2ddeff1f89a71ca032d5d2ecc4411879073bb51
d33ae6cd58460ee34112ff454e5ed2ef64251df2e856229226d44ef5eb817253
d4757e658d5fbd1efc22a84136db74f9ca6786983e3a6b81cdbe00d01f903e95
d583602cbe269eb53e6c403015ec88a91c0ac736a067c0a42d7bfe9d28c2c7ca
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
d76ec8aed9529461612d64ed4d6f46ec5eddf8843de20fd41d8e2a7b8f5a881c
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
d82e0b27b336a53e5856f970efeab7bfa6a7a6091e86f0e3a6c2bbc2c4517029
d8e506a295e54af25dd3d53cf9e62a9f6255e376ba97b2ec56b9b3f5dc0a9ac3
d95a6af4d872751764c1de9897417902d18eed2ddd6ba88dbafaf9619eaf94c7
d9f3ffa99c8e5ec7419662f580f9b90bdd20040a593bd7eeae88010a4247a1b4
da6b00e60fd7f44bc35c482222c5d15a0ce187589c344081655b7cf01dcd0a54
dca82f019f667bf7cdba8957c4fd7ce37324d3ef567678295b5697601dfff216
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df3ba57c1234e50c05735a0dedc033f43d5e638a97d5c51583cac8411d2ea34f
df89279b2cdd7d6f2cdebbfdba451de98f2ab94fe13072453826ff7ddae49985
e03ea88e5149801458dd9cabf62c8871cc27687d7d8a6a0fc2ff59ef434cb645
e04e4efa2f562b3ed4e6258c74fe327b6060817a43dc0de9b291f3de8149d8ac
e0c01782d6198238b558f7ea731b53a280ec638836cf706535d0c3744d0f648f
e1c3c2dafe2208caea4f809f414a89a9d256deb8671e1c5d49bff9a873782796
e1d39256faa607df65dd15fb254dd774699293492ac06bdbdd800b73967d3334
e35ba401e036e470fbd81c5cce94bcd11b9b3a52fe3b7c307e51594cba27a067
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e483d5f83f318999241366a7a35cb8c589db3e0117b31a1b6991620f71e4c55d
e5e9bb24ae7c06f8c03e85e337e60442ed5a57d2b7aa5482b3fd4e641baae335
e6545cc6348d570cd29f42d81ebf9ea99253647af9836ed675e9d6afbe5030df
e79c1c1a140e6afb861074c70392db54cc65a06050de2a69162ab94eb95b0516
eb012d35873cf2682901744c3e07e98ad0aa6f3e5f24abf362c98bae3ebe48c4
ebe0aa538549d833afa326aecd60a2f9ce85237d72894bf60cfa5e653c26daa7
ebf4f635a17d10d6eb46ba680b70142419aa3220f228001a036d311a22ee9d2a
ee3dcafc7a01f3049a0a411a214704835273102e3c66f198640756f25d8506a7
ee4b6acb0aa8f360b9560d7f94417ad9a89a6b53d6027ff07a8acc10a9d11d57
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0ff4761804a5ca71284715d263a7f422391c77f06c29d3b123124ce7ada024e
f281e2ca97781c91ae19675a803282c8dd524db96b98845267494cc282cfe89e
f2899f91dc32f3faf99899fcbb754711dc57aca020fd693ed722ccadb073f8ab
f39bbcda4c2bf0c8f371286cfdd6b855afa8455f796ef69e22e87fee2d87c095
f4ac68fdc7260be74501c1e5eb218005e693d90fa0648397b4f4f71c85be0a79
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f98508e60c50c49a5da61b139b6d22346082cb33a0fa50f9fe92fb27f35b66d4
fa9741b56425431e42a594bcd263d5452c327646c4b6da2d08f5820d173ad358
fbc58176d281ddc0caa4af91ba0154a26d901cf3481ba9964c1e4804a4075c12
fbd59c1f37809f1f537e0e5b842f549f034891fa75968e5ff163632ff4c3dbcb
fe17b6d2e67ad4e1aa0ad850ebc17a79edf8a9ec64c7557642859a2c149be67c
feadabf145bd00e5fe9dd76f3519cd03837fb500d407248e1ddcb1a1d7bb644f
feb16b2155b0e928d6b042e2f51bdae41580afd66888402dc1ec151cea6690d9
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ffa49c49ef28dba95afd6a5cdb579233b912f54b7d8380283845991c303e1ec6