urlscan.io logo urlscan.io
SecurityTrails logo

subscription.expressnews.com Open in urlscan Pro
151.101.64.200  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://link.expressnews.com/click/6488a910afd48f000109b523/aHR0cHM6Ly9zdWJzY3JpcHRpb24uZXhwcmVzc25ld3MuY29tL29mZmVycz9vZmZlc...
Effective URL: https://subscription.expressnews.com/offers?offerID=867&siteid=SA_SAEN&origin=em.prospects&variant=juneprintsale_2023&ipid=send3&utm_...
Submission: On June 14 via manual from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 11 IPs in 4 countries across 18 domains to perform 54 HTTP transactions. The main IP is 151.101.64.200, located in United States and belongs to FASTLY, US. The main domain is subscription.expressnews.com.
TLS certificate: Issued by GlobalSign Atlas R3 DV TLS CA 2023 Q2 on April 16th 2023. Valid for: a year.
This is the only time subscription.expressnews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 3.226.166.212 14618 (AMAZON-AES)
12 151.101.64.200 54113 (FASTLY)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
4 18.66.147.112 16509 (AMAZON-02)
1 2a06:98c1:312... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
1 40.70.147.2 8075 (MICROSOFT...)
2 2a00:1450:400... 15169 (GOOGLE)
5 188.42.150.4 39134 (UNITEDNET)
2 2a00:1450:400... 15169 (GOOGLE)
54 11
1    3.226.166.212 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-226-166-212.compute-1.amazonaws.com
link.expressnews.com
12    151.101.64.200 (United States)

ASN54113 (FASTLY, US)
subscription.expressnews.com
www.expressnews.com
treg.hearstnp.com
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
maps.googleapis.com
1    2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
4    18.66.147.112 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-112.fra60.r.cloudfront.net
nexus.ensighten.com
1    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.seondf.com
1    2a00:1450:400c:c07::5c (Brussels, Belgium)

ASN15169 (GOOGLE, US)
pay.google.com
1    40.70.147.2 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
realm.hearstnp.com
2    2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
5    188.42.150.4 (Moscow, Russian Federation)

ASN39134 (UNITEDNET, RU)
sailplay.net
2    2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
Apex Domain
Subdomains		 Transfer
11 expressnews.com
link.expressnews.com
subscription.expressnews.com
www.expressnews.com — Cisco Umbrella Rank: 148045
855 KB
5 sailplay.net
sailplay.net — Cisco Umbrella Rank: 120265
729 KB
4 ensighten.com
nexus.ensighten.com — Cisco Umbrella Rank: 3081
47 KB
4 googleapis.com
maps.googleapis.com — Cisco Umbrella Rank: 388
ajax.googleapis.com — Cisco Umbrella Rank: 422
fonts.googleapis.com — Cisco Umbrella Rank: 80
storage.googleapis.com Failed
104 KB
3 hearstnp.com
treg.hearstnp.com — Cisco Umbrella Rank: 35233
realm.hearstnp.com — Cisco Umbrella Rank: 43891
151 KB
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 60
21 KB
1 google.com
pay.google.com — Cisco Umbrella Rank: 3299
36 KB
1 seondf.com
cdn.seondf.com — Cisco Umbrella Rank: 175384
99 KB
0 doubleclick.net Failed
stats.g.doubleclick.net Failed
0 matheranalytics.com Failed
js.matheranalytics.com Failed
0 parsely.com Failed
cdn.parsely.com Failed
0 blueconic.net Failed
cdn.blueconic.net Failed
0 ads-twitter.com Failed
static.ads-twitter.com Failed
0 redditstatic.com Failed
www.redditstatic.com Failed
0 facebook.net Failed
connect.facebook.net Failed
0 googletagmanager.com Failed
www.googletagmanager.com Failed
0 scorecardresearch.com Failed
sb.scorecardresearch.com Failed
0 hearst3pcc.com Failed
realm.hearst3pcc.com Failed
54 18
Domain Requested by
7 subscription.expressnews.com subscription.expressnews.com
5 sailplay.net subscription.expressnews.com
4 nexus.ensighten.com subscription.expressnews.com
nexus.ensighten.com
3 www.expressnews.com subscription.expressnews.com
treg.hearstnp.com
www.expressnews.com
2 www.google-analytics.com nexus.ensighten.com
subscription.expressnews.com
2 fonts.googleapis.com subscription.expressnews.com
2 treg.hearstnp.com subscription.expressnews.com
treg.hearstnp.com
1 realm.hearstnp.com subscription.expressnews.com
1 pay.google.com subscription.expressnews.com
1 cdn.seondf.com subscription.expressnews.com
1 ajax.googleapis.com subscription.expressnews.com
1 maps.googleapis.com subscription.expressnews.com
1 link.expressnews.com 1 redirects
0 storage.googleapis.com Failed subscription.expressnews.com
0 stats.g.doubleclick.net Failed www.google-analytics.com
0 js.matheranalytics.com Failed nexus.ensighten.com
0 cdn.parsely.com Failed nexus.ensighten.com
0 cdn.blueconic.net Failed nexus.ensighten.com
0 static.ads-twitter.com Failed nexus.ensighten.com
0 www.redditstatic.com Failed nexus.ensighten.com
0 connect.facebook.net Failed nexus.ensighten.com
0 www.googletagmanager.com Failed nexus.ensighten.com
0 sb.scorecardresearch.com Failed nexus.ensighten.com
0 realm.hearst3pcc.com Failed treg.hearstnp.com
54 24
Subject Issuer Validity Valid
*.beaumontenterprise.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-04-16 -
2024-05-17		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-05-22 -
2023-08-14		 3 months crt.sh
nexus.ensighten.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-10-07 -
2023-10-14		 a year crt.sh
seondf.com
GTS CA 1P5		 2023-06-10 -
2023-09-08		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-05-19 -
2023-08-11		 3 months crt.sh
*.hearstnp.com
Sectigo RSA Domain Validation Secure Server CA		 2022-08-01 -
2023-08-05		 a year crt.sh
quebec.sailplay.net
R3		 2023-05-27 -
2023-08-25		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-05-22 -
2023-08-14		 3 months crt.sh

This page contains 1 frames:

Primary Page: https://subscription.expressnews.com/offers?offerID=867&siteid=SA_SAEN&origin=em.prospects&variant=juneprintsale_2023&ipid=send3&utm_content=btn1&sid=5bc938ba24c17c1048ad02f1&utm_source=marketing&utm_medium=email&utm_term=juneprintsale_2023&utm_campaign=saen%20%7C%20special%20offers
Frame ID: 326FF29953884603D34A985EC88CA767
Requests: 57 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

SA Express-News

Page URL History Show full URLs

  1. https://link.expressnews.com/click/6488a910afd48f000109b523/aHR0cHM6Ly9zdWJzY3JpcHRpb24uZXhwcmVzc25ld3MuY... HTTP 302
    https://subscription.expressnews.com/offers?offerID=867&siteid=SA_SAEN&origin=em.prospects&variant=juneprintsale_... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • //maps\.google(?:apis)?\.com/maps/api/js
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • pay\.google\.com/([a-z/]+)/pay\.js
Overall confidence: 100%
Detected patterns
  • //nexus\.ensighten\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

54
Requests

56 %
HTTPS

55 %
IPv6

18
Domains

24
Subdomains

11
IPs

4
Countries

2041 kB
Transfer

6247 kB
Size

15
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://link.expressnews.com/click/6488a910afd48f000109b523/aHR0cHM6Ly9zdWJzY3JpcHRpb24uZXhwcmVzc25ld3MuY29tL29mZmVycz9vZmZlcklEPTg2NyZzaXRlaWQ9U0FfU0FFTiZvcmlnaW49ZW0ucHJvc3BlY3RzJnZhcmlhbnQ9anVuZXByaW50c2FsZV8yMDIzJmlwaWQ9c2VuZDMmdXRtX2NvbnRlbnQ9YnRuMSZzaWQ9NWJjOTM4YmEyNGMxN2MxMDQ4YWQwMmYxJnV0bV9zb3VyY2U9bWFya2V0aW5nJnV0bV9tZWRpdW09ZW1haWwmdXRtX3Rlcm09anVuZXByaW50c2FsZV8yMDIzJnV0bV9jYW1wYWlnbj1zYWVuJTIwJTdDJTIwc3BlY2lhbCUyMG9mZmVycw/5bc938ba24c17c1048ad02f1B168225d2 HTTP 302
    https://subscription.expressnews.com/offers?offerID=867&siteid=SA_SAEN&origin=em.prospects&variant=juneprintsale_2023&ipid=send3&utm_content=btn1&sid=5bc938ba24c17c1048ad02f1&utm_source=marketing&utm_medium=email&utm_term=juneprintsale_2023&utm_campaign=saen%20%7C%20special%20offers Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

54 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request offers
subscription.expressnews.com/
Redirect Chain
  • https://link.expressnews.com/click/6488a910afd48f000109b523/aHR0cHM6Ly9zdWJzY3JpcHRpb24uZXhwcmVzc25ld3MuY29tL29mZmVycz9vZmZlcklEPTg2NyZzaXRlaWQ9U0FfU0FFTiZvcmlnaW49ZW0ucHJvc3BlY3RzJnZhcmlhbnQ9anVuZ...
  • https://subscription.expressnews.com/offers?offerID=867&siteid=SA_SAEN&origin=em.prospects&variant=juneprintsale_2023&ipid=send3&utm_content=btn1&sid=5bc938ba24c17c1048ad02f1&utm_source=marketing&u...
3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://subscription.expressnews.com/offers?offerID=867&siteid=SA_SAEN&origin=em.prospects&variant=juneprintsale_2023&ipid=send3&utm_content=btn1&sid=5bc938ba24c17c1048ad02f1&utm_source=marketing&utm_medium=email&utm_term=juneprintsale_2023&utm_campaign=saen%20%7C%20special%20offers
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.64.200 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
aee03ad485e14bcef2839940268a597c05799802c56282d63cd13230554b5d32

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
0
cache-control
public, max-age=0
content-encoding
gzip
content-length
1166
content-type
text/html; charset=UTF-8
date
Wed, 14 Jun 2023 11:35:43 GMT
etag
W/"bb3-49773873e8"
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
Google Frontend
vary
Accept-Encoding,Fastly-SSL, X-HNP-Instart, X-is-eu
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-cloud-trace-context
95b406b24882db7800a6c7202abf8a92
x-powered-by
Express
x-served-by
cache-fra-eddf8230091-FRA
x-timer
S1686742544.601511,VS0,VE141

Redirect headers

connection
close
content-length
0
content-type
text/html; charset=UTF-8
date
Wed, 14 Jun 2023 11:35:43 GMT
location
https://subscription.expressnews.com/offers?offerID=867&siteid=SA_SAEN&origin=em.prospects&variant=juneprintsale_2023&ipid=send3&utm_content=btn1&sid=5bc938ba24c17c1048ad02f1&utm_source=marketing&utm_medium=email&utm_term=juneprintsale_2023&utm_campaign=saen%20%7C%20special%20offers
server
Sailthru
x-robots-tag
noindex
3057-gdpr-min.js
www.expressnews.com/file/305/7/ 		24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.expressnews.com/file/305/7/3057-gdpr-min.js
Requested by
Host: subscription.expressnews.com
URL: https://subscription.expressnews.com/offers?offerID=867&siteid=SA_SAEN&origin=em.prospects&variant=juneprintsale_2023&ipid=send3&utm_content=btn1&sid=5bc938ba24c17c1048ad02f1&utm_source=marketing&utm_medium=email&utm_term=juneprintsale_2023&utm_campaign=saen%20%7C%20special%20offers
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.64.200 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
65cace5a950d6533072be53144f3cfea5d179b9f74fa18b3d413250495af7fb9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subscription.expressnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-cdn-rule
fetch: set default TTL 0s, fetch: 1 week static js/svg files
date
Wed, 14 Jun 2023 11:35:43 GMT
content-encoding
gzip
via
1.1 varnish
age
80615
x-cache
HIT
content-length
7233
x-served-by
cache-fra-eddf8230091-FRA
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 07 May 2022 01:49:26 GMT
server
Apache
x-timer
S1686742544.896366,VS0,VE2
etag
"5f3a-5de622f5eab46"
vary
X-hnp-px,Fastly-SSL, X-HNP-backend, X-is-eu, Accept-Encoding, X-ab-scope
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=604800
x-vcl-version
214
accept-ranges
bytes
x-cache-hits
1
js
maps.googleapis.com/maps/api/ 		220 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://maps.googleapis.com/maps/api/js?v=3.26&key=AIzaSyA0Uw5ZgBX6vNdcGb1O1SCex8tEBTaPahU&libraries=places
Requested by
Host: subscription.expressnews.com
URL: https://subscription.expressnews.com/offers?offerID=867&siteid=SA_SAEN&origin=em.prospects&variant=juneprintsale_2023&ipid=send3&utm_content=btn1&sid=5bc938ba24c17c1048ad02f1&utm_source=marketing&utm_medium=email&utm_term=juneprintsale_2023&utm_campaign=saen%20%7C%20special%20offers
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
scaffolding on HTTPServer2 /
Resource Hash
a44e2cbaa7f4ce2985ef4ea26dbcd2662c95ad80ee1493bb3559def14c313203
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subscription.expressnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 11:35:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
scaffolding on HTTPServer2
vary
Accept-Language, Origin, X-Origin, Referer
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72048
x-xss-protection
0
override-treg
subscription.expressnews.com/ 		1 MB
265 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subscription.expressnews.com/override-treg
Requested by
Host: subscription.expressnews.com
URL: https://subscription.expressnews.com/offers?offerID=867&siteid=SA_SAEN&origin=em.prospects&variant=juneprintsale_2023&ipid=send3&utm_content=btn1&sid=5bc938ba24c17c1048ad02f1&utm_source=marketing&utm_medium=email&utm_term=juneprintsale_2023&utm_campaign=saen%20%7C%20special%20offers
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.64.200 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
49eb2cf916c0aad8821876200de8c052f5a56f623d8a956f81aad230dcdf43d0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subscription.expressnews.com/offers?offerID=867&siteid=SA_SAEN&origin=em.prospects&variant=juneprintsale_2023&ipid=send3&utm_content=btn1&sid=5bc938ba24c17c1048ad02f1&utm_source=marketing&utm_medium=email&utm_term=juneprintsale_2023&utm_campaign=saen%20%7C%20special%20offers
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230091-FRA
date
Wed, 14 Jun 2023 11:35:44 GMT
content-encoding
gzip
via
1.1 varnish
server
Google Frontend
age
1
x-timer
S1686742544.787797,VS0,VE953
x-powered-by
Express
vary
Fastly-SSL, X-HNP-Instart, X-is-eu, Accept-Encoding
x-cache
MISS
content-type
text/html
x-cloud-trace-context
48d495fbebe6fc779edb1054bfccbe94
accept-ranges
bytes
content-length
271265
x-cache-hits
0
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.1/ 		88 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js
Requested by
Host: subscription.expressnews.com
URL: https://subscription.expressnews.com/offers?offerID=867&siteid=SA_SAEN&origin=em.prospects&variant=juneprintsale_2023&ipid=send3&utm_content=btn1&sid=5bc938ba24c17c1048ad02f1&utm_source=marketing&utm_medium=email&utm_term=juneprintsale_2023&utm_campaign=saen%20%7C%20special%20offers
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subscription.expressnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sun, 11 Jun 2023 12:01:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
257636
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31100
x-xss-protection
0
last-modified
Thu, 08 Sep 2022 18:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 10 Jun 2024 12:01:47 GMT
Bootstrap.js
nexus.ensighten.com/hearst/news-3p/ 		64 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/hearst/news-3p/Bootstrap.js
Requested by
Host: subscription.expressnews.com
URL: https://subscription.expressnews.com/offers?offerID=867&siteid=SA_SAEN&origin=em.prospects&variant=juneprintsale_2023&ipid=send3&utm_content=btn1&sid=5bc938ba24c17c1048ad02f1&utm_source=marketing&utm_medium=email&utm_term=juneprintsale_2023&utm_campaign=saen%20%7C%20special%20offers
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-112.fra60.r.cloudfront.net
Software
CloudFront /
Resource Hash
3a7bd9c6ae8a721df8b0bd30f436518dc100ec7015bdbd39a5b9c85e00918b6d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subscription.expressnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 14:22:58 GMT
x-amz-version-id
iAMMzx2ZLswDhmPrc54la7ZZPj_2IGzt
content-encoding
br
via
1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
1026766
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Fri, 02 Jun 2023 14:22:33 GMT
server
CloudFront
etag
W/"0fb8549d0f5bc6d57eb3cb774f8e9c15"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=300
x-amz-cf-id
YpeVKk3bfM3PTBk3Y7Rh6xnTzMhwRdfFCIqaVf6u-prjiNRPBmXHhA==
treg.js
treg.hearstnp.com/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://treg.hearstnp.com/treg.js
Requested by
Host: subscription.expressnews.com
URL: https://subscription.expressnews.com/offers?offerID=867&siteid=SA_SAEN&origin=em.prospects&variant=juneprintsale_2023&ipid=send3&utm_content=btn1&sid=5bc938ba24c17c1048ad02f1&utm_source=marketing&utm_medium=email&utm_term=juneprintsale_2023&utm_campaign=saen%20%7C%20special%20offers
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.64.200 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
081495e3c364ba40dbbe9e43fe1af507755c3b5a861ac7e35bab0dc924cc603c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subscription.expressnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-cdn-rule
fetch: TREG DEFAULT TTL Rule 365d
date
Wed, 14 Jun 2023 11:35:43 GMT
content-encoding
gzip
via
1.1 varnish
expires
Wed, 14 Jun 2023 09:29:10 GMT
x-aspnet-version
4.0.30319
age
7894
x-powered-by
ASP.NET
x-hnp-log
x-cache
HIT
content-length
5815
x-served-by
cache-fra-eddf8230091-FRA
x-aspnetmvc-version
3.0
last-modified
Wed, 14 Jun 2023 09:24:10 GMT
server
Microsoft-IIS/10.0
x-timer
S1686742544.920196,VS0,VE0
vary
*,Fastly-SSL, X-is-eu, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-vcl-version
32
accept-ranges
bytes
x-cache-hits
3
agent.js
cdn.seondf.com/js/v4/ 		310 KB
99 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.seondf.com/js/v4/agent.js
Requested by
Host: subscription.expressnews.com
URL: https://subscription.expressnews.com/offers?offerID=867&siteid=SA_SAEN&origin=em.prospects&variant=juneprintsale_2023&ipid=send3&utm_content=btn1&sid=5bc938ba24c17c1048ad02f1&utm_source=marketing&utm_medium=email&utm_term=juneprintsale_2023&utm_campaign=saen%20%7C%20special%20offers
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5ebdda80c7f59c8f3237e0fa224a491321f544cf109c939141015c75d0f45312

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subscription.expressnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 11:35:43 GMT
x-amz-version-id
oBwuMALhSWNlluJ4Z9BGO_.GELHIAD3H
via
1.1 78720628b37ebf3e33c42dc098252ee8.cloudfront.net (CloudFront)
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-cf-pop
FRA56-P7
age
2071
x-amz-server-side-encryption
AES256
content-encoding
br
x-cache
Miss from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 20 Dec 2022 16:00:08 GMT
server
cloudflare
etag
W/"c34c3067f651e0fea2609171ab7bfec0"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=foEZHujJ6Ha1wI%2FjNMtvOcyXrMfBc9ya%2FYVo2cr6nY8QTogwjGxUzWhfxmAjIKvAXipoG1OZ3dahlUEinK%2BWZhJGnbJFkPVMfSAVlGXHVihbQ2WW8Ph4NfB%2FGq98GrIfsFHYaCG8scE%2BIQ2AnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7d72458348a99a23-FRA
x-amz-cf-id
2ImJGzKjh_UVV6F2GbkMLIqldjodfNsaGFFHjnnIJ79IDUkXpWezmg==
casper-bundle
subscription.expressnews.com/ 		2 MB
417 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subscription.expressnews.com/casper-bundle
Requested by
Host: subscription.expressnews.com
URL: https://subscription.expressnews.com/offers?offerID=867&siteid=SA_SAEN&origin=em.prospects&variant=juneprintsale_2023&ipid=send3&utm_content=btn1&sid=5bc938ba24c17c1048ad02f1&utm_source=marketing&utm_medium=email&utm_term=juneprintsale_2023&utm_campaign=saen%20%7C%20special%20offers
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.64.200 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
21e5f4b9c32b3ac79ce48bfd3efe016636306bf7d90b23be9c8271e8ad547101

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subscription.expressnews.com/offers?offerID=867&siteid=SA_SAEN&origin=em.prospects&variant=juneprintsale_2023&ipid=send3&utm_content=btn1&sid=5bc938ba24c17c1048ad02f1&utm_source=marketing&utm_medium=email&utm_term=juneprintsale_2023&utm_campaign=saen%20%7C%20special%20offers
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230091-FRA
date
Wed, 14 Jun 2023 11:35:45 GMT
content-encoding
gzip
via
1.1 varnish
server
Google Frontend
age
1
x-timer
S1686742544.384507,VS0,VE1058
x-powered-by
Express
vary
Fastly-SSL, X-HNP-Instart, X-is-eu, Accept-Encoding
x-cache
MISS
content-type
text/html
x-cloud-trace-context
78fb053fe211adda0f965f15d93da901
accept-ranges
bytes
content-length
427068
x-cache-hits
0
pay.js
pay.google.com/gp/p/js/ 		116 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pay.google.com/gp/p/js/pay.js
Requested by
Host: subscription.expressnews.com
URL: https://subscription.expressnews.com/offers?offerID=867&siteid=SA_SAEN&origin=em.prospects&variant=juneprintsale_2023&ipid=send3&utm_content=btn1&sid=5bc938ba24c17c1048ad02f1&utm_source=marketing&utm_medium=email&utm_term=juneprintsale_2023&utm_campaign=saen%20%7C%20special%20offers
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c07::5c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
eb752bc50264e20fb3409303a4ddacd0bf9528f9abbfa01bb7732821ac1caf4a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-no0fQCW9evk8vjUHR_wysw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subscription.expressnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 11:35:45 GMT
strict-transport-security
max-age=31536000
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-no0fQCW9evk8vjUHR_wysw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/InstantbuyFrontendHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/InstantbuyFrontendHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/InstantbuyFrontendHttp/cspreport
x-content-type-options
nosniff
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
private, max-age=600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Wed, 14 Jun 2023 11:35:45 GMT
iframeResizer.contentWindow.min.js
realm.hearstnp.com/js/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://realm.hearstnp.com/js/iframeResizer.contentWindow.min.js
Requested by
Host: subscription.expressnews.com
URL: https://subscription.expressnews.com/offers?offerID=867&siteid=SA_SAEN&origin=em.prospects&variant=juneprintsale_2023&ipid=send3&utm_content=btn1&sid=5bc938ba24c17c1048ad02f1&utm_source=marketing&utm_medium=email&utm_term=juneprintsale_2023&utm_campaign=saen%20%7C%20special%20offers
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
40.70.147.2 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
9c1ee5cd13600f5140af30e6ab62a8ef544bc00d7e905980e8398c180bfb8734

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subscription.expressnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Wed, 14 Jun 2023 11:35:45 GMT
Content-Encoding
gzip
Last-Modified
Thu, 03 Mar 2022 15:18:01 GMT
Server
Microsoft-IIS/10.0
ETag
"1d82f11df04ae16"
X-Powered-By
ASP.NET
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Accept-Ranges
bytes
css
fonts.googleapis.com/ 		14 KB
940 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:200,300,400,600,700,900
Requested by
Host: subscription.expressnews.com
URL: https://subscription.expressnews.com/offers?offerID=867&siteid=SA_SAEN&origin=em.prospects&variant=juneprintsale_2023&ipid=send3&utm_content=btn1&sid=5bc938ba24c17c1048ad02f1&utm_source=marketing&utm_medium=email&utm_term=juneprintsale_2023&utm_campaign=saen%20%7C%20special%20offers
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9cbc12854fcefe3dd700a7931a3fecb55548f1dcfa5338860a92e893660b04fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subscription.expressnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 14 Jun 2023 11:35:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 14 Jun 2023 11:19:12 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 14 Jun 2023 11:35:43 GMT
css
fonts.googleapis.com/ 		27 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:200,200i,300,300i,400,400i,600,600i,700,700i,900,900i
Requested by
Host: subscription.expressnews.com
URL: https://subscription.expressnews.com/offers?offerID=867&siteid=SA_SAEN&origin=em.prospects&variant=juneprintsale_2023&ipid=send3&utm_content=btn1&sid=5bc938ba24c17c1048ad02f1&utm_source=marketing&utm_medium=email&utm_term=juneprintsale_2023&utm_campaign=saen%20%7C%20special%20offers
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e47c8dc6d75dbe564bcff63e08602d89948f1f3367b395e152d65ea8fc423bd5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subscription.expressnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Wed, 14 Jun 2023 11:35:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Wed, 14 Jun 2023 10:01:45 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Wed, 14 Jun 2023 11:35:43 GMT
hearst_style.css
sailplay.net/_integration/common/lead_form_engine/examples_other/hearst/static/ 		11 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sailplay.net/_integration/common/lead_form_engine/examples_other/hearst/static/hearst_style.css
Requested by
Host: subscription.expressnews.com
URL: https://subscription.expressnews.com/offers?offerID=867&siteid=SA_SAEN&origin=em.prospects&variant=juneprintsale_2023&ipid=send3&utm_content=btn1&sid=5bc938ba24c17c1048ad02f1&utm_source=marketing&utm_medium=email&utm_term=juneprintsale_2023&utm_campaign=saen%20%7C%20special%20offers
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.42.150.4 Moscow, Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
nginx /
Resource Hash
9c3bc61b0f9659c860c1ca669bacae68ff9b2a977a8f7624cb24792b0a103c78
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subscription.expressnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Wed, 14 Jun 2023 11:35:43 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Tue, 12 Apr 2022 10:40:03 GMT
Server
nginx
ETag
"62555703-2b55"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
11093
app.8308f434e65953976136fc4ea088cb17.css
sailplay.net/_integration/common/lead_form_engine/examples_other/hearst/static/css/ 		204 B
652 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://sailplay.net/_integration/common/lead_form_engine/examples_other/hearst/static/css/app.8308f434e65953976136fc4ea088cb17.css
Requested by
Host: subscription.expressnews.com
URL: https://subscription.expressnews.com/offers?offerID=867&siteid=SA_SAEN&origin=em.prospects&variant=juneprintsale_2023&ipid=send3&utm_content=btn1&sid=5bc938ba24c17c1048ad02f1&utm_source=marketing&utm_medium=email&utm_term=juneprintsale_2023&utm_campaign=saen%20%7C%20special%20offers
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.42.150.4 Moscow, Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
nginx /
Resource Hash
24b5de47dc0702da75d1eda6efe960533526c959ce9b9e0431156d672047a9ef
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subscription.expressnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Wed, 14 Jun 2023 11:35:43 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Mon, 17 May 2021 14:30:07 GMT
Server
nginx
ETag
"60a27def-cc"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
204
manifest.0dbe4a09ed0d75146967.js
sailplay.net/_integration/common/lead_form_engine/examples_other/hearst/static/js/ 		0
459 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sailplay.net/_integration/common/lead_form_engine/examples_other/hearst/static/js/manifest.0dbe4a09ed0d75146967.js
Requested by
Host: subscription.expressnews.com
URL: https://subscription.expressnews.com/offers?offerID=867&siteid=SA_SAEN&origin=em.prospects&variant=juneprintsale_2023&ipid=send3&utm_content=btn1&sid=5bc938ba24c17c1048ad02f1&utm_source=marketing&utm_medium=email&utm_term=juneprintsale_2023&utm_campaign=saen%20%7C%20special%20offers
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.42.150.4 Moscow, Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subscription.expressnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Wed, 14 Jun 2023 11:35:43 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Mon, 16 Aug 2021 14:00:06 GMT
Server
nginx
ETag
"611a6f66-0"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
0
vendor.9974694e05bc1714ad63.js
sailplay.net/_integration/common/lead_form_engine/examples_other/hearst/static/js/ 		0
459 B 		Script
General
Check archive.org
Download Go to
Full URL
https://sailplay.net/_integration/common/lead_form_engine/examples_other/hearst/static/js/vendor.9974694e05bc1714ad63.js
Requested by
Host: subscription.expressnews.com
URL: https://subscription.expressnews.com/offers?offerID=867&siteid=SA_SAEN&origin=em.prospects&variant=juneprintsale_2023&ipid=send3&utm_content=btn1&sid=5bc938ba24c17c1048ad02f1&utm_source=marketing&utm_medium=email&utm_term=juneprintsale_2023&utm_campaign=saen%20%7C%20special%20offers
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.42.150.4 Moscow, Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subscription.expressnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Wed, 14 Jun 2023 11:35:43 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Mon, 16 Aug 2021 14:00:06 GMT
Server
nginx
ETag
"611a6f66-0"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
0
app.aebfb71a2aae10db417f.js
sailplay.net/_integration/common/lead_form_engine/examples_other/hearst/static/js/ 		715 KB
716 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sailplay.net/_integration/common/lead_form_engine/examples_other/hearst/static/js/app.aebfb71a2aae10db417f.js
Requested by
Host: subscription.expressnews.com
URL: https://subscription.expressnews.com/offers?offerID=867&siteid=SA_SAEN&origin=em.prospects&variant=juneprintsale_2023&ipid=send3&utm_content=btn1&sid=5bc938ba24c17c1048ad02f1&utm_source=marketing&utm_medium=email&utm_term=juneprintsale_2023&utm_campaign=saen%20%7C%20special%20offers
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
188.42.150.4 Moscow, Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
nginx /
Resource Hash
b1cea977d19c766cfd57ffbeedaf892bfdeec1c2a9f5d4f478a5772d572d3a74
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subscription.expressnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date
Wed, 14 Jun 2023 11:35:43 GMT
Strict-Transport-Security
max-age=31536000
X-Content-Type-Options
nosniff
Referrer-Policy
strict-origin-when-cross-origin
Last-Modified
Sun, 17 Oct 2021 21:00:04 GMT
Server
nginx
ETag
"616c8ed4-b2dd3"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
732627
js
maps.googleapis.com/maps/api/ 		0
0
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.6.1/ 		0
0
GetJS
treg.hearstnp.com/assets/0xD73EAE68DE3D548D889EFF92265C9C7DEB126F48/ 		398 KB
140 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://treg.hearstnp.com/assets/0xD73EAE68DE3D548D889EFF92265C9C7DEB126F48/GetJS?url=subscription.expressnews.com
Requested by
Host: treg.hearstnp.com
URL: https://treg.hearstnp.com/treg.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.64.200 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
42b1cade48b344edfa0c19394bf2d46ececb35db0129711284855c3eccac00ff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subscription.expressnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-cdn-rule
fetch: TREG DEFAULT TTL Rule 365d
date
Wed, 14 Jun 2023 11:35:45 GMT
content-encoding
gzip
via
1.1 varnish
expires
Tue, 13 Jun 2023 13:12:09 GMT
x-aspnet-version
4.0.30319
age
80615
x-powered-by
ASP.NET
x-hnp-log
x-cache
HIT
content-length
143132
x-served-by
cache-fra-eddf8230091-FRA
x-aspnetmvc-version
3.0
last-modified
Tue, 13 Jun 2023 13:12:09 GMT
server
Microsoft-IIS/10.0
x-timer
S1686742545.063273,VS0,VE2
vary
*,Fastly-SSL, X-is-eu, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-vcl-version
32
accept-ranges
bytes
x-cache-hits
1
agent.js
cdn.seondf.com/js/v4/ 		0
0
pay.js
pay.google.com/gp/p/js/ 		0
0
css
fonts.googleapis.com/ 		0
0
css
fonts.googleapis.com/ 		0
0
hearst_style.css
sailplay.net/_integration/common/lead_form_engine/examples_other/hearst/static/ 		0
0
app.8308f434e65953976136fc4ea088cb17.css
sailplay.net/_integration/common/lead_form_engine/examples_other/hearst/static/css/ 		0
0
manifest.0dbe4a09ed0d75146967.js
sailplay.net/_integration/common/lead_form_engine/examples_other/hearst/static/js/ 		0
0
vendor.9974694e05bc1714ad63.js
sailplay.net/_integration/common/lead_form_engine/examples_other/hearst/static/js/ 		0
0
app.aebfb71a2aae10db417f.js
sailplay.net/_integration/common/lead_form_engine/examples_other/hearst/static/js/ 		0
0
serverComponent.php
nexus.ensighten.com/hearst/news-3p/ 		387 B
694 B 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/hearst/news-3p/serverComponent.php?namespace=Bootstrapper&staticJsPath=/hearst/news-3p/code/&publishedOn=Fri%20Jun%2002%2014:22:28%20GMT%202023&ClientID=109&PageID=https%3A%2F%2Fsubscription.expressnews.com%2Foffers%3FofferID%3D867%26siteid%3DSA_SAEN%26origin%3Dem.prospects%26variant%3Djuneprintsale_2023%26ipid%3Dsend3%26utm_content%3Dbtn1%26sid%3D5bc938ba24c17c1048ad02f1%26utm_source%3Dmarketing%26utm_medium%3Demail%26utm_term%3Djuneprintsale_2023%26utm_campaign%3Dsaen%2520%257C%2520special%2520offers&custDomain=nexus.ensighten.com
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/hearst/news-3p/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-112.fra60.r.cloudfront.net
Software
CloudFront /
Resource Hash
840b9fe0e472bc664c3f5200723c209dbcb36b01e39ca3c3b36264c933ef986e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subscription.expressnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 11:35:45 GMT
via
1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA60-P4
x-cache
Miss from cloudfront
content-type
text/javascript
cache-control
no-cache, no-store
content-length
387
x-amz-cf-id
UujK3FC4Ym2UNTwnYFjFG0mLoQqqvb2Rknes1sg7-HDRAJSR3uf9jg==
expires
Wed, 14 Jun 2023 11:35:44 GMT
748fb4b8d72f93fde3df4404d6981eb0.js
nexus.ensighten.com/hearst/news-3p/code/ 		50 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/hearst/news-3p/code/748fb4b8d72f93fde3df4404d6981eb0.js?conditionId0=422740
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/hearst/news-3p/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-112.fra60.r.cloudfront.net
Software
CloudFront /
Resource Hash
d24d56cea19cf68948b4f9e985990851d4cb67fba1f106d3ccc632e7bb3d5f67

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subscription.expressnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Fri, 02 Jun 2023 14:22:46 GMT
x-amz-version-id
BiwAdI04Sd2HVSpPa_o5GSpWN0eQ6PVR
content-encoding
br
via
1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
1026780
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
PENDING
last-modified
Fri, 02 Jun 2023 14:22:33 GMT
server
CloudFront
etag
W/"13e52580ea0b4c1dac1916b2e865d739"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
x-amz-cf-id
k05z6rhJiPMsY_iy7spBwcjfXUYvpkkadmyDW1mq4pUdS94vnDoa-A==
bb835c0e01ebc0c837c9178bcdeee13a.js
nexus.ensighten.com/hearst/news-3p/code/ 		45 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://nexus.ensighten.com/hearst/news-3p/code/bb835c0e01ebc0c837c9178bcdeee13a.js?conditionId0=4874786
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/hearst/news-3p/Bootstrap.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.112 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-112.fra60.r.cloudfront.net
Software
CloudFront /
Resource Hash
6732594361d262605408ae388c340420fc071c3ed966eb4dd07048084d4bbbf7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subscription.expressnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Sat, 20 May 2023 05:14:49 GMT
x-amz-version-id
ANORndbHm7EV7iLZFioLmEN4HHUL_4_e
content-encoding
br
via
1.1 a962efd99fafcdb81ca24e0e8140a67c.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA60-P4
age
2182857
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Thu, 13 Apr 2023 14:35:37 GMT
server
CloudFront
etag
W/"2f8fc3115a2817ee002c8f98c596cbe3"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
max-age=315360000
x-amz-cf-id
zQK2l3ncIQ6Lsxpfx8EWkmzFG7QEbJcM8fGNlSipo1jUL1UqZmktUA==
C3P0_RealmCookie
realm.hearst3pcc.com/utility/ 		0
0
treg.min.css
www.expressnews.com/dist/ 		28 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.expressnews.com/dist/treg.min.css?cb=0xD73EAE68DE3D548D889EFF92265C9C7DEB126F48
Requested by
Host: treg.hearstnp.com
URL: https://treg.hearstnp.com/treg.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.64.200 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
74cd102f48c95c8c911121048da6ec17895f6e06fb3e9b4a47573ce81db0daa1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subscription.expressnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-cdn-rule
fetch: set default TTL 0s
date
Wed, 14 Jun 2023 11:35:45 GMT
content-encoding
gzip
via
1.1 varnish
expires
Tue, 20 Jun 2023 18:28:42 GMT
age
61622
x-cache
HIT
content-length
5179
x-served-by
cache-fra-eddf8230091-FRA
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 12 Jun 2023 15:55:29 GMT
server
Apache
x-timer
S1686742545.131207,VS0,VE1
etag
"707a-5fdf0bf6b1e40-gzip"
vary
Accept-Encoding, X-hnp-px,Fastly-SSL, X-HNP-backend, X-is-eu, X-ab-scope
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
x-vcl-version
214
accept-ranges
bytes
x-cache-hits
1
analytics.js
www.google-analytics.com/ 		51 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: nexus.ensighten.com
URL: https://nexus.ensighten.com/hearst/news-3p/code/748fb4b8d72f93fde3df4404d6981eb0.js?conditionId0=422740
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subscription.expressnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 14 Jun 2023 11:04:48 GMT
last-modified
Mon, 17 Apr 2023 22:36:01 GMT
server
Golfe2
age
1857
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20737
expires
Wed, 14 Jun 2023 13:04:48 GMT
beacon.js
sb.scorecardresearch.com/ 		0
0
gtm.js
www.googletagmanager.com/ 		0
0
fbevents.js
connect.facebook.net/en_US/ 		0
0
pixel.js
www.redditstatic.com/ads/ 		0
0
uwt.js
static.ads-twitter.com/ 		0
0
hearst.js
cdn.blueconic.net/ 		0
0
js
www.googletagmanager.com/gtag/ 		0
0
p.js
cdn.parsely.com/keys/expressnews.com/ 		0
0
ml.js
js.matheranalytics.com/s/ma86077/712314006/all/ 		0
0
collect
stats.g.doubleclick.net/j/ 		0
0
casper.81505ccec6a08c4fc509e1fe86e7211c.20.js
subscription.expressnews.com/chunks/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subscription.expressnews.com/chunks/casper.81505ccec6a08c4fc509e1fe86e7211c.20.js
Requested by
Host: subscription.expressnews.com
URL: https://subscription.expressnews.com/casper-bundle
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.64.200 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
6317536493860a5844caac3e9004ce83bb0777fca54b06e8bfbe45fb03edac06

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subscription.expressnews.com/offers?offerID=867&siteid=SA_SAEN&origin=em.prospects&variant=juneprintsale_2023&ipid=send3&utm_content=btn1&sid=5bc938ba24c17c1048ad02f1&utm_source=marketing&utm_medium=email&utm_term=juneprintsale_2023&utm_campaign=saen%20%7C%20special%20offers
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 11:35:45 GMT
content-encoding
gzip
via
1.1 varnish
age
0
x-powered-by
Express
x-cache
HIT
content-length
5126
x-served-by
cache-fra-eddf8230091-FRA
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
Google Frontend
x-timer
S1686742546.740703,VS0,VE147
etag
W/"45d3-49773873e8"
vary
Accept-Encoding,Fastly-SSL, X-HNP-Instart, X-is-eu
content-type
application/javascript; charset=UTF-8
x-cloud-trace-context
055d3b883b60a772a6ea940faf943977
cache-control
public, max-age=5
accept-ranges
bytes
x-cache-hits
1
casper.81505ccec6a08c4fc509e1fe86e7211c.0.js
subscription.expressnews.com/chunks/ 		506 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subscription.expressnews.com/chunks/casper.81505ccec6a08c4fc509e1fe86e7211c.0.js
Requested by
Host: subscription.expressnews.com
URL: https://subscription.expressnews.com/casper-bundle
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.64.200 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
ab2db8240f19c75ed157367434cc274b496855d589a043dce03fab9a29403b61

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subscription.expressnews.com/offers?offerID=867&siteid=SA_SAEN&origin=em.prospects&variant=juneprintsale_2023&ipid=send3&utm_content=btn1&sid=5bc938ba24c17c1048ad02f1&utm_source=marketing&utm_medium=email&utm_term=juneprintsale_2023&utm_campaign=saen%20%7C%20special%20offers
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 11:35:45 GMT
content-encoding
gzip
via
1.1 varnish
age
0
x-powered-by
Express
x-cache
HIT
content-length
116405
x-served-by
cache-fra-eddf8230091-FRA
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
Google Frontend
x-timer
S1686742546.742658,VS0,VE138
etag
W/"7e718-49773873e8"
vary
Accept-Encoding,Fastly-SSL, X-HNP-Instart, X-is-eu
content-type
application/javascript; charset=UTF-8
x-cloud-trace-context
ace12847425f425ef6f9142214f47f08
cache-control
public, max-age=5
accept-ranges
bytes
x-cache-hits
1
casper.81505ccec6a08c4fc509e1fe86e7211c.17.js
subscription.expressnews.com/chunks/ 		61 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subscription.expressnews.com/chunks/casper.81505ccec6a08c4fc509e1fe86e7211c.17.js
Requested by
Host: subscription.expressnews.com
URL: https://subscription.expressnews.com/casper-bundle
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.64.200 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
453c4a2ca3e1f2b982b73633401e2419b2ae0a3319f39a07aff9b9e8a9660868

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subscription.expressnews.com/offers?offerID=867&siteid=SA_SAEN&origin=em.prospects&variant=juneprintsale_2023&ipid=send3&utm_content=btn1&sid=5bc938ba24c17c1048ad02f1&utm_source=marketing&utm_medium=email&utm_term=juneprintsale_2023&utm_campaign=saen%20%7C%20special%20offers
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 11:35:45 GMT
content-encoding
gzip
via
1.1 varnish
age
0
x-powered-by
Express
x-cache
MISS
content-length
27486
x-served-by
cache-fra-eddf8230091-FRA
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
Google Frontend
x-timer
S1686742546.743034,VS0,VE251
etag
W/"f267-49773873e8"
vary
Accept-Encoding,Fastly-SSL, X-HNP-Instart, X-is-eu
content-type
application/javascript; charset=UTF-8
x-cloud-trace-context
a4f1265a46ec8bcfac38e1318e00a58e
cache-control
public, max-age=5
accept-ranges
bytes
x-cache-hits
0
casper.81505ccec6a08c4fc509e1fe86e7211c.18.js
subscription.expressnews.com/chunks/ 		27 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://subscription.expressnews.com/chunks/casper.81505ccec6a08c4fc509e1fe86e7211c.18.js
Requested by
Host: subscription.expressnews.com
URL: https://subscription.expressnews.com/casper-bundle
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.64.200 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Google Frontend / Express
Resource Hash
17a44aa670894b618d8cf2cf80f2d83fca4557cee18b21838a504df117bdc1d3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subscription.expressnews.com/offers?offerID=867&siteid=SA_SAEN&origin=em.prospects&variant=juneprintsale_2023&ipid=send3&utm_content=btn1&sid=5bc938ba24c17c1048ad02f1&utm_source=marketing&utm_medium=email&utm_term=juneprintsale_2023&utm_campaign=saen%20%7C%20special%20offers
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date
Wed, 14 Jun 2023 11:35:45 GMT
content-encoding
gzip
via
1.1 varnish
age
0
x-powered-by
Express
x-cache
HIT
content-length
8765
x-served-by
cache-fra-eddf8230091-FRA
last-modified
Tue, 01 Jan 1980 00:00:01 GMT
server
Google Frontend
x-timer
S1686742546.743733,VS0,VE138
etag
W/"6a18-49773873e8"
vary
Accept-Encoding,Fastly-SSL, X-HNP-Instart, X-is-eu
content-type
application/javascript; charset=UTF-8
x-cloud-trace-context
466fbc8c38f04fcfe0eb8844f5ec1aeb
cache-control
public, max-age=5
accept-ranges
bytes
x-cache-hits
1
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j100&a=1899791820&t=pageview&_s=1&dl=https%3A%2F%2Fsubscription.expressnews.com%2Foffers%3FofferID%3D867%26siteid%3DSA_SAEN%26origin%3Dem.prospects%26variant%3Djuneprintsale_2023%26ipid%3Dsend3%26utm_content%3Dbtn1%26sid%3D5bc938ba24c17c1048ad02f1%26utm_source%3Dmarketing%26utm_medium%3Demail%26utm_term%3Djuneprintsale_2023%26utm_campaign%3Dsaen%2520%257C%2520special%2520offers&dp=%2Foffers&ul=en-us&de=UTF-8&dt=List%20Offers&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=6GBAgEADAAAAAAAOI~&jid=1310875161&gjid=741143737&cid=1486898938.1686742545&tid=UA-1616916-27&_gid=1329111709.1686742545&_av=2.4.1&_au=1&cd1=casper&cd2=casper%3Aoffers&cd3=casper%3Aoffers&cd4=casper%3Aoffers&cd15=casper&cd19=abDisabled&cd20=dbd789198ee4d2d9265fd51125ca5eb6&cd21=2023-06-14T11%3A35%3A45.718%2B00%3A00&cd22=%3FofferID%3D867%26siteid%3DSA_SAEN%26origin%3Dem.prospects%26variant%3Djuneprintsale_2023%26ipid%3Dsend3%26utm_content%3Dbtn1%26sid%3D5bc938ba24c17c1048ad02f1%26utm_source%3Dmarketing%26utm_medium%3Demail%26utm_term%3Djuneprintsale_2023%26utm_campaign%3Dsaen%2520%257C%2520special%2520offers&cd23=1486898938.1686742545&cd30=send3&cd34=1&cd35=1&cd48=none&cd49=desktop&cd50=1600%20x%201200&cd51=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F114.0.5735.133%20Safari%2F537.36&cd61=(not%20set)&cd62=visible&cd66=(not%20set)&cd5=other&cd29=Logged%20Out&did=i5iSjo&z=1706146046
Requested by
Host: subscription.expressnews.com
URL: https://subscription.expressnews.com/offers?offerID=867&siteid=SA_SAEN&origin=em.prospects&variant=juneprintsale_2023&ipid=send3&utm_content=btn1&sid=5bc938ba24c17c1048ad02f1&utm_source=marketing&utm_medium=email&utm_term=juneprintsale_2023&utm_campaign=saen%20%7C%20special%20offers
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subscription.expressnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 14 Jun 2023 06:15:23 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
19222
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
SA_SAEN-logo-header.png
storage.googleapis.com/hnp-subscription-app-static-files/casper_header/ 		0
0
truncated
/ 		17 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8951deb09684788fdeda258ed037877c920ca0ee28980fd33cd64bdcebf92735

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/gif
3056-gdpr-min.css
www.expressnews.com/file/305/6/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.expressnews.com/file/305/6/3056-gdpr-min.css?168674254
Requested by
Host: www.expressnews.com
URL: https://www.expressnews.com/file/305/7/3057-gdpr-min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
151.101.64.200 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
cdaf1ffa6d56b2d6d8b455b60b90b989e1217910232796a9c20e6341114b014b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://subscription.expressnews.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-cdn-rule
fetch: set default TTL 0s
date
Wed, 14 Jun 2023 11:35:46 GMT
content-encoding
gzip
via
1.1 varnish
expires
Wed, 21 Jun 2023 11:35:46 GMT
age
0
x-cache
MISS
content-length
1073
x-served-by
cache-fra-eddf8230091-FRA
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 17 Jan 2020 22:31:36 GMT
server
Apache
x-timer
S1686742546.804070,VS0,VE479
etag
"d55-59c5d812f722f-gzip"
vary
Accept-Encoding, X-hnp-px,Fastly-SSL, X-HNP-backend, X-is-eu, X-ab-scope
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=604800
x-vcl-version
214
accept-ranges
bytes
x-cache-hits
0
truncated
/ 		8 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
618d6d85334ff2f1da5f2d1c05dbf50c07e8215a2284f9c29269ddb46bffefb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		22 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aadeeae33a37d180ab270d5d8cede5913b2f561b3f5d489703eb7d97a3b3c7a2

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type
image/svg+xml
SA_SAEN-home1.png
storage.googleapis.com/hnp-subscription-app-static-files/casper_home/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
maps.googleapis.com
URL
https://maps.googleapis.com/maps/api/js?v=3.26&key=AIzaSyA0Uw5ZgBX6vNdcGb1O1SCex8tEBTaPahU&libraries=places
Domain
ajax.googleapis.com
URL
https://ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js
Domain
cdn.seondf.com
URL
https://cdn.seondf.com/js/v4/agent.js
Domain
pay.google.com
URL
https://pay.google.com/gp/p/js/pay.js
Domain
fonts.googleapis.com
URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:200,300,400,600,700,900
Domain
fonts.googleapis.com
URL
https://fonts.googleapis.com/css?family=Source+Sans+Pro:200,200i,300,300i,400,400i,600,600i,700,700i,900,900i
Domain
sailplay.net
URL
https://sailplay.net/_integration/common/lead_form_engine/examples_other/hearst/static/hearst_style.css
Domain
sailplay.net
URL
https://sailplay.net/_integration/common/lead_form_engine/examples_other/hearst/static/css/app.8308f434e65953976136fc4ea088cb17.css
Domain
sailplay.net
URL
https://sailplay.net/_integration/common/lead_form_engine/examples_other/hearst/static/js/manifest.0dbe4a09ed0d75146967.js
Domain
sailplay.net
URL
https://sailplay.net/_integration/common/lead_form_engine/examples_other/hearst/static/js/vendor.9974694e05bc1714ad63.js
Domain
sailplay.net
URL
https://sailplay.net/_integration/common/lead_form_engine/examples_other/hearst/static/js/app.aebfb71a2aae10db417f.js
Domain
realm.hearst3pcc.com
URL
https://realm.hearst3pcc.com/utility/C3P0_RealmCookie?host=subscription.expressnews.com&operation=create&cb=1686742545114
Domain
sb.scorecardresearch.com
URL
https://sb.scorecardresearch.com/beacon.js
Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtm.js?id=GTM-WL7KMGG
Domain
connect.facebook.net
URL
https://connect.facebook.net/en_US/fbevents.js
Domain
www.redditstatic.com
URL
https://www.redditstatic.com/ads/pixel.js
Domain
static.ads-twitter.com
URL
https://static.ads-twitter.com/uwt.js
Domain
cdn.blueconic.net
URL
https://cdn.blueconic.net/hearst.js
Domain
www.googletagmanager.com
URL
https://www.googletagmanager.com/gtag/js?id=AW-729822527
Domain
cdn.parsely.com
URL
https://cdn.parsely.com/keys/expressnews.com/p.js
Domain
js.matheranalytics.com
URL
https://js.matheranalytics.com/s/ma86077/712314006/all/ml.js?cb=1627
Domain
stats.g.doubleclick.net
URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-1616916-27&cid=1486898938.1686742545&jid=1310875161&gjid=741143737&_gid=1329111709.1686742545&_u=6GBAgEADAAAAAEAOI~&z=276881125
Domain
storage.googleapis.com
URL
https://storage.googleapis.com/hnp-subscription-app-static-files/casper_header/SA_SAEN-logo-header.png
Domain
storage.googleapis.com
URL
https://storage.googleapis.com/hnp-subscription-app-static-files/casper_home/SA_SAEN-home1.png

Verdicts & Comments Add Verdict or Comment

104 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless object| onbeforetoggle object| onscrollend object| HDN object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill object| aps object| ensBootstraps object| Bootstrapper object| abd string| siteBrand function| commerceConnectorAnalytics object| HNP object| treg string| version object| check object| isMobile string| userAgent boolean| mobile boolean| iPhone boolean| faceBookApp boolean| mobileSafari boolean| richieApp boolean| instaGramApp boolean| googleSearchAppliance object| Oidc function| realmiFrameResize string| socialProvider function| initializeModule object| HNPutilities object| currentDomainArray string| currentDomain string| pageDepth string| monthlySession function| excludePII object| cDim object| cMet object| gaFieldObject function| setCommonDimensions function| clearSecondaryIds function| initializeGATracking string| GoogleAnalyticsObject function| ga function| addHnpVisitSession function| hnpVisitSessionNew function| hnpVisitSessionKeepAlive function| hnpVisitSessionUpdateUtm function| uuidv4 function| addHnpHitVars number| hnpVisitTs string| hnpUrlHash string| hnpIpid string| hnpIpidHash string| hnpSessionReferrer string| hnpSessionReferrerDomain string| hnpUtmSource string| hnpUtmSourceHash string| hnpUtmMedium string| hnpUtmMediumHash string| hnpUtmCampaign string| hnpUtmCampaignHash function| comScoreBeacon string| cScript object| dataLayer function| bcTrackData function| fbq function| _fbq function| gtag function| rdt object| tfaData string| mockURl object| PARSELY string| ga_account string| cross_domains string| ix_account string| lotame_id function| addMatherAnalytics function| twq boolean| cspDebug object| casperData string| gaPageTitle string| gaPagePath object| pagePathArray object| google_tag_data object| gaplugins object| gaGlobal object| gaData object| gaDevIds object| webpackJsonp function| CasperGlobal object| exData boolean| ensFirstPage object| eData boolean| sendPageviewOnError string| siteSection4 string| siteSection3 string| siteSection2 string| siteSection1 string| newSearchStr string| abTestStatus

15 Cookies

Domain/Path Name / Value
.expressnews.com/ Name: sailthru_hid
Value: 5a607d83fdae85260eb37ff05edbc4755bc938ba24c17c1048ad02f134f4308590a4fb5546d82d2ec1e94fe3
.expressnews.com/ Name: sailthru_bid
Value: 6488a910afd48f000109b523
subscription.expressnews.com/ Name: location_data
Value: {"is_eu":true,"country_code":"DE","postal_code":"1"}
www.expressnews.com/ Name: location_data
Value: {"is_eu":true,"country_code":"DE","postal_code":"1"}
.expressnews.com/ Name: hnpdiudpf1
Value: dTFUItRF42LnYXrwD640PYgEUBRFJ8lKWOyGXUjldNc=
.expressnews.com/ Name: hnpdiudpf2
Value: aahmEPxY67TmZ4RhUubpJBQNKkx3+NLg+ebxd2t5ivA=
www.expressnews.com/ Name: ab_bucket
Value: 86
subscription.expressnews.com/ Name: s_abd
Value: {"first":false,"test":"","result":"","last":false}
.google.com/ Name: NID
Value: 511=A9hQXH5-5GpcXxFHrWngHNdW79MWjYIU5PZsGBi3G0EK29EwNUYXdW58vcs3ExErqeTcRQa3TCorA6syNLzoz8eobTdVDFrlbLsxLOW6ZQfsLtB9J6B_8eZJc6sa_1XX6MwOzF2TLu1R8p4quuVXWL2nrkJRrN_sdaWmLu1S3LU
subscription.expressnews.com/ Name: realm.cookiesAndJavascript
Value: true
.expressnews.com/ Name: ga_cd34
Value: 1
.expressnews.com/ Name: ga_cd35
Value: 1
.expressnews.com/ Name: _ga
Value: GA1.2.1486898938.1686742545
.expressnews.com/ Name: _gid
Value: GA1.2.1329111709.1686742545
.expressnews.com/ Name: _gat_hnp
Value: 1

31 Console Messages

Source Level URL
Text
security error URL: https://www.expressnews.com/file/305/7/3057-gdpr-min.js(Line 17)
Message:
Unrecognized Content-Security-Policy directive 'prefetch-src'.
security error URL: https://subscription.expressnews.com/offers?offerID=867&siteid=SA_SAEN&origin=em.prospects&variant=juneprintsale_2023&ipid=send3&utm_content=btn1&sid=5bc938ba24c17c1048ad02f1&utm_source=marketing&utm_medium=email&utm_term=juneprintsale_2023&utm_campaign=saen%20%7C%20special%20offers
Message:
Refused to load the script 'https://maps.googleapis.com/maps/api/js?v=3.26&key=AIzaSyA0Uw5ZgBX6vNdcGb1O1SCex8tEBTaPahU&libraries=places' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' tm.hdmtools.com *.ensighten.com *.hearstnp.com projects.sfchronicle.com files.sfchronicle.com blob: *.2mdn.net adservice.google.co.uk adservice.google.de adservice.google.fr adservice.google.nl adservice.google.it adservice.google.no adservice.google.es adservice.google.ie www.googletagservices.com adservice.google.com cm.g.doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net pagead2.googlesyndication.com content.jwplatform.com ssl.p.jwpcdn.com projects.expressnews.com code.expressnews.com extras.expressnews.com files.expressnews.com www.expressnews.com 'unsafe-eval' *.pixel.parsely.com d1z2jf7jlzjs58.cloudfront.net www.google-analytics.com static.chartbeat.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://subscription.expressnews.com/offers?offerID=867&siteid=SA_SAEN&origin=em.prospects&variant=juneprintsale_2023&ipid=send3&utm_content=btn1&sid=5bc938ba24c17c1048ad02f1&utm_source=marketing&utm_medium=email&utm_term=juneprintsale_2023&utm_campaign=saen%20%7C%20special%20offers
Message:
Refused to load the script 'https://ajax.googleapis.com/ajax/libs/jquery/3.6.1/jquery.min.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' tm.hdmtools.com *.ensighten.com *.hearstnp.com projects.sfchronicle.com files.sfchronicle.com blob: *.2mdn.net adservice.google.co.uk adservice.google.de adservice.google.fr adservice.google.nl adservice.google.it adservice.google.no adservice.google.es adservice.google.ie www.googletagservices.com adservice.google.com cm.g.doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net pagead2.googlesyndication.com content.jwplatform.com ssl.p.jwpcdn.com projects.expressnews.com code.expressnews.com extras.expressnews.com files.expressnews.com www.expressnews.com 'unsafe-eval' *.pixel.parsely.com d1z2jf7jlzjs58.cloudfront.net www.google-analytics.com static.chartbeat.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://subscription.expressnews.com/offers?offerID=867&siteid=SA_SAEN&origin=em.prospects&variant=juneprintsale_2023&ipid=send3&utm_content=btn1&sid=5bc938ba24c17c1048ad02f1&utm_source=marketing&utm_medium=email&utm_term=juneprintsale_2023&utm_campaign=saen%20%7C%20special%20offers
Message:
Refused to load the script 'https://cdn.seondf.com/js/v4/agent.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' tm.hdmtools.com *.ensighten.com *.hearstnp.com projects.sfchronicle.com files.sfchronicle.com blob: *.2mdn.net adservice.google.co.uk adservice.google.de adservice.google.fr adservice.google.nl adservice.google.it adservice.google.no adservice.google.es adservice.google.ie www.googletagservices.com adservice.google.com cm.g.doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net pagead2.googlesyndication.com content.jwplatform.com ssl.p.jwpcdn.com projects.expressnews.com code.expressnews.com extras.expressnews.com files.expressnews.com www.expressnews.com 'unsafe-eval' *.pixel.parsely.com d1z2jf7jlzjs58.cloudfront.net www.google-analytics.com static.chartbeat.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://subscription.expressnews.com/offers?offerID=867&siteid=SA_SAEN&origin=em.prospects&variant=juneprintsale_2023&ipid=send3&utm_content=btn1&sid=5bc938ba24c17c1048ad02f1&utm_source=marketing&utm_medium=email&utm_term=juneprintsale_2023&utm_campaign=saen%20%7C%20special%20offers
Message:
Refused to load the script 'https://pay.google.com/gp/p/js/pay.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' tm.hdmtools.com *.ensighten.com *.hearstnp.com projects.sfchronicle.com files.sfchronicle.com blob: *.2mdn.net adservice.google.co.uk adservice.google.de adservice.google.fr adservice.google.nl adservice.google.it adservice.google.no adservice.google.es adservice.google.ie www.googletagservices.com adservice.google.com cm.g.doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net pagead2.googlesyndication.com content.jwplatform.com ssl.p.jwpcdn.com projects.expressnews.com code.expressnews.com extras.expressnews.com files.expressnews.com www.expressnews.com 'unsafe-eval' *.pixel.parsely.com d1z2jf7jlzjs58.cloudfront.net www.google-analytics.com static.chartbeat.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://subscription.expressnews.com/offers?offerID=867&siteid=SA_SAEN&origin=em.prospects&variant=juneprintsale_2023&ipid=send3&utm_content=btn1&sid=5bc938ba24c17c1048ad02f1&utm_source=marketing&utm_medium=email&utm_term=juneprintsale_2023&utm_campaign=saen%20%7C%20special%20offers
Message:
Refused to load the stylesheet 'https://fonts.googleapis.com/css?family=Source+Sans+Pro:200,300,400,600,700,900' because it violates the following Content Security Policy directive: "style-src 'self' 'unsafe-inline' *.hearstnp.com unpkg.com projects.expressnews.com code.expressnews.com extras.expressnews.com files.expressnews.com www.expressnews.com". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.
security error URL: https://subscription.expressnews.com/offers?offerID=867&siteid=SA_SAEN&origin=em.prospects&variant=juneprintsale_2023&ipid=send3&utm_content=btn1&sid=5bc938ba24c17c1048ad02f1&utm_source=marketing&utm_medium=email&utm_term=juneprintsale_2023&utm_campaign=saen%20%7C%20special%20offers
Message:
Refused to load the stylesheet 'https://fonts.googleapis.com/css?family=Source+Sans+Pro:200,200i,300,300i,400,400i,600,600i,700,700i,900,900i' because it violates the following Content Security Policy directive: "style-src 'self' 'unsafe-inline' *.hearstnp.com unpkg.com projects.expressnews.com code.expressnews.com extras.expressnews.com files.expressnews.com www.expressnews.com". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.
security error URL: https://subscription.expressnews.com/offers?offerID=867&siteid=SA_SAEN&origin=em.prospects&variant=juneprintsale_2023&ipid=send3&utm_content=btn1&sid=5bc938ba24c17c1048ad02f1&utm_source=marketing&utm_medium=email&utm_term=juneprintsale_2023&utm_campaign=saen%20%7C%20special%20offers
Message:
Refused to load the stylesheet 'https://sailplay.net/_integration/common/lead_form_engine/examples_other/hearst/static/hearst_style.css' because it violates the following Content Security Policy directive: "style-src 'self' 'unsafe-inline' *.hearstnp.com unpkg.com projects.expressnews.com code.expressnews.com extras.expressnews.com files.expressnews.com www.expressnews.com". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.
security error URL: https://subscription.expressnews.com/offers?offerID=867&siteid=SA_SAEN&origin=em.prospects&variant=juneprintsale_2023&ipid=send3&utm_content=btn1&sid=5bc938ba24c17c1048ad02f1&utm_source=marketing&utm_medium=email&utm_term=juneprintsale_2023&utm_campaign=saen%20%7C%20special%20offers
Message:
Refused to load the stylesheet 'https://sailplay.net/_integration/common/lead_form_engine/examples_other/hearst/static/css/app.8308f434e65953976136fc4ea088cb17.css' because it violates the following Content Security Policy directive: "style-src 'self' 'unsafe-inline' *.hearstnp.com unpkg.com projects.expressnews.com code.expressnews.com extras.expressnews.com files.expressnews.com www.expressnews.com". Note that 'style-src-elem' was not explicitly set, so 'style-src' is used as a fallback.
security error URL: https://subscription.expressnews.com/offers?offerID=867&siteid=SA_SAEN&origin=em.prospects&variant=juneprintsale_2023&ipid=send3&utm_content=btn1&sid=5bc938ba24c17c1048ad02f1&utm_source=marketing&utm_medium=email&utm_term=juneprintsale_2023&utm_campaign=saen%20%7C%20special%20offers
Message:
Refused to load the script 'https://sailplay.net/_integration/common/lead_form_engine/examples_other/hearst/static/js/manifest.0dbe4a09ed0d75146967.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' tm.hdmtools.com *.ensighten.com *.hearstnp.com projects.sfchronicle.com files.sfchronicle.com blob: *.2mdn.net adservice.google.co.uk adservice.google.de adservice.google.fr adservice.google.nl adservice.google.it adservice.google.no adservice.google.es adservice.google.ie www.googletagservices.com adservice.google.com cm.g.doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net pagead2.googlesyndication.com content.jwplatform.com ssl.p.jwpcdn.com projects.expressnews.com code.expressnews.com extras.expressnews.com files.expressnews.com www.expressnews.com 'unsafe-eval' *.pixel.parsely.com d1z2jf7jlzjs58.cloudfront.net www.google-analytics.com static.chartbeat.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://subscription.expressnews.com/offers?offerID=867&siteid=SA_SAEN&origin=em.prospects&variant=juneprintsale_2023&ipid=send3&utm_content=btn1&sid=5bc938ba24c17c1048ad02f1&utm_source=marketing&utm_medium=email&utm_term=juneprintsale_2023&utm_campaign=saen%20%7C%20special%20offers
Message:
Refused to load the script 'https://sailplay.net/_integration/common/lead_form_engine/examples_other/hearst/static/js/vendor.9974694e05bc1714ad63.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' tm.hdmtools.com *.ensighten.com *.hearstnp.com projects.sfchronicle.com files.sfchronicle.com blob: *.2mdn.net adservice.google.co.uk adservice.google.de adservice.google.fr adservice.google.nl adservice.google.it adservice.google.no adservice.google.es adservice.google.ie www.googletagservices.com adservice.google.com cm.g.doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net pagead2.googlesyndication.com content.jwplatform.com ssl.p.jwpcdn.com projects.expressnews.com code.expressnews.com extras.expressnews.com files.expressnews.com www.expressnews.com 'unsafe-eval' *.pixel.parsely.com d1z2jf7jlzjs58.cloudfront.net www.google-analytics.com static.chartbeat.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://subscription.expressnews.com/offers?offerID=867&siteid=SA_SAEN&origin=em.prospects&variant=juneprintsale_2023&ipid=send3&utm_content=btn1&sid=5bc938ba24c17c1048ad02f1&utm_source=marketing&utm_medium=email&utm_term=juneprintsale_2023&utm_campaign=saen%20%7C%20special%20offers
Message:
Refused to load the script 'https://sailplay.net/_integration/common/lead_form_engine/examples_other/hearst/static/js/app.aebfb71a2aae10db417f.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' tm.hdmtools.com *.ensighten.com *.hearstnp.com projects.sfchronicle.com files.sfchronicle.com blob: *.2mdn.net adservice.google.co.uk adservice.google.de adservice.google.fr adservice.google.nl adservice.google.it adservice.google.no adservice.google.es adservice.google.ie www.googletagservices.com adservice.google.com cm.g.doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net pagead2.googlesyndication.com content.jwplatform.com ssl.p.jwpcdn.com projects.expressnews.com code.expressnews.com extras.expressnews.com files.expressnews.com www.expressnews.com 'unsafe-eval' *.pixel.parsely.com d1z2jf7jlzjs58.cloudfront.net www.google-analytics.com static.chartbeat.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://treg.hearstnp.com/assets/0xD73EAE68DE3D548D889EFF92265C9C7DEB126F48/GetJS?url=subscription.expressnews.com(Line 58)
Message:
Refused to load the script 'https://realm.hearst3pcc.com/utility/C3P0_RealmCookie?host=subscription.expressnews.com&operation=create&cb=1686742545114' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' tm.hdmtools.com *.ensighten.com *.hearstnp.com projects.sfchronicle.com files.sfchronicle.com blob: *.2mdn.net adservice.google.co.uk adservice.google.de adservice.google.fr adservice.google.nl adservice.google.it adservice.google.no adservice.google.es adservice.google.ie www.googletagservices.com adservice.google.com cm.g.doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net pagead2.googlesyndication.com content.jwplatform.com ssl.p.jwpcdn.com projects.expressnews.com code.expressnews.com extras.expressnews.com files.expressnews.com www.expressnews.com 'unsafe-eval' *.pixel.parsely.com d1z2jf7jlzjs58.cloudfront.net www.google-analytics.com static.chartbeat.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://nexus.ensighten.com/hearst/news-3p/Bootstrap.js(Line 20)
Message:
Refused to load the script 'https://sb.scorecardresearch.com/beacon.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' tm.hdmtools.com *.ensighten.com *.hearstnp.com projects.sfchronicle.com files.sfchronicle.com blob: *.2mdn.net adservice.google.co.uk adservice.google.de adservice.google.fr adservice.google.nl adservice.google.it adservice.google.no adservice.google.es adservice.google.ie www.googletagservices.com adservice.google.com cm.g.doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net pagead2.googlesyndication.com content.jwplatform.com ssl.p.jwpcdn.com projects.expressnews.com code.expressnews.com extras.expressnews.com files.expressnews.com www.expressnews.com 'unsafe-eval' *.pixel.parsely.com d1z2jf7jlzjs58.cloudfront.net www.google-analytics.com static.chartbeat.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://nexus.ensighten.com/hearst/news-3p/code/748fb4b8d72f93fde3df4404d6981eb0.js?conditionId0=422740(Line 91)
Message:
Refused to load the script 'https://www.googletagmanager.com/gtm.js?id=GTM-WL7KMGG' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' tm.hdmtools.com *.ensighten.com *.hearstnp.com projects.sfchronicle.com files.sfchronicle.com blob: *.2mdn.net adservice.google.co.uk adservice.google.de adservice.google.fr adservice.google.nl adservice.google.it adservice.google.no adservice.google.es adservice.google.ie www.googletagservices.com adservice.google.com cm.g.doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net pagead2.googlesyndication.com content.jwplatform.com ssl.p.jwpcdn.com projects.expressnews.com code.expressnews.com extras.expressnews.com files.expressnews.com www.expressnews.com 'unsafe-eval' *.pixel.parsely.com d1z2jf7jlzjs58.cloudfront.net www.google-analytics.com static.chartbeat.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://nexus.ensighten.com/hearst/news-3p/code/bb835c0e01ebc0c837c9178bcdeee13a.js?conditionId0=4874786(Line 13)
Message:
Refused to load the script 'https://connect.facebook.net/en_US/fbevents.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' tm.hdmtools.com *.ensighten.com *.hearstnp.com projects.sfchronicle.com files.sfchronicle.com blob: *.2mdn.net adservice.google.co.uk adservice.google.de adservice.google.fr adservice.google.nl adservice.google.it adservice.google.no adservice.google.es adservice.google.ie www.googletagservices.com adservice.google.com cm.g.doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net pagead2.googlesyndication.com content.jwplatform.com ssl.p.jwpcdn.com projects.expressnews.com code.expressnews.com extras.expressnews.com files.expressnews.com www.expressnews.com 'unsafe-eval' *.pixel.parsely.com d1z2jf7jlzjs58.cloudfront.net www.google-analytics.com static.chartbeat.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://nexus.ensighten.com/hearst/news-3p/code/bb835c0e01ebc0c837c9178bcdeee13a.js?conditionId0=4874786(Line 14)
Message:
Refused to load the script 'https://www.redditstatic.com/ads/pixel.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' tm.hdmtools.com *.ensighten.com *.hearstnp.com projects.sfchronicle.com files.sfchronicle.com blob: *.2mdn.net adservice.google.co.uk adservice.google.de adservice.google.fr adservice.google.nl adservice.google.it adservice.google.no adservice.google.es adservice.google.ie www.googletagservices.com adservice.google.com cm.g.doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net pagead2.googlesyndication.com content.jwplatform.com ssl.p.jwpcdn.com projects.expressnews.com code.expressnews.com extras.expressnews.com files.expressnews.com www.expressnews.com 'unsafe-eval' *.pixel.parsely.com d1z2jf7jlzjs58.cloudfront.net www.google-analytics.com static.chartbeat.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://nexus.ensighten.com/hearst/news-3p/code/bb835c0e01ebc0c837c9178bcdeee13a.js?conditionId0=4874786(Line 92)
Message:
Refused to load the script 'https://static.ads-twitter.com/uwt.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' tm.hdmtools.com *.ensighten.com *.hearstnp.com projects.sfchronicle.com files.sfchronicle.com blob: *.2mdn.net adservice.google.co.uk adservice.google.de adservice.google.fr adservice.google.nl adservice.google.it adservice.google.no adservice.google.es adservice.google.ie www.googletagservices.com adservice.google.com cm.g.doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net pagead2.googlesyndication.com content.jwplatform.com ssl.p.jwpcdn.com projects.expressnews.com code.expressnews.com extras.expressnews.com files.expressnews.com www.expressnews.com 'unsafe-eval' *.pixel.parsely.com d1z2jf7jlzjs58.cloudfront.net www.google-analytics.com static.chartbeat.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://nexus.ensighten.com/hearst/news-3p/Bootstrap.js(Line 18)
Message:
Refused to load the script 'https://cdn.blueconic.net/hearst.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' tm.hdmtools.com *.ensighten.com *.hearstnp.com projects.sfchronicle.com files.sfchronicle.com blob: *.2mdn.net adservice.google.co.uk adservice.google.de adservice.google.fr adservice.google.nl adservice.google.it adservice.google.no adservice.google.es adservice.google.ie www.googletagservices.com adservice.google.com cm.g.doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net pagead2.googlesyndication.com content.jwplatform.com ssl.p.jwpcdn.com projects.expressnews.com code.expressnews.com extras.expressnews.com files.expressnews.com www.expressnews.com 'unsafe-eval' *.pixel.parsely.com d1z2jf7jlzjs58.cloudfront.net www.google-analytics.com static.chartbeat.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://nexus.ensighten.com/hearst/news-3p/Bootstrap.js(Line 18)
Message:
Refused to load the script 'https://www.googletagmanager.com/gtag/js?id=AW-729822527' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' tm.hdmtools.com *.ensighten.com *.hearstnp.com projects.sfchronicle.com files.sfchronicle.com blob: *.2mdn.net adservice.google.co.uk adservice.google.de adservice.google.fr adservice.google.nl adservice.google.it adservice.google.no adservice.google.es adservice.google.ie www.googletagservices.com adservice.google.com cm.g.doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net pagead2.googlesyndication.com content.jwplatform.com ssl.p.jwpcdn.com projects.expressnews.com code.expressnews.com extras.expressnews.com files.expressnews.com www.expressnews.com 'unsafe-eval' *.pixel.parsely.com d1z2jf7jlzjs58.cloudfront.net www.google-analytics.com static.chartbeat.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://nexus.ensighten.com/hearst/news-3p/Bootstrap.js(Line 18)
Message:
Refused to load the script 'https://cdn.parsely.com/keys/expressnews.com/p.js' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' tm.hdmtools.com *.ensighten.com *.hearstnp.com projects.sfchronicle.com files.sfchronicle.com blob: *.2mdn.net adservice.google.co.uk adservice.google.de adservice.google.fr adservice.google.nl adservice.google.it adservice.google.no adservice.google.es adservice.google.ie www.googletagservices.com adservice.google.com cm.g.doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net pagead2.googlesyndication.com content.jwplatform.com ssl.p.jwpcdn.com projects.expressnews.com code.expressnews.com extras.expressnews.com files.expressnews.com www.expressnews.com 'unsafe-eval' *.pixel.parsely.com d1z2jf7jlzjs58.cloudfront.net www.google-analytics.com static.chartbeat.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://nexus.ensighten.com/hearst/news-3p/Bootstrap.js(Line 18)
Message:
Refused to load the script 'https://js.matheranalytics.com/s/ma86077/712314006/all/ml.js?cb=1627' because it violates the following Content Security Policy directive: "script-src 'self' 'unsafe-inline' 'unsafe-eval' tm.hdmtools.com *.ensighten.com *.hearstnp.com projects.sfchronicle.com files.sfchronicle.com blob: *.2mdn.net adservice.google.co.uk adservice.google.de adservice.google.fr adservice.google.nl adservice.google.it adservice.google.no adservice.google.es adservice.google.ie www.googletagservices.com adservice.google.com cm.g.doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net pagead2.googlesyndication.com content.jwplatform.com ssl.p.jwpcdn.com projects.expressnews.com code.expressnews.com extras.expressnews.com files.expressnews.com www.expressnews.com 'unsafe-eval' *.pixel.parsely.com d1z2jf7jlzjs58.cloudfront.net www.google-analytics.com static.chartbeat.com". Note that 'script-src-elem' was not explicitly set, so 'script-src' is used as a fallback.
security error URL: https://www.google-analytics.com/analytics.js(Line 35)
Message:
Refused to connect to 'https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-1616916-27&cid=1486898938.1686742545&jid=1310875161&gjid=741143737&_gid=1329111709.1686742545&_u=6GBAgEADAAAAAEAOI~&z=276881125' because it violates the following Content Security Policy directive: "connect-src 'self' *.hearstnp.com ampcid.google.com ampcid.google.co.uk ampcid.google.de ampcid.google.fr ampcid.google.nl ampcid.google.it ampcid.google.no ampcid.google.es ampcid.google.ie projects.sfchronicle.com files.sfchronicle.com api.mapbox.com events.mapbox.com api.rainviewer.com tilecache.rainviewer.com securepubads.g.doubleclick.net cdn.jwplayer.com entitlements.jwplayer.com videos-f.jwpsrv.com assets-jpcust.jwpsrv.com projects.expressnews.com code.expressnews.com extras.expressnews.com files.expressnews.com www.expressnews.com".
security error URL: webpack:///./client/utils/fetchOffers.js?(Line 37)
Message:
Refused to connect to 'https://casper-adminv9-prod-dot-eco-cyclist-168716.ue.r.appspot.com/items/offer/867?fields=id,publication_id.publication_code,plans.*,plans.plan_id.status,plans.plan_id.publication_id.publication_code&filter[status][_eq]=published' because it violates the following Content Security Policy directive: "connect-src 'self' *.hearstnp.com ampcid.google.com ampcid.google.co.uk ampcid.google.de ampcid.google.fr ampcid.google.nl ampcid.google.it ampcid.google.no ampcid.google.es ampcid.google.ie projects.sfchronicle.com files.sfchronicle.com api.mapbox.com events.mapbox.com api.rainviewer.com tilecache.rainviewer.com securepubads.g.doubleclick.net cdn.jwplayer.com entitlements.jwplayer.com videos-f.jwpsrv.com assets-jpcust.jwpsrv.com projects.expressnews.com code.expressnews.com extras.expressnews.com files.expressnews.com www.expressnews.com".
javascript error URL: webpack:///./client/utils/fetchOffers.js?(Line 37)
Message:
Refused to connect to 'https://casper-adminv9-prod-dot-eco-cyclist-168716.ue.r.appspot.com/items/offer/867?fields=id,publication_id.publication_code,plans.*,plans.plan_id.status,plans.plan_id.publication_id.publication_code&filter[status][_eq]=published' because it violates the document's Content Security Policy.
security error URL: https://subscription.expressnews.com/offers?offerID=867&siteid=SA_SAEN&origin=em.prospects&variant=juneprintsale_2023&ipid=send3&utm_content=btn1&sid=5bc938ba24c17c1048ad02f1&utm_source=marketing&utm_medium=email&utm_term=juneprintsale_2023&utm_campaign=saen%20%7C%20special%20offers
Message:
Refused to load the image 'https://storage.googleapis.com/hnp-subscription-app-static-files/casper_header/SA_SAEN-logo-header.png' because it violates the following Content Security Policy directive: "img-src 'self' data: *.hdnux.com *.hearstnp.com p.ctpost.com tm.hdmtools.com *.ensighten.com blob: *.2mdn.net stats.g.doubleclick.net cdn.jwplayer.com jwpltx.com assets-jpcust.jwpsrv.com *.basemaps.cartocdn.com projects.expressnews.com code.expressnews.com extras.expressnews.com files.expressnews.com www.expressnews.com *.pixel.parsely.com www.google-analytics.com ping.chartbeat.net".
security error URL: webpack:///./client/utils/fetchOffers.js?(Line 15)
Message:
Refused to connect to 'https://casper-adminv9-prod-dot-eco-cyclist-168716.ue.r.appspot.com/items/default_offer?fields=default_offer_id.*.*,default_offer_id.plans.*,default_offer_id.plans.plan_id.*,default_offer_id.plans.offer_id.*,default_offer_id.plans.plan_id.zip_list_id.*,default_offer_id.plans.plan_id.ncs_campaign_id.*,default_offer_id.plans.plan_id.terms_and_conditions_id.*,default_offer_id.plans.plan_id.ncs_campaign_id.*,default_offer_id.plans.plan_id.rate_code_terms.*,default_offer_id.plans.plan_id.zip_list_id.*,default_offer_id.plans.plan_id.ncs_campaign_id.*,default_offer_id.plans.plan_id.terms_and_conditions_id.*,default_offer_id.plans.plan_id.ncs_campaign_id.*,default_offer_id.plans.plan_id.publication_id.*,default_offer_id.plans.plan_id.rate_code_terms.*' because it violates the following Content Security Policy directive: "connect-src 'self' *.hearstnp.com ampcid.google.com ampcid.google.co.uk ampcid.google.de ampcid.google.fr ampcid.google.nl ampcid.google.it ampcid.google.no ampcid.google.es ampcid.google.ie projects.sfchronicle.com files.sfchronicle.com api.mapbox.com events.mapbox.com api.rainviewer.com tilecache.rainviewer.com securepubads.g.doubleclick.net cdn.jwplayer.com entitlements.jwplayer.com videos-f.jwpsrv.com assets-jpcust.jwpsrv.com projects.expressnews.com code.expressnews.com extras.expressnews.com files.expressnews.com www.expressnews.com".
javascript error URL: webpack:///./client/utils/fetchOffers.js?(Line 15)
Message:
Refused to connect to 'https://casper-adminv9-prod-dot-eco-cyclist-168716.ue.r.appspot.com/items/default_offer?fields=default_offer_id.*.*,default_offer_id.plans.*,default_offer_id.plans.plan_id.*,default_offer_id.plans.offer_id.*,default_offer_id.plans.plan_id.zip_list_id.*,default_offer_id.plans.plan_id.ncs_campaign_id.*,default_offer_id.plans.plan_id.terms_and_conditions_id.*,default_offer_id.plans.plan_id.ncs_campaign_id.*,default_offer_id.plans.plan_id.rate_code_terms.*,default_offer_id.plans.plan_id.zip_list_id.*,default_offer_id.plans.plan_id.ncs_campaign_id.*,default_offer_id.plans.plan_id.terms_and_conditions_id.*,default_offer_id.plans.plan_id.ncs_campaign_id.*,default_offer_id.plans.plan_id.publication_id.*,default_offer_id.plans.plan_id.rate_code_terms.*' because it violates the document's Content Security Policy.
security error URL: webpack:///./client/casper/footer/footer.jsx_+_1_modules?(Line 129)
Message:
Refused to connect to 'https://casper-adminv9-prod-dot-eco-cyclist-168716.ue.r.appspot.com/items/footers_config?fields=*&filter[publication_id][publication_code][_eq]=SA_SAEN' because it violates the following Content Security Policy directive: "connect-src 'self' *.hearstnp.com ampcid.google.com ampcid.google.co.uk ampcid.google.de ampcid.google.fr ampcid.google.nl ampcid.google.it ampcid.google.no ampcid.google.es ampcid.google.ie projects.sfchronicle.com files.sfchronicle.com api.mapbox.com events.mapbox.com api.rainviewer.com tilecache.rainviewer.com securepubads.g.doubleclick.net cdn.jwplayer.com entitlements.jwplayer.com videos-f.jwpsrv.com assets-jpcust.jwpsrv.com projects.expressnews.com code.expressnews.com extras.expressnews.com files.expressnews.com www.expressnews.com".
javascript error URL: webpack:///./client/casper/footer/footer.jsx_+_1_modules?(Line 129)
Message:
Refused to connect to 'https://casper-adminv9-prod-dot-eco-cyclist-168716.ue.r.appspot.com/items/footers_config?fields=*&filter[publication_id][publication_code][_eq]=SA_SAEN' because it violates the document's Content Security Policy.
security error URL: https://subscription.expressnews.com/offers?offerID=867&siteid=SA_SAEN&origin=em.prospects&variant=juneprintsale_2023&ipid=send3&utm_content=btn1&sid=5bc938ba24c17c1048ad02f1&utm_source=marketing&utm_medium=email&utm_term=juneprintsale_2023&utm_campaign=saen%20%7C%20special%20offers
Message:
Refused to load the image 'https://storage.googleapis.com/hnp-subscription-app-static-files/casper_home/SA_SAEN-home1.png' because it violates the following Content Security Policy directive: "img-src 'self' data: *.hdnux.com *.hearstnp.com p.ctpost.com tm.hdmtools.com *.ensighten.com blob: *.2mdn.net stats.g.doubleclick.net cdn.jwplayer.com jwpltx.com assets-jpcust.jwpsrv.com *.basemaps.cartocdn.com projects.expressnews.com code.expressnews.com extras.expressnews.com files.expressnews.com www.expressnews.com *.pixel.parsely.com www.google-analytics.com ping.chartbeat.net".

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ajax.googleapis.com
cdn.blueconic.net
cdn.parsely.com
cdn.seondf.com
connect.facebook.net
fonts.googleapis.com
js.matheranalytics.com
link.expressnews.com
maps.googleapis.com
nexus.ensighten.com
pay.google.com
realm.hearst3pcc.com
realm.hearstnp.com
sailplay.net
sb.scorecardresearch.com
static.ads-twitter.com
stats.g.doubleclick.net
storage.googleapis.com
subscription.expressnews.com
treg.hearstnp.com
www.expressnews.com
www.google-analytics.com
www.googletagmanager.com
www.redditstatic.com
ajax.googleapis.com
cdn.blueconic.net
cdn.parsely.com
cdn.seondf.com
connect.facebook.net
fonts.googleapis.com
js.matheranalytics.com
maps.googleapis.com
pay.google.com
realm.hearst3pcc.com
sailplay.net
sb.scorecardresearch.com
static.ads-twitter.com
stats.g.doubleclick.net
storage.googleapis.com
www.googletagmanager.com
www.redditstatic.com
151.101.64.200
18.66.147.112
188.42.150.4
2a00:1450:4001:802::200e
2a00:1450:4001:80f::200a
2a00:1450:4001:813::200a
2a00:1450:4001:827::200a
2a00:1450:400c:c07::5c
2a06:98c1:3121::3
3.226.166.212
40.70.147.2
081495e3c364ba40dbbe9e43fe1af507755c3b5a861ac7e35bab0dc924cc603c
17a44aa670894b618d8cf2cf80f2d83fca4557cee18b21838a504df117bdc1d3
21e5f4b9c32b3ac79ce48bfd3efe016636306bf7d90b23be9c8271e8ad547101
24b5de47dc0702da75d1eda6efe960533526c959ce9b9e0431156d672047a9ef
3a7bd9c6ae8a721df8b0bd30f436518dc100ec7015bdbd39a5b9c85e00918b6d
42b1cade48b344edfa0c19394bf2d46ececb35db0129711284855c3eccac00ff
453c4a2ca3e1f2b982b73633401e2419b2ae0a3319f39a07aff9b9e8a9660868
49eb2cf916c0aad8821876200de8c052f5a56f623d8a956f81aad230dcdf43d0
5ebdda80c7f59c8f3237e0fa224a491321f544cf109c939141015c75d0f45312
618d6d85334ff2f1da5f2d1c05dbf50c07e8215a2284f9c29269ddb46bffefb5
6317536493860a5844caac3e9004ce83bb0777fca54b06e8bfbe45fb03edac06
65cace5a950d6533072be53144f3cfea5d179b9f74fa18b3d413250495af7fb9
6732594361d262605408ae388c340420fc071c3ed966eb4dd07048084d4bbbf7
74cd102f48c95c8c911121048da6ec17895f6e06fb3e9b4a47573ce81db0daa1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
840b9fe0e472bc664c3f5200723c209dbcb36b01e39ca3c3b36264c933ef986e
8951deb09684788fdeda258ed037877c920ca0ee28980fd33cd64bdcebf92735
9c1ee5cd13600f5140af30e6ab62a8ef544bc00d7e905980e8398c180bfb8734
9c3bc61b0f9659c860c1ca669bacae68ff9b2a977a8f7624cb24792b0a103c78
9cbc12854fcefe3dd700a7931a3fecb55548f1dcfa5338860a92e893660b04fb
a3cf00c109d907e543bc4f6dbc85eb31068f94515251347e9e57509b52ee3d74
a44e2cbaa7f4ce2985ef4ea26dbcd2662c95ad80ee1493bb3559def14c313203
aadeeae33a37d180ab270d5d8cede5913b2f561b3f5d489703eb7d97a3b3c7a2
ab2db8240f19c75ed157367434cc274b496855d589a043dce03fab9a29403b61
aee03ad485e14bcef2839940268a597c05799802c56282d63cd13230554b5d32
b1cea977d19c766cfd57ffbeedaf892bfdeec1c2a9f5d4f478a5772d572d3a74
cdaf1ffa6d56b2d6d8b455b60b90b989e1217910232796a9c20e6341114b014b
d24d56cea19cf68948b4f9e985990851d4cb67fba1f106d3ccc632e7bb3d5f67
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47c8dc6d75dbe564bcff63e08602d89948f1f3367b395e152d65ea8fc423bd5
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
eb752bc50264e20fb3409303a4ddacd0bf9528f9abbfa01bb7732821ac1caf4a