urlscan.io logo urlscan.io
SecurityTrails logo

www.sonomamag.com Open in urlscan Pro
52.52.12.191  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://www.sonomamag.com/
Effective URL: https://www.sonomamag.com/
Submission: On November 04 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 81 IPs in 10 countries across 72 domains to perform 380 HTTP transactions. The main IP is 52.52.12.191, located in San Jose, United States and belongs to AMAZON-02, US. The main domain is www.sonomamag.com. The Cisco Umbrella rank of the primary domain is 809739.
TLS certificate: Issued by Thawte TLS RSA CA G1 on August 4th 2023. Valid for: a year.
This is the only time www.sonomamag.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 5 52.52.12.191 16509 (AMAZON-02)
7 2a00:1450:400... 15169 (GOOGLE)
1 65.108.188.9 24940 (HETZNER-AS)
49 2600:9000:264... 16509 (AMAZON-02)
2 2a02:26f0:480... 20940 (AKAMAI-ASN1)
11 2606:4700::68... 13335 (CLOUDFLAR...)
9 2606:2800:233... 15133 (EDGECAST)
1 23.212.213.167 16625 (AKAMAI-AS)
7 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:264... 16509 (AMAZON-02)
8 2a03:2880:f08... 32934 (FACEBOOK)
30 2a00:1450:400... 15169 (GOOGLE)
3 13.224.192.181 16509 (AMAZON-02)
1 2a04:4e42:400... 54113 (FASTLY)
2 2a00:1450:400... 15169 (GOOGLE)
1 2 107.178.250.234 15169 (GOOGLE)
12 184.169.129.237 16509 (AMAZON-02)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
8 2a00:1450:400... 15169 (GOOGLE)
1 99.86.4.128 16509 (AMAZON-02)
4 184.30.211.26 16625 (AKAMAI-AS)
4 2a03:2880:f17... 32934 (FACEBOOK)
8 2001:4860:480... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
2 2606:2800:133... 15133 (EDGECAST)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 104.26.5.15 13335 (CLOUDFLAR...)
1 34.198.220.199 14618 (AMAZON-AES)
6 3.223.39.7 14618 (AMAZON-AES)
11 13.32.119.77 16509 (AMAZON-02)
3 54.219.243.149 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
3 151.101.2.132 54113 (FASTLY)
7 2a00:1450:400... 15169 (GOOGLE)
2 184.30.17.133 16625 (AKAMAI-AS)
26 2a00:1450:400... 15169 (GOOGLE)
1 10 2a00:1450:400... 15169 (GOOGLE)
15 2a00:1450:400... 15169 (GOOGLE)
9 52.73.21.116 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
2 54.231.202.121 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
4 3.224.31.117 14618 (AMAZON-AES)
11 23.53.42.130 20940 (AKAMAI-ASN1)
6 23.53.42.114 20940 (AKAMAI-ASN1)
6 34.237.233.44 14618 (AMAZON-AES)
1 23.32.184.192 16625 (AKAMAI-AS)
2 13 172.64.151.101 13335 (CLOUDFLAR...)
3 4 193.108.153.21 20940 (AKAMAI-ASN1)
1 81.17.55.123 60781 (LEASEWEB-...)
2 2 34.98.64.218 396982 (GOOGLE-CL...)
1 54.90.248.117 14618 (AMAZON-AES)
4 4 46.228.174.117 56396 (AMOBEE)
1 1 2001:678:cb4:... 56396 (AMOBEE)
3 3 185.89.210.46 29990 (ASN-APPNEX)
1 216.52.2.39 30282 (AS-INAPCD...)
6 192.96.200.17 30633 (LEASEWEB-...)
1 52.202.161.16 14618 (AMAZON-AES)
1 185.64.190.78 62713 (AS-PUBMATIC)
2 2 172.217.18.2 15169 (GOOGLE)
1 2 52.46.130.91 16509 (AMAZON-02)
4 3.33.220.150 16509 (AMAZON-02)
1 52.28.119.39 16509 (AMAZON-02)
1 1 34.160.19.107 15169 (GOOGLE)
1 1 2620:116:800d... 16509 (AMAZON-02)
1 1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 18.134.84.22 16509 (AMAZON-02)
2 162.19.138.83 16276 (OVH)
3 162.19.138.116 16276 (OVH)
5 2a00:1450:400... 15169 (GOOGLE)
2 13.69.106.215 8075 (MICROSOFT...)
1 2 217.182.178.224 16276 (OVH)
2 23.19.226.132 396362 (LEASEWEB-...)
1 2a02:26f0:780... 20940 (AKAMAI-ASN1)
1 34.120.133.55 396982 (GOOGLE-CL...)
1 52.19.8.73 16509 (AMAZON-02)
1 18.198.93.74 16509 (AMAZON-02)
1 69.173.144.137 26667 (RUBICONPR...)
1 185.86.138.16 201081 (SMARTADSE...)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 184.30.22.30 ()
2 104.18.38.76 ()
1 69.173.144.139 ()
1 2a05:d018:d29... ()
2 2 37.157.6.243 ()
1 1 35.186.193.173 ()
1 2 52.209.134.254 ()
1 63.251.232.165 ()
380 81
5    52.52.12.191 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-52-12-191.us-west-1.compute.amazonaws.com
www.sonomamag.com
7    2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    65.108.188.9 (Helsinki, Finland)

ASN24940 (HETZNER-AS, DE)
PTR: static.9.188.108.65.clients.your-server.de
cdn.cookie-script.com
49    2600:9000:2644:cc00:5:5a52:9000:21 (United States)

ASN16509 (AMAZON-02, US)
d1sve9khgp0cw0.cloudfront.net
2    2a02:26f0:480:f::213:7ee1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
use.typekit.net
p.typekit.net
11    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
9    2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)
loader-cdn.azureedge.net
cdn.wgchrrammzv.com
cdn.mircheigeshoa.com
cdn.o1ych4jb.com
cdn.pranmcpkx.com
1    23.212.213.167 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-213-167.deploy.static.akamaitechnologies.com
s.ntv.io
7    2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
2    2600:9000:2646:1200:18:1fcd:353:c61 (United States)

ASN16509 (AMAZON-02, US)
static.chartbeat.com
8    2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
30    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
3    13.224.192.181 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-192-181.fra2.r.cloudfront.net
c.amazon-adsystem.com
1    2a04:4e42:400::282 (United States)

ASN54113 (FASTLY, US)
polyfill.io
2    2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pubads.g.doubleclick.net
2    107.178.250.234 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 234.250.178.107.bc.googleusercontent.com
js.matheranalytics.com
12    184.169.129.237 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-184-169-129-237.us-west-1.compute.amazonaws.com
newsletter.sonomamag.com
2    2606:4700:20::ac43:4af5 (United States)

ASN13335 (CLOUDFLARENET, US)
tru.am
2    2606:4700::6813:d483 (United States)

ASN13335 (CLOUDFLARENET, US)
www.lightboxcdn.com
8    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    99.86.4.128 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-128.fra6.r.cloudfront.net
config.aps.amazon-adsystem.com
4    184.30.211.26 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-211-26.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
4    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
8    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
3    2a00:1450:400c:c06::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
3    2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)
az416426.vo.msecnd.net
1    2a02:fa8:8806:16::1460 (Singapore)

ASN41041 (VCLK-EU-SE, US)
proc.ad.cpe.dotomi.com
1    104.26.5.15 (None, )

ASN13335 (CLOUDFLARENET, US)
api-mg2.db-ip.com
1    34.198.220.199 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-198-220-199.compute-1.amazonaws.com
ping.chartbeat.net
6    3.223.39.7 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-223-39-7.compute-1.amazonaws.com
jadserve.postrelease.com
11    13.32.119.77 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-119-77.fra60.r.cloudfront.net
aax.amazon-adsystem.com
3    54.219.243.149 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-219-243-149.us-west-1.compute.amazonaws.com
cdn.pressdemocrat.com
1    2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
d82f6a585ccfe6f5ee3005553abad2f4.safeframe.googlesyndication.com
3    151.101.2.132 (United States)

ASN54113 (FASTLY, US)
player.ex.co
7    2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
2    184.30.17.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a184-30-17-133.deploy.static.akamaitechnologies.com
z.moatads.com
s-jsonp.moatads.com
26    2a00:1450:4001:830::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
10    2a00:1450:4001:828::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
15    2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
9    52.73.21.116 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-73-21-116.compute-1.amazonaws.com
www.i.matheranalytics.com
1    2a00:1450:4001:80b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    54.231.202.121 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com
paywall-ad-bucket.s3.amazonaws.com
1    2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    3.224.31.117 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-224-31-117.compute-1.amazonaws.com
collector.ex.co
11    23.53.42.130 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-53-42-130.deploy.static.akamaitechnologies.com
mcd.ex.co
6    23.53.42.114 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-53-42-114.deploy.static.akamaitechnologies.com
cdn.ex.co
6    34.237.233.44 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-233-44.compute-1.amazonaws.com
sync.ex.co
1    23.32.184.192 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-184-192.deploy.static.akamaitechnologies.com
ads.pubmatic.com
13    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
htlb.casalemedia.com
4    193.108.153.21 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a193-108-153-21.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
1    81.17.55.123 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
ssbsync-global.smartadserver.com
2    34.98.64.218 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 218.64.98.34.bc.googleusercontent.com
u.openx.net
1    54.90.248.117 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-90-248-117.compute-1.amazonaws.com
vop.sundaysky.com
4    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
3    185.89.210.46 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
1    216.52.2.39 (New York, United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
6    192.96.200.17 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
p.channelexco.com
s-09.channelexco.com
1    52.202.161.16 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-202-161-16.compute-1.amazonaws.com
gpv.ex.co
1    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
2    172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net
cm.g.doubleclick.net
2    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
4    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
1    52.28.119.39 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-119-39.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    34.160.19.107 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 107.19.160.34.bc.googleusercontent.com
dmp.brand-display.com
1    2620:116:800d:21:7eb1:3826:be7e:d981 (United States)

ASN16509 (AMAZON-02, US)
cms.quantserve.com
1    2a02:fa8:8806:20::2010 (Singapore)

ASN41041 (VCLK-EU-SE, US)
casale-match.dotomi.com
1    18.134.84.22 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-134-84-22.eu-west-2.compute.amazonaws.com
1f2e7.v.fwmrm.net
2    162.19.138.83 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31532338.ip-162-19-138.eu
lb.eu-1-id5-sync.com
3    162.19.138.116 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533567.ip-162-19-138.eu
id5-sync.com
5    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
2    13.69.106.215 (Amsterdam, Netherlands)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
dc.services.visualstudio.com
2    217.182.178.224 (France)

ASN16276 (OVH, FR)
PTR: ip224.ip-217-182-178.eu
www9.smartadserver.com
2    23.19.226.132 (New York, United States)

ASN396362 (LEASEWEB-USA-NYC, US)
e.channelexco.com
1    2a02:26f0:780::210:ca73 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
creatives.sascdn.com
1    34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
1    52.19.8.73 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-8-73.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net
1    18.198.93.74 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-93-74.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
1    69.173.144.137 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
prebid-server.rubiconproject.com
1    185.86.138.16 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
2    2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
1    2a00:1450:4001:827::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
2    184.30.22.30 (None, )

ASN- ()
eus.rubiconproject.com
2    104.18.38.76 (None, )

ASN- ()
js-sec.indexww.com
cdn.indexww.com
1    69.173.144.139 (None, )

ASN- ()
token.rubiconproject.com
1    2a05:d018:d29:3605:1d34:e0a9:a5ed:8538 (None, )

ASN- ()
pr-bh.ybp.yahoo.com
2    37.157.6.243 (None, )

ASN- ()
c1.adform.net
1    35.186.193.173 (None, )

ASN- ()
cm.ctnsnet.com
2    52.209.134.254 (None, )

ASN- ()
dpm.demdex.net
1    63.251.232.165 (None, )

ASN- ()
cm.adgrx.com
Apex Domain
Subdomains		 Transfer
49 cloudfront.net
d1sve9khgp0cw0.cloudfront.net
892 KB
38 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
pubads.g.doubleclick.net — Cisco Umbrella Rank: 401
stats.g.doubleclick.net — Cisco Umbrella Rank: 78
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
cm.g.doubleclick.net — Cisco Umbrella Rank: 245
328 KB
32 googlesyndication.com
d82f6a585ccfe6f5ee3005553abad2f4.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 149
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
551 KB
31 ex.co
player.ex.co — Cisco Umbrella Rank: 11644
collector.ex.co — Cisco Umbrella Rank: 11301
mcd.ex.co — Cisco Umbrella Rank: 17426
cdn.ex.co — Cisco Umbrella Rank: 12222
sync.ex.co — Cisco Umbrella Rank: 12875
gpv.ex.co — Cisco Umbrella Rank: 12931
1 MB
18 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3040
www.google.com — Cisco Umbrella Rank: 2
988 B
17 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 306
config.aps.amazon-adsystem.com — Cisco Umbrella Rank: 598
aax.amazon-adsystem.com — Cisco Umbrella Rank: 394
s.amazon-adsystem.com — Cisco Umbrella Rank: 310
77 KB
17 sonomamag.com
www.sonomamag.com — Cisco Umbrella Rank: 809739
newsletter.sonomamag.com
100 KB
15 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 406
310 KB
13 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 486
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 625
dsum.casalemedia.com — Cisco Umbrella Rank: 1396
htlb.casalemedia.com — Cisco Umbrella Rank: 511
9 KB
11 matheranalytics.com
js.matheranalytics.com — Cisco Umbrella Rank: 11441
www.i.matheranalytics.com — Cisco Umbrella Rank: 11241
46 KB
11 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 223
207 KB
9 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
imasdk.googleapis.com — Cisco Umbrella Rank: 447
371 KB
8 channelexco.com
p.channelexco.com — Cisco Umbrella Rank: 12936
s-09.channelexco.com — Cisco Umbrella Rank: 84146
e.channelexco.com — Cisco Umbrella Rank: 11815
a.channelexco.com Failed
18 KB
8 gstatic.com
fonts.gstatic.com
csi.gstatic.com Failed
155 KB
8 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 174
359 KB
7 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 212
416 KB
7 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
621 KB
6 postrelease.com
jadserve.postrelease.com — Cisco Umbrella Rank: 1122
4 KB
5 pranmcpkx.com
cdn.pranmcpkx.com — Cisco Umbrella Rank: 29179
267 KB
4 rubiconproject.com
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 776
eus.rubiconproject.com
token.rubiconproject.com
15 KB
4 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 353
867 B
4 smartadserver.com
ssbsync-global.smartadserver.com — Cisco Umbrella Rank: 1511
www9.smartadserver.com — Cisco Umbrella Rank: 13866
prg.smartadserver.com — Cisco Umbrella Rank: 1611
2 KB
4 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 566
3 KB
4 facebook.com
www.facebook.com — Cisco Umbrella Rank: 110
272 B
4 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1155
106 KB
3 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 440
1 KB
3 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 495
2 KB
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 567
2 KB
3 pressdemocrat.com
cdn.pressdemocrat.com — Cisco Umbrella Rank: 291118
25 KB
3 google.de
www.google.de — Cisco Umbrella Rank: 6862
578 B
2 demdex.net
dpm.demdex.net
2 KB
2 adform.net
c1.adform.net
1 KB
2 indexww.com
js-sec.indexww.com
cdn.indexww.com
2 KB
2 visualstudio.com
dc.services.visualstudio.com — Cisco Umbrella Rank: 793
601 B
2 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 928
553 B
2 openx.net
u.openx.net — Cisco Umbrella Rank: 659
668 B
2 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 534
image6.pubmatic.com — Cisco Umbrella Rank: 823
6 KB
2 amazonaws.com
paywall-ad-bucket.s3.amazonaws.com — Cisco Umbrella Rank: 35818
2 KB
2 moatads.com
z.moatads.com — Cisco Umbrella Rank: 647
s-jsonp.moatads.com — Cisco Umbrella Rank: 17059
55 KB
2 dotomi.com
proc.ad.cpe.dotomi.com — Cisco Umbrella Rank: 2650
casale-match.dotomi.com — Cisco Umbrella Rank: 3027
645 B
2 msecnd.net
az416426.vo.msecnd.net — Cisco Umbrella Rank: 2383
44 KB
2 lightboxcdn.com
www.lightboxcdn.com — Cisco Umbrella Rank: 5477
2 KB
2 tru.am
tru.am — Cisco Umbrella Rank: 4461
12 KB
2 chartbeat.com
static.chartbeat.com — Cisco Umbrella Rank: 1585
26 KB
2 typekit.net
use.typekit.net — Cisco Umbrella Rank: 506
p.typekit.net — Cisco Umbrella Rank: 621
1 KB
1 adgrx.com
cm.adgrx.com
283 B
1 ctnsnet.com
cm.ctnsnet.com
443 B
1 yahoo.com
pr-bh.ybp.yahoo.com
602 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 300
17 KB
1 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 984
159 B
1 crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 2498
318 B
1 rlcdn.com
api.rlcdn.com — Cisco Umbrella Rank: 957
254 B
1 sascdn.com
creatives.sascdn.com — Cisco Umbrella Rank: 12047
388 B
1 fwmrm.net
1f2e7.v.fwmrm.net — Cisco Umbrella Rank: 3766
595 B
1 quantserve.com
cms.quantserve.com — Cisco Umbrella Rank: 764
504 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 1608
349 B
1 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 351
146 B
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 683
277 B
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1268
489 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 851
434 B
1 sundaysky.com
vop.sundaysky.com — Cisco Umbrella Rank: 2704
365 B
1 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
1 chartbeat.net
ping.chartbeat.net — Cisco Umbrella Rank: 1376
201 B
1 db-ip.com
api-mg2.db-ip.com — Cisco Umbrella Rank: 23722
772 B
1 o1ych4jb.com
cdn.o1ych4jb.com — Cisco Umbrella Rank: 52818
48 KB
1 mircheigeshoa.com
cdn.mircheigeshoa.com — Cisco Umbrella Rank: 47540
23 KB
1 wgchrrammzv.com
cdn.wgchrrammzv.com — Cisco Umbrella Rank: 42338
2 KB
1 polyfill.io
polyfill.io — Cisco Umbrella Rank: 1329
611 B
1 ntv.io
s.ntv.io — Cisco Umbrella Rank: 3638
163 KB
1 azureedge.net
loader-cdn.azureedge.net — Cisco Umbrella Rank: 28037
12 KB
1 cookie-script.com
cdn.cookie-script.com — Cisco Umbrella Rank: 26997
26 KB
0 rezync.com Failed
live.rezync.com Failed
380 72
Domain Requested by
49 d1sve9khgp0cw0.cloudfront.net www.sonomamag.com
d1sve9khgp0cw0.cloudfront.net
30 securepubads.g.doubleclick.net d1sve9khgp0cw0.cloudfront.net
securepubads.g.doubleclick.net
www.sonomamag.com
www.googletagservices.com
26 tpc.googlesyndication.com securepubads.g.doubleclick.net
www.sonomamag.com
tpc.googlesyndication.com
15 cdn.ampproject.org securepubads.g.doubleclick.net
12 newsletter.sonomamag.com www.sonomamag.com
d1sve9khgp0cw0.cloudfront.net
newsletter.sonomamag.com
11 mcd.ex.co www.sonomamag.com
az416426.vo.msecnd.net
11 aax.amazon-adsystem.com c.amazon-adsystem.com
11 cdnjs.cloudflare.com www.sonomamag.com
cdnjs.cloudflare.com
newsletter.sonomamag.com
10 www.google.com 1 redirects securepubads.g.doubleclick.net
www.sonomamag.com
tpc.googlesyndication.com
9 www.i.matheranalytics.com www.sonomamag.com
8 region1.analytics.google.com www.googletagmanager.com
8 fonts.gstatic.com fonts.googleapis.com
8 connect.facebook.net www.sonomamag.com
connect.facebook.net
newsletter.sonomamag.com
7 www.googletagservices.com securepubads.g.doubleclick.net
7 www.googletagmanager.com www.sonomamag.com
www.googletagmanager.com
newsletter.sonomamag.com
cdn.o1ych4jb.com
7 fonts.googleapis.com www.sonomamag.com
newsletter.sonomamag.com
securepubads.g.doubleclick.net
client
6 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
6 sync.ex.co cdn.ex.co
www.sonomamag.com
ssum-sec.casalemedia.com
ads.stickyadstv.com
6 cdn.ex.co player.ex.co
cdn.ex.co
6 jadserve.postrelease.com s.ntv.io
www.sonomamag.com
5 pagead2.googlesyndication.com az416426.vo.msecnd.net
tpc.googlesyndication.com
imasdk.googleapis.com
5 p.channelexco.com cdn.ex.co
az416426.vo.msecnd.net
5 cdn.pranmcpkx.com loader-cdn.azureedge.net
cdn.pranmcpkx.com
5 www.sonomamag.com 1 redirects www.sonomamag.com
4 match.adsrvr.org ssum-sec.casalemedia.com
ads.stickyadstv.com
cdn.ex.co
4 ads.stickyadstv.com 3 redirects cdn.ex.co
4 ssum-sec.casalemedia.com 1 redirects cdn.ex.co
ssum-sec.casalemedia.com
js-sec.indexww.com
4 collector.ex.co az416426.vo.msecnd.net
4 www.facebook.com www.sonomamag.com
newsletter.sonomamag.com
4 secure.cdn.fastclick.net www.sonomamag.com
secure.cdn.fastclick.net
3 id5-sync.com az416426.vo.msecnd.net
cdn.ex.co
3 secure.adnxs.com 3 redirects
3 sync.1rx.io 3 redirects
3 player.ex.co www.sonomamag.com
player.ex.co
3 cdn.pressdemocrat.com newsletter.sonomamag.com
3 www.google.de www.sonomamag.com
newsletter.sonomamag.com
3 stats.g.doubleclick.net www.googletagmanager.com
3 c.amazon-adsystem.com d1sve9khgp0cw0.cloudfront.net
c.amazon-adsystem.com
2 dpm.demdex.net 1 redirects ssum-sec.casalemedia.com
2 c1.adform.net 2 redirects
2 eus.rubiconproject.com cdn.ex.co
eus.rubiconproject.com
2 imasdk.googleapis.com cdn.ex.co
imasdk.googleapis.com
2 e.channelexco.com cdn.ex.co
2 www9.smartadserver.com 1 redirects
2 dc.services.visualstudio.com az416426.vo.msecnd.net
2 lb.eu-1-id5-sync.com az416426.vo.msecnd.net
cdn.ex.co
2 dsum.casalemedia.com ssum-sec.casalemedia.com
2 s.amazon-adsystem.com 1 redirects ssum-sec.casalemedia.com
2 cm.g.doubleclick.net 2 redirects
2 u.openx.net 2 redirects
2 paywall-ad-bucket.s3.amazonaws.com www.sonomamag.com
2 az416426.vo.msecnd.net loader-cdn.azureedge.net
cdn.pranmcpkx.com
2 www.lightboxcdn.com www.sonomamag.com
2 tru.am www.sonomamag.com
tru.am
2 js.matheranalytics.com 1 redirects www.sonomamag.com
2 pubads.g.doubleclick.net www.sonomamag.com
imasdk.googleapis.com
2 static.chartbeat.com www.sonomamag.com
1 cdn.indexww.com ssum-sec.casalemedia.com
1 cm.adgrx.com ssum-sec.casalemedia.com
1 cm.ctnsnet.com 1 redirects
1 pr-bh.ybp.yahoo.com ssum-sec.casalemedia.com
1 token.rubiconproject.com eus.rubiconproject.com
1 js-sec.indexww.com cdn.ex.co
1 s0.2mdn.net imasdk.googleapis.com
1 prg.smartadserver.com cdn.ex.co
1 htlb.casalemedia.com cdn.ex.co
1 prebid-server.rubiconproject.com cdn.ex.co
1 btlr.sharethrough.com cdn.ex.co
1 id.crwdcntrl.net cdn.ex.co
1 api.rlcdn.com cdn.ex.co
1 creatives.sascdn.com
1 s-09.channelexco.com www.sonomamag.com
1 1f2e7.v.fwmrm.net 1 redirects
1 casale-match.dotomi.com 1 redirects
1 cms.quantserve.com 1 redirects
1 dmp.brand-display.com 1 redirects
1 x.bidswitch.net ssum-sec.casalemedia.com
1 image6.pubmatic.com ads.pubmatic.com
1 gpv.ex.co cdn.ex.co
1 ap.lijit.com www.sonomamag.com
1 sync.targeting.unrulymedia.com 1 redirects
1 ad.turn.com 1 redirects
1 vop.sundaysky.com www.sonomamag.com
1 ssbsync-global.smartadserver.com cdn.ex.co
1 ads.pubmatic.com cdn.ex.co
1 www.google-analytics.com www.googletagmanager.com
1 googleads.g.doubleclick.net www.sonomamag.com
1 s-jsonp.moatads.com www.sonomamag.com
1 z.moatads.com s.ntv.io
1 d82f6a585ccfe6f5ee3005553abad2f4.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 ping.chartbeat.net www.sonomamag.com
1 api-mg2.db-ip.com cdn.mircheigeshoa.com
1 proc.ad.cpe.dotomi.com secure.cdn.fastclick.net
1 cdn.o1ych4jb.com loader-cdn.azureedge.net
1 cdn.mircheigeshoa.com loader-cdn.azureedge.net
1 config.aps.amazon-adsystem.com c.amazon-adsystem.com
1 cdn.wgchrrammzv.com loader-cdn.azureedge.net
1 polyfill.io loader-cdn.azureedge.net
1 p.typekit.net use.typekit.net
1 s.ntv.io www.sonomamag.com
1 loader-cdn.azureedge.net www.sonomamag.com
1 use.typekit.net www.sonomamag.com
1 cdn.cookie-script.com www.sonomamag.com
0 a.channelexco.com Failed
0 live.rezync.com Failed ssum-sec.casalemedia.com
0 csi.gstatic.com Failed imasdk.googleapis.com
380 106
Subject Issuer Validity Valid
pressdemocrat.com
Thawte TLS RSA CA G1		 2023-08-04 -
2024-09-03		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.cookie-script.com
Sectigo RSA Domain Validation Secure Server CA		 2023-09-11 -
2024-07-25		 10 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2023-10-10 -
2024-09-19		 a year crt.sh
use.typekit.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-21 -
2024-10-21		 a year crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-07-03 -
2024-07-02		 a year crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2023-07-16 -
2024-07-16		 a year crt.sh
*.ntv.io
DigiCert TLS RSA SHA256 2020 CA1		 2023-08-28 -
2024-08-28		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.chartbeat.com
Thawte TLS RSA CA G1		 2023-05-16 -
2024-06-06		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-08-13 -
2023-11-11		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
polyfill.io
Certainly Intermediate R1		 2023-10-23 -
2023-11-22		 a month crt.sh
lightboxcdn.com
Cloudflare Inc ECC CA-3		 2023-10-09 -
2024-10-08		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
sni2bf2bgl.wpc.edgecastcdn.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-03 -
2024-10-03		 a year crt.sh
config.aps.amazon-adsystem.com
Amazon RSA 2048 M02		 2023-02-20 -
2024-03-20		 a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-03 -
2024-10-03		 a year crt.sh
www.google.de
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
sni2bf2fgl.wpc.edgecastcdn.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-03 -
2024-10-03		 a year crt.sh
sni2d7c7gl.wpc.edgecastcdn.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-17 -
2024-02-17		 a year crt.sh
sni2bf2agl.wpc.edgecastcdn.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-03 -
2024-10-03		 a year crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-06-09 -
2024-07-10		 a year crt.sh
*.chartbeat.net
Thawte RSA CA 2018		 2022-12-19 -
2023-12-30		 a year crt.sh
*.postrelease.com
Amazon RSA 2048 M02		 2023-10-27 -
2024-11-23		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
*.ex.co
Go Daddy Secure Certificate Authority - G2		 2023-06-08 -
2024-07-09		 a year crt.sh
moatads.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-10-25 -
2024-10-24		 a year crt.sh
*.google.de
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
www.i.matheranalytics.com
Amazon RSA 2048 M01		 2023-03-02 -
2024-01-13		 10 months crt.sh
*.s3.amazonaws.com
Amazon RSA 2048 M01		 2023-10-10 -
2024-07-03		 9 months crt.sh
cdn.ex.co
R3		 2023-10-25 -
2024-01-23		 3 months crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-25 -
2024-01-24		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-16 -
2024-04-16		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.sundaysky.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-06-11 -
2024-07-11		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
*.channelexco.com
R3		 2023-10-03 -
2024-01-01		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
*.id5-sync.com
R3		 2023-11-01 -
2024-01-30		 3 months crt.sh
in.applicationinsights.azure.com
Microsoft Azure RSA TLS Issuing CA 07		 2023-09-02 -
2024-08-27		 a year crt.sh
*.sascdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-07-14 -
2024-07-17		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M02		 2023-10-08 -
2024-11-06		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
indexww.com
Cloudflare Inc ECC CA-3		 2023-09-05 -
2024-09-03		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-29 -
2024-02-21		 6 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh

This page contains 30 frames:

Primary Page: https://www.sonomamag.com/
Frame ID: 616D7BE4F5DC47EC7D9E5BE99D19F6FA
Requests: 200 HTTP requests in this frame

Frame: https://newsletter.sonomamag.com/framed/smag/inline/b5a5fb7f64e61dfa271df912c7bbfa8f?pref=smag_cork-fork&fid=5232
Frame ID: 819F2DBAAE9D046C7DAF41FABE92FC47
Requests: 14 HTTP requests in this frame

Frame: https://newsletter.sonomamag.com/framed/smag/inline/b5a5fb7f64e61dfa271df912c7bbfa8f?pref=smag_cork-fork&fid=5798
Frame ID: 1410F1C72C414F759A0EEE6D0BEC6EA3
Requests: 16 HTTP requests in this frame

Frame: https://newsletter.sonomamag.com/framed/subscribe/c436dadced448bd5c492ca666ecde2a4&fid=8843
Frame ID: 702824705D4F21201E5AD01E87A625FD
Requests: 13 HTTP requests in this frame

Frame: https://d82f6a585ccfe6f5ee3005553abad2f4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 17961FEBD5320D517A0EC87052B021F2
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssyDGoWVQpLhmdp3xY8BQ-OIL_YEdnT3pakY7jKx7zD10tVGW2UNPvKAmh7YHL2B77hWOrdLG1pqS9eai3_MDJPJGwAlTLhiu3Ka0wSygaxoTRCuCWhlWNF_u3UJ6YQ8WR8_5TUB15n0axgGQxSS6lQvNm5wxTEIQvoyRz1hAN7WZNL0SW7VBuqS8RTo3_XV7xhLIrMGjP4Zkn3HwzyS6Sjw5xerStwvlgZw_h0GRn3LXPqgS2zloQiBh3M9KEtaoIXY739xRZfRTxt4oxXjQUT-uyOxaJxFc-gfWEjVGpmlHR4E1PedHJ8bD6Jeiqqew&sai=AMfl-YT9aMO3NpYaqduGecPrA0ABs1QE7zLTJXhzQUfBOnh-SeM0lOHzW20QtgcwgjW6aC3J598Z5d1cwWsryNcyzlxA4zhmcyORhXduu--rXNAyNwvdW-aQzDxuywVKRA&sig=Cg0ArKJSzBwT68nTIU53EAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: 838B0735D99D189CC9858B5EE7990113
Requests: 5 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssa081pFAJSmyT1u3XbgzsHOWLrMD5HsV_h34DpYyB99UxU0mktU9acBDBN5hvZsUlJtsCiTE6iZpvl2gOFJC0RDW8l7c5zB_aoOjRmSf1Pj9lWoN6GaGiTmDPdJmhbjSw1Q5hHhbgCh41DjxaqaWM0nJf9QewacdrYs8obWt0WtGRMCW-klb-V3KE9WyIEA8-NEJRdAznxKpYgadRNlX8fitEQuX1bWGo84Mt0cMGIxAIhRQZ-aLr9qK5h2FehZ5zV8VX-wl43u_vik4JEicIFvPN2yDNCNRlmFDIWnf1SC3a7FPSFbjxFJOadZleciEbMpdnAZr-jgdGYmtHOMDZJslHiu_7MTyI&sai=AMfl-YRaTxUp9YccextlDji8OWwULdgsuhyQBFKHW5z3lKfQhJ3bXxLqwk5AhmDG2_oNIUOxFeuonviiXDwHf9m8Hed5LnjR1xmiwxt6BdNRH8JtTXA8s7hI8gGXbMtpGLo&sig=Cg0ArKJSzGz6yYP2iratEAE&uach_m=[UACH]&adurl=
Frame ID: 80449D7FDC352903CA3FF6C735E76592
Requests: 6 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvF3mebvAaDsU5M77zT-RAAPIbDzQcf2V3NjA0h7CSh6sMh0Tn71VznUSC-ReBTfUmHiF3EqqJrD2DCmCWUb1d-HFDyYka8jVqYMjoy4tOYuwfDWrrELOHnUVpCd26FylPb3H-Zs_IMZhN4WP3Y4BMuj3PNh844uck0oi6AOz7IhYFSguYfopMyfwdMNlQvaXZAev34YQ0xj_CTPQgq1px2NsksKVH8i1h9H_f1wq8lDggL3UzzTsil_oy4b2fgyoBEYF4Rflu-cUjbDKPLk_lFjtQWmBp1yrQIY1BIXIKpbTttSMk36xMnqrs7sVA5L33-0vSGqckh-Ck-BaZY2BEUgpgPqyjGZDo&sai=AMfl-YRLHCYI-zBusy7_p4MaQTJ7d0fXJ4pvO57c94CXlRfSRSb9Pu9Mqbpmu8BkMpPUQE61_cFXLo0-yMKpfFiHHq6sT9XlDuotTofqo5NyOzPGqrufZmqwrbmHm8DKeg&sig=Cg0ArKJSzHHTjvM-CKAuEAE&uach_m=[UACH]&adurl=
Frame ID: EAAEF484DD25CB0EE6DB7EBC93FCF83A
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssmLMZCoEUtR7HbydecBNV-xBdTZNVE2x7YHKzbkB48djCMtdiaGOY7HOpPIKEfTaXI11KkoUz-lEO10P4zWw2221a4HtJWzHSplZ-DP1K3vxE_6Uech-ITNwBWgn3PoYGqa6e2JLw7Jn6OFz3eTv8WD-I-2MFkYS6U7Sk1bvMvjvwAWeAjpl6krH7lg7xUzl9Pv-5KvKCxoprmXwWI75n9fApLAlnaXmo2uq15xE3_BxEapOuBZ6FPdnSME06jQf96BrLUt8jPrQ7vq6yGBbyKL3xIDIotyy4e5V2o6pXy3fDSqQbDhNkXG3c_zRFLeNKF40XKXKyJ8cVdIYNCi0HWWUgwajDxDMw&sai=AMfl-YQt-YejVXl9JNWSCdm9w0yV42Kgm3e9EZuFitP4scP2gdtjjvfFlq3Ai_VyRWm_t1mPBkKECX5dO30bJ9apG_8SsKpDV6byZhnZnEjOBE2ClJQYTjcn1qjSsMSYcQ&sig=Cg0ArKJSzOdbyaMQo0sbEAE&uach_m=[UACH]&adurl=
Frame ID: 9C820BE90965CAA78308C48DB767BD7C
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss2zRnjhhqmr8pUio5dMPG7xGvlLQ06LlNpH4Rl7Qylgj1a7UuQx2MaN5ZX70n2Dgrk_LllBN1bjkQFTW8Z5b6HhrlJuJWVs6BLSh3kH_lCRLe7RPW6o5TSu_wmdbMR1XUsIWegB4xaFOjFMu2EuM6HqF9rLFZEwGkzlyJ_jz2dOKVTw5iRlarfKigU_01Qic5ZjUzyLHRURpius2ylD2L77nHASa32vRr2GHe7TSRIsR8wvn6DZHnr4h0ppGVKmVD6uta0Htyc5G623YayctgH9hKxl7RRemvyHYLph8y70jL2DIr5asW7p8iiYjKd0fUCCGduYr7E5rNDlrzlJBNnDPyJP8TNNJU&sai=AMfl-YRin1WPoJ4aZAykf12whVG9lCRVBA5iiMs_bpS-0BCa9WR8AECPpNBgVOY8n2hHPv57f-ok2DTsnkQoyhYI2wOiDFgo9VKB44QeEGe3CoIDC5zFdKxST4h6DFhzFg&sig=Cg0ArKJSzFVuDgzocAkpEAE&uach_m=[UACH]&adurl=
Frame ID: AED7E50893735BBF76CA34BDC04E596E
Requests: 7 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310201815000/amp4ads-v0.mjs
Frame ID: 9FF6692118795AAEE4E79C577B1E3DBB
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310201815000/amp4ads-v0.mjs
Frame ID: FC1565624FB786AB2EB7A0928B20DEEB
Requests: 12 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstjaz0KF0QyB_zsxfdD9JIFlv4kafZfiZHvwN4q6Q95Im1-mlYncqOfN8Zkt_1IYB6UU4g41XACs0-8_NDlwYC00wazobG55VWKnTpGX1YwI5NC4s1l_GX_2itHfSN1ZyAU_11kM6bxHUHr6oGolkBItbykILy72VeQzv_Y6Rb3Zm9Qus-7cxVS9NRDjWwCxP9rIme0ZCsUqEcEWpcvLfbMd6Z6BHZ8cj6GPFn2_3TsBqxfspSdEh6G1P4FZ4Z-C8c4p5SAdxWnSzt7aw9vKd2QpdEeKqnR3XqW269fdo-FAmn0qlz5b65NlrkZwZnCxmqRwyq-X2J-vviq7i74zJ1NRMUmgLuS7UM&sai=AMfl-YTyU3HAdIBr9Qn_HAilF2rRpltDDCl4B0uhPZ_ZrfZU_KhCMKqPsGajquGibeefHtV1rHdi_iT66Zn6mu2uXZIP-hBkWZnJmTsLNt0ZzWM7l3VP_x0_JE_fE7Bh2A&sig=Cg0ArKJSzGtKak9KkCs5EAE&uach_m=[UACH]&adurl=
Frame ID: 117801C7160CE92CD4B71375BA205D31
Requests: 7 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012310201815000/amp4ads-v0.mjs
Frame ID: 99CDA113C77C23ACAC870900EBFC6895
Requests: 17 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstPmnDwhHF67pZ5XyHZNjtrBP1w3iyYqroVGlkNHmvPTyWvPDhKWwdYjKTcj1h_DY8TWcKse8IdK7IuAWyUu5iEunL50piYIpji4-MEiuoEd7lCEQQpLchjgrsdK5ypheWGHm6UNT6lI4CRXGXABi0Kx6Hyi6PgopPLb-bkRF1gvT064tuiwy_bjskFg7yCYwnrEwLuQQx9i63ilzXSDOwczQ6WzFnRSJk3ofNCCqBJCcJye0q69dgjX7dTPswCvLYSrPXUDuADkAzmTMStJwTGaRAmTIFpggN5OffRF-0CIMj6ku7wHiHJEvJU_QlqYxtnl1gHlxJhtMhiBX_E5iwVXUrQPFA8FHE&sai=AMfl-YQ1FW_HTT_LP5_22Qv4ELTZdTsQNOHiKJ6gxvBmZx26mCBZXnIM7Tu8Ae94e1qNT51ach86Yib8gHBEPU7G9GE0fZS3p6xcjJCFz9nxT3oYj-gWDj0SAhLRR0O7gK8&sig=Cg0ArKJSzLQzzUECXyFFEAE&uach_m=[UACH]&adurl=
Frame ID: 792600AE071AF2B1A0968A4CA355C84D
Requests: 7 HTTP requests in this frame

Frame: https://cdn.ex.co/sync/0.0.1-1082b4e/cookie_sync.html?network=368531133%2C1340160700&gdpr=0&gdpr_consent=
Frame ID: EAB3C517698C62B1E3D214F2815AFF8D
Requests: 8 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Frame ID: 7F516981FF66DD42CD18E5EDD184922B
Requests: 2 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D&s=190719&C=1
Frame ID: 9BBE67ABF95DD042A679487A0D997327
Requests: 10 HTTP requests in this frame

Frame: https://ads.stickyadstv.com/pbs-user-sync?id=3684&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dfreewheel%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7Bviewerid%7D
Frame ID: 40F69D4C7D6058EA8C07130035961D88
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync-global.smartadserver.com/api/sync?callerId=35&redirectUri=sync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dsmartadserver%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%5Bssb_sync_pid%5D
Frame ID: FA29796C020F8DE9B7FDDEC3D1C9ADA8
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: 5960D9662909D63ED9B38E281FFC4E81
Requests: 1 HTTP requests in this frame

Frame: https://sync.ex.co/v1/setuid?bidder=freewheel&gdpr=0&gdpr_consent=&uid=c59dec1779daa799bf99ee87c83d0e0
Frame ID: 3438AC3E21F9A55DE82184154CA97DD4
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ex.co/prebid/production/release/1.9.0/latest/expb.js
Frame ID: B4E2161864F6AC7C8640B0381AA427C9
Requests: 11 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F216695B93F3736FC3692FD1807A2F77
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 2887528AAC3CC6DC054FD3687962885D
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Frame ID: C5F477CE34A75A59DE612F78EACF3DFE
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 3A2F81F763EA0CC9E5623079E5896F4D
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 4A84DE9DFCD5610D3173A6EEC3A3564D
Requests: 3 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 4318D2935432683B7E1C91155B2BC73C
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sonomamag.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: BDEE55AB3DB02D1BD573BD7D631B4BDE
Requests: 10 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Sonoma Magazine: Things to Do in Sonoma

Page URL History Show full URLs

  1. http://www.sonomamag.com/ HTTP 301
    https://www.sonomamag.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • chartbeat\.js
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • lightbox(?:-plus-jquery)?.{0,32}\.js
Overall confidence: 100%
Detected patterns
  • moatads\.com
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • <link [^>]*href="[^"]+use\.typekit\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

380
Requests

94 %
HTTPS

38 %
IPv6

72
Domains

106
Subdomains

81
IPs

10
Countries

6502 kB
Transfer

17501 kB
Size

50
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://www.sonomamag.com/ HTTP 301
    https://www.sonomamag.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 42
  • https://js.matheranalytics.com/s/ma16916/901956900/ml.js?cb=1639 HTTP 301
  • https://js.matheranalytics.com/static/ltm/ma16916/901956900/22/ml.br.js
Request Chain 251
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 295
  • https://ssum-sec.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D&s=190719&C=1
Request Chain 298
  • https://u.openx.net/w/1.0/cm?id=f0686912-7fb3-48f6-be19-4d168ad880c0&r=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
  • https://u.openx.net/w/1.0/cm?cc=1&id=f0686912-7fb3-48f6-be19-4d168ad880c0&r=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26uid%3D HTTP 302
  • https://sync.ex.co/v1/setuid?bidder=openx&gdpr=0&gdpr_consent=&uid=3008156a-12e3-4703-b8ae-e3e6698992c9
Request Chain 300
  • https://sync.1rx.io/usersync2/rmpssp?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?zcc=1&redir=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%5BRX_UUID%5D&cb=1699081704878 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=1564278752 HTTP 302
  • https://sync.1rx.io/usersync/turn/8895773545145174356?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-f7b13f3a-fbcb-4ba1-9428-97d13a1a1154-003?redir=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D0%26gdpr_consent%3D%26uid%3DRX-f7b13f3a-fbcb-4ba1-9428-97d13a1a1154-003 HTTP 302
  • https://sync.ex.co/v1/setuid?bidder=unruly&gdpr=0&gdpr_consent=&uid=RX-f7b13f3a-fbcb-4ba1-9428-97d13a1a1154-003
Request Chain 301
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dappnexus%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.ex.co%252Fv1%252Fsetuid%253Fbidder%253Dappnexus%2526gdpr%253D0%2526gdpr_consent%253D%2526uid%253D%2524UID HTTP 302
  • https://sync.ex.co/v1/setuid?bidder=appnexus&gdpr=0&gdpr_consent=&uid=2867029333300452141
Request Chain 307
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZUXt6GGdlack8EYiYy27oAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAnwX52iL4Zes25QPb09S5M&google_cver=1
Request Chain 308
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZUXt6GGdlack8EYiYy27oAAAFIkAAAIB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZUXt6GGdlack8EYiYy27oAAAFIkAAAIB&gpp=&gpp_sid=&dcc=t
Request Chain 310
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZUXt6GGdlack8EYiYy27oAAAFIkAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEOy54Ok5lFJUhAMScap7dBg&google_cver=1
Request Chain 312
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e HTTP 302
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=c4721abf-f802-3d34-d094fe31
Request Chain 313
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=oI6XCPPfxgS7i5pYpo2ODfLawgi7i8cNpo3KG-vk
Request Chain 314
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1699168105
Request Chain 316
  • https://ads.stickyadstv.com/auto-user-sync?pbs=true HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=c59dec1779daa799bf99ee87c83d0e0&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d%26gdpr%3d0%26gdpr_consent%3d HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=uml2528_7298063333162987273&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
Request Chain 325
  • https://www9.smartadserver.com/ac?siteid=215340&pgid=1352541&fmtid=63953&ab=1&tgt=&oc=1&out=vast4&ps=1&pb=0&visit=S&vcn=s&tmstp=1699081705595&pgdomain=https%3A%2F%2Fwww.sonomamag.com&vph=168&vpw=300&gdpr_consent=&us_privacy=&schain=1.0%2C1!playbuzz.com%2C0016M00002HONu5QAH%2C1%2C%2C%2Cwww.sonomamag.com&gdpr=1 HTTP 302
  • https://www9.smartadserver.com/ac?siteid=215340&pgid=1352541&fmtid=63953&ab=1&tgt=&oc=1&out=vast4&ps=1&pb=0&visit=S&vcn=s&tmstp=1699081705595&pgdomain=https%3a%2f%2fwww.sonomamag.com&vph=168&vpw=300&gdpr_consent=&us_privacy=&schain=1.0%2c1!playbuzz.com%2c0016M00002HONu5QAH%2c1%2c%2c%2cwww.sonomamag.com&gdpr=1&cklb=1
Request Chain 383
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZUXt6GGdlack8EYiYy27oAAA%265257&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid= HTTP 303
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZUXt6GGdlack8EYiYy27oAAA%265257&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=e8b3edd993a8410299053500f0cd6311 HTTP 303
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D HTTP 302
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=8895773545145174356 HTTP 303
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=e8b3edd9-93a8-4102-9905-3500f0cd6311
Request Chain 385
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2867029333300452141
Request Chain 386
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZUXt6GGdlack8EYiYy27oAAAFIkAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
Request Chain 387
  • https://c1.adform.net/serving/cookie/match?party=29 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=6432240455056384945&expiration=1700291312
Request Chain 388
  • https://cm.ctnsnet.com/int/cm?exc=19 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=8a6c803f26a74205b00d0ad54f75f921&expiration=1701673712
Request Chain 389
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZUXt6GGdlack8EYiYy27oAAA%265257?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZUXt6GGdlack8EYiYy27oAAA%265257

380 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.sonomamag.com/
Redirect Chain
  • http://www.sonomamag.com/
  • https://www.sonomamag.com/
190 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.sonomamag.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.52.12.191 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-52-12-191.us-west-1.compute.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
f30416693bbcafb7c6ccfd5fcb10b789150ee3d0d7d8e1b2d4d16cd46ff5e4f8
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=0, no-cache, no-store, must-revalidate
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
24828
Content-Type
text/html; charset=UTF-8
Date
Sat, 04 Nov 2023 07:08:20 GMT
Expires
Mon, 29 Oct 1923 20:30:00 GMT
Keep-Alive
timeout=5, max=100
Last-Modified
Fri, 03 Nov 2023 23:30:56 GMT
Pragma
no-cache
Server
Apache/2.4.41 (Ubuntu)
Vary
User-Agent,Accept-Encoding
X-XSS-Protection
1; mode=block

Redirect headers

Connection
Keep-Alive
Content-Length
317
Content-Type
text/html; charset=iso-8859-1
Date
Sat, 04 Nov 2023 07:08:20 GMT
Keep-Alive
timeout=5, max=100
Location
https://www.sonomamag.com/
Server
Apache/2.4.41 (Ubuntu)
css2
fonts.googleapis.com/ 		1016 B
836 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Gloock
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fa8169d930c422d887710e1985d3b025973b7eb370295b66b64b2cbefd3e8861
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 04 Nov 2023 07:08:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 04 Nov 2023 07:08:20 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 04 Nov 2023 07:08:20 GMT
efdc9638573d2047581ee6af012b0f10.js
cdn.cookie-script.com/s/ 		171 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.cookie-script.com/s/efdc9638573d2047581ee6af012b0f10.js
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
65.108.188.9 Helsinki, Finland, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.9.188.108.65.clients.your-server.de
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
9274c1a7129f442f1e35d9700751cb05981b1d4286302abb84417be65e624f39

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:20 GMT
content-encoding
gzip
last-modified
Thu, 05 Oct 2023 16:28:08 GMT
server
nginx/1.18.0 (Ubuntu)
etag
W/"9d75a286ed38bdb4a1ab89cf9007cd5e"
x-cache-status
HIT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
style.min.css
d1sve9khgp0cw0.cloudfront.net/wp-includes/css/dist/block-library/ 		102 KB
14 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1sve9khgp0cw0.cloudfront.net/wp-includes/css/dist/block-library/style.min.css?ver=6.3.2
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:cc00:5:5a52:9000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 17:10:06 GMT
content-encoding
gzip
via
1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
last-modified
Tue, 19 Sep 2023 16:15:52 GMT
server
Apache/2.4.41 (Ubuntu)
x-amz-cf-pop
FRA60-P6
age
50294
etag
"19824-605b8929abe00-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
13841
x-xss-protection
1; mode=block
x-amz-cf-id
N8zU2uwarwM_lSXvyjsj6-QLLm9Wa-NeZiVsMPWJlOyr_3TkBIf3jg==
mce-custom.css
d1sve9khgp0cw0.cloudfront.net/wp-content/plugins/cph-pd-site-plugin/base/add-ons/mce-custom// 		707 B
701 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1sve9khgp0cw0.cloudfront.net/wp-content/plugins/cph-pd-site-plugin/base/add-ons/mce-custom//mce-custom.css?ver=6.1.27
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:cc00:5:5a52:9000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
5a8e632b5f851e7131365636b29104dfd8c1ef5b393d20eefda79bf79dd9d096
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 21:40:40 GMT
content-encoding
gzip
via
1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
last-modified
Thu, 04 Feb 2021 20:28:44 GMT
server
Apache/2.4.41 (Ubuntu)
x-amz-cf-pop
FRA60-P6
age
34060
etag
"2c3-5ba888ccb3700-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
312
x-xss-protection
1; mode=block
x-amz-cf-id
Opk1XU18OU_P5VT4gg-72kJkA8r5KgDGE4IjxuL3mQML36G_ady23Q==
overrides.css
d1sve9khgp0cw0.cloudfront.net/wp-content/plugins/cph-pd-site-plugin/ 		610 B
683 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1sve9khgp0cw0.cloudfront.net/wp-content/plugins/cph-pd-site-plugin/overrides.css?ver=6.1.27
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:cc00:5:5a52:9000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
cf103958d2848a336c46102c8f10daea4566f623facb9825943eb0899925967a
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 21:40:40 GMT
content-encoding
gzip
via
1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
last-modified
Wed, 14 Jul 2021 23:02:09 GMT
server
Apache/2.4.41 (Ubuntu)
x-amz-cf-pop
FRA60-P6
age
34060
etag
"262-5c71d58105e40-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
294
x-xss-protection
1; mode=block
x-amz-cf-id
TpHaopExfUFa0yuyOW39vUvV5xQmIluV80R2UE1aAKTYPOJDEnESZg==
plugin.css
d1sve9khgp0cw0.cloudfront.net/wp-content/plugins/cph-pd-site-plugin/extra/ 		1 KB
837 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1sve9khgp0cw0.cloudfront.net/wp-content/plugins/cph-pd-site-plugin/extra/plugin.css?ver=6.1.27
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:cc00:5:5a52:9000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
622a01426683e02966eb2693dd3fd914b55b55522ab23f89d1611e5fe3c45ad7
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 21:38:39 GMT
content-encoding
gzip
via
1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
last-modified
Thu, 02 Nov 2023 21:24:22 GMT
server
Apache/2.4.41 (Ubuntu)
x-amz-cf-pop
FRA60-P6
age
34181
etag
"412-6093202e76d80-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
449
x-xss-protection
1; mode=block
x-amz-cf-id
8W9_gdhixWQ6C0su5ZKNi774XcHB1Y-wviGQdwN9GmnyRdDWN1AvGA==
wpfts_autocomplete.css
d1sve9khgp0cw0.cloudfront.net/wp-content/plugins/fulltext-search/style/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1sve9khgp0cw0.cloudfront.net/wp-content/plugins/fulltext-search/style/wpfts_autocomplete.css?ver=1.59.211
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:cc00:5:5a52:9000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
018342cae92806f9a8474ab5b7017b2035fe9b93d2d1f825c17225c5cc7bbb91
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 14:44:41 GMT
content-encoding
gzip
via
1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
last-modified
Mon, 30 Oct 2023 17:11:05 GMT
server
Apache/2.4.41 (Ubuntu)
x-amz-cf-pop
FRA60-P6
age
59019
etag
"11e6-608f21f917c40-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
946
x-xss-protection
1; mode=block
x-amz-cf-id
ZQANHJbO7jAGm2cPtgsrNlCWPgSPokAqIa0fZIeeBRJgH6rLobWN-w==
fxt1vus.css
use.typekit.net/ 		3 KB
954 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.typekit.net/fxt1vus.css?ver=6.3.2
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ee1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
ecd8730c2807babfabea9e405e2d8c12619934834aa127235980fc951906bfbe
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
date
Sat, 04 Nov 2023 07:08:20 GMT
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
content-length
731
font-awesome.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/ 		30 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css?ver=4.7.0
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
10025590
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
5631
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-7918"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NvmQi5zbP3BJ%2B0OUBXdhobXi3VYIfJEErw8KO2GdOoCbux8Y%2FE2JXR7aTpcRsjZV4tN3lziFHGkMmAV7yPx%2BKozhxd8Rt2z1XFvnhekAjTaVOL3btcN09b1MOVSIBLHBJTaAqAiRjB3Yz2Lugan8VucP"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
820b0676e85a3a3d-FRA
expires
Thu, 24 Oct 2024 07:08:20 GMT
normalize.min.css
cdnjs.cloudflare.com/ajax/libs/normalize/8.0.1/ 		2 KB
971 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/normalize/8.0.1/normalize.min.css?ver=8.0.1
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97ce4e98f3a3be297f48ebd5b771e74928f31754d43324fd795d1cd81cc41b35
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:20 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1943786
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
633
last-modified
Mon, 04 May 2020 16:13:31 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f2b-745"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PGCxzSaH4f59UZ0b7XMeW0miXD%2BtPpuwWSNRNnOdUBLTZMl6a6Au5RL34t3V3Mk8X4TDcct4XHboyl9zHHO175ohsGV3xJcChepY%2FfYJcMgmA5fZXTKChUVPdzR1mebHt83P6sAVsNfim7OgtWsYTFjt"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
820b0676e85b3a3d-FRA
expires
Thu, 24 Oct 2024 07:08:20 GMT
base.css
d1sve9khgp0cw0.cloudfront.net/wp-content/themes/smag2023/css/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1sve9khgp0cw0.cloudfront.net/wp-content/themes/smag2023/css/base.css?ver=1.6.73
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:cc00:5:5a52:9000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
eede07af324df385f71fb5bd362086fa92890516cf99d0ef0f8bb4df4e14902a
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 09:06:13 GMT
content-encoding
gzip
via
1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
last-modified
Tue, 01 Aug 2023 18:20:21 GMT
server
Apache/2.4.41 (Ubuntu)
x-amz-cf-pop
FRA60-P6
age
79327
etag
"233d-601e099914340-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
2351
x-xss-protection
1; mode=block
x-amz-cf-id
4vmOtFK1P8wVPq9zIVn_sAo_XSSjf3RknW1wLs_0A1mA06UTXEKs6Q==
layout.css
d1sve9khgp0cw0.cloudfront.net/wp-content/themes/smag2023/css/ 		44 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1sve9khgp0cw0.cloudfront.net/wp-content/themes/smag2023/css/layout.css?ver=1.6.73
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:cc00:5:5a52:9000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
5668d185d349a669f5430bf540ec1b2bf99c54a2cfb2f92d61f87b6c0c8b2d32
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 05:04:51 GMT
content-encoding
gzip
via
1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
last-modified
Mon, 26 Jun 2023 16:45:14 GMT
server
Apache/2.4.41 (Ubuntu)
x-amz-cf-pop
FRA60-P6
age
7453
etag
"b0d9-5ff0b131dda80-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
7597
x-xss-protection
1; mode=block
x-amz-cf-id
VcPdoFQfO6SRsr40zq2bOXj7e4sPI0B8i14wIbYJ2O9WNy53TO_hdQ==
post-formats.css
d1sve9khgp0cw0.cloudfront.net/wp-content/themes/smag2023/css/ 		24 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1sve9khgp0cw0.cloudfront.net/wp-content/themes/smag2023/css/post-formats.css?ver=1.6.73
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:cc00:5:5a52:9000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
a7e4c98842ea2078f5ff1404c580b4bd3bb59c6c356fb9c2b74b4a31db688275
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 09:06:13 GMT
content-encoding
gzip
via
1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
last-modified
Tue, 01 Aug 2023 18:34:56 GMT
server
Apache/2.4.41 (Ubuntu)
x-amz-cf-pop
FRA60-P6
age
79327
etag
"61bf-601e0cdb8b400-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
3739
x-xss-protection
1; mode=block
x-amz-cf-id
Wg8A-qKMgQbGiKXRcJYHMH-donjSRKqxT5lHEfyyp7bf6s_FEYUQtg==
style.css
d1sve9khgp0cw0.cloudfront.net/wp-content/themes/smag2023-child/ 		1 KB
931 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1sve9khgp0cw0.cloudfront.net/wp-content/themes/smag2023-child/style.css?ver=1.6.73
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:cc00:5:5a52:9000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
c0491d4c3be6d601c4bdc6fbc2be7c476660a70a961e91be1c41f2b20030fc64
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 07:35:01 GMT
content-encoding
gzip
via
1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
last-modified
Thu, 08 Jun 2023 19:16:25 GMT
server
Apache/2.4.41 (Ubuntu)
x-amz-cf-pop
FRA60-P6
age
84799
etag
"422-5fda316a59440-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
542
x-xss-protection
1; mode=block
x-amz-cf-id
08HB7eJO_Yku4B-1ZL1VGxxSEzo4ZTtqsinppv8OPS28bBiUKP2gCw==
jquery.min.js
d1sve9khgp0cw0.cloudfront.net/wp-includes/js/jquery/ 		85 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1sve9khgp0cw0.cloudfront.net/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:cc00:5:5a52:9000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 08:33:54 GMT
content-encoding
gzip
via
1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
last-modified
Tue, 19 Sep 2023 16:15:52 GMT
server
Apache/2.4.41 (Ubuntu)
x-amz-cf-pop
FRA60-P6
age
81266
etag
"155ba-605b8929abe00-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
30343
x-xss-protection
1; mode=block
x-amz-cf-id
W2eugfeXUs8c3oCqNMuCHcVD1tHY7omCxqTWs__A9U1FSvL9sJL5nw==
jquery-migrate.min.js
d1sve9khgp0cw0.cloudfront.net/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1sve9khgp0cw0.cloudfront.net/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.1
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:cc00:5:5a52:9000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 06:33:33 GMT
content-encoding
gzip
via
1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
last-modified
Tue, 19 Sep 2023 16:15:52 GMT
server
Apache/2.4.41 (Ubuntu)
x-amz-cf-pop
FRA60-P6
age
2087
etag
"3509-605b8929abe00-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
4872
x-xss-protection
1; mode=block
x-amz-cf-id
1nYmWxSu7ioIZ0Gl8ky9SmRfyymuIf-LnPKxYAygaMRHV_aYq_vY0Q==
loader.js
d1sve9khgp0cw0.cloudfront.net/wp-content/plugins/cph-pd-site-plugin/base/add-ons/dfp/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1sve9khgp0cw0.cloudfront.net/wp-content/plugins/cph-pd-site-plugin/base/add-ons/dfp/js/loader.js?ver=6.1.27
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:cc00:5:5a52:9000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
aff3eee4d52737b6819c3bbba7ccdede3b72b1901b86770bbd87c2787e759667
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 21:38:40 GMT
content-encoding
gzip
via
1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
last-modified
Tue, 21 Feb 2023 00:41:02 GMT
server
Apache/2.4.41 (Ubuntu)
x-amz-cf-pop
FRA60-P6
age
34180
etag
"1f75-5f52b08b48380-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2621
x-xss-protection
1; mode=block
x-amz-cf-id
QNNEpdF6CpVP7kTiIbF5o3jGmvBd3xWWwr_wR0FxvWnzm6NSrJ1g4g==
plugin.js
d1sve9khgp0cw0.cloudfront.net/wp-content/plugins/cph-pd-site-plugin/extra/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1sve9khgp0cw0.cloudfront.net/wp-content/plugins/cph-pd-site-plugin/extra/plugin.js?ver=6.1.27
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:cc00:5:5a52:9000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
ea54ce101c12ac192252fd1c00e0b6691ae23b4d6ee1f9589839f89a89341ef9
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 21:38:39 GMT
content-encoding
gzip
via
1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
last-modified
Fri, 12 May 2023 00:08:35 GMT
server
Apache/2.4.41 (Ubuntu)
x-amz-cf-pop
FRA60-P6
age
34181
etag
"2f4e-5fb73e7f5a6c0-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3572
x-xss-protection
1; mode=block
x-amz-cf-id
Lq4Dh7BJ1eumj3gzEp2UJ4vBCZBohtlbd7T2l8m0lHGxxT1BQNIa-A==
loader.min.js
loader-cdn.azureedge.net/prod/smi/ 		40 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://loader-cdn.azureedge.net/prod/smi/loader.min.js?ver=1.0
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48BC) /
Resource Hash
092fe19f163db4c73e1789cf4d0c6b73392047d2944ea79056031efab9ca61ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 04 Nov 2023 07:08:21 GMT
content-encoding
gzip
content-md5
dYcFWBMJ0hR2MEzcbDTSjA==
age
8365
x-cache
HIT
content-length
11512
x-ms-lease-status
unlocked
last-modified
Thu, 02 Mar 2023 05:09:19 GMT
server
ECAcc (ama/48BC)
etag
0x8DB1ADC475DC496
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
3423b52b-d01e-008b-7dda-0ef3d3000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
core.min.js
d1sve9khgp0cw0.cloudfront.net/wp-includes/js/jquery/ui/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1sve9khgp0cw0.cloudfront.net/wp-includes/js/jquery/ui/core.min.js?ver=1.13.2
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:cc00:5:5a52:9000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 14:44:41 GMT
content-encoding
gzip
via
1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
last-modified
Mon, 08 May 2023 18:44:51 GMT
server
Apache/2.4.41 (Ubuntu)
x-amz-cf-pop
FRA60-P6
age
59019
etag
"53be-5fb3308accec0-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
7099
x-xss-protection
1; mode=block
x-amz-cf-id
ACHlncHtANhyauvwuBNdIj_9tupOf5MWv-uV-IeYSFdltEjdyGn0FQ==
menu.min.js
d1sve9khgp0cw0.cloudfront.net/wp-includes/js/jquery/ui/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1sve9khgp0cw0.cloudfront.net/wp-includes/js/jquery/ui/menu.min.js?ver=1.13.2
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:cc00:5:5a52:9000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
dc50c28f1db50dbce579d4738a0e55001a5f954df3307ca5d502f42202d1d05c
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 14:44:41 GMT
content-encoding
gzip
via
1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
last-modified
Mon, 08 May 2023 18:44:51 GMT
server
Apache/2.4.41 (Ubuntu)
x-amz-cf-pop
FRA60-P6
age
59019
etag
"2782-5fb3308accec0-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3022
x-xss-protection
1; mode=block
x-amz-cf-id
I_PixyU4VUhq461IF3ICbtkPVEPyEkkHpLx7GPgH6BJ1kVeJ5bFZiw==
wp-polyfill-inert.min.js
d1sve9khgp0cw0.cloudfront.net/wp-includes/js/dist/vendor/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1sve9khgp0cw0.cloudfront.net/wp-includes/js/dist/vendor/wp-polyfill-inert.min.js?ver=3.1.2
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:cc00:5:5a52:9000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 14:44:41 GMT
content-encoding
gzip
via
1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
last-modified
Mon, 08 May 2023 18:44:51 GMT
server
Apache/2.4.41 (Ubuntu)
x-amz-cf-pop
FRA60-P6
age
59019
etag
"1feb-5fb3308accec0-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2484
x-xss-protection
1; mode=block
x-amz-cf-id
9P1kjPoYeA-vckeHRv95-3oji27pGx1SkHJJ0HbOUq9NjLZkXf4ShQ==
regenerator-runtime.min.js
d1sve9khgp0cw0.cloudfront.net/wp-includes/js/dist/vendor/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1sve9khgp0cw0.cloudfront.net/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.11
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:cc00:5:5a52:9000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 16:49:21 GMT
content-encoding
gzip
via
1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
last-modified
Mon, 08 May 2023 18:44:51 GMT
server
Apache/2.4.41 (Ubuntu)
x-amz-cf-pop
FRA60-P6
age
51539
etag
"19cf-5fb3308accec0-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2499
x-xss-protection
1; mode=block
x-amz-cf-id
ms4DJHC89PoZbodG-fs11opU0IMYTgAZQ8go0uT0ERuwFNzQn6qmLg==
wp-polyfill.min.js
d1sve9khgp0cw0.cloudfront.net/wp-includes/js/dist/vendor/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1sve9khgp0cw0.cloudfront.net/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:cc00:5:5a52:9000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
4c0ced2cb3830d045cdd74f745fd4d6dcb082d8edd3a9fe46e39295e30cb8032
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 14:44:41 GMT
content-encoding
gzip
via
1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
last-modified
Tue, 19 Sep 2023 16:15:52 GMT
server
Apache/2.4.41 (Ubuntu)
x-amz-cf-pop
FRA60-P6
age
59019
etag
"3f12-605b8929abe00-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
5889
x-xss-protection
1; mode=block
x-amz-cf-id
RLhTJmWY30MJ7KHeg0D6FfzZLv5v41y8ao2O_BV1-Ep5BdHwMotnPA==
dom-ready.min.js
d1sve9khgp0cw0.cloudfront.net/wp-includes/js/dist/ 		498 B
729 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d1sve9khgp0cw0.cloudfront.net/wp-includes/js/dist/dom-ready.min.js?ver=392bdd43726760d1f3ca
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:cc00:5:5a52:9000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
166c7c3bb5f76f977a9f2a5490589b3466374eb2b3f064802e56f08bad71fbf0
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 14:44:41 GMT
content-encoding
gzip
via
1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
last-modified
Wed, 08 Jun 2022 15:23:53 GMT
server
Apache/2.4.41 (Ubuntu)
x-amz-cf-pop
FRA60-P6
age
59019
etag
"1f2-5e0f14af71440-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
331
x-xss-protection
1; mode=block
x-amz-cf-id
gyNSjlTjDg9Fqq0sPxCR-4-wk9Tw27SGg4s63qlCvghTAzG7bxVsqA==
hooks.min.js
d1sve9khgp0cw0.cloudfront.net/wp-includes/js/dist/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1sve9khgp0cw0.cloudfront.net/wp-includes/js/dist/hooks.min.js?ver=c6aec9a8d4e5a5d543a1
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:cc00:5:5a52:9000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
7868467c94a5aa0b3f11ef542f45287967f9627b3b5acdc86e47f8f77a126596
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 14:44:41 GMT
content-encoding
gzip
via
1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
last-modified
Tue, 19 Sep 2023 16:15:52 GMT
server
Apache/2.4.41 (Ubuntu)
x-amz-cf-pop
FRA60-P6
age
59019
etag
"1213-605b8929abe00-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
1567
x-xss-protection
1; mode=block
x-amz-cf-id
nRhFS3PLGg4Pc7rsepA9oFjwKrzx3DqEn9afnTVZ7M0NIFmdAujpWQ==
i18n.min.js
d1sve9khgp0cw0.cloudfront.net/wp-includes/js/dist/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1sve9khgp0cw0.cloudfront.net/wp-includes/js/dist/i18n.min.js?ver=7701b0c3857f914212ef
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:cc00:5:5a52:9000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
698e93fe491cc7bbf07a470579a33dbd0db53c19142b7be41ebfd39a23aef11f
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 14:44:41 GMT
content-encoding
gzip
via
1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
last-modified
Tue, 19 Sep 2023 16:15:52 GMT
server
Apache/2.4.41 (Ubuntu)
x-amz-cf-pop
FRA60-P6
age
59019
etag
"24e5-605b8929abe00-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3692
x-xss-protection
1; mode=block
x-amz-cf-id
VIY6dvZFaklKVSCjwMjYpqOEXktYJ5hlJdo0zbUx70JEPufH9DzMvg==
a11y.min.js
d1sve9khgp0cw0.cloudfront.net/wp-includes/js/dist/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1sve9khgp0cw0.cloudfront.net/wp-includes/js/dist/a11y.min.js?ver=7032343a947cfccf5608
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:cc00:5:5a52:9000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
d35faa1c0b45cc142295ae07a0c6e6e7824e0e64b58b81a83e7850251586e0df
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 15:03:27 GMT
content-encoding
gzip
via
1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
last-modified
Tue, 19 Sep 2023 16:15:52 GMT
server
Apache/2.4.41 (Ubuntu)
x-amz-cf-pop
FRA60-P6
age
57893
etag
"990-605b8929abe00-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
960
x-xss-protection
1; mode=block
x-amz-cf-id
6KQ5l4rU52aq8mHXk8vD4PUz3Ho54AuG6jPqBZ-pY1csARP35MuU1g==
autocomplete.min.js
d1sve9khgp0cw0.cloudfront.net/wp-includes/js/jquery/ui/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1sve9khgp0cw0.cloudfront.net/wp-includes/js/jquery/ui/autocomplete.min.js?ver=1.13.2
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:cc00:5:5a52:9000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
1e4307ac8b8c4d489c755729b6b1914a876f8693590e802b43ee4ac91b9aa354
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 14:44:41 GMT
content-encoding
gzip
via
1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
last-modified
Mon, 08 May 2023 18:44:51 GMT
server
Apache/2.4.41 (Ubuntu)
x-amz-cf-pop
FRA60-P6
age
59019
etag
"2112-5fb3308accec0-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
2877
x-xss-protection
1; mode=block
x-amz-cf-id
uhZ7ydcHutv-verittWbSbp0dWt1QDzKWp4MprItJAhPiMUY2l6AeA==
wpfts_frontend.js
d1sve9khgp0cw0.cloudfront.net/wp-content/plugins/fulltext-search/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1sve9khgp0cw0.cloudfront.net/wp-content/plugins/fulltext-search/js/wpfts_frontend.js?ver=1.59.211
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:cc00:5:5a52:9000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
b264a2787c17d1a93cda47266c6557039f2478ddd1d8dbbed5527ad757920b3c
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 14:38:47 GMT
content-encoding
gzip
via
1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
last-modified
Mon, 30 Oct 2023 17:11:05 GMT
server
Apache/2.4.41 (Ubuntu)
x-amz-cf-pop
FRA60-P6
age
59373
etag
"67e-608f21f917c40-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
667
x-xss-protection
1; mode=block
x-amz-cf-id
7D1P9A-DCOXUDu6uUcsvBZtcHP6Ft2EU1wJi_p3oKIFAs2zEzBK3aw==
script.js
d1sve9khgp0cw0.cloudfront.net/wp-content/themes/smag2023-child/ 		338 B
617 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d1sve9khgp0cw0.cloudfront.net/wp-content/themes/smag2023-child/script.js?ver=1.0.0
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:cc00:5:5a52:9000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
8707089168b73b7cd96350ead9ba151998c91a2ec5235e5c7f3dca85a0d4309c
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 08:20:14 GMT
content-encoding
gzip
via
1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
last-modified
Tue, 24 Jan 2023 22:52:26 GMT
server
Apache/2.4.41 (Ubuntu)
x-amz-cf-pop
FRA60-P6
age
82086
etag
"152-5f30a5e9b1e80-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
219
x-xss-protection
1; mode=block
x-amz-cf-id
2ywZEetQYA6PRqdQ1fOhCuQ_5bGKOIbWIN4jxxAbe2267lhszBqOMg==
app.js
d1sve9khgp0cw0.cloudfront.net/wp-content/themes/smag2023/js/ 		19 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1sve9khgp0cw0.cloudfront.net/wp-content/themes/smag2023/js/app.js?ver=1.6.73
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:cc00:5:5a52:9000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
382615c5da5718191adba3886c422e046910e72024266ec83fd72a3353699a05
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 06:52:48 GMT
content-encoding
gzip
via
1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
last-modified
Mon, 26 Sep 2022 19:50:23 GMT
server
Apache/2.4.41 (Ubuntu)
x-amz-cf-pop
FRA60-P6
age
1033
etag
"4dca-5e999d6965dc0-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
3912
x-xss-protection
1; mode=block
x-amz-cf-id
NH1ammrJQPGyF8SM4VarLfetxs3D8O5XUd2vdr5J6UuUHMYv9YNhJg==
load.js
s.ntv.io/serve/ 		614 KB
163 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.212.213.167 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-213-167.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
fae0321e6d2700288a4e66c2b69744ba4cac5abbdcfcdb8b77f5c95ce803875b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Sat, 04 Nov 2023 07:08:21 GMT
Content-Encoding
gzip
x-amz-request-id
VWCH69AA241DTFJA
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
Connection
keep-alive, Transfer-Encoding
x-amz-id-2
/Q+hF/TdkSgsqsNAPjGa0VIfZLB0PnmNmqWwt6WKRKo4APPiOKLi/cXkHQq6CNnneUG/nuf6l+s=
Last-Modified
Mon, 30 Oct 2023 15:05:06 GMT
Server
AmazonS3
ETag
"9edb7bd9582a7f013aec433f308183ac"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=3600
Accept-Ranges
bytes
Access-Control-Allow-Headers
*
gtm.js
www.googletagmanager.com/ 		202 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PT47XM6
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
365973dce343af1048e494b3e00a55d613fb897d1356a1d53f102c81238a7728
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
72760
x-xss-protection
0
last-modified
Sat, 04 Nov 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 04 Nov 2023 07:08:21 GMT
chartbeat.js
static.chartbeat.com/js/ 		37 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/chartbeat.js
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2646:1200:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
2241d391f10f461a915b6ef47bc0c8103bf0e7289aff47e1bcfed5ff2a84d119

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 17:22:14 GMT
content-encoding
gzip
via
1.1 dc57cbf9d7336ae929f762b5ada2ed98.cloudfront.net (CloudFront)
last-modified
Wed, 09 Aug 2023 00:45:38 GMT
server
nginx
x-amz-cf-pop
FRA60-P5
age
49567
etag
W/"64d2e1b2-94a1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
-gfrkTO8gTT58xnDou7SmYjtIQC_pUETMzalA_yJDC3wSg5yFJ5yTw==
expires
Sat, 04 Nov 2023 17:22:14 GMT
p.css
p.typekit.net/ 		5 B
172 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://p.typekit.net/p.css?s=1&k=fxt1vus&ht=tk&f=29429.29432.29433.29435&a=8828323&app=typekit&e=css
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/fxt1vus.css?ver=6.3.2
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ee1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
nginx /
Resource Hash
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://use.typekit.net/fxt1vus.css?ver=6.3.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:21 GMT
last-modified
Fri, 14 Jul 2023 12:44:32 GMT
server
nginx
etag
"64b14330-5"
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
content-length
5
style.css
d1sve9khgp0cw0.cloudfront.net/wp-content/themes/smag2023/ 		819 B
888 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://d1sve9khgp0cw0.cloudfront.net/wp-content/themes/smag2023/style.css
Requested by
Host: d1sve9khgp0cw0.cloudfront.net
URL: https://d1sve9khgp0cw0.cloudfront.net/wp-content/themes/smag2023-child/style.css?ver=1.6.73
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:cc00:5:5a52:9000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
17ec7ad5a109d73f79bdbd6621427676bf2cb87cb726fd936679bf5aeb5dca6d
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://d1sve9khgp0cw0.cloudfront.net/wp-content/themes/smag2023-child/style.css?ver=1.6.73
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 07:35:01 GMT
content-encoding
gzip
via
1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
last-modified
Tue, 24 Jan 2023 22:52:26 GMT
server
Apache/2.4.41 (Ubuntu)
x-amz-cf-pop
FRA60-P6
age
84800
etag
"333-5f30a5e9b1e80-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/css
accept-ranges
bytes
content-length
499
x-xss-protection
1; mode=block
x-amz-cf-id
W0o-cshiQUknbpXUC4kZSSok3wiKzkaT7eMOuUy3pjTFYH9VlLPX1A==
fbevents.js
connect.facebook.net/en_US/ 		202 KB
54 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 04 Nov 2023 07:08:21 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
vEJJeR9H4IlIKJFh/c3XvDDW6WoeeG1EmcFiWfrU7o0W9/wZaKQNAdKHCqvTpfm0v3VwYUowtYLKYmJ3f94Q+g==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		99 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: d1sve9khgp0cw0.cloudfront.net
URL: https://d1sve9khgp0cw0.cloudfront.net/wp-content/plugins/cph-pd-site-plugin/base/add-ons/dfp/js/loader.js?ver=6.1.27
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6e1599484899609457513626a439ae86b7b8ffcdfa30ab556fa306de5faca728
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:21 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31052
x-xss-protection
0
server
cafe
etag
883 / 19665 / m202310310101 / config-hash: 7101305502720886139
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Sat, 04 Nov 2023 07:08:21 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		265 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: d1sve9khgp0cw0.cloudfront.net
URL: https://d1sve9khgp0cw0.cloudfront.net/wp-content/plugins/cph-pd-site-plugin/base/add-ons/dfp/js/loader.js?ver=6.1.27
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-181.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6a15af42dcf8e6705a1ecea1dc8a864ce0c050b8c2dc5365d760f6f8b2477825

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:07:24 GMT
content-encoding
gzip
via
1.1 814952d19d560b49ff15ad2f71e400d2.cloudfront.net (CloudFront), 1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
last-modified
Wed, 01 Nov 2023 21:46:15 GMT
server
AmazonS3
x-amz-cf-pop
FRA60-P1, FRA2-C1
age
58
etag
W/"952090f32d44601808d121a61e707826"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
x-amz-cf-id
IxSYGhlo1VY8nheYGyjvcFHdEfzwwTl-GKvKWujBd_s8QmmAHwM8XQ==
polyfill.min.js
polyfill.io/v3/ 		101 B
611 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?flags=gated&features=es5%2CCustomEvent%2CArray.from%2CArray.isArray%2CArray.prototype.filter%2CArray.prototype.find%2CArray.prototype.findIndex%2CArray.prototype.forEach%2CArray.prototype.indexOf%2CArray.prototype.keys%2CArray.prototype.lastIndexOf%2CArray.prototype.map%2CArray.prototype.reduce%2CDate.prototype.toISOString%2CDocumentFragment%2CDocumentFragment.prototype.append%2CDocumentFragment.prototype.prepend%2CElement%2CElement.prototype.after%2CElement.prototype.append%2CElement.prototype.before%2CElement.prototype.classList%2CElement.prototype.cloneNode%2CElement.prototype.closest%2CElement.prototype.dataset%2CElement.prototype.matches%2CElement.prototype.placeholder%2CElement.prototype.prepend%2CElement.prototype.remove%2CElement.prototype.replaceWith%2CElement.prototype.toggleAttribute%2CEvent%2CJSON%2CMap%2CNumber.parseInt%2CNumber.parseFloat%2CObject.assign%2CObject.create%2CObject.defineProperties%2CObject.defineProperty%2CObject.entries%2CObject.getOwnPropertyDescriptor%2CObject.getOwnPropertyNames%2CObject.is%2CObject.keys%2CObject.values%2CPromise%2CPromise.prototype.finally%2CSet%2CString.prototype.trim%2CXMLHttpRequest%2Cdocument.getElementsByClassName%2Cdocument.currentScript%2Cdocument.querySelector%2Cfetch%2CgetComputedStyle%2ClocalStorage%2CArray.prototype.some%2CDate.now%2CEvent.focusin%2CEventSource%2CFunction.prototype.bind%2CFunction.prototype.name%2CHTMLDocument%2CNodeList.prototype.forEach%2CNodeList.prototype.%40%40iterator%2CNode.prototype.contains%2CObject.getPrototypeOf%2CObject.setPrototypeOf%2CRegExp.prototype.flags%2CString.prototype.%40%40iterator%2CString.prototype.startsWith%2CString.prototype.endsWith%2Cconsole%2Cconsole.debug%2Cconsole.error%2Cconsole.info%2Cconsole.log%2Cdocument%2Cdocument.head%2Cdocument.visibilityState%2Clocation.origin%2CrequestIdleCallback%2Cscreen.orientation%2CmatchMedia%2CURL
Requested by
Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/smi/loader.min.js?ver=1.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:400::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sonomamag.com/
Origin
https://www.sonomamag.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 04 Nov 2023 07:08:21 GMT
age
298177
detected-user-agent
Chrome/119.0.0
server-timing
HIT-CLUSTER, fastly;desc="Edge time";dur=3
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
113
referrer-policy
origin-when-cross-origin
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
normalized-user-agent
chrome/119.0.0
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
accept-ranges
bytes
timing-allow-origin
*
DFPAudiencePixel;ord=2800411786687.098;dc_seg=68820490
pubads.g.doubleclick.net/activity;dc_iu=/94238257/ 		42 B
542 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubads.g.doubleclick.net/activity;dc_iu=/94238257/DFPAudiencePixel;ord=2800411786687.098;dc_seg=68820490?
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Nov 2023 07:08:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ml.br.js
js.matheranalytics.com/static/ltm/ma16916/901956900/22/
Redirect Chain
  • https://js.matheranalytics.com/s/ma16916/901956900/ml.js?cb=1639
  • https://js.matheranalytics.com/static/ltm/ma16916/901956900/22/ml.br.js
152 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.matheranalytics.com/static/ltm/ma16916/901956900/22/ml.br.js
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Server
107.178.250.234 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
234.250.178.107.bc.googleusercontent.com
Software
nginx /
Resource Hash
dbd29dd7a21559b570910e7b58a6179318d3b7c93dfd11e76a2e650e55ab4710

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 17:21:16 GMT
content-encoding
br
via
1.1 google
last-modified
Mon, 09 Oct 2023 15:43:05 GMT
server
nginx
age
49625
etag
"8837c186251b7361bef4d9bb8de1f08b"
vary
Accept-Encoding
x-cache
HIT Mon, 09 Oct 2023 15:54:25 GMT
content-type
application/x-javascript
cache-control
public,max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
44685

Redirect headers

date
Sat, 04 Nov 2023 07:08:21 GMT
via
1.1 google
server
nginx
vary
Accept-Encoding
location
https://js.matheranalytics.com/static/ltm/ma16916/901956900/22/ml.br.js
cache-control
public, max-age=269200
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-served-by
0-gc-europe-west6-8j341022
veggie_burger-2.png
www.sonomamag.com/wp-content/uploads/2023/04/ 		308 B
678 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sonomamag.com/wp-content/uploads/2023/04/veggie_burger-2.png
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.52.12.191 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-52-12-191.us-west-1.compute.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
57de7f9619f97652c5c830685b3aedac5ebe2be072c2333be00f4c82ebc2fbc2
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Sat, 04 Nov 2023 07:08:21 GMT
Content-Encoding
gzip
Last-Modified
Thu, 27 Apr 2023 20:13:22 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"134-5fa56fcfb1c80-gzip"
Vary
Accept-Encoding
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
309
X-XSS-Protection
1; mode=block
smag-logo-1.png
www.sonomamag.com/wp-content/uploads/2023/06/ 		30 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sonomamag.com/wp-content/uploads/2023/06/smag-logo-1.png
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.52.12.191 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-52-12-191.us-west-1.compute.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3fd5f29043b5f7a4d559c1cf572ab5676138c5c4d0721940c887cf5ee2e05f6c
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Sat, 04 Nov 2023 07:08:21 GMT
Content-Encoding
gzip
Last-Modified
Thu, 01 Jun 2023 16:54:24 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"765c-5fd1449ddd000-gzip"
Vary
Accept-Encoding
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
29399
X-XSS-Protection
1; mode=block
subscribe_only.png
www.sonomamag.com/wp-content/uploads/2023/05/ 		8 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.sonomamag.com/wp-content/uploads/2023/05/subscribe_only.png
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.52.12.191 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-52-12-191.us-west-1.compute.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
02dd7bed19f11268f216636c812d0d4062ce5638ec197ed0fd506d28c8f9642b
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Sat, 04 Nov 2023 07:08:21 GMT
Content-Encoding
gzip
Last-Modified
Wed, 03 May 2023 17:53:19 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"1f56-5facdbb2bc1c0-gzip"
Vary
Accept-Encoding
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
8013
X-XSS-Protection
1; mode=block
truncated
/ 		42 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/gif
script.js
newsletter.sonomamag.com/widget/smag-inline/ 		1016 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsletter.sonomamag.com/widget/smag-inline/script.js
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
184.169.129.237 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-184-169-129-237.us-west-1.compute.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
4e19e2b13e0271aa50a2e4aca33736936e9e83042c59f196552abace3f562088

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Nov 2023 07:08:21 GMT
Server
Apache/2.4.41 (Ubuntu)
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=100
Content-Length
1016
Expires
Thu, 19 Nov 1981 08:52:00 GMT
SonomaMagazine_20231001-255x300.jpg
d1sve9khgp0cw0.cloudfront.net/wp-content/uploads/2023/10/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1sve9khgp0cw0.cloudfront.net/wp-content/uploads/2023/10/SonomaMagazine_20231001-255x300.jpg
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:cc00:5:5a52:9000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
2307a7142cff506f4697bd2448e7c5dc50a23912e2ac6c5812437fdeb584e679
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:21 GMT
content-encoding
gzip
via
1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
last-modified
Mon, 02 Oct 2023 21:34:52 GMT
server
Apache/2.4.41 (Ubuntu)
x-amz-cf-pop
FRA60-P6
etag
"6a80-606c28b5fd700-gzip"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
26956
x-xss-protection
1; mode=block
x-amz-cf-id
YTGhgX2hNGphpFdWYszj362boXQPDb4maOeXRzx76clJRo2q8X9Fuw==
SonomaMagazine_20230701-248x300.jpg
d1sve9khgp0cw0.cloudfront.net/wp-content/uploads/2023/07/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1sve9khgp0cw0.cloudfront.net/wp-content/uploads/2023/07/SonomaMagazine_20230701-248x300.jpg
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:cc00:5:5a52:9000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
84703f2f990b5e1b6c0e0ea13a5dfa56515ef4cb1f183a053a4abaab036d3daa
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:21 GMT
content-encoding
gzip
via
1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
last-modified
Thu, 06 Jul 2023 21:55:51 GMT
server
Apache/2.4.41 (Ubuntu)
x-amz-cf-pop
FRA60-P6
etag
"4729-5ffd89461a7c0-gzip"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
17919
x-xss-protection
1; mode=block
x-amz-cf-id
QL6JuVMKxW7R3gKtsLHXojsxxnEr1Dn_A0Nj-7swPiVtqkN64HjHgg==
SonomaMagazine_20230501-247x300.jpg
d1sve9khgp0cw0.cloudfront.net/wp-content/uploads/2023/05/ 		24 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1sve9khgp0cw0.cloudfront.net/wp-content/uploads/2023/05/SonomaMagazine_20230501-247x300.jpg
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:cc00:5:5a52:9000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
ce94d17e63ad798a279cc65324e6df976a9e86ac410665a019a02daac0cd97f1
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:21 GMT
content-encoding
gzip
via
1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
last-modified
Tue, 02 May 2023 20:18:16 GMT
server
Apache/2.4.41 (Ubuntu)
x-amz-cf-pop
FRA60-P6
etag
"6000-5fabba3b61200-gzip"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
24269
x-xss-protection
1; mode=block
x-amz-cf-id
HRJ90KTP3eMihni0-2rjPjz99ICteLR9T2uCif5osBveXsGLV2RnzQ==
SonomaMagazine_20230301-249x300.jpg
d1sve9khgp0cw0.cloudfront.net/wp-content/uploads/2023/03/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1sve9khgp0cw0.cloudfront.net/wp-content/uploads/2023/03/SonomaMagazine_20230301-249x300.jpg
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:cc00:5:5a52:9000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
b9c9a3785a696cbec46facfd1d63bc9ace79409ed2e3aa881238d7b3cdea9b97
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:21 GMT
content-encoding
gzip
via
1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
last-modified
Tue, 07 Mar 2023 02:22:13 GMT
server
Apache/2.4.41 (Ubuntu)
x-amz-cf-pop
FRA60-P6
etag
"5a74-5f6461457df40-gzip"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
22838
x-xss-protection
1; mode=block
x-amz-cf-id
ieu5IlFf_3nFvY6NeHBWPDxHcT_aUlnXtsK4qlgIHcb3jhqxYTakfA==
SonomaMagazine_20230101-1-248x300.jpg
d1sve9khgp0cw0.cloudfront.net/wp-content/uploads/2023/01/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1sve9khgp0cw0.cloudfront.net/wp-content/uploads/2023/01/SonomaMagazine_20230101-1-248x300.jpg
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:cc00:5:5a52:9000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
d3d3df6971ef0f91fd8a590bfcb75068af657fab8f014358cb886337b589265f
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:21 GMT
content-encoding
gzip
via
1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
last-modified
Fri, 20 Jan 2023 04:29:29 GMT
server
Apache/2.4.41 (Ubuntu)
x-amz-cf-pop
FRA60-P6
age
8027
etag
"58d0-5f2aa7ec8bc40-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
22338
x-xss-protection
1; mode=block
x-amz-cf-id
CiR5ybDFxSV_asYCphGSX6vrb6_Gveao8UHC0gRdAnR-aIcQymHo0Q==
SonomaMagazine_20221101-249x300.jpg
d1sve9khgp0cw0.cloudfront.net/wp-content/uploads/2022/11/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1sve9khgp0cw0.cloudfront.net/wp-content/uploads/2022/11/SonomaMagazine_20221101-249x300.jpg
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:cc00:5:5a52:9000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
298a07337c7e4aba00b2dae8a06ec5ef8e533197caa2597acd81a115665eac8f
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:21 GMT
content-encoding
gzip
via
1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
last-modified
Thu, 10 Nov 2022 23:02:35 GMT
server
Apache/2.4.41 (Ubuntu)
x-amz-cf-pop
FRA60-P6
age
12611
etag
"4d43-5ed25c4ce98c0-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
19366
x-xss-protection
1; mode=block
x-amz-cf-id
kIKC53KTx3mqc-CpoXCCBDWuOYnxN-_Tz7ZmgXMrzlw4Puxu75NbBw==
SonomaMagazine_20220901-249x300.jpg
d1sve9khgp0cw0.cloudfront.net/wp-content/uploads/2022/09/ 		22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1sve9khgp0cw0.cloudfront.net/wp-content/uploads/2022/09/SonomaMagazine_20220901-249x300.jpg
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:cc00:5:5a52:9000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
b63e057ee460c341004441dbefd9de5eeb9a75eb28c9c5242990554188453df0
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:21 GMT
content-encoding
gzip
via
1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
last-modified
Thu, 08 Sep 2022 17:28:13 GMT
server
Apache/2.4.41 (Ubuntu)
x-amz-cf-pop
FRA60-P6
etag
"581b-5e82dc1042540-gzip"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
22165
x-xss-protection
1; mode=block
x-amz-cf-id
S_-Gec_NVmJ_giqqxHnETFFrvSf-SR0YKJ9w3QGW23mNqD48PAlYOg==
SonomaMagazine_20220701-248x300.jpg
d1sve9khgp0cw0.cloudfront.net/wp-content/uploads/2022/07/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1sve9khgp0cw0.cloudfront.net/wp-content/uploads/2022/07/SonomaMagazine_20220701-248x300.jpg
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:cc00:5:5a52:9000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
a05a87cc997c4972e63a45c5a508b3968a43a1dd3e3f038e4193a136e38777b4
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:21 GMT
content-encoding
gzip
via
1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
last-modified
Tue, 05 Jul 2022 11:00:50 GMT
server
Apache/2.4.41 (Ubuntu)
x-amz-cf-pop
FRA60-P6
etag
"62b6-5e30cc3f0bc80-gzip"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
24890
x-xss-protection
1; mode=block
x-amz-cf-id
oUHyQE2Txdc1V5-zfJNBljPFR2Ttl1P1s4GfwXZLz_05Tvd-3pHJ4A==
SonomaMagazine_20220501-248x300.jpg
d1sve9khgp0cw0.cloudfront.net/wp-content/uploads/2022/05/ 		23 KB
24 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1sve9khgp0cw0.cloudfront.net/wp-content/uploads/2022/05/SonomaMagazine_20220501-248x300.jpg
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:cc00:5:5a52:9000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
8037aae9cfab224b75b37ab2aa6a870146fdfa1c9ebae15523fda78ab9b270fc
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:21 GMT
content-encoding
gzip
via
1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
last-modified
Tue, 10 May 2022 23:48:46 GMT
server
Apache/2.4.41 (Ubuntu)
x-amz-cf-pop
FRA60-P6
etag
"5d04-5deb0f72bb380-gzip"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
23698
x-xss-protection
1; mode=block
x-amz-cf-id
ciE1gT0WAUqfLMVpTdVVJe5Nmlk-5CUh4ADaFaMeqBu4TkV20FwFtA==
SonomaMagazine_20220301-2-248x300.jpg
d1sve9khgp0cw0.cloudfront.net/wp-content/uploads/2022/03/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1sve9khgp0cw0.cloudfront.net/wp-content/uploads/2022/03/SonomaMagazine_20220301-2-248x300.jpg
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:cc00:5:5a52:9000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
6d6e563a86f03998f5372172bc74b8eb63c11df9781ece3c738ddbc1f68bcf64
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:21 GMT
content-encoding
gzip
via
1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
last-modified
Thu, 17 Mar 2022 00:08:15 GMT
server
Apache/2.4.41 (Ubuntu)
x-amz-cf-pop
FRA60-P6
etag
"68a4-5da5ed39399c0-gzip"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
26400
x-xss-protection
1; mode=block
x-amz-cf-id
6VrV87E0TTRE7jle5GBl4ezmIKleI4pNFHGVgG5pLt86ullAlhu-iA==
SonomaMagazine_20220101-248x300.jpg
d1sve9khgp0cw0.cloudfront.net/wp-content/uploads/2022/01/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1sve9khgp0cw0.cloudfront.net/wp-content/uploads/2022/01/SonomaMagazine_20220101-248x300.jpg
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:cc00:5:5a52:9000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
f3148da8993ca4f39229962619112e87cc971945efae37c2d6af00a2e6649f8f
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:21 GMT
content-encoding
gzip
via
1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
last-modified
Tue, 11 Jan 2022 23:01:29 GMT
server
Apache/2.4.41 (Ubuntu)
x-amz-cf-pop
FRA60-P6
etag
"5517-5d5566ef4e440-gzip"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
21392
x-xss-protection
1; mode=block
x-amz-cf-id
sD9A-Q16KiOodJEsQpWn4WzgJ-9yQXZruiknKLd9VgdL3RWFUIy5YQ==
SonomaMagazine_20211101-248x300.jpg
d1sve9khgp0cw0.cloudfront.net/wp-content/uploads/2021/11/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1sve9khgp0cw0.cloudfront.net/wp-content/uploads/2021/11/SonomaMagazine_20211101-248x300.jpg
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:cc00:5:5a52:9000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
ddfd863e880836fa1d6f036411499658e8a3a0296f90e94db3416fe4853dcc64
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:21 GMT
content-encoding
gzip
via
1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
last-modified
Wed, 10 Nov 2021 00:49:34 GMT
server
Apache/2.4.41 (Ubuntu)
x-amz-cf-pop
FRA60-P6
etag
"6b93-5d064997d8380-gzip"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
27139
x-xss-protection
1; mode=block
x-amz-cf-id
GvBs8qn1eq7RND25OwS0atQgP4X60DX0nHEBTAdt8I6CdC4wrrdX6w==
script.js
newsletter.sonomamag.com/widget/subscribe/h:400/ 		987 B
946 B 		Script
General
Check archive.org
Download Go to
Full URL
https://newsletter.sonomamag.com/widget/subscribe/h:400/script.js
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
184.169.129.237 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-184-169-129-237.us-west-1.compute.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
bc4a6950662e216b3ca13c8e4a2cd0bf2ef9447ca4524aeede040d29b636ab90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Sat, 04 Nov 2023 07:08:21 GMT
Content-Encoding
gzip
Last-Modified
Fri, 03 Nov 2023 13:00:03 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"3db-6093f152c05e5-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=604801
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
533
swiper-bundle.min.css
cdnjs.cloudflare.com/ajax/libs/Swiper/6.5.8/ 		14 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/Swiper/6.5.8/swiper-bundle.min.css
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
401d5c523f0d2dd193df65b0c6f3115f94a8c7c305129df8570072cb05ccff8c
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:21 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
278648
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
3605
last-modified
Fri, 23 Apr 2021 19:42:36 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"6083232c-3631"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2iIpqKxASbbW%2FMFynl9iCTnBaz5cztS70DOQL6RmxSQ9kL%2FLEMbinnDSEYYl%2F%2FBeMVnjzuVIY7AnkbfL0XlIbslGA%2BCFW5ohbfHcYZJ%2F8cn9jBoV5ydl3HP8KIG6H5fY6zvJ8ExKt2iKNKe86UWEj08C"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
820b0677e9133a3d-FRA
expires
Thu, 24 Oct 2024 07:08:21 GMT
sonomamedia.js
tru.am/scripts/custom/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tru.am/scripts/custom/sonomamedia.js?ver=6.3.2
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4af5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fbc58176d281ddc0caa4af91ba0154a26d901cf3481ba9964c1e4804a4075c12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:21 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2424588
x-guploader-uploadid
ADPycdsmOjLYvZ1opKE0kcbZ3SA3bMjl22JI9FopXQp08CnFoFs2S87CRNNkeZ0XmJEu9_N68IDKWmTTXQNBupRs1vGhEI5s13ez
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 20 Nov 2020 03:52:27 GMT
server
cloudflare
etag
W/"7a67e589de188bb53d6b01061de96609"
vary
X-Goog-Allowed-Resources, Accept-Encoding
x-goog-generation
1605844347006942
content-type
text/javascript
x-goog-hash
crc32c=G1tUAw==, md5=emflid4Yi7U9awEGHelmCQ==
cache-control
public, max-age=2678400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=biNkekF5zmiSwvyJ8fHnNDIT86Fsx9PhOtr4FFqJ6VAtfSJ3jxHqr3Mukb8Z28fVBJ0iJkovGZcstdE3R26QWWoCaD6iKBlvKEoddxhvhRS1a2VRNPj%2FOecQMIrbIMA3pdpg6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
1039
cf-ray
820b06789fb0198f-FRA
expires
Sat, 07 Oct 2023 06:38:32 GMT
skip-link-focus-fix.js
d1sve9khgp0cw0.cloudfront.net/wp-content/themes/smag2023/js/ 		685 B
816 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d1sve9khgp0cw0.cloudfront.net/wp-content/themes/smag2023/js/skip-link-focus-fix.js?ver=20151215
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:cc00:5:5a52:9000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
14af47320898bd93f367026f7833c9956f14e24856976e4f9e10be31155cdcf2
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 09:06:13 GMT
content-encoding
gzip
via
1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
last-modified
Wed, 01 May 2019 18:50:16 GMT
server
Apache/2.4.41 (Ubuntu)
x-amz-cf-pop
FRA60-P6
age
79328
etag
"2ad-587d7fd016a00-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
accept-ranges
bytes
content-length
417
x-xss-protection
1; mode=block
x-amz-cf-id
eN8UC3XrX7uabtnHLWT2oDIh_0ifGKHlDXNEMYz-DBS48eJzm-6d7Q==
swiper-bundle.min.js
cdnjs.cloudflare.com/ajax/libs/Swiper/6.5.8/ 		139 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/Swiper/6.5.8/swiper-bundle.min.js
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e5e9bb24ae7c06f8c03e85e337e60442ed5a57d2b7aa5482b3fd4e641baae335
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:21 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
4759921
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
32894
last-modified
Thu, 22 Jun 2023 10:42:57 GMT
server
cloudflare
cf-cdnjs-via
cfworker/r2
etag
"649425b1-807e"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YvWR7bfNyBypWZPMwmy%2Fc9BAe%2BSEpu8IdiNJsjxpwdBR0lCPfuTxVLks%2FpLp574tCjLoqzkRDKsJ7fvxD9tWTngGU0tv%2FvWfbQdg29stmbE7XvK3D3D0zZ68Y8rM0CyXnd2%2BhR97XMCCIMjjxhy5IWI5"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
820b0677e9153a3d-FRA
expires
Thu, 24 Oct 2024 07:08:21 GMT
lightbox_speed.js
www.lightboxcdn.com/vendor/db6f0be6-f660-4856-9802-62d2a9838abf/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.lightboxcdn.com/vendor/db6f0be6-f660-4856-9802-62d2a9838abf/lightbox_speed.js
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:d483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
424144da1285b9e64bec27b6984bf01af57d2a644f29a5c5a72b8cd1beaaef23

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 04 Nov 2023 07:08:21 GMT
content-encoding
br
cf-cache-status
HIT
content-md5
NQ9Rnt1OQ4/x0dI3aHpL7Q==
age
247
cf-polished
origSize=4971
x-ms-lease-status
unlocked
cf-bgj
minify
last-modified
Fri, 03 Nov 2023 17:19:14 GMT
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
x-ms-request-id
1de76e42-501e-0038-0b7a-0e5969000000
cache-control
public, max-age=60
x-ms-version
2009-09-19
cf-ray
820b06789bebbba9-FRA
expires
Sat, 04 Nov 2023 07:09:21 GMT
Iurb6YFw84WUY4NJiBak.woff2
fonts.gstatic.com/s/gloock/v6/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/gloock/v6/Iurb6YFw84WUY4NJiBak.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Gloock
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9961e32d2cc313d516ad15b8b436973923c5632d6159cc0a8b4889debc60ad97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.sonomamag.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 18:11:23 GMT
x-content-type-options
nosniff
age
46618
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26384
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 21:06:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Nov 2024 18:11:23 GMT
416293679008839
connect.facebook.net/signals/config/ 		139 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/416293679008839?v=2.9.138&r=stable&domain=www.sonomamag.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
2abf7942533958b3fcb83e1a0ce9607a9c7bd02fd4faa65228f47d99fd69d29b
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 04 Nov 2023 07:08:21 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
4dZIcvStsH6l9U+s4DXnQXkWF2fdbaCxTkkLw/mSTEvn05PCTx+weJNZbD9T7oyX/nwGuVUJRS2evHZG7Ce8Ng==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Sat, 01 Jan 2000 00:00:00 GMT
loader-config.json
cdn.wgchrrammzv.com/prod/smi/ 		4 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.wgchrrammzv.com/prod/smi/loader-config.json
Requested by
Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/smi/loader.min.js?ver=1.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/4893) /
Resource Hash
fde0fa74a4cd0de48b236dc1a15bffd4a3c5364fd4797d8a7886721e8534bf4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 04 Nov 2023 07:08:21 GMT
content-encoding
gzip
content-md5
DzrzVRhZbkFxCwa67j7XGw==
age
42037
x-cache
HIT
content-length
1299
x-ms-lease-status
unlocked
last-modified
Thu, 02 Mar 2023 05:20:33 GMT
server
ECAcc (ama/4893)
etag
0x8DB1ADDD91E05DE
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
x-ms-request-id
1f68c130-f01e-0068-798b-0e912e000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
js
www.googletagmanager.com/gtag/ 		285 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-XBMKBT1D08&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PT47XM6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6e852d42516fb0a46bc60bcaf11fd079d36f8580a38239e0c058d3676b80af6f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
95911
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 04 Nov 2023 07:08:21 GMT
js
www.googletagmanager.com/gtag/ 		274 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-84Q5ST7BN6&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PT47XM6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
9ffbfa02b53c9e42834db0edebc350a07476d524d1688e59a5fed4a3da2a1447
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93385
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 04 Nov 2023 07:08:21 GMT
db83f9c6-a698-4a6a-89fb-c29c85426748
config.aps.amazon-adsystem.com/configs/ 		537 B
802 B 		Script
General
Check archive.org
Download Go to
Full URL
https://config.aps.amazon-adsystem.com/configs/db83f9c6-a698-4a6a-89fb-c29c85426748
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
99.86.4.128 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-99-86-4-128.fra6.r.cloudfront.net
Software
CloudFront /
Resource Hash
f61448deedc4107d0ebdda233fdfb49dc52f31a721859f90b724f490865a7e0d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 06:43:54 GMT
via
1.1 94faae20b0f122c4555025f52a2fd744.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA6-C1
age
1467
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
content-length
537
x-amz-cf-id
ufifR580JcKLvbhIf-_AJPEEY1ZEn8tiADmlxwS1fMxQURj3_THI2g==
config
c.amazon-adsystem.com/cdn/prod/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.sonomamag.com&pubid=db83f9c6-a698-4a6a-89fb-c29c85426748
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-181.fra2.r.cloudfront.net
Software
Server /
Resource Hash
d9185c606398d40a48d24ef32c1c7ab20c472390b5ed9daa2e190c9b2eaba492

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 01:36:32 GMT
via
1.1 c3b74c81fdcb7942211a6c721efa13fc.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA2-C1
age
19908
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.sonomamag.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
1112
x-amz-cf-id
igzGgFdDWqLUmQVdSHZsUqJZVt91RZYayM24X5pNexqKH4W3EUahnA==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.192.181 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-224-192-181.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-amz-version-id
9yABOonr2HqHtwbarUcdbIqN0f4A8Qog
content-encoding
gzip
via
1.1 0e75d8f2d484ce463fc04f5c422aa178.cloudfront.net (CloudFront)
date
Sat, 04 Nov 2023 07:08:21 GMT
x-amz-cf-pop
FRA2-C1
age
6374
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Tue, 29 Aug 2023 08:30:37 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
TZfDz9CsgyY5oTmlGoo4DQuq-wdHDcBMnfKw-YOb9bdxrrAL9p8w6Q==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/ 		425 KB
133 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e8cf20f6e98c91ff5a877209649b0839bb06e5751793babfb0dbbbb60a9e811a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 10:57:06 GMT
content-encoding
br
x-content-type-options
nosniff
age
72675
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136288
x-xss-protection
0
server
cafe
etag
17302374607849014435
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 02 Nov 2024 10:57:06 GMT
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-211-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:21 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Sat, 04 Nov 2023 07:23:21 GMT
launcher-stub.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-211-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:21 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"38c0-5e92054540ea5-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
5252
expires
Sat, 04 Nov 2023 07:23:21 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=416293679008839&ev=PageView&dl=https%3A%2F%2Fwww.sonomamag.com%2F&rl=&if=false&ts=1699081701414&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1699081701409.375025982&cs_est=true&ler=empty&it=1699081701171&coo=false&rqm=GET
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 04 Nov 2023 07:08:21 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
collect
region1.analytics.google.com/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-XBMKBT1D08&gtm=45je3b11v893940930z8858660649&_p=1699081701010&_gaz=1&gcd=11l1l1l1l1&cid=1661253279.1699081701&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699081701&sct=1&seg=0&dl=https%3A%2F%2Fwww.sonomamag.com%2F&dt=Sonoma%20Magazine%3A%20Things%20to%20Do%20in%20Sonoma&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1855
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XBMKBT1D08&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Nov 2023 07:08:21 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sonomamag.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
255 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-XBMKBT1D08&cid=1661253279.1699081701&gtm=45je3b11v893940930z8858660649&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-XBMKBT1D08&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Nov 2023 07:08:21 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sonomamag.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-XBMKBT1D08&cid=1661253279.1699081701&gtm=45je3b11v893940930z8858660649&aip=1&z=554793795
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Nov 2023 07:08:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ai.0.js
az416426.vo.msecnd.net/scripts/a/ 		94 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/smi/loader.min.js?ver=1.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/488D) /
Resource Hash
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 04 Nov 2023 07:08:21 GMT
content-encoding
gzip
x-ms-meta-lastmodified
2020-10-01 19:31:04
content-md5
HdY95yzx9wIyQkVEGES+Ew==
age
85
x-cache
HIT
content-length
22495
x-ms-lease-status
unlocked
last-modified
Thu, 11 Mar 2021 07:46:59 GMT
server
ECAcc (ama/488D)
etag
0x8D8E461DA1A5889
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
1405b8ee-201e-00cc-3fed-0ee8d6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
expires
Sat, 04 Nov 2023 07:38:21 GMT
fp.min.js
cdn.mircheigeshoa.com/prod/smi/ 		65 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.mircheigeshoa.com/prod/smi/fp.min.js?2023104
Requested by
Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/smi/loader.min.js?ver=1.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48C2) /
Resource Hash
5de827f682d6a4e4dea64140aa2ed12b08fdff1c467a1296eae21d41d9e1583f

Request headers

Referer
https://www.sonomamag.com/
Origin
https://www.sonomamag.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 04 Nov 2023 07:08:21 GMT
content-encoding
gzip
content-md5
i22pJNURmaIypCrZ034NnA==
age
27347
x-cache
HIT
content-length
23476
x-ms-lease-status
unlocked
last-modified
Tue, 14 Mar 2023 08:21:49 GMT
server
ECAcc (ama/48C2)
etag
0x8DB246528675F26
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
60fb97f2-101e-004f-6aae-0e86ea000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
g2i.min.js
cdn.o1ych4jb.com/prod/smi/ 		220 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.o1ych4jb.com/prod/smi/g2i.min.js?2023104
Requested by
Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/smi/loader.min.js?ver=1.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48BA) /
Resource Hash
3fdeead014175f8aa0be34573c2e0d969ba7dc548ab3aac695b27ed4265c4e4b

Request headers

Referer
https://www.sonomamag.com/
Origin
https://www.sonomamag.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 04 Nov 2023 07:08:21 GMT
content-encoding
gzip
content-md5
Sk8/GzZ0ZKYq2vOGSKoQfg==
age
21649
x-cache
HIT
content-length
49062
x-ms-lease-status
unlocked
last-modified
Tue, 27 Jun 2023 04:44:17 GMT
server
ECAcc (ama/48BA)
etag
0x8DB76C92A8CB462
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
96d31548-b01e-0056-35bb-0e0651000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
t8y9347t.min.js
cdn.pranmcpkx.com/prod/smi/ 		879 KB
205 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pranmcpkx.com/prod/smi/t8y9347t.min.js?2023104
Requested by
Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/smi/loader.min.js?ver=1.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/48F9) /
Resource Hash
0fb3eb2da3f5d7d228605ed034801827281e207ce7ae5aaa10a2386600d232fe

Request headers

Referer
https://www.sonomamag.com/
Origin
https://www.sonomamag.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 04 Nov 2023 07:08:21 GMT
content-encoding
gzip
content-md5
q3RdxMHrt6dAyq8Y1B7+4w==
age
29202
x-cache
HIT
content-length
209393
x-ms-lease-status
unlocked
last-modified
Tue, 27 Jun 2023 04:43:41 GMT
server
ECAcc (ama/48F9)
etag
0x8DB76C914B498B3
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
x-ms-request-id
5920ee76-801e-00a9-66a9-0e36cc000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
t8y9347t.min.css
cdn.pranmcpkx.com/prod/smi/ 		389 KB
54 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.pranmcpkx.com/prod/smi/t8y9347t.min.css?2023104
Requested by
Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/smi/loader.min.js?ver=1.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/4895) /
Resource Hash
7bb8f25f111a5c210d1c97b500680682cf9b39730b2a332eb5009a7af047ef56

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 04 Nov 2023 07:08:21 GMT
content-encoding
gzip
content-md5
l7CfowF+6GbciLFC23l7hQ==
age
29202
x-cache
HIT
content-length
55218
x-ms-lease-status
unlocked
last-modified
Tue, 27 Jun 2023 04:43:41 GMT
server
ECAcc (ama/4895)
etag
0x8DB76C914AECD2C
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
x-ms-request-id
289f3815-201e-0044-25a9-0e7d81000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control
max-age=43200
x-ms-version
2009-09-19
collect
region1.analytics.google.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-84Q5ST7BN6&gtm=45je3b11v9124898448z8858660649&_p=1699081701010&_gaz=1&gcd=11l1l1l1l1&cid=1661253279.1699081701&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699081701&sct=1&seg=0&dl=https%3A%2F%2Fwww.sonomamag.com%2F&dt=Sonoma%20Magazine%3A%20Things%20to%20Do%20in%20Sonoma&en=page_view&_fv=1&_ss=1&tfd=1952
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-84Q5ST7BN6&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Nov 2023 07:08:21 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sonomamag.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-84Q5ST7BN6&cid=1661253279.1699081701&gtm=45je3b11v9124898448z8858660649&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-84Q5ST7BN6&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Nov 2023 07:08:21 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.sonomamag.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-84Q5ST7BN6&cid=1661253279.1699081701&gtm=45je3b11v9124898448z8858660649&aip=1&z=669675979
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Nov 2023 07:08:21 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
launcher.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 		49 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-211-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:21 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"c4b6-5e920545406d3-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17042
expires
Sat, 04 Nov 2023 07:23:21 GMT
launcher
proc.ad.cpe.dotomi.com/cvx/client/direct/ 		190 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.1&lid=681
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:16::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:21 GMT
server
nginx
accept-ch
Sec-CH-UA-Platform-Version,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Bitness
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.sonomamag.com
cache-control
max-age=1800
access-control-allow-credentials
true
content-length
190
expires
Sat, 04 Nov 2023 07:38:21 GMT
script.js
newsletter.sonomamag.com/widget/smag-inline/ 		1016 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsletter.sonomamag.com/widget/smag-inline/script.js
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
184.169.129.237 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-184-169-129-237.us-west-1.compute.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
4e19e2b13e0271aa50a2e4aca33736936e9e83042c59f196552abace3f562088

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Nov 2023 07:08:21 GMT
Server
Apache/2.4.41 (Ubuntu)
Content-Type
text/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Keep-Alive
timeout=5, max=99
Content-Length
1016
Expires
Thu, 19 Nov 1981 08:52:00 GMT
coreid.min.js
secure.cdn.fastclick.net/js/cnvr-coreid/latest/ 		230 KB
66 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.211.26 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-211-26.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f981cd12a95a3d5cd29fed7b0e95e8b292061ca5d5237ff572d0b88e6894aaef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:21 GMT
content-encoding
gzip
last-modified
Wed, 18 Oct 2023 16:10:16 GMT
server
Apache
etag
"3965e-607ffe0078239-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
67642
expires
Sat, 04 Nov 2023 07:23:21 GMT
self
api-mg2.db-ip.com/v2/p14891b727f063924f0d86d8a8e5063678abd2ac/ 		567 B
772 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-mg2.db-ip.com/v2/p14891b727f063924f0d86d8a8e5063678abd2ac/self?_=1699081701875
Requested by
Host: cdn.mircheigeshoa.com
URL: https://cdn.mircheigeshoa.com/prod/smi/fp.min.js?2023104
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.5.15 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
27f5091c35bf3f526e50e4d48d4e5fec689ed3a5b123dbc50996538a94ec21b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:22 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Sat, 04 Nov 2023 07:08:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6mDaEVSzuf1tTeXkpu%2BmrLNGeIKpdXXbfTVooUUpmfViYwIlv79cojnw3JGpKeKidO6FSIaGGl83oK8IwA6g3CRxSJNcuRmMjDbt2bHKpHq3NQ3kHeTILy%2FqV9oNNomO8cfY"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=1800
cf-ray
820b067d0bf5916e-FRA
alt-svc
h3=":443"; ma=86400
ta-pagesocial-sdk.js
tru.am/scripts/ 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tru.am/scripts/ta-pagesocial-sdk.js
Requested by
Host: tru.am
URL: https://tru.am/scripts/custom/sonomamedia.js?ver=6.3.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4af5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a20b371f96093be0c049b07134deb9bec533817ce791e865aaab7b60dfe4beb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:22 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2433381
x-guploader-uploadid
ADPycdsgB7csdSs4aWr55Twv7My_ssgX2Lpk2JnCVrR-E5YjkXzTAdqW2P71WFXYTBJIvFqRp7MGz7gJRiV3sNTxCqUt6w
x-goog-storage-class
REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=86400
last-modified
Thu, 21 Jul 2022 07:45:14 GMT
server
cloudflare
etag
W/"2925c8da90d1d29f7899fa52629fe37d"
vary
Accept-Encoding
x-goog-hash
crc32c=TsbXyg==, md5=KSXI2pDR0p94mfpSYp/jfQ==
x-goog-generation
1658389514760491
content-type
text/javascript
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xh3ioMn256ZQ2G0oiyrxKVyvp5G3CQND1nKroUZB4UblsYkc0ddl58XqLc%2Bp5HYiw%2BUFj2wbOw4OXToQfIrL5RSnpy45HUB81JLYDJCDuHejZCYPxDNmEJmEaE1LlK2FKHz8ZQ%3D%3D"}],"group":"cf-nel","max_age":604800}
cache-control
max-age=2678400
x-goog-stored-content-length
27860
cf-ray
820b067d7b6f198f-FRA
expires
Sat, 07 Oct 2023 03:12:11 GMT
truncated
/ 		2 KB
2 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cd0b7385c8a691d9b2e7af11f3fbe1e7b1f42ecf11531882594908bf4a1b830e

Request headers

Referer
Origin
https://www.sonomamag.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
application/x-font-woff2;charset=utf-8
YR8-X5PjvZ9HZA2t4-9Y9s1n9wk-150x150.jpg
d1sve9khgp0cw0.cloudfront.net/wp-content/uploads/2023/10/ 		36 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1sve9khgp0cw0.cloudfront.net/wp-content/uploads/2023/10/YR8-X5PjvZ9HZA2t4-9Y9s1n9wk-150x150.jpg
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:cc00:5:5a52:9000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
47293687dd2154cf57b14c2acb7ccc0588dcf16ef3781b8074cca705c5ff703d
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 16:55:19 GMT
content-encoding
gzip
via
1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
last-modified
Wed, 25 Oct 2023 22:06:32 GMT
server
Apache/2.4.41 (Ubuntu)
x-amz-cf-pop
FRA60-P6
age
51183
etag
"8f5d-60891aaf92a00-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
21622
x-xss-protection
1; mode=block
x-amz-cf-id
cWogqrxGhnL_4k-uWK62WHlsoFRbXNiTYIubxuaagzJspO3dvZOf9g==
MPJDwCyX5CYwQy0EXj-N96rv0gU-150x150.jpeg
d1sve9khgp0cw0.cloudfront.net/wp-content/uploads/2023/11/ 		39 KB
35 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1sve9khgp0cw0.cloudfront.net/wp-content/uploads/2023/11/MPJDwCyX5CYwQy0EXj-N96rv0gU-150x150.jpeg
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:cc00:5:5a52:9000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
b56854b2feab76851e44cda448ae467094f921d98e3db4eca17c96ea11952611
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 18:59:30 GMT
content-encoding
gzip
via
1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
last-modified
Wed, 01 Nov 2023 19:32:36 GMT
server
Apache/2.4.41 (Ubuntu)
x-amz-cf-pop
FRA60-P6
age
43732
etag
"9a81-6091c555a9d00-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
35582
x-xss-protection
1; mode=block
x-amz-cf-id
mrlyUR9xy_AWFVFixFBh6_ezanGoiyWR723d6HUaELFuo_TSrCHlSg==
2V1A4682_Coturri_Sonoma_Mag_7_24_002-150x150.jpg
d1sve9khgp0cw0.cloudfront.net/wp-content/uploads/2023/10/ 		47 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1sve9khgp0cw0.cloudfront.net/wp-content/uploads/2023/10/2V1A4682_Coturri_Sonoma_Mag_7_24_002-150x150.jpg
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:cc00:5:5a52:9000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
4aee3f291e8081db6438e755065e241537d763ac096d526aa42066fc97db5a7c
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 19:11:21 GMT
content-encoding
gzip
via
1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
last-modified
Tue, 24 Oct 2023 23:49:12 GMT
server
Apache/2.4.41 (Ubuntu)
x-amz-cf-pop
FRA60-P6
age
43021
etag
"baa5-6087efc4bee00-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
34703
x-xss-protection
1; mode=block
x-amz-cf-id
Jccch2CVaUQ3RnzrdftNWj5fbZxwHMW_CiaFQ0Ew48nwLiydGlkYCw==
cc0826_MarshallStore_CrabSandwich-150x150.jpg
d1sve9khgp0cw0.cloudfront.net/wp-content/uploads/2019/06/ 		21 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1sve9khgp0cw0.cloudfront.net/wp-content/uploads/2019/06/cc0826_MarshallStore_CrabSandwich-150x150.jpg
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:cc00:5:5a52:9000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
08e5c233c50ee56daf56a4b074a32969777a50a58ffbd43b0b6e43bb7455441d
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 19:11:22 GMT
content-encoding
gzip
via
1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
last-modified
Sun, 11 Aug 2019 02:34:03 GMT
server
Apache/2.4.41 (Ubuntu)
x-amz-cf-pop
FRA60-P6
age
43020
etag
"543a-58fce3d989cc0-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
14429
x-xss-protection
1; mode=block
x-amz-cf-id
fkwcUX8yBbu-irEOIBELi4563ZROjsLi-TTqawp7K4ULqWX-v7eIrw==
4tkJ2UPqaTEnyKAR4t2JyqOqbwI-150x150.jpg
d1sve9khgp0cw0.cloudfront.net/wp-content/uploads/2023/10/ 		43 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1sve9khgp0cw0.cloudfront.net/wp-content/uploads/2023/10/4tkJ2UPqaTEnyKAR4t2JyqOqbwI-150x150.jpg
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:cc00:5:5a52:9000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
f3f618c26ed3a3b83a520a46588a4fce7b5b50eb71720dbb029c59beb8e8116e
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 16:55:19 GMT
content-encoding
gzip
via
1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
last-modified
Mon, 23 Oct 2023 22:27:47 GMT
server
Apache/2.4.41 (Ubuntu)
x-amz-cf-pop
FRA60-P6
age
51183
etag
"ab54-60869bb495ec0-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
33233
x-xss-protection
1; mode=block
x-amz-cf-id
POg7OOKvwhUnScCqBfrUD1w8O_lm6gNcCqiypOPEglFPvyPrKxxbOA==
digibox.gif
www.lightboxcdn.com/z9g/ 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.lightboxcdn.com/z9g/digibox.gif?c=1699081702056&h=www.sonomamag.com&e=p&u=44973
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:d483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 04 Nov 2023 07:08:22 GMT
cf-cache-status
HIT
content-md5
KNaBTzCeoon4R8ac+RGUxg==
age
204029
cf-polished
status=not_needed
x-ms-meta-cbmodifiedtime
Fri, 02 Dec 2022 00:02:02 GMT
content-length
35
x-ms-lease-status
unlocked
cf-bgj
imgq:85,h2pri
last-modified
Fri, 02 Dec 2022 00:02:38 GMT
server
cloudflare
etag
0x8DAD3F8864E2F29
vary
Accept-Encoding
content-type
image/gif
x-ms-request-id
20483947-a01e-002d-1ad5-319bf0000000
x-ms-version
2009-09-19
accept-ranges
bytes
cf-ray
820b067dd857bba9-FRA
fontawesome-webfont.woff2
cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: cdnjs.cloudflare.com
URL: https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css?ver=4.7.0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

Referer
https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css?ver=4.7.0
Origin
https://www.sonomamag.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:22 GMT
strict-transport-security
max-age=15780000
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age
254778
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
77160
last-modified
Mon, 04 May 2020 16:10:07 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03e5f-12d68"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k%2Fn1792jARHEoMfMII3GtE5tCw4Mg6V3%2FH7Qpy3RG2GJA6CNsOJq28ga4PEL%2FEd5Ol8nfe8K3oLmafCIGS1pd%2BfAJyUAMCLRfjVCWvB5GiLhDLnNRZuN%2BgmO5OSmMZNcjrzLaPDCMp02jGZomSyOVDOw"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
820b067e3c76993f-FRA
expires
Thu, 24 Oct 2024 07:08:22 GMT
eirinie-carson-credit-kirby-stenger-1-1024x768.jpeg
d1sve9khgp0cw0.cloudfront.net/wp-content/uploads/2023/11/ 		99 KB
99 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1sve9khgp0cw0.cloudfront.net/wp-content/uploads/2023/11/eirinie-carson-credit-kirby-stenger-1-1024x768.jpeg
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:cc00:5:5a52:9000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
467f4c3950f4612684394cf8286300ed6709c49ca691bef12a1c912e00ef0c4f
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 23:39:23 GMT
content-encoding
gzip
via
1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
last-modified
Fri, 03 Nov 2023 23:19:40 GMT
server
Apache/2.4.41 (Ubuntu)
x-amz-cf-pop
FRA60-P6
age
26939
etag
"18d79-60947bd1ca029-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
x-amz-cf-id
dbI6U1YMVZlAFPOtqaGtLoQSzBAzOBOIi87OXG7rPofjTWX2haLMrg==
x-xss-protection
1; mode=block
breakfast-sandwich-lightwave-coffee-courtesy-768x511.jpeg
d1sve9khgp0cw0.cloudfront.net/wp-content/uploads/2022/04/ 		55 KB
55 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1sve9khgp0cw0.cloudfront.net/wp-content/uploads/2022/04/breakfast-sandwich-lightwave-coffee-courtesy-768x511.jpeg
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:cc00:5:5a52:9000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
d2323f0eab8fea50abf841184d3266c331022e7e49e80e24f76f18bfd060d005
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 19:49:13 GMT
content-encoding
gzip
via
1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
last-modified
Fri, 15 Apr 2022 03:03:20 GMT
server
Apache/2.4.41 (Ubuntu)
x-amz-cf-pop
FRA60-P6
age
40749
etag
"dafa-5dca8a71f0e00-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
55987
x-xss-protection
1; mode=block
x-amz-cf-id
oWyiKVpi7hnt4GRg1yJLs-gA8mQkf7EMQIYQtygn4jD_zc51J24A7Q==
C32FA002-EE18-4588-B020-FC7060C10851-1-768x503.jpeg
d1sve9khgp0cw0.cloudfront.net/wp-content/uploads/2023/11/ 		60 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1sve9khgp0cw0.cloudfront.net/wp-content/uploads/2023/11/C32FA002-EE18-4588-B020-FC7060C10851-1-768x503.jpeg
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:cc00:5:5a52:9000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
28b0275c9a5d52ac2d453b6e6eaf3986b4dabb4bc72da0ced74a2be31aeb5466
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 06:25:31 GMT
content-encoding
gzip
via
1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
last-modified
Thu, 02 Nov 2023 19:36:00 GMT
server
Apache/2.4.41 (Ubuntu)
x-amz-cf-pop
FRA60-P6
age
2571
etag
"eec4-609307f67414c-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
content-length
57731
x-xss-protection
1; mode=block
x-amz-cf-id
SO-vjRJ1zUye8_2UTZ45OpB0H84st-dYGWfWA_Xq92jHbspP1O4dNg==
Appellation_Tabletop-768x512.jpg
d1sve9khgp0cw0.cloudfront.net/wp-content/uploads/2022/06/ 		157 KB
149 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d1sve9khgp0cw0.cloudfront.net/wp-content/uploads/2022/06/Appellation_Tabletop-768x512.jpg
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2644:cc00:5:5a52:9000:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
9afd12dd53317329dd5eebf0f55a47c9f9e6a2230e41be50d85c4b5ca6ffa29b
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:22 GMT
content-encoding
gzip
via
1.1 8e8e6ea60de74421f0058675cbcf9cb0.cloudfront.net (CloudFront)
last-modified
Thu, 23 Jun 2022 17:57:46 GMT
server
Apache/2.4.41 (Ubuntu)
x-amz-cf-pop
FRA60-P6
age
1955
etag
"2740c-5e22130ea1a80-gzip"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/jpeg
accept-ranges
bytes
x-amz-cf-id
FhLRONCZs6ohJdb2CpL7TIsmfPsb_cDGYod1fHaIAQxxvTOVKtmexw==
x-xss-protection
1; mode=block
b5a5fb7f64e61dfa271df912c7bbfa8f
newsletter.sonomamag.com/framed/smag/inline/ Frame 819F 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newsletter.sonomamag.com/framed/smag/inline/b5a5fb7f64e61dfa271df912c7bbfa8f?pref=smag_cork-fork&fid=5232
Requested by
Host: d1sve9khgp0cw0.cloudfront.net
URL: https://d1sve9khgp0cw0.cloudfront.net/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
184.169.129.237 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-184-169-129-237.us-west-1.compute.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
d3882f356c0b3f72917c2ee39e2c5f47d2c7bbb28f31a9093d739a66652866e5

Request headers

Referer
https://www.sonomamag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
3452
Content-Type
text/html; charset=UTF-8
Date
Sat, 04 Nov 2023 07:08:22 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=98
Pragma
no-cache
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding
b5a5fb7f64e61dfa271df912c7bbfa8f
newsletter.sonomamag.com/framed/smag/inline/ Frame 1410 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newsletter.sonomamag.com/framed/smag/inline/b5a5fb7f64e61dfa271df912c7bbfa8f?pref=smag_cork-fork&fid=5798
Requested by
Host: d1sve9khgp0cw0.cloudfront.net
URL: https://d1sve9khgp0cw0.cloudfront.net/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
184.169.129.237 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-184-169-129-237.us-west-1.compute.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
82a080c9cc1de7a4ed1887f97dba5057fb14017f15e08ddc4c4ecb6e623c3377

Request headers

Referer
https://www.sonomamag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
3452
Content-Type
text/html; charset=UTF-8
Date
Sat, 04 Nov 2023 07:08:22 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=99
Pragma
no-cache
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding
c436dadced448bd5c492ca666ecde2a4&fid=8843
newsletter.sonomamag.com/framed/subscribe/ Frame 7028 		11 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://newsletter.sonomamag.com/framed/subscribe/c436dadced448bd5c492ca666ecde2a4&fid=8843
Requested by
Host: d1sve9khgp0cw0.cloudfront.net
URL: https://d1sve9khgp0cw0.cloudfront.net/wp-includes/js/jquery/jquery.min.js?ver=3.7.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
184.169.129.237 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-184-169-129-237.us-west-1.compute.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
767d44b7ea55c357f7b19bc0b86cea7167236e5c2b44872b3d9d3c97e525d2e8

Request headers

Referer
https://www.sonomamag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
3672
Content-Type
text/html; charset=UTF-8
Date
Sat, 04 Nov 2023 07:08:22 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Keep-Alive
timeout=5, max=98
Pragma
no-cache
Server
Apache/2.4.41 (Ubuntu)
Vary
Accept-Encoding
ping
ping.chartbeat.net/ 		43 B
201 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ping.chartbeat.net/ping?h=pressdemocrat.com&p=%2F&u=C8i-m-CHahOZBdMIwO&d=sonomamag.com&g=60036&g0=Magazine&g1=SonomaMag&n=1&f=00001&c=0&x=0&m=0&y=10903&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&PA=https%3A%2F%2Fwww.sonomamag.com%2F&b=2524&t=mKIMTD6gTu0G6w53BtuNthqbfZ7&V=141&i=Sonoma%20Magazine%3A%20Things%20to%20Do%20in%20Sonoma&tz=-60&sn=1&sv=BEs08QCRwtsQDzz8ogD6TTRFeYEkC&sd=1&im=061b2fff&_
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.198.220.199 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-198-220-199.compute-1.amazonaws.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Sat, 04 Nov 2023 07:08:22 GMT
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-length
43
expires
0
t
jadserve.postrelease.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.sonomamag.com%2F&ntv_mvi
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.223.39.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-39-7.compute-1.amazonaws.com
Software
nginx /
Resource Hash
28900d71bfd70228f4a5258665ab4a3ebc9c77f1a983398b8ca92161cc738aa6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Nov 2023 07:08:22 GMT
content-encoding
gzip
server
nginx
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
1351
expires
Mon, 1 Jan 1990 12:00:00 GMT
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.sonomamag.com%2F&pid=iNrR2uOnOy9j5&cb=0&ws=1600x1200&v=23.1027.1921&t=2000&slots=%5B%7B%22sd%22%3A%22ad-12-desktop-1x1%22%2C%22s%22%3A%5B%221x1%22%5D%2C%22sn%22%3A%22%2F94238257%2Fsmag%22%7D%5D&schain=1.0%2C1!yourbow.com%2C63%2C1%2C%2C%2C&pubid=db83f9c6-a698-4a6a-89fb-c29c85426748&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-77.fra60.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:22 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
x-amz-rid
ZBSW0HCGAVXJ3DCSV2R3
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.sonomamag.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
zXpcn6FIYN6TxSKvWxciJhh6W6YtkrkPgq2yyD8rNS1XDsEHq6zk4Q==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.sonomamag.com%2F&pid=iNrR2uOnOy9j5&cb=1&ws=1600x1200&v=23.1027.1921&t=2000&slots=%5B%7B%22sd%22%3A%22ad-14-desktop-728x90%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F94238257%2Fsmag%22%7D%5D&schain=1.0%2C1!yourbow.com%2C63%2C1%2C%2C%2C&pubid=db83f9c6-a698-4a6a-89fb-c29c85426748&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-77.fra60.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:22 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
x-amz-rid
1G0DE4PSBBBGSPGHDQSM
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.sonomamag.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
xIXmio9cme942BW0uTtncFuOybyzpPh4zqQU539AcJCZLeA2febwoQ==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.sonomamag.com%2F&pid=iNrR2uOnOy9j5&cb=2&ws=1600x1200&v=23.1027.1921&t=2000&slots=%5B%7B%22sd%22%3A%22ad-3-desktop-728x90%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F94238257%2Fsmag%22%7D%5D&schain=1.0%2C1!yourbow.com%2C63%2C1%2C%2C%2C&pubid=db83f9c6-a698-4a6a-89fb-c29c85426748&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-77.fra60.r.cloudfront.net
Software
Server /
Resource Hash
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:22 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
x-amz-rid
2TC0JKWH3D5892C4VDV1
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.sonomamag.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
CxV5yvSlwAqRdwRvI4CgWzoodHV3Gw9-FPtNoNxr6gswH9uC1ILp3A==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.sonomamag.com%2F&pid=iNrR2uOnOy9j5&cb=3&ws=1600x1200&v=23.1027.1921&t=2000&slots=%5B%7B%22sd%22%3A%22ad-6-desktop-728x90%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F94238257%2Fsmag%22%7D%5D&schain=1.0%2C1!yourbow.com%2C63%2C1%2C%2C%2C&pubid=db83f9c6-a698-4a6a-89fb-c29c85426748&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-77.fra60.r.cloudfront.net
Software
Server /
Resource Hash
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:22 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
x-amz-rid
87Y4291D9M9SR493HNYZ
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.sonomamag.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
-_HDgV-BqfTYtQ9VY4jC21PdV98nbq_uBhC6aVfKKZ3zwr5UNNGaTQ==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
463 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.sonomamag.com%2F&pid=iNrR2uOnOy9j5&cb=4&ws=1600x1200&v=23.1027.1921&t=2000&slots=%5B%7B%22sd%22%3A%22ad-9-desktop-728x90%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22%2F94238257%2Fsmag%22%7D%5D&schain=1.0%2C1!yourbow.com%2C63%2C1%2C%2C%2C&pubid=db83f9c6-a698-4a6a-89fb-c29c85426748&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-77.fra60.r.cloudfront.net
Software
Server /
Resource Hash
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:22 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
x-amz-rid
DZ0JFZPGE6DHAA7SQS40
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.sonomamag.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
uOiV_LQ2mLWZMIoQ6jV0wITGflXZa9cvIKKVPwIi1oc_1_h0w5fXpw==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.sonomamag.com%2F&pid=iNrR2uOnOy9j5&cb=5&ws=1600x1200&v=23.1027.1921&t=2000&slots=%5B%7B%22sd%22%3A%22ad-15-desktop-300x250%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F94238257%2Fsmag%22%7D%5D&schain=1.0%2C1!yourbow.com%2C63%2C1%2C%2C%2C&pubid=db83f9c6-a698-4a6a-89fb-c29c85426748&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-77.fra60.r.cloudfront.net
Software
Server /
Resource Hash
111041158b9290ae7cc0c6da69d7c4f5600e8a73b4c7399d675df7f15ba7b063
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:22 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
x-amz-rid
TM408AWVMA4HZGH718AW
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.sonomamag.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
cDIsd-slIjsXBLa1nc7A0QOphWEfKyn_FLNIm45c1ptjrSFnKsftYg==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.sonomamag.com%2F&pid=iNrR2uOnOy9j5&cb=6&ws=1600x1200&v=23.1027.1921&t=2000&slots=%5B%7B%22sd%22%3A%22ad-16-desktop-300x250%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F94238257%2Fsmag%22%7D%5D&schain=1.0%2C1!yourbow.com%2C63%2C1%2C%2C%2C&pubid=db83f9c6-a698-4a6a-89fb-c29c85426748&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-77.fra60.r.cloudfront.net
Software
Server /
Resource Hash
0cff03129f16a73a8ff89d06578b0b1a1127bddb582fd05f0ab62f8ccc6b62f7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:22 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
x-amz-rid
ZF526R7QVBTTRAKN1PJK
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.sonomamag.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
uRzCPepm_n1wMgtX82PYKkkKZ9EgpDhdkV9PXO8K0MrX33F75Fwnxw==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.sonomamag.com%2F&pid=iNrR2uOnOy9j5&cb=7&ws=1600x1200&v=23.1027.1921&t=2000&slots=%5B%7B%22sd%22%3A%22ad-17-desktop-300x250%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F94238257%2Fsmag%22%7D%5D&schain=1.0%2C1!yourbow.com%2C63%2C1%2C%2C%2C&pubid=db83f9c6-a698-4a6a-89fb-c29c85426748&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-77.fra60.r.cloudfront.net
Software
Server /
Resource Hash
8ec3cdfcdc79223ee04ed060812314854cb3b3d9d1914390c755934366fc3693
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:22 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
x-amz-rid
4G2EFGW99RNTJFBJMDXQ
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.sonomamag.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
neDp4qvyroAC0TU6RvIkHNNR1jVIT0PU32BOKVhxC0rnk9iMurJjDQ==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
462 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.sonomamag.com%2F&pid=iNrR2uOnOy9j5&cb=8&ws=1600x1200&v=23.1027.1921&t=2000&slots=%5B%7B%22sd%22%3A%22ad-18-desktop-300x1%22%2C%22s%22%3A%5B%22300x1%22%5D%2C%22sn%22%3A%22%2F94238257%2Fsmag%22%7D%5D&schain=1.0%2C1!yourbow.com%2C63%2C1%2C%2C%2C&pubid=db83f9c6-a698-4a6a-89fb-c29c85426748&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-77.fra60.r.cloudfront.net
Software
Server /
Resource Hash
c905a799c91593b68a840f7aae0bd411b7f0d2d475c8f5f5a780d54018fb61b8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:22 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
x-amz-rid
07A25QGN97J19NQNBDA1
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.sonomamag.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
Y8zPg6-VMh3XvjNpnis6okJex6SU0Y9SlCNkDKBPEyTiCp1u9HVaCw==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.sonomamag.com%2F&pid=iNrR2uOnOy9j5&cb=9&ws=1600x1200&v=23.1027.1921&t=2000&slots=%5B%7B%22sd%22%3A%22ad-19-desktop-300x250%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F94238257%2Fsmag%22%7D%5D&schain=1.0%2C1!yourbow.com%2C63%2C1%2C%2C%2C&pubid=db83f9c6-a698-4a6a-89fb-c29c85426748&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-77.fra60.r.cloudfront.net
Software
Server /
Resource Hash
4b8f230af668f20a7b50021f1edb1fac1c96cab1aa576933a2064e5d7807179b
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:22 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
x-amz-rid
RG8SKTH6JXCJVMFCBCSN
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.sonomamag.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
2oLl2YtjkZz82JRGUzXorlo6tUpNi0RWgISYB4GoGZKgQL11deZCFg==
bid
aax.amazon-adsystem.com/e/dtb/ 		24 B
465 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.sonomamag.com%2F&pid=iNrR2uOnOy9j5&cb=10&ws=1600x1200&v=23.1027.1921&t=2000&slots=%5B%7B%22sd%22%3A%22ad-21-desktop-728x90%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F94238257%2Fsmag%22%7D%5D&schain=1.0%2C1!yourbow.com%2C63%2C1%2C%2C%2C&pubid=db83f9c6-a698-4a6a-89fb-c29c85426748&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.119.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-119-77.fra60.r.cloudfront.net
Software
Server /
Resource Hash
b84677c9d507861ede2db86349957b3fff926d3857fb11595ab96d8866314798
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:22 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 8c08c39035033b8c904aa0e3f734d6c6.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA60-P1
x-amz-rid
P1TKQN6QAJJ09NJJ039E
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.sonomamag.com
access-control-allow-credentials
true
timing-allow-origin
*
content-length
24
x-amz-cf-id
OrZHASLyKqRH2zKSFeN90nmN5dIXfFPzPE8fNTwP--W-xss6IEiCkw==
js
www.googletagmanager.com/gtag/ Frame 1410 		268 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-BKQ8B1L124
Requested by
Host: newsletter.sonomamag.com
URL: https://newsletter.sonomamag.com/framed/smag/inline/b5a5fb7f64e61dfa271df912c7bbfa8f?pref=smag_cork-fork&fid=5798
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c20e938074f0ac902cd68c11605dcdb0fa8c337a05a37f22b0003b7e1cb5080e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsletter.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91781
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 04 Nov 2023 07:08:22 GMT
normalize.min.css
cdnjs.cloudflare.com/ajax/libs/normalize/8.0.1/ Frame 1410 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/normalize/8.0.1/normalize.min.css
Requested by
Host: newsletter.sonomamag.com
URL: https://newsletter.sonomamag.com/framed/smag/inline/b5a5fb7f64e61dfa271df912c7bbfa8f?pref=smag_cork-fork&fid=5798
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97ce4e98f3a3be297f48ebd5b771e74928f31754d43324fd795d1cd81cc41b35
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsletter.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:22 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1943788
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
633
last-modified
Mon, 04 May 2020 16:13:31 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f2b-745"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=eOHMuTddlRC0sXg2Gfzrz%2B%2F3l6BAjskIoJlWA3b7jEYqri%2FML7PmAAEFNo3XDxo0lglctjV5gZQx%2FbZDikC4jSt%2FdmJKw2UkSscKB%2FGMzowgiBvA%2FPl3edvO9eerkAIjI%2FKw0TegGVbZ57fRrisskB7A"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
820b067fd8f83a9d-FRA
expires
Thu, 24 Oct 2024 07:08:22 GMT
css2
fonts.googleapis.com/ Frame 1410 		1016 B
523 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Gloock
Requested by
Host: newsletter.sonomamag.com
URL: https://newsletter.sonomamag.com/framed/smag/inline/b5a5fb7f64e61dfa271df912c7bbfa8f?pref=smag_cork-fork&fid=5798
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fa8169d930c422d887710e1985d3b025973b7eb370295b66b64b2cbefd3e8861
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsletter.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 04 Nov 2023 07:08:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 04 Nov 2023 07:08:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 04 Nov 2023 07:08:22 GMT
style.css
newsletter.sonomamag.com/css/ Frame 1410 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsletter.sonomamag.com/css/style.css?v=20230920
Requested by
Host: newsletter.sonomamag.com
URL: https://newsletter.sonomamag.com/framed/smag/inline/b5a5fb7f64e61dfa271df912c7bbfa8f?pref=smag_cork-fork&fid=5798
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
184.169.129.237 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-184-169-129-237.us-west-1.compute.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
c5ce58dbddc6ace071c45efb5f5f45806f31ccb272867a0c92ad58585f8e4cf1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsletter.sonomamag.com/framed/smag/inline/b5a5fb7f64e61dfa271df912c7bbfa8f?pref=smag_cork-fork&fid=5798
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Sat, 04 Nov 2023 07:08:22 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 May 2023 18:07:07 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"51ca-5fbe78e4d48c0-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=604801
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
3776
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ Frame 1410 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: newsletter.sonomamag.com
URL: https://newsletter.sonomamag.com/framed/smag/inline/b5a5fb7f64e61dfa271df912c7bbfa8f?pref=smag_cork-fork&fid=5798
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsletter.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:22 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
908133
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27938
last-modified
Tue, 02 Mar 2021 18:58:36 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"603e8adc-15d9d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NuJGWcxrRUcajWuWFB42tmRdDUbx6xZp9tcepEcbQRHG5QF31nBR3D3w6Uoc%2BIudbugVS0Y%2Bcm1I4BX3%2FhTkzvNCbMg6rg5TlpWesxFPbWO5A0Aakc%2FSnwIMbxaRvrSsUigku%2F9N00vHe0Az9Sm5xK9t"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
820b067fe8f93a9d-FRA
expires
Thu, 24 Oct 2024 07:08:22 GMT
lightbox.min.js
cdn.pressdemocrat.com/vendor/cph/lightbox/3.0.3/ Frame 1410 		30 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pressdemocrat.com/vendor/cph/lightbox/3.0.3/lightbox.min.js
Requested by
Host: newsletter.sonomamag.com
URL: https://newsletter.sonomamag.com/framed/smag/inline/b5a5fb7f64e61dfa271df912c7bbfa8f?pref=smag_cork-fork&fid=5798
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.219.243.149 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-219-243-149.us-west-1.compute.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
c8f46f3a4470800a0a5ce4e0ad6d4d0c2a8dcd3a5cd8af71e0767b8c49afa876

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsletter.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Sat, 04 Nov 2023 07:08:23 GMT
Content-Encoding
gzip
Last-Modified
Tue, 28 Sep 2021 21:31:15 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"789a-5cd14eeeb6ec0-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=604801
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
8021
base.js
newsletter.sonomamag.com/js/ Frame 1410 		14 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsletter.sonomamag.com/js/base.js?v=20230920
Requested by
Host: newsletter.sonomamag.com
URL: https://newsletter.sonomamag.com/framed/smag/inline/b5a5fb7f64e61dfa271df912c7bbfa8f?pref=smag_cork-fork&fid=5798
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
184.169.129.237 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-184-169-129-237.us-west-1.compute.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
9c79d6c40fcaa89df0b7dd1b9ce3436768df4917a3f6b934b4bb5240ba3f8e4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsletter.sonomamag.com/framed/smag/inline/b5a5fb7f64e61dfa271df912c7bbfa8f?pref=smag_cork-fork&fid=5798
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Sat, 04 Nov 2023 07:08:22 GMT
Content-Encoding
gzip
Last-Modified
Mon, 22 May 2023 16:07:51 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"3606-5fc4a78fa43c0-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=604801
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
2977
ads
securepubads.g.doubleclick.net/gampad/ 		30 KB
13 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=626507463571779&correlator=688581532897168&eid=31079164&output=ldjh&gdfp_req=1&vrg=202310310101&ptt=17&impl=fifs&iu_parts=94238257%2Csmag&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x1&ifi=1&didk=4273941649&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1699081702434&lmt=1699054256&adxs=1140&adys=1533&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=1&oid=2&color_bg=FFFFFF&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.sonomamag.com%2F&vis=1&psz=300x1&msz=300x1&fws=4&ohw=300&ga_vid=1661253279.1699081701&ga_sid=1699081702&ga_hid=520334555&ga_fc=true&dlt=1699081700918&idt=705&prev_scp=loc%3D1%26amznbid%3D2%26amznp%3D2&adks=799585373&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
807e8eef08eb8327812a2120239b3bff0b78205db862bb62e8510527ba3c7656
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:22 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13169
x-xss-protection
0
google-lineitem-id
6221170681
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138422440185
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sonomamag.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
d82f6a585ccfe6f5ee3005553abad2f4.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 1796 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://d82f6a585ccfe6f5ee3005553abad2f4.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sonomamag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, immutable, max-age=31536000
content-encoding
br
content-length
2653
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Sat, 04 Nov 2023 07:08:22 GMT
expires
Sun, 03 Nov 2024 07:08:22 GMT
last-modified
Thu, 03 Nov 2022 19:10:08 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		534 B
289 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=626507463571779&correlator=2934325994669036&eid=31079164&output=ldjh&gdfp_req=1&vrg=202310310101&ptt=17&impl=fifs&iu_parts=94238257%2Csmag&enc_prev_ius=%2F0%2F1&prev_iu_szs=1x1&ifi=2&didk=3769995349&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1699081702486&lmt=1699054256&adxs=800&adys=1200&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=2&ucis=2&oid=2&color_bg=FFFFFF&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.sonomamag.com%2F&vis=1&psz=1600x-1&msz=1600x-1&fws=512&ohw=0&ga_vid=1661253279.1699081701&ga_sid=1699081702&ga_hid=520334555&ga_fc=true&dlt=1699081700918&idt=705&prev_scp=amznbid%3D2%26amznp%3D2&adks=3628650322&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ce33ba52109f9edb4cd12361219cd57b2621598b913c8ddde88ce90671e5b099
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:22 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
258
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sonomamag.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		47 KB
18 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=626507463571779&correlator=2835628156425529&eid=31079164&output=ldjh&gdfp_req=1&vrg=202310310101&ptt=17&impl=fifs&iu_parts=94238257%2Csmag&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90&ifi=3&didk=3682436109&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1699081702502&lmt=1699054256&adxs=436&adys=9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&color_bg=FFFFFF&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.sonomamag.com%2F&vis=1&psz=1600x19&msz=1600x19&fws=0&ohw=0&ga_vid=1661253279.1699081701&ga_sid=1699081702&ga_hid=520334555&ga_fc=true&dlt=1699081700918&idt=705&prev_scp=loc%3D1%26amznbid%3D2%26amznp%3D2&adks=2844364273&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fc6331841715263ae056f785114a5ab1e48d8298bd2898470ce16eb6ea974ca7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:22 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18117
x-xss-protection
0
google-lineitem-id
6205184803
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138450019786
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sonomamag.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		47 KB
18 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=626507463571779&correlator=2031450038136393&eid=31079164&output=ldjh&gdfp_req=1&vrg=202310310101&ptt=17&impl=fifs&iu_parts=94238257%2Csmag&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=4&didk=3064730077&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1699081702517&lmt=1699054256&adxs=91&adys=4986&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=3&ucis=4&oid=2&color_bg=FFFFFF&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.sonomamag.com%2F&vis=1&psz=1088x1&msz=1088x1&fws=0&ohw=0&ga_vid=1661253279.1699081701&ga_sid=1699081702&ga_hid=520334555&ga_fc=true&dlt=1699081700918&idt=705&prev_scp=loc%3D3%26amznbid%3D2%26amznp%3D2&adks=432168427&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
25c834aa2b8d083ff67315afdce006cc51d07a1ed26fe78a62f478075aef2dfe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:22 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18510
x-xss-protection
0
google-lineitem-id
6248983665
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138451343477
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sonomamag.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		47 KB
18 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=626507463571779&correlator=3600151853073207&eid=31079164&output=ldjh&gdfp_req=1&vrg=202310310101&ptt=17&impl=fifs&iu_parts=94238257%2Csmag&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=5&didk=3395874149&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1699081702536&lmt=1699054256&adxs=91&adys=6650&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=4&ucis=5&oid=2&color_bg=FFFFFF&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.sonomamag.com%2F&vis=1&psz=1088x1&msz=1088x1&fws=0&ohw=0&ga_vid=1661253279.1699081701&ga_sid=1699081702&ga_hid=520334555&ga_fc=true&dlt=1699081700918&idt=705&prev_scp=loc%3D4%26amznbid%3D2%26amznp%3D2&adks=3082633988&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
fae79a2ed6930017122b4c6e27b7031d8bc5dec66f5e6198c4919a0c549c9a64
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:22 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18471
x-xss-protection
0
google-lineitem-id
6248983665
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138451343477
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sonomamag.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		47 KB
18 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=626507463571779&correlator=503127971230596&eid=31079164&output=ldjh&gdfp_req=1&vrg=202310310101&ptt=17&impl=fifs&iu_parts=94238257%2Csmag&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90&ifi=6&didk=141006934&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1699081702550&lmt=1699054256&adxs=91&adys=8355&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=5&ucis=6&oid=2&color_bg=FFFFFF&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.sonomamag.com%2F&vis=1&psz=1088x1&msz=1088x1&fws=0&ohw=0&ga_vid=1661253279.1699081701&ga_sid=1699081702&ga_hid=520334555&ga_fc=true&dlt=1699081700918&idt=705&prev_scp=loc%3D5%26amznbid%3D2%26amznp%3D2&adks=1025835113&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ffc69d6aed132e976d1c036a900dda8ec34c719ef05ef7d3de22477b922547b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:22 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18507
x-xss-protection
0
google-lineitem-id
6248983665
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138451343477
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sonomamag.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		59 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=626507463571779&correlator=1540330677323365&eid=31079164&output=ldjh&gdfp_req=1&vrg=202310310101&ptt=17&impl=fifs&iu_parts=94238257%2Csmag&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=7&didk=2599512693&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1699081702574&lmt=1699054256&adxs=1140&adys=299&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=7&oid=2&color_bg=FFFFFF&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.sonomamag.com%2F&vis=1&psz=300x1&msz=300x1&fws=4&ohw=300&ga_vid=1661253279.1699081701&ga_sid=1699081702&ga_hid=520334555&ga_fc=true&dlt=1699081700918&idt=705&prev_scp=loc%3D1%26amznbid%3D2%26amznp%3D2&adks=4134009478&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a014bd94936853ae7b5ca458265d3aa32908e5623c46d2fe819c009373754df3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15403
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sonomamag.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		46 KB
12 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=626507463571779&correlator=3580887041043065&eid=31079164&output=ldjh&gdfp_req=1&vrg=202310310101&ptt=17&impl=fifs&iu_parts=94238257%2Csmag&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=8&didk=3556196751&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1699081702591&lmt=1699054256&adxs=1140&adys=958&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=8&oid=2&color_bg=FFFFFF&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.sonomamag.com%2F&vis=1&psz=300x1&msz=300x1&fws=4&ohw=300&ga_vid=1661253279.1699081701&ga_sid=1699081702&ga_hid=520334555&ga_fc=true&dlt=1699081700918&idt=705&prev_scp=loc%3D2%26amznbid%3D2%26amznp%3D2&adks=1721874308&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
724980b2f5e554f7a65a4d4d4ba209ef43d6cc02a51335d566958d0ce233fb3a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
11818
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sonomamag.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		60 KB
15 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=626507463571779&correlator=3542442632387399&eid=31079164&output=ldjh&gdfp_req=1&vrg=202310310101&ptt=17&impl=fifs&iu_parts=94238257%2Csmag&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=9&didk=1938623349&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1699081702604&lmt=1699054256&adxs=1140&adys=1505&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=6&ucis=9&oid=2&color_bg=FFFFFF&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.sonomamag.com%2F&vis=1&psz=300x1&msz=300x1&fws=4&ohw=300&ga_vid=1661253279.1699081701&ga_sid=1699081702&ga_hid=520334555&ga_fc=true&dlt=1699081700918&idt=705&prev_scp=loc%3D3%26amznbid%3D2%26amznp%3D2&adks=1264615497&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9eb820e620503c6d291c0ba91810f58aedf367b24a443a662654761a7b82ab88
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:22 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15559
x-xss-protection
0
google-lineitem-id
-1
pragma
no-cache
server
cafe
google-creative-id
-1
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sonomamag.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
securepubads.g.doubleclick.net/gampad/ 		47 KB
18 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=626507463571779&correlator=3199769476831751&eid=31079164&output=ldjh&gdfp_req=1&vrg=202310310101&ptt=17&impl=fifs&iu_parts=94238257%2Csmag&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ifi=10&didk=655459277&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1699081702622&lmt=1699054256&adxs=1140&adys=1562&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=7&ucis=a&oid=2&color_bg=FFFFFF&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.sonomamag.com%2F&vis=1&psz=300x1&msz=300x1&fws=4&ohw=300&ga_vid=1661253279.1699081701&ga_sid=1699081702&ga_hid=520334555&ga_fc=true&dlt=1699081700918&idt=705&prev_scp=loc%3D4%26amznbid%3D2%26amznp%3D2&adks=2949080113&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
aaf3d816eff8bdd9c4304412db65b6e9394f2c20ab902450baea1dba76ef4f4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:22 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18123
x-xss-protection
0
google-lineitem-id
6386491176
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138448439872
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sonomamag.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ Frame 819F 		268 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-BKQ8B1L124
Requested by
Host: newsletter.sonomamag.com
URL: https://newsletter.sonomamag.com/framed/smag/inline/b5a5fb7f64e61dfa271df912c7bbfa8f?pref=smag_cork-fork&fid=5232
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c20e938074f0ac902cd68c11605dcdb0fa8c337a05a37f22b0003b7e1cb5080e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsletter.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91781
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 04 Nov 2023 07:08:22 GMT
normalize.min.css
cdnjs.cloudflare.com/ajax/libs/normalize/8.0.1/ Frame 819F 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/normalize/8.0.1/normalize.min.css
Requested by
Host: newsletter.sonomamag.com
URL: https://newsletter.sonomamag.com/framed/smag/inline/b5a5fb7f64e61dfa271df912c7bbfa8f?pref=smag_cork-fork&fid=5232
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97ce4e98f3a3be297f48ebd5b771e74928f31754d43324fd795d1cd81cc41b35
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsletter.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:22 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1943788
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
633
last-modified
Mon, 04 May 2020 16:13:31 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f2b-745"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=USFMe2xr9qwjALI8SXmELfNHBOYeeQ6GUaHQx6bL2W%2B9gOCiRVAiW9kPSNG0RPZ2YCNeEUBD%2FAB%2Blw0Q27YKxXSxhOQO%2BVgTL55ePq%2F%2F50LKLtHa0ad12SkO2MEgdnKk9scukCoisvqHdh0xUAnz3D2I"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
820b06818a763a9d-FRA
expires
Thu, 24 Oct 2024 07:08:22 GMT
css2
fonts.googleapis.com/ Frame 819F 		1016 B
427 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Gloock
Requested by
Host: newsletter.sonomamag.com
URL: https://newsletter.sonomamag.com/framed/smag/inline/b5a5fb7f64e61dfa271df912c7bbfa8f?pref=smag_cork-fork&fid=5232
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fa8169d930c422d887710e1985d3b025973b7eb370295b66b64b2cbefd3e8861
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsletter.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 04 Nov 2023 07:08:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 04 Nov 2023 07:08:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 04 Nov 2023 07:08:22 GMT
style.css
newsletter.sonomamag.com/css/ Frame 819F 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsletter.sonomamag.com/css/style.css?v=20230920
Requested by
Host: newsletter.sonomamag.com
URL: https://newsletter.sonomamag.com/framed/smag/inline/b5a5fb7f64e61dfa271df912c7bbfa8f?pref=smag_cork-fork&fid=5232
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
184.169.129.237 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-184-169-129-237.us-west-1.compute.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
c5ce58dbddc6ace071c45efb5f5f45806f31ccb272867a0c92ad58585f8e4cf1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsletter.sonomamag.com/framed/smag/inline/b5a5fb7f64e61dfa271df912c7bbfa8f?pref=smag_cork-fork&fid=5232
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Sat, 04 Nov 2023 07:08:22 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 May 2023 18:07:07 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"51ca-5fbe78e4d48c0-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=604801
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
3776
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ Frame 819F 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: newsletter.sonomamag.com
URL: https://newsletter.sonomamag.com/framed/smag/inline/b5a5fb7f64e61dfa271df912c7bbfa8f?pref=smag_cork-fork&fid=5232
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsletter.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:22 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
908133
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27938
last-modified
Tue, 02 Mar 2021 18:58:36 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"603e8adc-15d9d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cNWUyDXgyJ1WeYTILDOO65rLQ3zX8ipsuuW%2BxHAuYSwEcYGCHgYLB8i6GKtFt7KYEtWjSI6%2Bor5geE5AAxQfU%2BuBaVz5VdloSkZXEdauFHLVd%2B2KyB6myYmopUr1W8biUXgQJF42PvQ%2FDQTyAScD1a%2Bc"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
820b06818a773a9d-FRA
expires
Thu, 24 Oct 2024 07:08:22 GMT
lightbox.min.js
cdn.pressdemocrat.com/vendor/cph/lightbox/3.0.3/ Frame 819F 		30 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pressdemocrat.com/vendor/cph/lightbox/3.0.3/lightbox.min.js
Requested by
Host: newsletter.sonomamag.com
URL: https://newsletter.sonomamag.com/framed/smag/inline/b5a5fb7f64e61dfa271df912c7bbfa8f?pref=smag_cork-fork&fid=5232
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.219.243.149 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-219-243-149.us-west-1.compute.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
c8f46f3a4470800a0a5ce4e0ad6d4d0c2a8dcd3a5cd8af71e0767b8c49afa876

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsletter.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Sat, 04 Nov 2023 07:08:23 GMT
Content-Encoding
gzip
Last-Modified
Tue, 28 Sep 2021 21:31:15 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"789a-5cd14eeeb6ec0-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=604801
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
8021
base.js
newsletter.sonomamag.com/js/ Frame 819F 		14 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsletter.sonomamag.com/js/base.js?v=20230920
Requested by
Host: newsletter.sonomamag.com
URL: https://newsletter.sonomamag.com/framed/smag/inline/b5a5fb7f64e61dfa271df912c7bbfa8f?pref=smag_cork-fork&fid=5232
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
184.169.129.237 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-184-169-129-237.us-west-1.compute.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
9c79d6c40fcaa89df0b7dd1b9ce3436768df4917a3f6b934b4bb5240ba3f8e4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsletter.sonomamag.com/framed/smag/inline/b5a5fb7f64e61dfa271df912c7bbfa8f?pref=smag_cork-fork&fid=5232
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Sat, 04 Nov 2023 07:08:22 GMT
Content-Encoding
gzip
Last-Modified
Mon, 22 May 2023 16:07:51 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"3606-5fc4a78fa43c0-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=604801
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
2977
ads
securepubads.g.doubleclick.net/gampad/ 		47 KB
18 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=626507463571779&correlator=3268216303589399&eid=31079164&output=ldjh&gdfp_req=1&vrg=202310310101&ptt=17&impl=fifs&iu_parts=94238257%2Csmag&enc_prev_ius=%2F0%2F1&prev_iu_szs=728x90%7C970x90%7C970x250&ifi=11&didk=1936501785&sfv=1-0-40&eri=1&sc=1&cookie_enabled=1&abxe=1&dt=1699081702648&lmt=1699054256&adxs=28&adys=10211&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=8&ucis=b&oid=2&color_bg=FFFFFF&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=60&dmc=8&bc=31&nvt=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&url=https%3A%2F%2Fwww.sonomamag.com%2F&vis=1&psz=1544x19&msz=1544x19&fws=0&ohw=0&ga_vid=1661253279.1699081701&ga_sid=1699081702&ga_hid=520334555&ga_fc=true&dlt=1699081700918&idt=705&prev_scp=loc%3D2%26amznbid%3D2%26amznp%3D2&adks=2648783888&frm=20
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
074326ee32f2bc68dbbc78c0531daf45bc45a56fa8b7840fb67f4b00852bf8e2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:23 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18130
x-xss-protection
0
google-lineitem-id
6205184803
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138450019786
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://www.sonomamag.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.googletagmanager.com/gtag/ Frame 7028 		268 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-BKQ8B1L124
Requested by
Host: newsletter.sonomamag.com
URL: https://newsletter.sonomamag.com/framed/subscribe/c436dadced448bd5c492ca666ecde2a4&fid=8843
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
12f1a9a1c79c08a18cd4d5a0f40d1fff2c169683ede544e668b48b72d79acec2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsletter.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
91778
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Sat, 04 Nov 2023 07:08:22 GMT
normalize.min.css
cdnjs.cloudflare.com/ajax/libs/normalize/8.0.1/ Frame 7028 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/normalize/8.0.1/normalize.min.css
Requested by
Host: newsletter.sonomamag.com
URL: https://newsletter.sonomamag.com/framed/subscribe/c436dadced448bd5c492ca666ecde2a4&fid=8843
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
97ce4e98f3a3be297f48ebd5b771e74928f31754d43324fd795d1cd81cc41b35
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsletter.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:22 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
1943788
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
633
last-modified
Mon, 04 May 2020 16:13:31 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f2b-745"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f%2BTAGX%2FSKXaWd1v2rM1ISMCNaJtcglJ1%2FHeSGJLkey6j2jFHr4DAOGHJST9FD9UQ8EnP%2BcJMCYobmG2YBztrickFYOC%2BgkvczuWL0Zek6geXMfFj7Pyv%2FUH5y8BVuO3f8XaVN2n8pj2ir4itv7no%2F%2BA1"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
820b06819a8a3a9d-FRA
expires
Thu, 24 Oct 2024 07:08:22 GMT
css2
fonts.googleapis.com/ Frame 7028 		1016 B
427 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Gloock
Requested by
Host: newsletter.sonomamag.com
URL: https://newsletter.sonomamag.com/framed/subscribe/c436dadced448bd5c492ca666ecde2a4&fid=8843
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
fa8169d930c422d887710e1985d3b025973b7eb370295b66b64b2cbefd3e8861
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsletter.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 04 Nov 2023 07:08:22 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 04 Nov 2023 07:08:22 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 04 Nov 2023 07:08:22 GMT
style.css
newsletter.sonomamag.com/css/ Frame 7028 		20 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://newsletter.sonomamag.com/css/style.css?v=20230920
Requested by
Host: newsletter.sonomamag.com
URL: https://newsletter.sonomamag.com/framed/subscribe/c436dadced448bd5c492ca666ecde2a4&fid=8843
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
184.169.129.237 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-184-169-129-237.us-west-1.compute.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
c5ce58dbddc6ace071c45efb5f5f45806f31ccb272867a0c92ad58585f8e4cf1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsletter.sonomamag.com/framed/subscribe/c436dadced448bd5c492ca666ecde2a4&fid=8843
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Sat, 04 Nov 2023 07:08:22 GMT
Content-Encoding
gzip
Last-Modified
Wed, 17 May 2023 18:07:07 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"51ca-5fbe78e4d48c0-gzip"
Vary
Accept-Encoding
Content-Type
text/css
Access-Control-Allow-Origin
*
Cache-Control
max-age=604801
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
3776
jquery.min.js
cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/ Frame 7028 		87 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/jquery/3.6.0/jquery.min.js
Requested by
Host: newsletter.sonomamag.com
URL: https://newsletter.sonomamag.com/framed/subscribe/c436dadced448bd5c492ca666ecde2a4&fid=8843
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsletter.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:22 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
908133
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27938
last-modified
Tue, 02 Mar 2021 18:58:36 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"603e8adc-15d9d"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W68Joe6PMuNxcDjuYNGnIX9aAQgngemRYY%2BZmhXD2dpBnFWPd%2FeiWeiw%2B9W1%2Bnw2I6veTj4a2ZxtMIX4jcRgVIr37dZgkXkFWySIdckSugwDCZxkAmZfG2qh5Fxw4rj%2FPTrmdKbg12Le0jk%2BAtqWNkTE"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
820b06819a8b3a9d-FRA
expires
Thu, 24 Oct 2024 07:08:22 GMT
lightbox.min.js
cdn.pressdemocrat.com/vendor/cph/lightbox/3.0.3/ Frame 7028 		30 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pressdemocrat.com/vendor/cph/lightbox/3.0.3/lightbox.min.js
Requested by
Host: newsletter.sonomamag.com
URL: https://newsletter.sonomamag.com/framed/subscribe/c436dadced448bd5c492ca666ecde2a4&fid=8843
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.219.243.149 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-219-243-149.us-west-1.compute.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
c8f46f3a4470800a0a5ce4e0ad6d4d0c2a8dcd3a5cd8af71e0767b8c49afa876

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsletter.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Sat, 04 Nov 2023 07:08:23 GMT
Content-Encoding
gzip
Last-Modified
Tue, 28 Sep 2021 21:31:15 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"789a-5cd14eeeb6ec0-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=604801
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
8021
base.js
newsletter.sonomamag.com/js/ Frame 7028 		14 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://newsletter.sonomamag.com/js/base.js?v=20230920
Requested by
Host: newsletter.sonomamag.com
URL: https://newsletter.sonomamag.com/framed/subscribe/c436dadced448bd5c492ca666ecde2a4&fid=8843
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
184.169.129.237 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-184-169-129-237.us-west-1.compute.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
9c79d6c40fcaa89df0b7dd1b9ce3436768df4917a3f6b934b4bb5240ba3f8e4e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsletter.sonomamag.com/framed/subscribe/c436dadced448bd5c492ca666ecde2a4&fid=8843
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Sat, 04 Nov 2023 07:08:22 GMT
Content-Encoding
gzip
Last-Modified
Mon, 22 May 2023 16:07:51 GMT
Server
Apache/2.4.41 (Ubuntu)
ETag
"3606-5fc4a78fa43c0-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=604801
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
2977
view
securepubads.g.doubleclick.net/pcs/ Frame 838B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssyDGoWVQpLhmdp3xY8BQ-OIL_YEdnT3pakY7jKx7zD10tVGW2UNPvKAmh7YHL2B77hWOrdLG1pqS9eai3_MDJPJGwAlTLhiu3Ka0wSygaxoTRCuCWhlWNF_u3UJ6YQ8WR8_5TUB15n0axgGQxSS6lQvNm5wxTEIQvoyRz1hAN7WZNL0SW7VBuqS8RTo3_XV7xhLIrMGjP4Zkn3HwzyS6Sjw5xerStwvlgZw_h0GRn3LXPqgS2zloQiBh3M9KEtaoIXY739xRZfRTxt4oxXjQUT-uyOxaJxFc-gfWEjVGpmlHR4E1PedHJ8bD6Jeiqqew&sai=AMfl-YT9aMO3NpYaqduGecPrA0ABs1QE7zLTJXhzQUfBOnh-SeM0lOHzW20QtgcwgjW6aC3J598Z5d1cwWsryNcyzlxA4zhmcyORhXduu--rXNAyNwvdW-aQzDxuywVKRA&sig=Cg0ArKJSzBwT68nTIU53EAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:22 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
af3de389-ce21-4c39-9d15-9c73d61f8f58
player.ex.co/player/ Frame 838B 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.ex.co/player/af3de389-ce21-4c39-9d15-9c73d61f8f58
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e08f26d48b863ef9558a7a91fef68d7e91e0fc68dbba416c7a7157c248d1d441
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 04 Nov 2023 07:08:23 GMT
via
1.1 varnish, 1.1 varnish
age
0
x-cache
MISS, HIT
content-length
1318
x-served-by
cache-iad-kiad7000039-IAD, cache-fra-eddf8230107-FRA
server
nginx
x-timer
S1699081703.085705,VS0,VE155
etag
W/"baf-xYhvm1JPK2iab7hwC9Lo6j2JGPs"
access-control-max-age
600
access-control-allow-methods
GET, POST, PUT, DELETE, PATCH
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
vary
Accept-Encoding, x-pb-country, x-pb-connection, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-bot-name, x-pb-is-bot, x-pb-country, x-pb-connection, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-bot-name, x-pb-is-bot
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Content-Type
x-cache-hits
0, 1
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 838B 		189 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60699
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698838693892887"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 04 Nov 2023 07:08:23 GMT
moatcontent.js
z.moatads.com/nativonielsen548znrb18/ 		167 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://z.moatads.com/nativonielsen548znrb18/moatcontent.js?moatClientLevel1=11927
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-17-133.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
4217045a8d701cac3b4a766a11076e7cc5342087464a8a6e3cc7e4f9feec09a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:23 GMT
content-encoding
gzip
last-modified
Mon, 24 Aug 2020 17:04:05 GMT
server
AmazonS3
x-amz-request-id
CS9MEKCGDH7JCG1W
etag
"774acff2cee5852cdfc3fd8471cb2667"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
max-age=63208
accept-ranges
bytes
content-length
55696
x-amz-id-2
rMXNPsQIb+mKYD29FMB15RdFUqe9Tfou6CShBIvY7hnXxvkZDIoIUnmVywqGcHl6qM8T7VVwN8E=
trk.gif
jadserve.postrelease.com/ 		43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_at=394&ntv_usid=2618525&ntv_pl=1046443
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.223.39.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-39-7.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Nov 2023 07:08:22 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=5a33fe9b-d790-4bb1-924f-dcfc7433cc83&ntv_fl=O9hmxeM4q_JFeYdx5MOFf_pdCfiPKi59UETNQA9EgETh_Z9SVu3YbC2Gh8ymtCx9GyV0ZEbt8ZDmkRBaoeuAD1DcKAE4aU0dNT4tkcirhuvYWeDUYXLZc_cKNs6o8ndjceTDM2nEEpdpZpRBOqrtR5S5rU02Frfu_r4o8YYpbM4BJvhwkTz1-OTK0D_djlIe&ntv_ht=5u1FZQA&ntv_at=303,302&ntv_a=AAAAAAAAAAq_cPA&ord=1699081702912&ntv_it
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.223.39.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-39-7.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Nov 2023 07:08:22 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=23b96339-04b7-4dd3-a7de-b2e393c72f46&ntv_fl=XfnK80FSbXZ3OpOSYJMkzwePnhFi5E_2Tdtqk1HqU3HMIFcTyswUflQaLGPxOmebrzdx5K6rXeTVyaDaND2qm0zLye_cZxPbW68Ob0ySMsCjCUOyLUuWeHInwc7JAnCvyDRxP3lOt9CNFStlhhnl1WRNe19FmiO0u1QgY66T1IkoWYEv42WItnJX6tHtqIEU&ntv_ht=5u1FZQA&ntv_at=303&ntv_a=AAAAAAAAAA9IQSA&ord=1699081702916&ntv_it
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.223.39.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-39-7.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Nov 2023 07:08:22 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
trk.gif
jadserve.postrelease.com/ 		43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/trk.gif?ntv_ui=0efd8713-fa15-44aa-a68c-8eb19bec8f25&ntv_fl=bVzHA_P7jXT3c4O66UmF-kP0KNT2Jj5FChUhd_j0VZXKVAVi2URWkCZB8URyd8RbV53rKzi2577o_XzrjR59RdgTAmzyVT-XkJq8SbQzXbJZI959_wn2_XEMYVQ9GFe7mvHP11k-5BsQSeXWaEcFZ8CQRXaC752r4lyz-Ei9ABiiPRGPyO7CfdtQgdFE25Mv&ntv_ht=5u1FZQA&ntv_at=303&ntv_a=AAAAAAAAAA9YQSA&ord=1699081702916&ntv_it
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.223.39.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-39-7.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Nov 2023 07:08:22 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
privacyConsent
jadserve.postrelease.com/ 		43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://jadserve.postrelease.com/privacyConsent?ntv_pl=1046443&ntv_gdpr_consent=&ntv_it
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.223.39.7 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-223-39-7.compute-1.amazonaws.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Nov 2023 07:08:22 GMT
server
nginx
content-type
image/gif
access-control-allow-origin
*
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
expires
Mon, 1 Jan 1990 12:00:00 GMT
collect
region1.analytics.google.com/g/ Frame 1410 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-BKQ8B1L124&gtm=45je3b11v894309520&_p=1699081702406&_gaz=1&gcd=11l1l1l1l1&cid=1661253279.1699081701&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699081702&sct=1&seg=0&dl=https%3A%2F%2Fnewsletter.sonomamag.com%2Fframed%2Fsmag%2Finline%2Fb5a5fb7f64e61dfa271df912c7bbfa8f%3Fpref%3Dsmag_cork-fork%26fid%3D5798&dr=https%3A%2F%2Fwww.sonomamag.com%2F&dt=Sonoma%20Magazine&en=page_view&_fv=1&_ss=1&_ee=1&tfd=814
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BKQ8B1L124
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsletter.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Nov 2023 07:08:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://newsletter.sonomamag.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ Frame 1410 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-BKQ8B1L124&cid=1661253279.1699081701&gtm=45je3b11v894309520&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BKQ8B1L124
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:400c:c06::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsletter.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Nov 2023 07:08:22 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://newsletter.sonomamag.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ Frame 1410 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-BKQ8B1L124&cid=1661253279.1699081701&gtm=45je3b11v894309520&aip=1&z=1508457143
Requested by
Host: newsletter.sonomamag.com
URL: https://newsletter.sonomamag.com/framed/smag/inline/b5a5fb7f64e61dfa271df912c7bbfa8f?pref=smag_cork-fork&fid=5798
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsletter.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Nov 2023 07:08:22 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 8044 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssa081pFAJSmyT1u3XbgzsHOWLrMD5HsV_h34DpYyB99UxU0mktU9acBDBN5hvZsUlJtsCiTE6iZpvl2gOFJC0RDW8l7c5zB_aoOjRmSf1Pj9lWoN6GaGiTmDPdJmhbjSw1Q5hHhbgCh41DjxaqaWM0nJf9QewacdrYs8obWt0WtGRMCW-klb-V3KE9WyIEA8-NEJRdAznxKpYgadRNlX8fitEQuX1bWGo84Mt0cMGIxAIhRQZ-aLr9qK5h2FehZ5zV8VX-wl43u_vik4JEicIFvPN2yDNCNRlmFDIWnf1SC3a7FPSFbjxFJOadZleciEbMpdnAZr-jgdGYmtHOMDZJslHiu_7MTyI&sai=AMfl-YRaTxUp9YccextlDji8OWwULdgsuhyQBFKHW5z3lKfQhJ3bXxLqwk5AhmDG2_oNIUOxFeuonviiXDwHf9m8Hed5LnjR1xmiwxt6BdNRH8JtTXA8s7hI8gGXbMtpGLo&sig=Cg0ArKJSzGz6yYP2iratEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:22 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 8044 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 11:05:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
72193
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 17 Nov 2023 11:05:10 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 8044 		189 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60699
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698838693892887"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 04 Nov 2023 07:08:23 GMT
8905748975809502572
tpc.googlesyndication.com/simgad/ Frame 8044 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8905748975809502572
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
caf62570da3489e34fc0704b8b0430b7e1279026c4f9dc653ac824a6cca04b05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 02:53:14 GMT
x-content-type-options
nosniff
age
15309
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32763
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 20:26:45 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 03 Nov 2024 02:53:14 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame EAAE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvF3mebvAaDsU5M77zT-RAAPIbDzQcf2V3NjA0h7CSh6sMh0Tn71VznUSC-ReBTfUmHiF3EqqJrD2DCmCWUb1d-HFDyYka8jVqYMjoy4tOYuwfDWrrELOHnUVpCd26FylPb3H-Zs_IMZhN4WP3Y4BMuj3PNh844uck0oi6AOz7IhYFSguYfopMyfwdMNlQvaXZAev34YQ0xj_CTPQgq1px2NsksKVH8i1h9H_f1wq8lDggL3UzzTsil_oy4b2fgyoBEYF4Rflu-cUjbDKPLk_lFjtQWmBp1yrQIY1BIXIKpbTttSMk36xMnqrs7sVA5L33-0vSGqckh-Ck-BaZY2BEUgpgPqyjGZDo&sai=AMfl-YRLHCYI-zBusy7_p4MaQTJ7d0fXJ4pvO57c94CXlRfSRSb9Pu9Mqbpmu8BkMpPUQE61_cFXLo0-yMKpfFiHHq6sT9XlDuotTofqo5NyOzPGqrufZmqwrbmHm8DKeg&sig=Cg0ArKJSzHHTjvM-CKAuEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:23 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
8905748975809502572
tpc.googlesyndication.com/simgad/ Frame EAAE 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8905748975809502572
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
caf62570da3489e34fc0704b8b0430b7e1279026c4f9dc653ac824a6cca04b05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 02:53:14 GMT
x-content-type-options
nosniff
age
15309
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32763
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 20:26:45 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 03 Nov 2024 02:53:14 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame EAAE 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 11:05:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
72193
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 17 Nov 2023 11:05:10 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame EAAE 		189 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60699
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698838693892887"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 04 Nov 2023 07:08:23 GMT
l
www.google.com/ads/measurement/ Frame EAAE 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQ8CmlZeB224bpJTNjMoFI2ZUa-dzC_fm2_Gt7yXwF71r3waFjYFzPn_m8zJeao-k4mhKJv
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers
view
securepubads.g.doubleclick.net/pcs/ Frame 9C82 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssmLMZCoEUtR7HbydecBNV-xBdTZNVE2x7YHKzbkB48djCMtdiaGOY7HOpPIKEfTaXI11KkoUz-lEO10P4zWw2221a4HtJWzHSplZ-DP1K3vxE_6Uech-ITNwBWgn3PoYGqa6e2JLw7Jn6OFz3eTv8WD-I-2MFkYS6U7Sk1bvMvjvwAWeAjpl6krH7lg7xUzl9Pv-5KvKCxoprmXwWI75n9fApLAlnaXmo2uq15xE3_BxEapOuBZ6FPdnSME06jQf96BrLUt8jPrQ7vq6yGBbyKL3xIDIotyy4e5V2o6pXy3fDSqQbDhNkXG3c_zRFLeNKF40XKXKyJ8cVdIYNCi0HWWUgwajDxDMw&sai=AMfl-YQt-YejVXl9JNWSCdm9w0yV42Kgm3e9EZuFitP4scP2gdtjjvfFlq3Ai_VyRWm_t1mPBkKECX5dO30bJ9apG_8SsKpDV6byZhnZnEjOBE2ClJQYTjcn1qjSsMSYcQ&sig=Cg0ArKJSzOdbyaMQo0sbEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:23 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
8905748975809502572
tpc.googlesyndication.com/simgad/ Frame 9C82 		32 KB
32 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8905748975809502572
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
caf62570da3489e34fc0704b8b0430b7e1279026c4f9dc653ac824a6cca04b05
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 02:53:14 GMT
x-content-type-options
nosniff
age
15309
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
32763
x-xss-protection
0
last-modified
Tue, 24 Oct 2023 20:26:45 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 03 Nov 2024 02:53:14 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 9C82 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 11:05:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
72193
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 17 Nov 2023 11:05:10 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 9C82 		189 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60699
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698838693892887"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 04 Nov 2023 07:08:23 GMT
l
www.google.com/ads/measurement/ Frame 9C82 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRMurCBZlhV4A-nokm9ubxLGv4ljxzQ69PPFM9bZD5hvvdAR78nSSsS9bUkT4IklNIrgYz9
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers
truncated
/ Frame 8044 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ed65b39005c1bddba1ba1dacc2d987acd5643be5054b11b923db0497aa47f79a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame EAAE 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dcf7f9fff97e3e057c1f62718b09e84e7b28b0bc599721ce009e71f12a84e27b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 9C82 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
75e911e2a8db4e07a70f22de176d959fc4bbd034c6e4232b7b57617838e07874

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame AED7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss2zRnjhhqmr8pUio5dMPG7xGvlLQ06LlNpH4Rl7Qylgj1a7UuQx2MaN5ZX70n2Dgrk_LllBN1bjkQFTW8Z5b6HhrlJuJWVs6BLSh3kH_lCRLe7RPW6o5TSu_wmdbMR1XUsIWegB4xaFOjFMu2EuM6HqF9rLFZEwGkzlyJ_jz2dOKVTw5iRlarfKigU_01Qic5ZjUzyLHRURpius2ylD2L77nHASa32vRr2GHe7TSRIsR8wvn6DZHnr4h0ppGVKmVD6uta0Htyc5G623YayctgH9hKxl7RRemvyHYLph8y70jL2DIr5asW7p8iiYjKd0fUCCGduYr7E5rNDlrzlJBNnDPyJP8TNNJU&sai=AMfl-YRin1WPoJ4aZAykf12whVG9lCRVBA5iiMs_bpS-0BCa9WR8AECPpNBgVOY8n2hHPv57f-ok2DTsnkQoyhYI2wOiDFgo9VKB44QeEGe3CoIDC5zFdKxST4h6DFhzFg&sig=Cg0ArKJSzFVuDgzocAkpEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:23 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame AED7 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 11:05:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
72193
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 17 Nov 2023 11:05:10 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame AED7 		189 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60699
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698838693892887"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 04 Nov 2023 07:08:23 GMT
11798653774909444193
tpc.googlesyndication.com/simgad/ Frame AED7 		107 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11798653774909444193
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7fffffaf60b8c9ba8bc76e763e2d421fb8964e8de4d64f7ddde785e6907327e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 05:14:48 GMT
x-content-type-options
nosniff
age
6815
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
109655
x-xss-protection
0
last-modified
Fri, 06 Oct 2023 16:03:57 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 03 Nov 2024 05:14:48 GMT
l
www.google.com/ads/measurement/ Frame AED7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTwhBWG_F8k8zIA9Tqr6AFfr_p1Jovt0WGAGwAGhMZBSwg-iSPEPXGG8WnwKmbFutHMPaan
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012310201815000/ Frame 9FF6 		196 KB
56 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310201815000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85297a9778e3138e5c9393984e9a5fc6dbce360e5017087bfe160c67ed2462af
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 30 Oct 2023 17:11:53 GMT
age
395790
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56123
x-xss-protection
0
server
sffe
etag
"ee0c45c0e6d03a96"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 29 Oct 2024 17:11:53 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012310201815000/v0/ Frame 9FF6 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310201815000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8dcc1beab58e7315392e4371eaf02041138288ab7b329fa2403894f60e5f65f4
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 30 Oct 2023 17:11:53 GMT
age
395790
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5236
x-xss-protection
0
server
sffe
etag
"56e8153251b9d132"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 29 Oct 2024 17:11:53 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012310201815000/v0/ Frame 9FF6 		95 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310201815000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e28625c9340698b7968ba0cb1642f8db7a941ba0c07198bdcf7846f56ea5c99
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 30 Oct 2023 17:11:53 GMT
age
395790
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29064
x-xss-protection
0
server
sffe
etag
"2b86ba6a96452dbe"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 29 Oct 2024 17:11:53 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012310201815000/v0/ Frame 9FF6 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310201815000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1eda037ef70b5587c93b2677785521e8642e1e791cdcaebd5efa8647faf2b633
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 30 Oct 2023 17:11:53 GMT
age
395790
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1923
x-xss-protection
0
server
sffe
etag
"560b2476df5f84c1"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 29 Oct 2024 17:11:53 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012310201815000/v0/ Frame 9FF6 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310201815000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
53de6b3616f57459d3f1b898926fb83eafca2116a34feae66a807ea244291e8c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 30 Oct 2023 17:11:53 GMT
age
395790
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12957
x-xss-protection
0
server
sffe
etag
"143af65c0fcbfced"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 29 Oct 2024 17:11:53 GMT
css
fonts.googleapis.com/ Frame 9FF6 		6 KB
706 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 04 Nov 2023 07:08:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 04 Nov 2023 05:14:31 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 04 Nov 2023 07:08:23 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9FF6 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 21:19:17 GMT
x-content-type-options
nosniff
server
cafe
age
35346
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Sat, 04 Nov 2023 21:19:17 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 9FF6 		295 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 21:19:17 GMT
x-content-type-options
nosniff
server
cafe
age
35346
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Sat, 04 Nov 2023 21:19:17 GMT
l
www.google.com/ads/measurement/ Frame 9FF6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaT_uWncqof3Qhn1yl3OwO4SIv0siLnK1VeAE2hfYAj_x4VG6gmmvt9kREee-V1_etCBA_Qw
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012310201815000/ Frame FC15 		196 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310201815000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85297a9778e3138e5c9393984e9a5fc6dbce360e5017087bfe160c67ed2462af
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 30 Oct 2023 17:11:53 GMT
age
395790
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56123
x-xss-protection
0
server
sffe
etag
"ee0c45c0e6d03a96"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 29 Oct 2024 17:11:53 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012310201815000/v0/ Frame FC15 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310201815000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8dcc1beab58e7315392e4371eaf02041138288ab7b329fa2403894f60e5f65f4
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 30 Oct 2023 17:11:53 GMT
age
395790
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5236
x-xss-protection
0
server
sffe
etag
"56e8153251b9d132"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 29 Oct 2024 17:11:53 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012310201815000/v0/ Frame FC15 		95 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310201815000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e28625c9340698b7968ba0cb1642f8db7a941ba0c07198bdcf7846f56ea5c99
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 30 Oct 2023 17:11:53 GMT
age
395790
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29064
x-xss-protection
0
server
sffe
etag
"2b86ba6a96452dbe"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 29 Oct 2024 17:11:53 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012310201815000/v0/ Frame FC15 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310201815000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1eda037ef70b5587c93b2677785521e8642e1e791cdcaebd5efa8647faf2b633
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 30 Oct 2023 17:11:53 GMT
age
395790
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1923
x-xss-protection
0
server
sffe
etag
"560b2476df5f84c1"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 29 Oct 2024 17:11:53 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012310201815000/v0/ Frame FC15 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310201815000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
53de6b3616f57459d3f1b898926fb83eafca2116a34feae66a807ea244291e8c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 30 Oct 2023 17:11:53 GMT
age
395790
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12957
x-xss-protection
0
server
sffe
etag
"143af65c0fcbfced"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 29 Oct 2024 17:11:53 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame FC15 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 21:19:17 GMT
x-content-type-options
nosniff
server
cafe
age
35346
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Sat, 04 Nov 2023 21:19:17 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame FC15 		295 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 21:19:17 GMT
x-content-type-options
nosniff
server
cafe
age
35346
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Sat, 04 Nov 2023 21:19:17 GMT
truncated
/ Frame FC15 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
213ff5149dbbd291afeb912c82ca0ec3c653add3f42828c2b9048f84f8e7f7f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
8309975062553973226
tpc.googlesyndication.com/simgad/ Frame FC15 		52 KB
52 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8309975062553973226?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnaykdECKtN2Nnvaii-1VY4d3UlbQ
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f822d2488a72b1af90efb80b46743ab37c0ff2e37eadee4f3733d7fc4a163b2d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Thu, 02 Nov 2023 23:45:31 GMT
x-content-type-options
nosniff
age
112972
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52844
x-xss-protection
0
last-modified
Thu, 12 Oct 2023 14:56:01 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 01 Nov 2024 23:45:31 GMT
l
www.google.com/ads/measurement/ Frame FC15 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRoAVzfdEfPIe_84X634E1RPTk15WowYQHXjUvBztumhl6eCTOjE-CJ1vjK2Td8372oG_CB
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers
truncated
/ Frame AED7 		211 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
301e66f1bf220431b0f82b7393f04243e158f16409b84703875abbc717d3e443

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
14763004658117789537
tpc.googlesyndication.com/simgad/8375535968065456097/ Frame 9FF6 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8375535968065456097/14763004658117789537?w=400&h=209&tw=1&q=75
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1029ba9d788434ec8b881389e56e9d8063e54d782252943805e6d3a2b313ba75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 04:00:14 GMT
x-content-type-options
nosniff
age
11289
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23210
x-xss-protection
0
last-modified
Mon, 30 Oct 2023 10:50:15 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 03 Nov 2024 04:00:14 GMT
truncated
/ Frame 9FF6 		221 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 9FF6 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7742a35c163f4089a588cb327b1df3d88018ed26a8d49c90a516588eea9ac143

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame 1178 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstjaz0KF0QyB_zsxfdD9JIFlv4kafZfiZHvwN4q6Q95Im1-mlYncqOfN8Zkt_1IYB6UU4g41XACs0-8_NDlwYC00wazobG55VWKnTpGX1YwI5NC4s1l_GX_2itHfSN1ZyAU_11kM6bxHUHr6oGolkBItbykILy72VeQzv_Y6Rb3Zm9Qus-7cxVS9NRDjWwCxP9rIme0ZCsUqEcEWpcvLfbMd6Z6BHZ8cj6GPFn2_3TsBqxfspSdEh6G1P4FZ4Z-C8c4p5SAdxWnSzt7aw9vKd2QpdEeKqnR3XqW269fdo-FAmn0qlz5b65NlrkZwZnCxmqRwyq-X2J-vviq7i74zJ1NRMUmgLuS7UM&sai=AMfl-YTyU3HAdIBr9Qn_HAilF2rRpltDDCl4B0uhPZ_ZrfZU_KhCMKqPsGajquGibeefHtV1rHdi_iT66Zn6mu2uXZIP-hBkWZnJmTsLNt0ZzWM7l3VP_x0_JE_fE7Bh2A&sig=Cg0ArKJSzGtKak9KkCs5EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:23 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 1178 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 11:05:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
72193
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 17 Nov 2023 11:05:10 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 1178 		189 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60699
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698838693892887"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 04 Nov 2023 07:08:23 GMT
18203635522940249461
tpc.googlesyndication.com/simgad/ Frame 1178 		69 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/18203635522940249461
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3f1e33499499bbd3edcbdb81218df1b7c8535321f2269724f1b04635518e0c0e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 02:53:14 GMT
x-content-type-options
nosniff
age
15309
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
70676
x-xss-protection
0
last-modified
Tue, 26 Sep 2023 21:38:28 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 03 Nov 2024 02:53:14 GMT
l
www.google.com/ads/measurement/ Frame 1178 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaScM8Jt-2_zkGqlWS5feCLL4sxlwderEp5nC0GRK-VW0ke9hW02h22OhAqPURRpuJMijVk7
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012310201815000/ Frame 99CD 		196 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310201815000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
85297a9778e3138e5c9393984e9a5fc6dbce360e5017087bfe160c67ed2462af
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 30 Oct 2023 17:11:53 GMT
age
395790
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56123
x-xss-protection
0
server
sffe
etag
"ee0c45c0e6d03a96"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 29 Oct 2024 17:11:53 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012310201815000/v0/ Frame 99CD 		15 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310201815000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8dcc1beab58e7315392e4371eaf02041138288ab7b329fa2403894f60e5f65f4
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 30 Oct 2023 17:11:53 GMT
age
395790
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5236
x-xss-protection
0
server
sffe
etag
"56e8153251b9d132"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 29 Oct 2024 17:11:53 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012310201815000/v0/ Frame 99CD 		95 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310201815000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7e28625c9340698b7968ba0cb1642f8db7a941ba0c07198bdcf7846f56ea5c99
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 30 Oct 2023 17:11:53 GMT
age
395790
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29064
x-xss-protection
0
server
sffe
etag
"2b86ba6a96452dbe"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 29 Oct 2024 17:11:53 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012310201815000/v0/ Frame 99CD 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310201815000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1eda037ef70b5587c93b2677785521e8642e1e791cdcaebd5efa8647faf2b633
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 30 Oct 2023 17:11:53 GMT
age
395790
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1923
x-xss-protection
0
server
sffe
etag
"560b2476df5f84c1"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 29 Oct 2024 17:11:53 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012310201815000/v0/ Frame 99CD 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012310201815000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
53de6b3616f57459d3f1b898926fb83eafca2116a34feae66a807ea244291e8c
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cdnjs.cloudflare.com/ajax/libs/font-awesome/ https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; includeSubDomains; preload
date
Mon, 30 Oct 2023 17:11:53 GMT
age
395790
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12957
x-xss-protection
0
server
sffe
etag
"143af65c0fcbfced"
vary
Accept-Encoding
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 29 Oct 2024 17:11:53 GMT
css
fonts.googleapis.com/ Frame 99CD 		6 KB
706 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 04 Nov 2023 07:08:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 04 Nov 2023 06:52:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 04 Nov 2023 07:08:23 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 99CD 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 21:19:17 GMT
x-content-type-options
nosniff
server
cafe
age
35346
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Sat, 04 Nov 2023 21:19:17 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 99CD 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 21:19:17 GMT
x-content-type-options
nosniff
server
cafe
age
35346
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Sat, 04 Nov 2023 21:19:17 GMT
l
www.google.com/ads/measurement/ Frame 99CD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaRXYVMB4mLlGTnDEIRHmy0eBA5AzbTwMggU-r0SFjssSVdWZ72ytvBjwitaxpjDTehUKCF_
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers
collect
region1.analytics.google.com/g/ Frame 819F 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-BKQ8B1L124&gtm=45je3b11v894309520&_p=1699081702715&gcd=11l1l1l1l1&cid=1661253279.1699081701&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699081702&sct=1&seg=1&dl=https%3A%2F%2Fnewsletter.sonomamag.com%2Fframed%2Fsmag%2Finline%2Fb5a5fb7f64e61dfa271df912c7bbfa8f%3Fpref%3Dsmag_cork-fork%26fid%3D5232&dr=https%3A%2F%2Fwww.sonomamag.com%2F&dt=Sonoma%20Magazine&en=page_view&_ee=1&tfd=1094
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BKQ8B1L124
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsletter.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Nov 2023 07:08:23 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://newsletter.sonomamag.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9FF6 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.sonomamag.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 18:18:43 GMT
x-content-type-options
nosniff
age
391780
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 29 Oct 2024 18:18:43 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 9FF6 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.sonomamag.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 14:58:03 GMT
x-content-type-options
nosniff
age
576620
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 27 Oct 2024 14:58:03 GMT
truncated
/ Frame 1178 		217 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8f7932dec2f08aa32a08ae07f1b532561b865d64a92133763ac01d456220014e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
14763004658117789537
tpc.googlesyndication.com/simgad/8375535968065456097/ Frame 99CD 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/8375535968065456097/14763004658117789537?w=400&h=209&tw=1&q=75
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1029ba9d788434ec8b881389e56e9d8063e54d782252943805e6d3a2b313ba75
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 04:00:14 GMT
x-content-type-options
nosniff
age
11289
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23210
x-xss-protection
0
last-modified
Mon, 30 Oct 2023 10:50:15 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 03 Nov 2024 04:00:14 GMT
truncated
/ Frame 99CD 		221 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 99CD 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
2db65123658e777ad9db1be48fe86c969c79d6cbb35ad405d1ed0a45655bd652

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
collect
region1.analytics.google.com/g/ Frame 7028 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-BKQ8B1L124&gtm=45je3b11v894309520&_p=1699081702734&gcd=11l1l1l1l1&cid=1661253279.1699081701&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1699081702&sct=1&seg=1&dl=https%3A%2F%2Fnewsletter.sonomamag.com%2Fframed%2Fsubscribe%2Fc436dadced448bd5c492ca666ecde2a4%26fid%3D8843&dr=https%3A%2F%2Fwww.sonomamag.com%2F&dt=Sonoma%20Magazine&en=page_view&_ee=1&tfd=1130
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BKQ8B1L124
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsletter.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Nov 2023 07:08:23 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://newsletter.sonomamag.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7926 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstPmnDwhHF67pZ5XyHZNjtrBP1w3iyYqroVGlkNHmvPTyWvPDhKWwdYjKTcj1h_DY8TWcKse8IdK7IuAWyUu5iEunL50piYIpji4-MEiuoEd7lCEQQpLchjgrsdK5ypheWGHm6UNT6lI4CRXGXABi0Kx6Hyi6PgopPLb-bkRF1gvT064tuiwy_bjskFg7yCYwnrEwLuQQx9i63ilzXSDOwczQ6WzFnRSJk3ofNCCqBJCcJye0q69dgjX7dTPswCvLYSrPXUDuADkAzmTMStJwTGaRAmTIFpggN5OffRF-0CIMj6ku7wHiHJEvJU_QlqYxtnl1gHlxJhtMhiBX_E5iwVXUrQPFA8FHE&sai=AMfl-YQ1FW_HTT_LP5_22Qv4ELTZdTsQNOHiKJ6gxvBmZx26mCBZXnIM7Tu8Ae94e1qNT51ach86Yib8gHBEPU7G9GE0fZS3p6xcjJCFz9nxT3oYj-gWDj0SAhLRR0O7gK8&sig=Cg0ArKJSzLQzzUECXyFFEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:23 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
11798653774909444193
tpc.googlesyndication.com/simgad/ Frame 7926 		107 KB
107 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11798653774909444193
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c7fffffaf60b8c9ba8bc76e763e2d421fb8964e8de4d64f7ddde785e6907327e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 05:14:48 GMT
x-content-type-options
nosniff
age
6815
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
109655
x-xss-protection
0
last-modified
Fri, 06 Oct 2023 16:03:57 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sun, 03 Nov 2024 05:14:48 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/ Frame 7926 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20231101/r20110914/client/window_focus_fy2021.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 11:05:10 GMT
content-encoding
br
x-content-type-options
nosniff
age
72193
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1236
x-xss-protection
0
server
cafe
etag
15004572836499977866
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 17 Nov 2023 11:05:10 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 7926 		189 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
60699
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1698838693892887"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 04 Nov 2023 07:08:23 GMT
l
www.google.com/ads/measurement/ Frame 7926 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaQYpsfSEp5XknPmuq3nTMQSd6QFceJ731BFiQUuM9J37us81hDrjsVgqZ9FpU-2D5fdUwZm
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 99CD 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.sonomamag.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 18:18:43 GMT
x-content-type-options
nosniff
age
391780
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 29 Oct 2024 18:18:43 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ Frame 99CD 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.sonomamag.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 28 Oct 2023 14:58:03 GMT
x-content-type-options
nosniff
age
576620
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 27 Oct 2024 14:58:03 GMT
truncated
/ Frame 7926 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e4818942c1c353c9bb10fb372edb8a98493ef7d88f74016963a7cf6fb4b341b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjoiNjIyMTE3MDY4MSIsImVidXkiOiIzMTUzMDEwMDIwIiwiZWFkdiI6IjQ5NTIzMjI4ODUiLCJlY2lkIjoiMTM4NDIyNDQwMTg1IiwiZWVudiI6ImoiLCJlcGlkIjoiOTQwOTg0MTciLCJlc2lkIjoiOTMyMzgzNzcifQ&tv=js-3.0.165&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=-60&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=22&tid=d0743e13-cd8f-4242-a8a9-4a94713365f0&pid=0eea4f3b-387c-4b82-93b1-083be0698def&dtm=1699081703389&qnm=_matherq&visible=1&tabid=bfdd7b77-7e82-4a32-8ba2-d93fb33cd3b8&url=https%3A%2F%2Fwww.sonomamag.com%2F&vp=1600x1200&ds=4000x11653&tofa=1699081703&vid=1&lvidt=1699081703&duid=a239f596-d12c-4e06-9443-2ae2d47e5dba&fp=4074129510&cid=ma16916&mrk=901956900
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.21.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-21-116.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Sat, 04 Nov 2023 07:08:23 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
truncated
/ Frame 838B 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8d26410844b58ad0841c37651e4d9aae3248a85b32e7e0dba5bd01e9d2a2974d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Type
image/png
view
securepubads.g.doubleclick.net/pcs/ Frame AED7 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst6rwC8U7OKE1TleNhJdL8KQoWd49Ye8qEyNwHK0haYgAl6T1RhmaTvLXfvboptQ8OnKuTC1NDZIkFVHeShnfykVbyMNlZ0422w-dIlRcvsEnGqZGHHbUd0l3QIpBrlZ1iTwtsHYQupHCawm6qeP1LV42WPVqKQGUDByIRC1A7cqg6rQRQEp-mput6RmW6XkJlfNGSS05TI8geK7JUVvzCtg4ndMYiutrddPZ_2nNjnQouU7qeIqCpnHTwMezMW5Af0QAl7aP7mlcWT2HdcO0eJIMVlW3PGwTIC4Ixp96HX0MkdkcD94LPeoC3NI1JYatxGQvRf6D1nDZSDveSlDxLo7NhGR7ZkwXWExA&sai=AMfl-YR2yM2UecmZvGJziNXMG2idhtfkn45aOH0wJgD7BLOSXsyKIyDpByrzx19hxOiuKAsESM4xTL5hLLjdW6XR1rwBRjqJTMSb3FlRcSEuwl1R4Z5oVz0HmcJTF1-BXw&sig=Cg0ArKJSzFcplwPoXwuxEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:23 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 04 Nov 2023 07:08:23 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 9C82 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuydDZy-SiS0kP8IZK090GIfz9mERgRLgGDyHlPFXEmRyu4nrbpBGf-E1mvMlp4ShjlgJGOGHGYVYauSW7GLr5-k4ngOwzB7MnQHc7prEvaWfDmhuP7VshWqD6u5rTEMRoqA7Z4KPAai8t3S0ycAzmWHq6d8fmrqEibpOl5-DUhOFAnc7f5t2VFEaQFx2Is62LDyQgdQAGQrSyMO-qgfUGRtznczDz5QkFRXZQvZkI_Ux5C17yI8w8bUatEZJU73JVjHWz7pPdwqObTSnO2ocM_EPleIaFDyKc1piRjtnMTES1t9S8qV0CYky9ySg6NSXRc8a10P2rzZYv9fIqUIRorbE9kJXN6hQpabQ&sai=AMfl-YQg7SX25auGrL8o_gbDv7685D7SznXKq4Bm_GGkuwRuS1dh1enKrwHk0wzOTOD43e1PvPg9KFAf_TxjLrrtXgnl8_Y3z1jocK9CyUIUHZF1aaOkzWgoxfn2UsPBNA&sig=Cg0ArKJSzDd_9VwxNha8EAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:23 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 04 Nov 2023 07:08:23 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame EAAE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstTNOTwljmzWid6UBBM6oGWGHtCfAOE4hhacp1WfzyEqVduIyI2NXRBe42XnxAiSmJdW5RMr7WJ5xGPQjXjwMHABmg2YrV53-txkAWvBxpQ4Z8EvY5K5XbuBn-ZWZU5FpMnkLHMff-ouV8oaBrqVG4He4h6hTZAHDDj_pWfQOR1Cq0E2OTXKbJRT9Kl9DPMHjXY0eF8aGuJmg3eysgb4WT4g3McRopLJrS56ewZ3C6hoP6t3v4yG2wshh3TAPfosdbMFZS4AhIp06WGXlZgm_qRRkzT4DBbDDV-6O1tQD3PpJ2cB7CjXhWQm4dUeDWfv40DlLd7vKZLNBQ_OKueecMZRvedh2T4SPKYlQ&sai=AMfl-YSuuATAPvLRMC0y7X9BBbEbPXjfHJxHe7k7lnjSk-DqX4MH2gG_ReE5mwTvbZO1LO9wvElGHl1GBh90gDy8gNG2F82BMEO2Je-aT38V_Hq3MB2KPP5Hl6bUq84fSQ&sig=Cg0ArKJSzOgYgtAh84tHEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:23 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 04 Nov 2023 07:08:23 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 8044 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv__Oy3uxjaSOORjKdXkUs5LaRrEAtWHP2SVYrl5nUSdXrRIAow0VZlXWjOVMh94Rkz0S9l2U3JoVr_8jebNo04qn-V_s72tP4i1kgEzQ4mnbYhaZnU8UYwNAY-Vt2GGxGgumcztlk6DxorGcy2VUZ7RGuWMGphIE--rdi7Zx3bgWKG_LQ0KwIJhEg_LNwltlJDF4Ip6nqYMLhpbm2nbWWz9tx1n_w3WrfIUpEJIP0_8fBucMhPVqpx-fbSt52JANim6RK6wjPEzaRHGao70rrZZrNVh7BKhtGI9L4XGcL00Y36vLXhzm78NnWDEoIaHtEnE00xbaz-6RziXUZ3jkbWvOr427V0OlcV6g&sai=AMfl-YQrdO7f_O9mLolppN1n18-MGKCGUm1MQJ4Qfy1aROChwEWnY5PYmGBBEl9pqzN0spvFxqWXnaoNJfUiDtkJOffMFQe7FomorRxgu-eKl2chSS_8UDv3TOxT18wOKPM&sig=Cg0ArKJSzKSsg6AQ69nyEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:23 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 04 Nov 2023 07:08:23 GMT
af3de389-ce21-4c39-9d15-9c73d61f8f58
player.ex.co/player/ 		621 KB
181 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.ex.co/player/af3de389-ce21-4c39-9d15-9c73d61f8f58?passToSdk=true
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/af3de389-ce21-4c39-9d15-9c73d61f8f58
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
51052486f545eb90cb335ae99c0888055c388a5e1fc0f178dbb0ba45a4d92da0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 04 Nov 2023 07:08:23 GMT
via
1.1 varnish, 1.1 varnish
age
0
x-cache
MISS, MISS
content-length
185400
x-served-by
cache-iad-kiad7000045-IAD, cache-fra-eddf8230107-FRA
server
nginx
x-timer
S1699081704.621128,VS0,VE291
etag
W/"9b497-IZfnoPGt+4XOHpQAOFwNjLEubE8"
access-control-max-age
600
access-control-allow-methods
GET, POST, PUT, DELETE, PATCH
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
vary
Accept-Encoding, x-pb-country, x-pb-connection, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-bot-name, x-pb-is-bot, x-pb-country, x-pb-connection, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-bot-name, x-pb-is-bot
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Content-Type
x-cache-hits
0, 0
11927
s-jsonp.moatads.com/ocr/NATIVOINVCONTENT1/level3/ 		0
276 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s-jsonp.moatads.com/ocr/NATIVOINVCONTENT1/level3/11927?t=202310481
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.17.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-30-17-133.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:24 GMT
last-modified
Tue, 18 Nov 2014 20:18:12 GMT
server
AmazonS3
x-amz-request-id
B17D55F7DE27FB81
x-akamai-ew-subworker
8096267
etag
"d41d8cd98f00b204e9800998ecf8427e"
content-type
application/x-javascript
cache-control
max-age=2247
accept-ranges
bytes
content-length
0
x-amz-id-2
mIU50l84eryBjMRqOnAd1Wue1SPq7w6EiQwUrn6rNchVVQCR2FTaNBeV7eOeh+EnU1pv9ak3kX4=
si
googleads.g.doubleclick.net/pagead/drt/ Frame FC15
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Server
2a00:1450:4001:80b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Redirect headers

date
Sat, 04 Nov 2023 07:08:23 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
view
securepubads.g.doubleclick.net/pcs/ Frame 1178 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvzBxJe1tMJqWkHkTXddxNfy2LlS9oD08qwWc7t7nxURVBmfg-DTxCTr6R2O1wOetqgTHQ20kMz6Yp2QDcqM-PqdW5SFiQ8RTbllpbdmwSb4zOqfcxRMIXkJTmJrHDttJkzbWP_VYr_42oa3pPHkLdqQ_K6Bp_ata4C3JdEB5hCJeruIT7rmEDfwBNeNyBt58Ds5EaCOwDamaGvgUHL01poUA18hK1ei1sSSPgswnFjKdH_yErV1ov8xGiN-rnYM6xFYChgjeIbQPIlDn8teugkKqnbsjUHk7WNvbRLbttcWPnmcrdJeBCqPSz-wV_N265nRMaNRB3dG-OSyUM0kBRB121HIzCLuew-4Q&sai=AMfl-YRZo5s2IsZVIfWIbkg0P1NpFNytVQ3xzgrZoyfaihbd7HVCTjTifRSHhkeuafg8j0j4gfFVUX-VAH94SBKr-ByDgc9ayC89t6JKT0ZpZ6c_TkZwkEImoL6oNQGQiQ&sig=Cg0ArKJSzFaIztymGcLJEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:23 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 04 Nov 2023 07:08:23 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 838B 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstkoa0G0wixPYcsclde_6FfADSptFIHnEM0utqoVxYKXExLcPCSIjIEyKd83SMopKJgETXidkPbEd43LApPLZBFX2PzxggB8bGkV5RKqifQpHAMRXWQxd-Dh7EzmaOLyoBIsh6LNVyBMhXwpOaU1DESeho0lRp9xGqp9dnTctWQQ-kkAWTRzRbfiyiAadTbFHUvglnFu2-ds4DwFoZDAlGlwIHHMmQRfSpNsHKMtGDvV2GV8FW7BBktLVBwKO3efejX1GHVIKk7b27yTWSNI7iGn7XwAwkwmP8c6o8Va82lbqY6TEDhqfJyJZunaZvtx7PF&sai=AMfl-YTXYhWjEXiYANI0h1jNkKYfEt9nRzFfUgWgp6nbDLyQnTFifKqwMiVy5nBrCPNO6NpxN0yIhoxv4D9nl_gtdGwYW5jmbNzsM7okjHEkz9d6BYpzcLnZqutOP6K8hg&sig=Cg0ArKJSzIN77HIV6NojEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:23 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 04 Nov 2023 07:08:23 GMT
view
securepubads.g.doubleclick.net/pcs/ Frame 7926 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsslMB4ulrTXMEXYgaHqj8euGovWWoqO11uoKyfLClohLiQ7Fc8WRSXFxuV4NuJnx64xMDRDEH-zt_PROOtMLGlkhd-cODYCJo07DzKbaKNHFOZq7XnfIrFgzsF3Rff5mDhl607vkAZ0hgYR8ox4WmtytXnU8zZbfFSr02fsxkrCIlZsJvbTdzKvYTQPfpptRGsnCungV7dZd7LMiFSJVE8DapE5O7EfZC_Sj1wNGCg69aEGLVu7ZWJOgefeKoO1J3VGrGXPO9VJGvsj--dCPaCEgA52orHn5XPxJB2oi_KvjlwGzBqsSR8S4NejlMdykDsEcX09hlFs8ApyUaCrzQs4S8TmXh14IQFoVg&sai=AMfl-YTa0Oe0B84wq5bt9Gjz0xObM-KuGMxvi7-y0kBCIuBwDFC-W1OPtuyGb-HgeaYJBOmiGxMiwBEiJ3uwgDGMeRuqKdf2lWOcWCg_XPSP2BpNoqFE9KgfFLTzjGg9vsc&sig=Cg0ArKJSzPtP5q_CzPPIEAE&uach_m=[UACH]&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:23 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
cafe
content-type
image/gif
access-control-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Sat, 04 Nov 2023 07:08:23 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 99CD 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 21:19:17 GMT
x-content-type-options
nosniff
server
cafe
age
35346
etag
14819457070020093239
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
2502
x-xss-protection
0
expires
Sat, 04 Nov 2023 21:19:17 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 99CD 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 21:19:17 GMT
x-content-type-options
nosniff
server
cafe
age
35346
etag
426692510519060060
vary
Accept-Encoding
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
295
x-xss-protection
0
expires
Sat, 04 Nov 2023 21:19:17 GMT
fbevents.js
connect.facebook.net/en_US/ Frame 7028 		202 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: newsletter.sonomamag.com
URL: https://newsletter.sonomamag.com/framed/subscribe/c436dadced448bd5c492ca666ecde2a4&fid=8843
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsletter.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 04 Nov 2023 07:08:23 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
vEJJeR9H4IlIKJFh/c3XvDDW6WoeeG1EmcFiWfrU7o0W9/wZaKQNAdKHCqvTpfm0v3VwYUowtYLKYmJ3f94Q+g==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
fbevents.js
connect.facebook.net/en_US/ Frame 1410 		202 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: newsletter.sonomamag.com
URL: https://newsletter.sonomamag.com/framed/smag/inline/b5a5fb7f64e61dfa271df912c7bbfa8f?pref=smag_cork-fork&fid=5798
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsletter.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 04 Nov 2023 07:08:23 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
vEJJeR9H4IlIKJFh/c3XvDDW6WoeeG1EmcFiWfrU7o0W9/wZaKQNAdKHCqvTpfm0v3VwYUowtYLKYmJ3f94Q+g==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
Iurb6YFw84WUY4NJiBak.woff2
fonts.gstatic.com/s/gloock/v6/ Frame 1410 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/gloock/v6/Iurb6YFw84WUY4NJiBak.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Gloock
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9961e32d2cc313d516ad15b8b436973923c5632d6159cc0a8b4889debc60ad97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsletter.sonomamag.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 18:11:23 GMT
x-content-type-options
nosniff
age
46620
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26384
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 21:06:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Nov 2024 18:11:23 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 9FF6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CuaQO5u1FZZG3JfW-9u8P3-CvmAiqj6fVc4e1wOj8Ea4CEAEg7-v4a2CV4pCCoAegAcX2pp0DyAEJqQIq3HRoEwGyPuACAKgDAcgDCqoEwgJP0LfDYcLnPwnQ6uwONtEHTYrn6GMRpgI5NYTICxPlmCx1bydlrK3zQnfDs6VTg6BDwOFheuBk33a8tsZ3yTXjKrtMSFCdQis-SmOefEAXr3PLDzZuPm7Y1AoWtTGzwj9rdOgBpQPJqjcARZ7hMEDb-rUMiJWnMwi5NFjrkS3it-nCrC6c-RkAGyLXjJFXwuhUG_0OYICjgnjoxpT7qgSuGhHqPJuc7nLQv1rAap1mOor1AuUSxX4fGnpqacBzZVlNGZvt98BmNIfO80cc3zak5_NTq_H948OSIr-8IXfTaEJHaZu9iv94vfH3HJwC0dsyJ_NtdEwQ5v6E0Zhcp3THl9ZI_fmUEODSnwc25etz72X8CTTnQ4t1_5yRqcnvBfLEvrYz6vzMR3N3aKyzXVIbp1z-EXe7aMcpMThTpJ8VfyaBwATd49SvugTgBAGIBZn2z4VNoAYugAejidliqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwUQ9JODAdIIFgiA4YBwEAEYHTIC6wI6AoBASL39wTqaCSxodHRwczovL3NpdGVzLnJtdi5kZS9kZS9zLWJhaG4vbWFsd2V0dGJld2VyYoAKA8gLAeINEwjds8_K5KmCAxV1n_0HHV_wC4O4E-QD2BMDiBQH0BUBmBYBgBcBshceChwIABIUcHViLTk1MDM0NzMzOTM0ODg4OTAY-d8T&sigh=aypiwv6GbwE&uach_m=[]&ase=2&nis=5&cid=CAQSOwDICaaNHz63R1Naz6oDTZn58GWj9r2VAm3S-CEFOtzs_fafnm8BALtb6D7mIFbfCvxYIkiuhNcuEL_LGAE&template_id=484&cbvp=2
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers
adview
securepubads.g.doubleclick.net/pagead/ Frame FC15 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CJdIz5u1FZb2wJtSl9u8PuJa3sAmbqJL1c-aA59PxEdrZHhABIO_r-GtgleKQgqAHoAGcr_uoAsgBAuACAKgDAcgDCKoErwJP0G8zWMtckjchGIrEwiOZ-V8XMto3yCx7sIS22AJoJPMz5wvih6N-FhsbvWvm1U4itB4a_1mozen8sd4YFTposd1Q2lA5QN8KWSlJ0ingGLJh1f64OyDGuyuNrOu0lL3i3b7sHThVnxt808u60N-WeGDCAkPAyYQeYZUyUYtAaLJRIOldTVvDJuuYTWGq1crxwo7DC9XzVEnrQxzul3nMQw5soQi1dPjrX7glcucw3M2kMQHUwgPseN3jN8_bG9TqX-ww_lWlQJ6yn34DZoWK8IHrpH6KjLOBnN6d8ealqa0a6_NWJWRM2EGS1pyP6Fmn0ZX5Nby_JRUjyagugX_GnObOaBBwichF7ayay_N9zbNPGkyUZneJyBK1UlgnR_klbBqdp2nbU5lRKRIBCW_ABMWxsubBBOAEAYgFrMGEnE2SBQQIBBgBkgUECAUYBKAGAoAHzNCE1wGoB9m2sQKoB47OG6gHk9gbqAfulrECqAf-nrECqAeko7ECqAfVyRuoB6a-G9gHAfIHBBDo8TDSCBYIgOGAcBABGB0yAusCOgKAQEi9_cE6mgntAWh0dHBzOi8vd3d3Lmhlcm8td2Fycy5jb20vP2RlbGF5ZWRzaWdudXA9dHJ1ZSZueF9zb3VyY2U9YWR4X2Fkd29yZHNkaXNwbGF5Lmh3X3diX3VjXy0uY2MtZGUuZy1tLmEtMjU1NC5hdS1kZV90b3BfYXJwcHUub3B0LXB1cmNoYXNlLmNvbS1uZXdhYy5jci1sZWdhY3lsb290NTcuY24tMzAwXzI1MC5scC1kZWxheWVkLmR0LWRpc3BsYXkuY2lkLTIwNzI4MzI0MjY4LmFnaWQtMTU1MTAxOTkzMTU3LmNzZC0zMDEwMjMuLYAKA8gLAaIMDCoKCgjktLEC7rWxAuINEwjJrtDK5KmCAxXUkv0HHTjLDZbYEw3QFQGYFgGAFwGyFx4KHAgAEhRwdWItOTUwMzQ3MzM5MzQ4ODg5MBj53xM&sigh=VUGBL60htJs&uach_m=[]&ase=2&nis=5&cid=CAQSOwDICaaNFPM0BYUHDwkyuSwbhW6zX_qfavyfw8M_34bNduLi_ir7WT_cVFtRIzpXF2VpBDLmNsvXqau5GAE&cbvp=2
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjoiNjIwNTE4NDgwMyIsImVidXkiOiIzMTM1MjE2MjMxIiwiZWFkdiI6IjQ4MTk4OTgwODMiLCJlY2lkIjoiMTM4NDUwMDE5Nzg2IiwiZWVudiI6ImoiLCJlcGlkIjoiOTQwOTg0MTciLCJlc2lkIjoiOTMyMzgzNzcifQ&tv=js-3.0.165&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=-60&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=22&tid=26762d51-1f79-47c8-9431-23e4d8fad8a2&pid=0eea4f3b-387c-4b82-93b1-083be0698def&dtm=1699081703514&qnm=_matherq&visible=1&tabid=bfdd7b77-7e82-4a32-8ba2-d93fb33cd3b8&url=https%3A%2F%2Fwww.sonomamag.com%2F&vp=1600x1200&ds=4000x11653&tofa=1699081703&vid=1&lvidt=1699081703&duid=a239f596-d12c-4e06-9443-2ae2d47e5dba&fp=4074129510&cid=ma16916&mrk=901956900
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.21.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-21-116.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Sat, 04 Nov 2023 07:08:23 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
adview
securepubads.g.doubleclick.net/pagead/ Frame 99CD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CiK1O5u1FZcfmJ4SG9u8PrKqOiAWqj6fVc4e1wOj8Ea4CEAEg7-v4a2CV4pCCoAegAcX2pp0DyAEJqQIq3HRoEwGyPuACAKgDAcgDCqoEwgJP0GK1a1ujKhxRMjeQYU4ufmUdtOdxNpJiaiuOiTIhjBU-VidWzEexA-H5T14meePSXQ-kyaSEIZ4Z4wYGMGYzDXSFbAdGo9Ku1cpS-6Fq8vf64nd0jf2E7Tw_206cxcbsMSrxlQRttY2UxR2h2Aa_XjqHauZrPi4bP5zr8T-5qNCh5DHkTIS1Ivadn1YbFifHvj3yaaS6uzN7dPGd8HfstR3Y8HoyEHQFMl5Jgu3EAoLMUw8DQcAcYW8UaKcLq85qyaLiA300Ftwo473A5jISWpISnb6krZbDWHCW9zT6jqsiHLjIO7T3bNTGIGPQZfCLyTiCoLG67JN9ruORMQGkQuk4xtLOWaufXr3Vu6g9wWIj_n2y9t6v3pLzzA0Dc11FAmjpcWeeHwD70MCY_P1BNbtmxzypbg0rnKZI4hDCtzOGwATd49SvugTgBAGIBZn2z4VNoAYugAejidliqAfZtrECqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgHpKOxAqgH1ckbqAemvhvYBwDyBwQQ0-M10ggWCIDhgHAQARgdMgLrAjoCgEBIvf3BOpoJLGh0dHBzOi8vc2l0ZXMucm12LmRlL2RlL3MtYmFobi9tYWx3ZXR0YmV3ZXJigAoDyAsBogwMKgoKCOS0sQLutbEC4g0TCLvD0crkqYIDFQSD_QcdLJUDUbgT5APYEwOIFAfQFQGYFgGAFwGyFx4KHAgAEhRwdWItOTUwMzQ3MzM5MzQ4ODg5MBj53xM&sigh=aiWrWyIXwiw&uach_m=[]&ase=2&nis=5&cid=CAQSPADICaaNwBsIj6FCi9GuCjq42MEdyPN5hl4bQtlQwbCMH2_GfBjfe43GWgIiPt-IW4Du00pUNrzICPltHxgB&template_id=484&cbvp=2
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers
fbevents.js
connect.facebook.net/en_US/ Frame 819F 		202 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: newsletter.sonomamag.com
URL: https://newsletter.sonomamag.com/framed/smag/inline/b5a5fb7f64e61dfa271df912c7bbfa8f?pref=smag_cork-fork&fid=5232
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsletter.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 04 Nov 2023 07:08:23 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
54273
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
vEJJeR9H4IlIKJFh/c3XvDDW6WoeeG1EmcFiWfrU7o0W9/wZaKQNAdKHCqvTpfm0v3VwYUowtYLKYmJ3f94Q+g==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
9094213530619291
connect.facebook.net/signals/config/ Frame 7028 		139 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/9094213530619291?v=2.9.138&r=stable&domain=www.sonomamag.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f8e18fa372ec7256c5c038536e1154b55a0073152a6fa6224b31d3f5d8a3e595
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsletter.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 04 Nov 2023 07:08:23 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
5+6w0Ah/GutI+8pcbenByFmvpeBLH7/EQAHk/fx7Y9IEDSn0a4Og/miYM2iAvBcwUFRdVljdWb7/BMZKjrWK1w==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
9094213530619291
connect.facebook.net/signals/config/ Frame 1410 		139 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/9094213530619291?v=2.9.138&r=stable&domain=www.sonomamag.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f8e18fa372ec7256c5c038536e1154b55a0073152a6fa6224b31d3f5d8a3e595
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsletter.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 04 Nov 2023 07:08:24 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
Dul44YiSTwui9xF6sBbLLONS5557HZRZxumXoaelWRbU10862/bGcOvM0KxJTvcRBPxeqhOtr7J8KDL4VUyLWw==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
Iurb6YFw84WUY4NJiBak.woff2
fonts.gstatic.com/s/gloock/v6/ Frame 819F 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/gloock/v6/Iurb6YFw84WUY4NJiBak.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Gloock
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9961e32d2cc313d516ad15b8b436973923c5632d6159cc0a8b4889debc60ad97
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://newsletter.sonomamag.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 18:11:23 GMT
x-content-type-options
nosniff
age
46620
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
26384
x-xss-protection
0
last-modified
Thu, 24 Aug 2023 21:06:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 02 Nov 2024 18:11:23 GMT
gtm.js
www.googletagmanager.com/ 		307 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T89FCNT&l=MG2DL
Requested by
Host: cdn.o1ych4jb.com
URL: https://cdn.o1ych4jb.com/prod/smi/g2i.min.js?2023104
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d2c0f0db9c59c91e6cea322f7a505c64a7226394004aaf280a43500cce2ee624
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
97211
x-xss-protection
0
last-modified
Sat, 04 Nov 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Sat, 04 Nov 2023 07:08:23 GMT
ai.0.js
az416426.vo.msecnd.net/scripts/a/ 		94 KB
22 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by
Host: cdn.pranmcpkx.com
URL: https://cdn.pranmcpkx.com/prod/smi/t8y9347t.min.js?2023104
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/488D) /
Resource Hash
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 04 Nov 2023 07:08:23 GMT
content-encoding
gzip
x-ms-meta-lastmodified
2020-10-01 19:31:04
content-md5
HdY95yzx9wIyQkVEGES+Ew==
age
87
x-cache
HIT
content-length
22495
x-ms-lease-status
unlocked
last-modified
Thu, 11 Mar 2021 07:46:59 GMT
server
ECAcc (ama/488D)
etag
0x8D8E461DA1A5889
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
x-ms-request-id
1405b8ee-201e-00cc-3fed-0ee8d6000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control
public, max-age=1800
x-ms-version
2009-09-19
expires
Sat, 04 Nov 2023 07:38:23 GMT
index.js
cdn.pranmcpkx.com/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pranmcpkx.com/index.js
Requested by
Host: cdn.pranmcpkx.com
URL: https://cdn.pranmcpkx.com/prod/smi/t8y9347t.min.js?2023104
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/489D) /
Resource Hash
6941d870c4bac732a6ed7718c594a73cc27000379eaaf241c9e47d982e44f407

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 04 Nov 2023 07:08:23 GMT
content-encoding
gzip
content-md5
nynBpfvYghYqzIzsvfssRw==
age
105402
x-cache
HIT
content-length
2382
x-ms-lease-status
unlocked
last-modified
Fri, 17 Jun 2022 17:08:13 GMT
server
ECAcc (ama/489D)
etag
0x8DA5083F65AD9E0
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-ms-request-id
8d571686-a01e-004a-29f8-0d5431000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
SM__SM.json
cdn.pranmcpkx.com/prod/data/smi/ 		2 KB
3 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.pranmcpkx.com/prod/data/smi/SM__SM.json?_=1699081703973
Requested by
Host: cdn.pranmcpkx.com
URL: https://cdn.pranmcpkx.com/prod/smi/t8y9347t.min.js?2023104
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash
2c2a447b645ee166d404779a08b2d45076000ac02b98350a292be81d7f6c9650

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-ms-lease-status
unlocked
x-ms-blob-type
AppendBlob
date
Sat, 04 Nov 2023 07:08:23 GMT
last-modified
Thu, 11 May 2023 16:38:36 GMT
server
Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-committed-block-count
1
etag
0x8DB523E2B0BA329
content-type
application/octet-stream
access-control-allow-origin
*
x-ms-request-id
441db1f6-901e-009a-4ded-0e6967000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,x-ms-lease-status,x-ms-blob-type,x-ms-blob-committed-block-count,Content-Length,Date,Transfer-Encoding
cache-control
no-cache
x-ms-version
2009-09-19
content-length
2412
ad_300_250.jpg
paywall-ad-bucket.s3.amazonaws.com/ 		631 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paywall-ad-bucket.s3.amazonaws.com/ad_300_250.jpg
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.202.121 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
0859f5f9bf49348ef81d01f953d520c10a2a857961ef1bfad4a7903609889de5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Sat, 04 Nov 2023 07:08:25 GMT
Last-Modified
Tue, 15 Oct 2019 13:44:16 GMT
Server
AmazonS3
x-amz-request-id
NQZ7DBMW2DXXVMFB
ETag
"ef2cc7f55b7ab677b023e36033e26471"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
631
x-amz-id-2
7zZCQxCBKwIzoQ7d224gLs1tn0rKpRwY3bnxaIVxpEWhXUSlQ/6slUncNWWgvc/OV0/CoExJH9s=
x-amz-meta-s3b-last-modified
20191015T134358Z
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjoiNjI0ODk4MzY2NSIsImVidXkiOiIzMTYyMjgxNzUyIiwiZWFkdiI6IjUyMTAzNzc2MzkiLCJlY2lkIjoiMTM4NDUxMzQzNDc3IiwiZWVudiI6ImoiLCJlcGlkIjoiOTQwOTg0MTciLCJlc2lkIjoiOTMyMzgzNzcifQ&tv=js-3.0.165&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=-60&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=22&tid=c39ec038-a0f6-4fd7-8f47-7e4e9d7c9aa9&pid=0eea4f3b-387c-4b82-93b1-083be0698def&dtm=1699081703545&qnm=_matherq&visible=1&tabid=bfdd7b77-7e82-4a32-8ba2-d93fb33cd3b8&url=https%3A%2F%2Fwww.sonomamag.com%2F&vp=1600x1200&ds=4000x11653&tofa=1699081703&vid=1&lvidt=1699081703&duid=a239f596-d12c-4e06-9443-2ae2d47e5dba&fp=4074129510&cid=ma16916&mrk=901956900
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.21.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-21-116.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Sat, 04 Nov 2023 07:08:24 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
9094213530619291
connect.facebook.net/signals/config/ Frame 819F 		139 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/9094213530619291?v=2.9.138&r=stable&domain=www.sonomamag.com
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f8e18fa372ec7256c5c038536e1154b55a0073152a6fa6224b31d3f5d8a3e595
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsletter.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Sat, 04 Nov 2023 07:08:24 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
36852
x-xss-protection
0
reporting-endpoints
pragma
public
x-fb-debug
5+6w0Ah/GutI+8pcbenByFmvpeBLH7/EQAHk/fx7Y9IEDSn0a4Og/miYM2iAvBcwUFRdVljdWb7/BMZKjrWK1w==
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
origin-agent-cluster
?0
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
versions
player.ex.co/ 		738 B
1 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://player.ex.co/versions
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/af3de389-ce21-4c39-9d15-9c73d61f8f58?passToSdk=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.132 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e00967719a72e53adae7ef6b740698d0d9398ab6c9882916bd07ef08c737d84d
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=15552000; includeSubDomains
via
1.1 varnish, 1.1 varnish
x-content-type-options
nosniff
date
Sat, 04 Nov 2023 07:08:24 GMT
age
59062
x-cache
MISS, HIT
content-length
738
x-served-by
cache-iad-kjyo7100158-IAD, cache-fra-eddf8230036-FRA
server
nginx
x-timer
S1699081704.072561,VS0,VE0
etag
W/"2e2-uVX5U3egH64rQsfmkjNwaXFxp0A"
access-control-max-age
600
access-control-allow-methods
GET, POST, PUT, DELETE, PATCH
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
no-cache
vary
x-pb-country, x-pb-connection, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-bot-name, x-pb-is-bot, x-pb-country, x-pb-connection, x-pb-embedid, x-pb-itemid, x-pb-videoid, x-pb-player, x-pb-bot-name, x-pb-is-bot
accept-ranges
bytes
access-control-allow-headers
Accept, Authorization, Content-Type
x-cache-hits
0, 324
/
www.facebook.com/tr/ Frame 7028 		0
54 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=9094213530619291&ev=PageView&dl=https%3A%2F%2Fnewsletter.sonomamag.com%2Fframed%2Fsubscribe%2Fc436dadced448bd5c492ca666ecde2a4%26fid%3D8843&rl=https%3A%2F%2Fwww.sonomamag.com%2F&if=true&ts=1699081704080&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1699081701409.375025982&cs_est=true&ler=other&it=1699081703920&coo=false&rqm=GET
Requested by
Host: newsletter.sonomamag.com
URL: https://newsletter.sonomamag.com/framed/subscribe/c436dadced448bd5c492ca666ecde2a4&fid=8843
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsletter.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 04 Nov 2023 07:08:24 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-T89FCNT&l=MG2DL
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Sat, 04 Nov 2023 05:49:42 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
4722
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Sat, 04 Nov 2023 07:49:42 GMT
subscriptions.js
static.chartbeat.com/js/ 		32 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.chartbeat.com/js/subscriptions.js
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2646:1200:18:1fcd:353:c61 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
a1c9a21ede44774a26110c312c2c5398e074132f6e243011c15b4bfd660702ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 17:27:45 GMT
content-encoding
gzip
via
1.1 dc57cbf9d7336ae929f762b5ada2ed98.cloudfront.net (CloudFront)
last-modified
Thu, 02 Jun 2022 02:15:58 GMT
server
nginx
x-amz-cf-pop
FRA60-P5
age
49239
etag
W/"62981d5e-81f0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=86400
cross-origin-resource-policy
cross-origin
x-amz-cf-id
HDPIEvdQlq7FQPDSSCnOVXY8wM1fIHNLaGjiNc49BywAvgYuilm-Qw==
expires
Sat, 04 Nov 2023 17:27:45 GMT
/
www.facebook.com/tr/ Frame 819F 		0
18 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=9094213530619291&ev=PageView&dl=https%3A%2F%2Fnewsletter.sonomamag.com%2Fframed%2Fsmag%2Finline%2Fb5a5fb7f64e61dfa271df912c7bbfa8f%3Fpref%3Dsmag_cork-fork%26fid%3D5232&rl=https%3A%2F%2Fwww.sonomamag.com%2F&if=true&ts=1699081704139&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1699081701409.375025982&cs_est=true&ler=other&it=1699081704025&coo=false&rqm=GET
Requested by
Host: newsletter.sonomamag.com
URL: https://newsletter.sonomamag.com/framed/smag/inline/b5a5fb7f64e61dfa271df912c7bbfa8f?pref=smag_cork-fork&fid=5232
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsletter.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 04 Nov 2023 07:08:24 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjoiNjI0ODk4MzY2NSIsImVidXkiOiIzMTYyMjgxNzUyIiwiZWFkdiI6IjUyMTAzNzc2MzkiLCJlY2lkIjoiMTM4NDUxMzQzNDc3IiwiZWVudiI6ImoiLCJlcGlkIjoiOTQwOTg0MTciLCJlc2lkIjoiOTMyMzgzNzcifQ&tv=js-3.0.165&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=-60&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=22&tid=a47537ad-4732-4b88-a634-284fd7c5625b&pid=0eea4f3b-387c-4b82-93b1-083be0698def&dtm=1699081703582&qnm=_matherq&visible=1&tabid=bfdd7b77-7e82-4a32-8ba2-d93fb33cd3b8&url=https%3A%2F%2Fwww.sonomamag.com%2F&vp=1600x1200&ds=4000x11653&tofa=1699081703&vid=1&lvidt=1699081703&duid=a239f596-d12c-4e06-9443-2ae2d47e5dba&fp=4074129510&cid=ma16916&mrk=901956900
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.21.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-21-116.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Sat, 04 Nov 2023 07:08:24 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
/
www.facebook.com/tr/ Frame 1410 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=9094213530619291&ev=PageView&dl=https%3A%2F%2Fnewsletter.sonomamag.com%2Fframed%2Fsmag%2Finline%2Fb5a5fb7f64e61dfa271df912c7bbfa8f%3Fpref%3Dsmag_cork-fork%26fid%3D5798&rl=https%3A%2F%2Fwww.sonomamag.com%2F&if=true&ts=1699081704151&sw=1600&sh=1200&v=2.9.138&r=stable&ec=0&o=4126&fbp=fb.1.1699081701409.375025982&cs_est=true&ler=other&it=1699081703923&coo=false&rqm=GET
Requested by
Host: newsletter.sonomamag.com
URL: https://newsletter.sonomamag.com/framed/smag/inline/b5a5fb7f64e61dfa271df912c7bbfa8f?pref=smag_cork-fork&fid=5798
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsletter.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Sat, 04 Nov 2023 07:08:24 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
priority
u=3,i
events
collector.ex.co/main/ 		17 B
155 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector.ex.co/main/events
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.31.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-31-117.compute-1.amazonaws.com
Software
/
Resource Hash
cebe87559cf861d01e9c6b1cefd38ab1db9e13c8fe316b85a296b6cf220f883e

Request headers

Referer
https://www.sonomamag.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 04 Nov 2023 07:08:24 GMT
etag
W/"11-MaL8I3MaqLPWbOrdrabTmSWS9PM"
content-length
17
content-type
application/json; charset=utf-8
css2
fonts.googleapis.com/ 		2 KB
585 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Roboto&display=swap
Requested by
Host: client
URL: about:client
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
c87b7f745cfb4a994801488584e6e0e78d6c4f0ad567e985a781fc0b86074724
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Sat, 04 Nov 2023 07:08:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Sat, 04 Nov 2023 07:08:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Sat, 04 Nov 2023 07:08:24 GMT
landscape781bc3cc-139e-42c2-b5b0-c873ec5e240e.webp
mcd.ex.co/video/upload/w_295,so_4/v1490095101/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mcd.ex.co/video/upload/w_295,so_4/v1490095101/landscape781bc3cc-139e-42c2-b5b0-c873ec5e240e.webp
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.53.42.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-130.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
add4400980125165d8125294944eb910e951f05af198801665a1e7d2c0bd576c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Sat, 04 Nov 2023 07:08:25 GMT
Cache-Tag
494320572674794536297121460370749692436,266460673134253583867341487109298160643,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Disposition
inline; filename="landscape781bc3cc-139e-42c2-b5b0-c873ec5e240e.webp"
Connection
keep-alive
Content-Length
6988
X-Served-By
cache-lga21973-LGA
Last-Modified
Sat, 04 Nov 2023 00:34:47 GMT
Server
cloudinary
Surrogate-Reporting
width=295,height=165,bytes=6988,owidth=1280,oheight=718,obytes=72585
X-Timer
S1699059397.309782,VS0,VE3
ETag
"18b2a7d1351d741826d468cd26e1b0cb"
Content-Type
image/webp
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31535260
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
player.js
cdn.ex.co/player/ap/3.65.1-e4cd5b7/ 		446 KB
117 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ex.co/player/ap/3.65.1-e4cd5b7/player.js
Requested by
Host: player.ex.co
URL: https://player.ex.co/player/af3de389-ce21-4c39-9d15-9c73d61f8f58?passToSdk=true
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.42.114 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-114.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
26eabc7c87a3cb3b96ab97f25d260876a1ae2176022acf592bae6ec70d7db87e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:24 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
content-length
119610
last-modified
Thu, 02 Nov 2023 13:29:44 GMT
server
AmazonS3
etag
"2fc1cf8f47aa14dd8bd0ae981eff14e9"
vary
Accept-Encoding
access-control-max-age
86400
access-control-allow-methods
GET,POST
access-control-allow-origin
*
content-type
application/javascript
cache-control
must-revalidate, proxy-revalidate, max-age=604800, s-maxage=31536000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Sat, 11 Nov 2023 07:08:24 GMT
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjoiNjI0ODk4MzY2NSIsImVidXkiOiIzMTYyMjgxNzUyIiwiZWFkdiI6IjUyMTAzNzc2MzkiLCJlY2lkIjoiMTM4NDUxMzQzNDc3IiwiZWVudiI6ImoiLCJlcGlkIjoiOTQwOTg0MTciLCJlc2lkIjoiOTMyMzgzNzcifQ&tv=js-3.0.165&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=-60&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=22&tid=c1c3154a-87ea-420d-a3a2-5118d534b44f&pid=0eea4f3b-387c-4b82-93b1-083be0698def&dtm=1699081703611&qnm=_matherq&visible=1&tabid=bfdd7b77-7e82-4a32-8ba2-d93fb33cd3b8&url=https%3A%2F%2Fwww.sonomamag.com%2F&vp=1600x1200&ds=4000x11653&tofa=1699081703&vid=1&lvidt=1699081703&duid=a239f596-d12c-4e06-9443-2ae2d47e5dba&fp=4074129510&cid=ma16916&mrk=901956900
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.21.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-21-116.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Sat, 04 Nov 2023 07:08:24 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjoiNjM4NjQ5MTE3NiIsImVidXkiOiIzMjQ0NzI4NjUxIiwiZWFkdiI6IjUyNzQyMTk1MjgiLCJlY2lkIjoiMTM4NDQ4NDM5ODcyIiwiZWVudiI6ImoiLCJlcGlkIjoiOTQwOTg0MTciLCJlc2lkIjoiOTMyMzgzNzcifQ&tv=js-3.0.165&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=-60&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=22&tid=bf3c10cf-a480-4742-9f40-61f7fcce081a&pid=0eea4f3b-387c-4b82-93b1-083be0698def&dtm=1699081703689&qnm=_matherq&visible=1&tabid=bfdd7b77-7e82-4a32-8ba2-d93fb33cd3b8&url=https%3A%2F%2Fwww.sonomamag.com%2F&vp=1600x1200&ds=4000x11653&tofa=1699081703&vid=1&lvidt=1699081703&duid=a239f596-d12c-4e06-9443-2ae2d47e5dba&fp=4074129510&cid=ma16916&mrk=901956900
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.21.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-21-116.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Sat, 04 Nov 2023 07:08:24 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
cookie_sync.html
cdn.ex.co/sync/0.0.1-1082b4e/ Frame EAB3 		370 B
608 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.ex.co/sync/0.0.1-1082b4e/cookie_sync.html?network=368531133%2C1340160700&gdpr=0&gdpr_consent=
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/3.65.1-e4cd5b7/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.42.114 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-114.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
6463c8e174a08f3907b434ef8238751148ca234503f341f917ae83306ace82ba

Request headers

Referer
https://www.sonomamag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-credentials
false
access-control-allow-headers
*
access-control-allow-methods
GET,POST
access-control-allow-origin
*
access-control-max-age
86400
cache-control
must-revalidate, proxy-revalidate, max-age=40899, s-maxage=31536000
content-encoding
gzip
content-length
255
content-type
text/html;charset=utf-8
date
Sat, 04 Nov 2023 07:08:24 GMT
etag
"6c913cf53e2f19bb85cbce59bc48565f"
last-modified
Tue, 26 Sep 2023 18:25:41 GMT
server
AmazonS3
vary
Accept-Encoding
x-amz-server-side-encryption
AES256
sync-4b7ae961.js
cdn.ex.co/sync/0.0.1-1082b4e/ Frame EAB3 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ex.co/sync/0.0.1-1082b4e/sync-4b7ae961.js
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/sync/0.0.1-1082b4e/cookie_sync.html?network=368531133%2C1340160700&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.42.114 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-114.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
c6e243d760551a3a2e65cc602b46589d33714df21c083bd9948b631c1cf9450f

Request headers

Referer
https://cdn.ex.co/sync/0.0.1-1082b4e/cookie_sync.html?network=368531133%2C1340160700&gdpr=0&gdpr_consent=
Origin
https://cdn.ex.co
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:24 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
content-length
1365
last-modified
Tue, 26 Sep 2023 18:25:41 GMT
server
AmazonS3
etag
"ea77f73013f99623af0cfc02bdf7a34a"
vary
Accept-Encoding
access-control-max-age
86400
access-control-allow-methods
GET,POST
access-control-allow-origin
*
content-type
application/javascript
cache-control
must-revalidate, proxy-revalidate, max-age=604800, s-maxage=31536000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Sat, 11 Nov 2023 07:08:24 GMT
cookie_sync
sync.ex.co/v1/ Frame EAB3 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://sync.ex.co/v1/cookie_sync?network=368531133%2C1340160700&gdpr=0&gdpr_consent=
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/sync/0.0.1-1082b4e/sync-4b7ae961.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.237.233.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-233-44.compute-1.amazonaws.com
Software
/
Resource Hash
88db56f3db4253b3fbff67c7f0c5a96687ae5951add8f3e9702b36045943cb0c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.ex.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-origin
https://cdn.ex.co
date
Sat, 04 Nov 2023 07:08:24 GMT
access-control-allow-credentials
true
content-length
1811
vary
Origin
content-type
application/json
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=ee&error=iSegsFunc()%20failed%3A%20ReferenceError%3A%20iSegsTab%20is%20not%20defined&tv=js-3.0.165&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=-60&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=22&tid=bc32b7b2-a7a5-4659-8516-7d6e56629b05&pid=0eea4f3b-387c-4b82-93b1-083be0698def&dtm=1699081703700&qnm=_matherq&visible=1&tabid=bfdd7b77-7e82-4a32-8ba2-d93fb33cd3b8&url=https%3A%2F%2Fwww.sonomamag.com%2F&vp=1600x1200&ds=4000x11653&tofa=1699081703&vid=1&lvidt=1699081703&duid=a239f596-d12c-4e06-9443-2ae2d47e5dba&fp=4074129510&cid=ma16916&mrk=901956900
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.21.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-21-116.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Sat, 04 Nov 2023 07:08:24 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pv&page=Sonoma%20Magazine%3A%20Things%20to%20Do%20in%20Sonoma&artid=4146&artpubt=1429963063&arttype=homepage&artupt=1565109304&auth=Sonoma%20Magazine%20Staff&chrcnt=284&cms=WordPress%206.3.2&metered=0&ptype=homepage&paracnt=1&prem=0&pubname=Sonoma%20Magazine&sec=Magazine&wrdcnt=51&tv=js-3.0.165&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=-60&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=22&tid=07155bb3-3b02-4a4e-ad5f-97471cc09e0d&pid=0eea4f3b-387c-4b82-93b1-083be0698def&dtm=1699081703696&qnm=_matherq&visible=1&tabid=bfdd7b77-7e82-4a32-8ba2-d93fb33cd3b8&url=https%3A%2F%2Fwww.sonomamag.com%2F&vp=1600x1200&ds=4000x11653&tofa=1699081703&vid=1&lvidt=1699081703&duid=a239f596-d12c-4e06-9443-2ae2d47e5dba&fp=4074129510&cid=ma16916&mrk=901956900&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTY5OTA4MTY5OTYyNyIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiI0NC43bWIiLCJoZWFwVCI6IjY0bWIiLCJmc3RQYWludCI6IjE1MzIiLCJmZXRjaFMiOiI4MTEiLCJkb21haW5TIjoiODEyIiwiZG9tYWluRSI6IjgxMiIsImNvbm5TIjoiODEyIiwiY29ubkUiOiIxMTI1Iiwic3NsUyI6Ijk2NyIsInJlcXVTIjoiMTEyNSIsInJlc3BTIjoiMTI4OCIsInJlc3BFIjoiMTQ1NiIsImRvbUxvYWQiOiIxMjkxIiwiZG9tSW50ZXIiOiIyNDMwIiwiZG9tTG9hZFMiOiIyNDMwIiwiZG9tTG9hZEUiOiIyNDU5In0sImlkZW50aXRpZXMiOlt7InR5cGUiOiJnYSIsImlkIjoiMTY2MTI1MzI3OSIsInJlZlRpbWUiOiIxNjk5MDgxNzAzNjk2In1dLCJhdWRpZW5jZSI6W3sicHJvdmlkZXIiOiJ1c2VyREIiLCJzZWdtZW50cyI6WyJNQVRIRVJfVTlJX1JFR01FVDJfMjAyMTEwMDEiXSwicGFnZUlkIjoiMGVlYTRmM2ItMzg3Yy00YjgyLTkzYjEtMDgzYmUwNjk4ZGVmIn0seyJwcm92aWRlciI6ImlTZWdzIiwic2VnbWVudHMiOlsiTUFUSEVSX1U5SV9SRUdNRVQyXzIwMjExMDAxIl0sInBhZ2VJZCI6IjBlZWE0ZjNiLTM4N2MtNGI4Mi05M2IxLTA4M2JlMDY5OGRlZiJ9XX0
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.21.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-21-116.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Sat, 04 Nov 2023 07:08:24 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjoiNjIwNTE4NDgwMyIsImVidXkiOiIzMTM1MjE2MjMxIiwiZWFkdiI6IjQ4MTk4OTgwODMiLCJlY2lkIjoiMTM4NDUwMDE5Nzg2IiwiZWVudiI6ImoiLCJlcGlkIjoiOTQwOTg0MTciLCJlc2lkIjoiOTMyMzgzNzcifQ&tv=js-3.0.165&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=-60&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=22&tid=7550d993-6ae8-48e6-8f39-6d7a2ac4f52c&pid=0eea4f3b-387c-4b82-93b1-083be0698def&dtm=1699081703761&qnm=_matherq&visible=1&tabid=bfdd7b77-7e82-4a32-8ba2-d93fb33cd3b8&url=https%3A%2F%2Fwww.sonomamag.com%2F&vp=1600x1200&ds=4000x11653&tofa=1699081703&vid=1&lvidt=1699081703&duid=a239f596-d12c-4e06-9443-2ae2d47e5dba&fp=4074129510&cid=ma16916&mrk=901956900
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.73.21.116 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-73-21-116.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Date
Sat, 04 Nov 2023 07:08:24 GMT
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 7F51 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/sync/0.0.1-1082b4e/sync-4b7ae961.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://cdn.ex.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=49407
content-encoding
gzip
content-length
5606
content-type
text/html
date
Sat, 04 Nov 2023 07:08:24 GMT
expires
Sat, 04 Nov 2023 20:51:51 GMT
last-modified
Fri, 01 Sep 2023 11:18:33 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usermatch
ssum-sec.casalemedia.com/ Frame 9BBE
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=190719&cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D&s=190719&C=1
2 KB
867 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D&s=190719&C=1
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/sync/0.0.1-1082b4e/sync-4b7ae961.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
915327f6b6815a22f4e1fc70ee61855342bd946af70f0f78c64da6f801b89a00

Request headers

Referer
https://cdn.ex.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
820b068fcee891de-FRA
content-encoding
br
content-type
text/html
date
Sat, 04 Nov 2023 07:08:24 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bjIAvTuvuky5KvkzhtrfUxH7lVRmfGEyTZT2ItPpcxKmoGORascvojce%2F%2BD%2BmdeLDqD4ubuOyrRk40qF8WA70fXKhLRifYTxpFgNbSxsKBG08sTwsjCsdcpCI1wPcorqpPX85%2BLuKHyYPA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
820b068f8ebe91de-FRA
content-length
0
date
Sat, 04 Nov 2023 07:08:24 GMT
expires
0
location
/usermatch?cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D&s=190719&C=1
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Pk5wX7SzuJ5PvYWN2xLdA8mP86K66KxyXLI%2FOQnEkUMHEWTGi864SCNSZa8lP8AISFcPEkpTet6HDhh7VIFJWgcLOBMqP%2BKFC0T5HlD8k3pMOshjL5GxvR%2FIdKb7DYyJ7FF7Qrmxb51CCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
pbs-user-sync
ads.stickyadstv.com/ Frame 40F6 		317 B
791 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/pbs-user-sync?id=3684&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dfreewheel%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7Bviewerid%7D
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/sync/0.0.1-1082b4e/sync-4b7ae961.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
193.108.153.21 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a193-108-153-21.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
6a399de34ed4a5947f9d16f7f1b6ee1afb380fd09c4c525d2294df575449f5e0

Request headers

Referer
https://cdn.ex.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
317
Date
Sat, 04 Nov 2023 07:08:24 GMT
Expires
Sat, 04 Nov 2023 07:08:24 GMT
Pragma
no-cache
Server
nginx
x-sticky-vk
1699081704889006-556
sync
ssbsync-global.smartadserver.com/api/ Frame FA29 		0
45 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync-global.smartadserver.com/api/sync?callerId=35&redirectUri=sync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dsmartadserver%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%5Bssb_sync_pid%5D
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/sync/0.0.1-1082b4e/sync-4b7ae961.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
81.17.55.123 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://cdn.ex.co/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Sat, 04 Nov 2023 07:08:24 GMT
setuid
sync.ex.co/v1/ Frame EAB3
Redirect Chain
  • https://u.openx.net/w/1.0/cm?id=f0686912-7fb3-48f6-be19-4d168ad880c0&r=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
  • https://u.openx.net/w/1.0/cm?cc=1&id=f0686912-7fb3-48f6-be19-4d168ad880c0&r=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dopenx%26gdpr%3D0%26gdpr_consent%3D%26uid%3D
  • https://sync.ex.co/v1/setuid?bidder=openx&gdpr=0&gdpr_consent=&uid=3008156a-12e3-4703-b8ae-e3e6698992c9
86 B
385 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.ex.co/v1/setuid?bidder=openx&gdpr=0&gdpr_consent=&uid=3008156a-12e3-4703-b8ae-e3e6698992c9
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Server
34.237.233.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-233-44.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.ex.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-origin
date
Sat, 04 Nov 2023 07:08:25 GMT
access-control-allow-credentials
true
content-length
86
vary
Origin
content-type
image/png

Redirect headers

date
Sat, 04 Nov 2023 07:08:24 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://sync.ex.co/v1/setuid?bidder=openx&gdpr=0&gdpr_consent=&uid=3008156a-12e3-4703-b8ae-e3e6698992c9
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
dmp
vop.sundaysky.com/sync/ Frame EAB3 		43 B
365 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dsundaysky%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7Bssky_uuid%7D
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.90.248.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-90-248-117.compute-1.amazonaws.com
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.ex.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Nov 2023 07:08:25 GMT
x-content-type-options
nosniff
x-frame-options
DENY
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI PUR COM NAV INT DEM STA PRE"
cache-control
private, no-cache, no-cache=Set-Cookie, must-revalidate, proxy-revalidate, max-age=0
content-length
43
expires
Sat, 1 Apr 2000 00:00:00 GMT
setuid
sync.ex.co/v1/ Frame EAB3
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?zcc=1&redir=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%5BRX_UUID%5D&cb=1699081704878
  • https://ad.turn.com/r/cs?pid=45&rndcb=1564278752
  • https://sync.1rx.io/usersync/turn/8895773545145174356?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-f7b13f3a-fbcb-4ba1-9428-97d13a1a1154-003?redir=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dunruly%26gdpr%3D0%26gdpr_consent%3D%26uid%3DRX-f7b13...
  • https://sync.ex.co/v1/setuid?bidder=unruly&gdpr=0&gdpr_consent=&uid=RX-f7b13f3a-fbcb-4ba1-9428-97d13a1a1154-003
86 B
470 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.ex.co/v1/setuid?bidder=unruly&gdpr=0&gdpr_consent=&uid=RX-f7b13f3a-fbcb-4ba1-9428-97d13a1a1154-003
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Server
34.237.233.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-233-44.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.ex.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-origin
date
Sat, 04 Nov 2023 07:08:25 GMT
access-control-allow-credentials
true
content-length
86
vary
Origin
content-type
image/png

Redirect headers

location
https://sync.ex.co/v1/setuid?bidder=unruly&gdpr=0&gdpr_consent=&uid=RX-f7b13f3a-fbcb-4ba1-9428-97d13a1a1154-003
date
Sat, 04 Nov 2023 07:08:25 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RXf7b13f3afbcb4ba1942897d13a1a1154003
content-type
text/html
setuid
sync.ex.co/v1/ Frame EAB3
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dappnexus%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fsync.ex.co%252Fv1%252Fsetuid%253Fbidder%253Dappnexus%2526gdpr%253D0%2526gdpr_consent%253D%2526uid%253D%2524UID
  • https://sync.ex.co/v1/setuid?bidder=appnexus&gdpr=0&gdpr_consent=&uid=2867029333300452141
86 B
375 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.ex.co/v1/setuid?bidder=appnexus&gdpr=0&gdpr_consent=&uid=2867029333300452141
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Server
34.237.233.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-233-44.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.ex.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-origin
date
Sat, 04 Nov 2023 07:08:25 GMT
access-control-allow-credentials
true
content-length
86
vary
Origin
content-type
image/png

Redirect headers

pragma
no-cache
date
Sat, 04 Nov 2023 07:08:24 GMT
an-x-request-uuid
50850fd4-9dc9-44b1-ac02-d3d5e98f9d71
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://sync.ex.co/v1/setuid?bidder=appnexus&gdpr=0&gdpr_consent=&uid=2867029333300452141
x-proxy-origin
45.141.152.75; 45.141.152.75; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
ap.lijit.com/ Frame EAB3 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 New York, United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.ex.co/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Sat, 04 Nov 2023 07:08:24 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
events
collector.ex.co/main/ 		17 B
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector.ex.co/main/events
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.31.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-31-117.compute-1.amazonaws.com
Software
/
Resource Hash
cebe87559cf861d01e9c6b1cefd38ab1db9e13c8fe316b85a296b6cf220f883e

Request headers

Referer
https://www.sonomamag.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 04 Nov 2023 07:08:24 GMT
etag
W/"11-MaL8I3MaqLPWbOrdrabTmSWS9PM"
content-length
17
content-type
application/json; charset=utf-8
player.js
p.channelexco.com/player/ 		25 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.channelexco.com/player/player.js?pv=117.59&p=1069754223&cb=cec2e944-2afa-4f41-b1cf-278d8b357826&d=https%3A%2F%2Fwww.sonomamag.com&schain=1.0%2C1%21playbuzz.com%2C0016M00002HONu5QAH%2C1%2C%2C%2Cwww.sonomamag.com&w=300&h=168.8&asr=1&impDetail=1&auction=1&auctionFast=5&publisherType=publisher&gdpr=-GPV_GDPR-&gdpr_consent=-GPV_GDPR_CONSENT-&us_privacy=-GPV_US_PRIVACY-&rv=true&sid=&sid2=dfp&sid4=3.65.1-e4cd5b7&pub=1&pageLoadUid=c39912ab-7dee-46f3-a5df-e834a57ca496
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/3.65.1-e4cd5b7/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.96.200.17 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
openresty /
Resource Hash
74266e76ba042b42787cb323fa9f437ec7cb4fb8a2b54bfe5a8d303727c4369d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

content-type
application/x-javascript
date
Sat, 04 Nov 2023 07:08:25 GMT
cache-control
no-cache
content-encoding
gzip
server
openresty
vary
Accept-Encoding
expires
Sat, 04 Nov 2023 07:08:24 GMT
d
gpv.ex.co/player/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gpv.ex.co/player/d?v=2&b={%22pageLoadUid%22:%22c39912ab-7dee-46f3-a5df-e834%C4%A37ca496%22,%C4%8Fountry%C4%8D%22DE%C4%B3%22browser%C4%BCch%C5%83me%C5%80os%C4%BCwind%C5%84%C5%91%C4%B4networkI%C4%8C%C4%8E1%C4%AA0160700%C5%80hu%C4%8D%C4%B9ue%C4%B4p%C4%BC1069754223%C5%80%C5%A2%22https://w%C6%8C.sonoma%C6%93g.c%C6%92%C5%80u%C5%86r%C5%A1%C4%BC4ghk%C4%B8euxbg8l584%22}
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/3.65.1-e4cd5b7/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.202.161.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-202-161-16.compute-1.amazonaws.com
Software
/
Resource Hash
28894da63f29cba9596847db6453c4443d79bab5d2931527cdf53260c662c0d3
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:25 GMT
strict-transport-security
max-age=15552000; includeSubDomains
x-content-type-options
nosniff
etag
W/"6a4-95QEPqxVqjnsOKn1l2xi2A"
access-control-max-age
600
access-control-allow-methods
GET, POST, PUT, DELETE, PATCH
content-type
text/plain; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Accept, Authorization, Content-Type
content-length
1700
PugMaster
image6.pubmatic.com/AdServer/ Frame 7F51 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=61646327&p=158554&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=158554&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&predirect=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:25 GMT
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 9BBE
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZUXt6GGdlack8EYiYy27oAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAnwX52iL4Zes25QPb09S5M&google_cver=1
43 B
733 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAnwX52iL4Zes25QPb09S5M&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D&s=190719&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Nov 2023 07:08:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wpid2fpoCEjEBnP331U2ltRSHPeVkPFj7OoDzj7tTHqTAp1mmFa%2FAqEXzXjwFIJXNj51LmQ87ZHCd%2B1WVes3N%2FP7yZYcgxfByQ95uDiyZrl2Jr%2B0Ixiz2pigvfLZ97s5pLGP1oIGtwGTng%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
820b0690bb973642-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 04 Nov 2023 07:08:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEAnwX52iL4Zes25QPb09S5M&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 9BBE
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZUXt6GGdlack8EYiYy27oAAAFIkAAAIB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZUXt6GGdlack8EYiYy27oAAAFIkAAAIB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZUXt6GGdlack8EYiYy27oAAAFIkAAAIB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D&s=190719&C=1
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Pragma
no-cache
Date
Sat, 04 Nov 2023 07:08:25 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
X69N2CDM63YKRERWR138
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Sat, 04 Nov 2023 07:08:25 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
S1MTV0WNCVTEP9RYQZ50
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZUXt6GGdlack8EYiYy27oAAAFIkAAAIB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame 9BBE 		70 B
149 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D&s=190719&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:25 GMT
server
Kestrel
content-length
70
content-type
image/gif
usermatchredir
ssum-sec.casalemedia.com/ Frame 9BBE
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZUXt6GGdlack8EYiYy27oAAAFIkAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEOy54Ok5lFJUhAMScap7dBg&google_cver=1
43 B
731 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEOy54Ok5lFJUhAMScap7dBg&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D&s=190719&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Nov 2023 07:08:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qTOfChtTBvUMKsiQo5DEIYhKCTlD5tpyyoZEiPhNYGUMHO0RCvkmFgLi5n4uy1tRNNcIidsRK41UFMwJDttzAhyNG88%2FiOqlmufybKXbhxcweoNdX3GHyvXW%2FjEAiZExlmkcmu95yD9QKg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
820b0690bb963642-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 04 Nov 2023 07:08:25 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESEOy54Ok5lFJUhAMScap7dBg&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
x.bidswitch.net/ Frame 9BBE 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=index
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D&s=190719&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.28.119.39 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-119-39.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:25 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
crum
dsum.casalemedia.com/ Frame 9BBE
Redirect Chain
  • https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3cIndex_user_id%3e
  • https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=c4721abf-f802-3d34-d094fe31
43 B
725 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=c4721abf-f802-3d34-d094fe31
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D&s=190719&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Nov 2023 07:08:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0pHzOTpy9Q8qXdqgKGJekO%2B%2FkJFs6la0ZAreB1KsmJM6KHQoT6z9dKSkMVBcA9LOpYix034OF%2BL4Uj%2BTrfv6lngaC%2FqJZ5eweXlpp7d4KCD6qJ178djUUJzp2GDhCPaJYTHzk9em"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
820b06914bf33642-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

date
Sat, 04 Nov 2023 07:08:25 GMT
via
1.1 google
server
nginx/1.24.0
p3p
CP='This is not a P3P policy!'
access-control-allow-origin
*
location
https://dsum.casalemedia.com/crum?cm_dsp_id=191&external_user_id=c4721abf-f802-3d34-d094fe31
content-type
text/html; charset=utf-8
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
119
rum
dsum-sec.casalemedia.com/ Frame 9BBE
Redirect Chain
  • https://cms.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=oI6XCPPfxgS7i5pYpo2ODfLawgi7i8cNpo3KG-vk
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=oI6XCPPfxgS7i5pYpo2ODfLawgi7i8cNpo3KG-vk
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D&s=190719&C=1
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Nov 2023 07:08:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kwG701WQxBL97d5gTSccEdQcFgOC5qe%2FapTVnlERbSxJeqJ0A%2BDclQFbiHRnbwpavTkeKY3cVVU91xmatPlJ4vLx9tS1QOQ9vSeBp59sH6kMdCX25lNLRyNGjomMkER6vYwcJDABB059yg%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
820b06909b773642-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 04 Nov 2023 07:08:25 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=oI6XCPPfxgS7i5pYpo2ODfLawgi7i8cNpo3KG-vk
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
rum
dsum.casalemedia.com/ Frame 9BBE
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1699168105
43 B
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1699168105
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D&s=190719&C=1
Protocol
H2
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Nov 2023 07:08:25 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=80s3h1wzx%2FgJCehIabou%2Fak%2FjD5cN%2BnUu%2F33K%2Bl0z5M0VHkcFT7h7XIOxKMD3G16B5VxvpwXWnMpx2p7QHSsNwizEEZz41vcSvQnOCUGgZ39JGH%2BoeIVHG%2BJU%2FgaVb8kKOnFCVq3"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
820b0690ffb491de-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1699168105
pragma
no-cache
date
Sat, 04 Nov 2023 07:08:25 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
setuid
sync.ex.co/v1/ Frame 9BBE 		86 B
385 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.ex.co/v1/setuid?bidder=ix&gdpr=0&gdpr_consent=&uid=ZUXt6GGdlack8EYiYy27oAAA%265257
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26uid%3D&s=190719&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.237.233.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-233-44.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-origin
date
Sat, 04 Nov 2023 07:08:25 GMT
access-control-allow-credentials
true
content-length
86
vary
Origin
content-type
image/png
generic
match.adsrvr.org/track/cmf/ Frame 5960
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?pbs=true
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=c59dec1779daa799bf99ee87c83d0e0&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bu...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=uml2528_7298063333162987273&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
70 B
148 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/pbs-user-sync?id=3684&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dfreewheel%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7Bviewerid%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.stickyadstv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
70
content-type
image/gif
date
Sat, 04 Nov 2023 07:08:25 GMT
server
Kestrel

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Sat, 04 Nov 2023 07:08:25 GMT
Expires
Sat, 04 Nov 2023 07:08:25 GMT
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
nginx
x-sticky-vk
1699081705203039-543
setuid
sync.ex.co/v1/ Frame 3438 		86 B
385 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.ex.co/v1/setuid?bidder=freewheel&gdpr=0&gdpr_consent=&uid=c59dec1779daa799bf99ee87c83d0e0
Requested by
Host: ads.stickyadstv.com
URL: https://ads.stickyadstv.com/pbs-user-sync?id=3684&gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsync.ex.co%2Fv1%2Fsetuid%3Fbidder%3Dfreewheel%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7Bviewerid%7D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.237.233.44 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-237-233-44.compute-1.amazonaws.com
Software
/
Resource Hash
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf

Request headers

Referer
https://ads.stickyadstv.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
content-length
86
content-type
image/png
date
Sat, 04 Nov 2023 07:08:25 GMT
vary
Origin
starti
s-09.channelexco.com/ppx/ 		0
109 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s-09.channelexco.com/ppx/starti?sid=&domain=https%3A%2F%2Fwww.sonomamag.com&se=efc95d42-45c2-4809-97d3-23e2a4997d1f&pv=117.59&dd=www.sonomamag.com&gpvck=v022831802__300x168______DEF__nil__408&sa=shd&s=0.0&p=1069754223&cb=1699081705319
Requested by
Host: www.sonomamag.com
URL: https://www.sonomamag.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.96.200.17 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Nov 2023 07:08:25 GMT
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
server
openresty
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
277 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
20bc54fd9bc30794a4233ed34ce4460e8a8298c5017100f7848c0bcb49b86eec
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.sonomamag.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sonomamag.com
date
Sat, 04 Nov 2023 07:08:24 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
1235.json
id5-sync.com/g/v2/ 		251 B
534 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/1235.json
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
550bd732a44de84afa4849cbcceb5cf8df099db412264a3a485c8ac5da1c1f10
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.sonomamag.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sonomamag.com
date
Sat, 04 Nov 2023 07:08:24 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
sodar
pagead2.googlesyndication.com/getconfig/ 		16 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202310310101&st=env
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
c4bb5b20146a15b4dc100b09133c80afcf7456f5f00d836aa7d2f9d736ccbf56
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:25 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
application/json; charset=UTF-8
access-control-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
12345
x-xss-protection
0
track
dc.services.visualstudio.com/v2/ 		415 B
601 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.106.215 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
feb16b2155b0e928d6b042e2f51bdae41580afd66888402dc1ec151cea6690d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff

Request headers

Referer
https://www.sonomamag.com/
accept-language
de-DE,de;q=0.9
Sdk-Context
appId
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-type
application/json

Response headers

x-ms-session-id
2A586883-7BF1-4AC0-BC75-C3F5F339749E
strict-transport-security
max-age=31536000
date
Sat, 04 Nov 2023 07:08:26 GMT
x-content-type-options
nosniff
access-control-max-age
3600
content-type
application/json; charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Cache-Control, Sdk-Context
content-length
415
track
dc.services.visualstudio.com/v2/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://dc.services.visualstudio.com/v2/track
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.69.106.215 Amsterdam, Netherlands, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,sdk-context
Access-Control-Request-Method
POST
Origin
https://www.sonomamag.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Name, Content-Type, Accept, Sdk-Context
access-control-allow-methods
POST
access-control-allow-origin
*
access-control-max-age
3600
content-length
0
date
Sat, 04 Nov 2023 07:08:26 GMT
x-content-type-options
nosniff
hls.min.js
cdn.ex.co/player/hls/1.4.10/ 		366 KB
109 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ex.co/player/hls/1.4.10/hls.min.js
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/3.65.1-e4cd5b7/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.42.114 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-114.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
e326968c45db7b36ab908ee334082ce785e4643617ba156bd69fea691177cfbe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:25 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
content-length
110810
last-modified
Mon, 23 Oct 2023 11:09:32 GMT
server
AmazonS3
etag
"9b29d1e69151376b53a7de9ef822b11b"
vary
Accept-Encoding
access-control-max-age
86400
access-control-allow-methods
GET,POST
access-control-allow-origin
*
content-type
application/javascript
cache-control
max-age=604800
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Sat, 11 Nov 2023 07:08:25 GMT
ac
www9.smartadserver.com/
Redirect Chain
  • https://www9.smartadserver.com/ac?siteid=215340&pgid=1352541&fmtid=63953&ab=1&tgt=&oc=1&out=vast4&ps=1&pb=0&visit=S&vcn=s&tmstp=1699081705595&pgdomain=https%3A%2F%2Fwww.sonomamag.com&vph=168&vpw=30...
  • https://www9.smartadserver.com/ac?siteid=215340&pgid=1352541&fmtid=63953&ab=1&tgt=&oc=1&out=vast4&ps=1&pb=0&visit=S&vcn=s&tmstp=1699081705595&pgdomain=https%3a%2f%2fwww.sonomamag.com&vph=168&vpw=30...
129 B
529 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www9.smartadserver.com/ac?siteid=215340&pgid=1352541&fmtid=63953&ab=1&tgt=&oc=1&out=vast4&ps=1&pb=0&visit=S&vcn=s&tmstp=1699081705595&pgdomain=https%3a%2f%2fwww.sonomamag.com&vph=168&vpw=300&gdpr_consent=&us_privacy=&schain=1.0%2c1!playbuzz.com%2c0016M00002HONu5QAH%2c1%2c%2c%2cwww.sonomamag.com&gdpr=1&cklb=1
Protocol
HTTP/1.1
Server
217.182.178.224 , France, ASN16276 (OVH, FR),
Reverse DNS
ip224.ip-217-182-178.eu
Software
/
Resource Hash
41d511bcd8511da9cb1f673d030c44fbadb09271c96e4fbb40bfa306572dcca3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Nov 2023 07:08:25 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://www.sonomamag.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true

Redirect headers

pragma
no-cache
date
Sat, 04 Nov 2023 07:08:26 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://www.sonomamag.com
location
https://www9.smartadserver.com/ac?siteid=215340&pgid=1352541&fmtid=63953&ab=1&tgt=&oc=1&out=vast4&ps=1&pb=0&visit=S&vcn=s&tmstp=1699081705595&pgdomain=https%3a%2f%2fwww.sonomamag.com&vph=168&vpw=300&gdpr_consent=&us_privacy=&schain=1.0%2c1!playbuzz.com%2c0016M00002HONu5QAH%2c1%2c%2c%2cwww.sonomamag.com&gdpr=1&cklb=1
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-length
0
rtb_vast_proxy
p.channelexco.com/ 		60 B
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.channelexco.com/rtb_vast_proxy?ap=Q1pQVUg1T25nOUV3XE90P5k27IbCUJIPtcpl9u1mGNHRCpOyyINaQo0C8_6dXTmzVZrAdA8IimmLZ5CyURpLggs5KKE8y1ULZlFGpXC0gOmOreNj3U32fIcS0Wqz3P6YPaB6_aQhcEYS9LV1zhgKxGh4vkEJY1-Cz4YUvWymsYH7aiNBP6FjTSKDNeI357xzuj-D2npLrmPxDbA5VToZ7O8xDbATOk0ztkQtKyJ-I3krMMzAwB6pUPjK4Y7Ass2SiF3e1ZQ2jwPd6PZmNPCb44K2WauBUGPUaZiCVCgxjR-kPTvgexQ9QmLMGVjQ1mg--UIiSEvDoCD_ITkoD-ZAgyQ2YyHI6qTaqce-IpMuCpDIWex9WTRLXXUHdxQbLAV-diA05cuZV30yhY0KQkLdvTxxMHARdZM40IXCn1sFkX6W2DB5VVhhjgePnVwRRWwkJSE4J-xblCr1nbRAPDTvUmgQqKVl0kDwC7u409vymzMblmFmjUeePceZ8mGZXGB5odS-btiicIqVV9sZ5zhgZLa4i1UI-VzJt9g-Ll4Mt0bCCbZicYhw4Lvr5ENs4oR0-hqFehNF5rjA9JCJIBeAu4rjyPpA0CUoZb0ODly_IQJuK9E1FgdkUDaNzG8TrgFURG_aUGnJxqgwy-iWOW9lTK1BK3OUKNvlOtyxoFg69HACqWpDmEU8PiUEin0xQSFu6gLrfXn_DHBCoytIIubcA6SeNzZo3S0TqIOp-w4NFtG1qi_SlO0q5gt_VGp1uLLb2ZoP0kUG1B6aBl-vo-PIH6Z_dZZxs4zej11ZOw1rUDfHdFSRyQ-Kmsguc0AvDP7JxyT8zPMW5mqU6PYIrKEQH4XQCy8Eq7LtKM6UJO8Dn1HHy3RUCOuvIyHx3yXsoPvCFUbxQm1nrfuSlIEBCBL5DnAm6uff5cZSHqwG5D4ccbJ6ZlGsD4UGFHrQjjHPhEaDvVOT6zdbsR3eGEFxnFzfvX-7Djat8kl1KIRg-E97Q67QN8OObDElHbmcJv3jQ1uInFb1T70U9KaVgdOskawQsc1HDkUYqhmgIEQ4jKrx704tGFRa8fVdcn6VjKDrKFspfocDZQTKpaTb8VKQJ0rzR0wdNffQHLRy9dXezJ1elWPtwqNqU9uTRjlmdTF-kn3WcZCQ3CfgW38u5onoAvSmulZvFfkINtzJoZwfg0nb3NNv14STvtywAXu48RaMi1ZBpACVEWQixOWpZMdMMl0lpAZRlpRaKYqV_Uw6caLU5hTYfytsZ8XV3eVXO3jyr5Q1skso79o0DuWc2ZuWboag7tbZ0nT9LZLI_kyPmrfiiKnNelgzXX3BNmRMC9CH90isxZ2NZuuEZD0Ri3FWh5X9mAen70P_u-7zqqnYJUUHojmmpxtWV2uCUT4yzZMoVCUckTA0lr4g0cWuaRsGNIPYFTFzPwItTHSyUL1DTiCa2LtdVfHKtxCBvK7NGW4waSaHmLmWdXedMS4VcWsEzMwWZJ9ojKbIiLNcsPquywGy5DmQbqN6kCDd-nZuaUZmxYkSVegfem7RbDB4ZV1LFdTkG28V_Kggdo-ve4cSLDMs8EkVmbLodi0-35r4p_eWjOib6btWLeHCNpfyvbUP9csD7WCbXuXLoX29x2JDbtngdDJhIJd08FiIuIjIHF2yksKnPNvwboZB4dLk3jhYyC8gylYcgJMCupQEXscnPS1E9AfrUJaB58unqz9mulhNM1wEU0K8uTIvKflllh8GLR3doOyrdAguIDQ09Bwx7gT02vnygG_I31wBbnYJD5hg-mp3I9ZABynkCIjCdwK_5XxbBjEy5wOr3rytGVH1EhtGjfUSvdTV4acrsVAwPANA9Cj-3XqA70diz_m0zXavC492Fhi9t6HoCJeD5-PXZv8wjleFZXm5vxGu56FuNkTHb_-pfEnSX8TkWVtvKGFlG4c7g3nseSyorY5SotL8tKb5WzXTltoXl6zbRj4jmCcD9yc9Ws-UQZ9SABOURqghlAuU5VHaUUsYnT3abBz9RtLokBzG6-EAZgtREsClQY7yRoo3qE-dVvag5ha2-KnOtqN-7bVemiNltHHQCp6cM5gh7FCyaZf3qxPW_8LoZEgMViie46TcmeCHj591lAmvh8QwOBuy0XcFdKXg0GaywaQTrUMQMEFZG7FAm7WnMdrJSPD1Ugkf1KCuN-aiAsEtbVhzQaargIoQJQpwFrCVOdVqNipCajdZP8xuuaeedYlymTwKg0eBvmrUreea_BcsPHPocC68AgNdutDvXxDb2Rthpr3tYFuspSGI1HnX6RhpfUIL9qAnacLtaUipQaRr_6idK64oBaivmhsgp3F7RgDapcmAuw4zQ5024_HzFKA9rR7BghMO8SCltSb3pj5jTRq1bje4HsCvp35yeGkTaCK5HITZs03YPOsVbpQ7LK5tq3NXQB859wNpATOfPLBr2FbRmrykNUxfkKzSd0_FI0OmD9YgEQ-T3IV2f6Tmk1iCnS5e7NaXBXpjWTIyNxkMu-ox_t1CDGMBVSqFAlsqbd44uz4ZZ3QjHUgKilNFa4qZS28QtCdTxtxK7DEzG0mK-9RXzS2RHp7EPVJ9PoDEPBJXnz9VXS4tFK6q-9VzRTOXRzJFGbVKW5G5WkbPhajBLWgdZvZqu6zWZe0_SbbTSGvNYdHwOaS62JapmV2j6Lwjjr70OGZtPPCECOYXe0ZIXdUWACemsxhN9iSenzwV7Y8WTf8zte330OELWM2aCFYuyBTYQbxIAGtBXriCB9VBGAn5JA%7E%7E&ap_size=2776&nfcpm=0.8&placement=3&plcmt=2&skip=1&skipafter=5
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.96.200.17 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
openresty /
Resource Hash
696ee2ff10f4d06272e23a40622ce122854f2f6bf39a7166179b79b78cdf9285

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Nov 2023 07:08:25 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/xml;charset=UTF-8
access-control-allow-origin
https://www.sonomamag.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
0
rtb_vast_proxy
p.channelexco.com/ 		60 B
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.channelexco.com/rtb_vast_proxy?ap=XEt3c0E9SFRCPzNsbSRkJ0O6_wOshCrXt3uD98N-rc3S0IK3eD6C6t3iABwdobfd-zDgMDd6qIy6wW-9KlRdlv7IqHsuAypdoVEh5MuB6T_H7mW6H4fGGAJjaW_jFQcEh_-MAhaLkAND0wCtDR_RJ9m-U_gMOTLVX7ZXdQ__1wSnwwE4jafir_VAbf6X4k3x8lbGfa7U2k_81a0pu3IPaZO2jj3Gzd8eeT_XT0fO_AHB3hBdNPXtB0wfl0y0xvnd_3DbECCS6IlxJC-8RL2h1jc5e1zLOn793Ep7wQkkMiQCDHiBD2C4aEx82KeW3c228eHaUQ1CfH1deSgxKkSl9Z0bHHI8oiaAf_yPf1RbHw-BQzf5HJRKb_VDue7Z08jXtBstFO3--ZCiXyLYQFzCF4B40a5SjBZlpZRHZ9s-uKgaVPSLrhJbi3qPU9_tW-9qjrKI8oqXszKxWxgUJeSdjcSxu9ZqVV9Gnj4DOuINfADxJaviQvoYw042sGkI8u4hom_qAdfeNZo_TLgusIyTRblCrHQ95Zup3Zkbbuc4x2g1HKk7H8xWtQeUWnaESuAKXMOA8k-f8kLcyZju2sJ5WNcJWlZUAIzd9Kj3EnloRClGsXumnxpJ7LG1-nGCcw5l4kR4JcXREOctagsvhB4QW0AaU4v3qPv5TLNEdS-hNL-mX6RHKQ2gZUnaXmvnjtjjOWb33hxlrtIq3EYyMB9Wxzo9afxSeWmdg17fbNvcis18Z2YrtPjdGiXIYJctwjiX2XgIeuMzLJ_m7ZpYI1rLsmRo8RGqcbnfMtJnnQ2mhNumRbEEx9C7okIwmV5AUiKKJWWP1idxtwvtaIslSChMVyC_yR28onLWGQYMWDP-ytC8W0bp4EkC0zNTfGdfxnMJrsjrXlNadqagDw8lFCr-1kFYd292UC47lwDKNha9FphzQFS4ORmHx2CvbM9aWzNBOtZrE6k-jiFINDX4oiWmG1Y29Ihrq9c_iY4ZhXQg3kijJYPC6a32FsS2i81ifVU3d08Dbh_k1yO8-pzyzpopjV5ck17ilGvx0cpDX7XcdpzownzfHr5Fdyop87fDoHOi5w0metu72tT1DQvd8F-cAjw2WBBiE8D_rbLVlFI1NtiKdrRX16Kb90jcJwTGa0w8uTMokG0sQ5khzlboLSbjrrnaznIBVkMdktFMeZcTrXkXmnUoobs4rHr3GMCl9hrBsLWDtqZ7PEkqLF6TejLADiS4tKj-hoeEWZIIHOU7srXo-S2y5ombIovMRn0zzyiavJmUnXyesUmoJjF7p4pefV9TEl2_YvA5TIEDnAZuIsWq6ziTndKr45mnxUg1vCk4CxMyOxWsjPpjyjqDQrtK5n51tUDbuiNUi5OpOfwokShd63o7qFQ67tK_5MQneGpjDvZHrVW0k2dI3Xa7_Hxar92rIaRxJGeV_jM7t-14F-1L9pGb6aLh1L_9d6X5bLRG4XYwRG_4EtjKh40OtOzynHt7ZflxqJ4oAYS7r8F9tpEU_g_hCAhaUJg6sWF-lXZCTDliBb_etmjTalLIThmTtP5wcfGhoKcYscQAHO-WHYJhG7taog3zLlLa2YdtAgweoM3fM240kZWclefIUBA9NX3dJE6zKGycARdZQna5McZqsGG6jKU48YoK8Gf7SeApocIF6ACMgAwBWY0T8wjySHvgWkj84rIHWtfAqIxpnDA5xIXoAhLjyyp67gGJRJujMRfXA1FDlSGHYP00hRswxd8fJSE4ExarFGmzoJi0fno5r_Uln0Rb2DcM3ZsCq4vIZHh-Hjn6QVsk_jvcsupQPlOX8uIYomPCZU2XuslXX3GVMzoWo45xxqDK8wRDhR5SQIRQ6Juh7hkzGlG9kCpj32NpTJo4yuI5BzwzXEqZ3C3wSiG9SClBxYMEYLFYhEnOlm0s487LpesnX1xHE7XOstHu9FQ4_UCLSnR-bLdsG8zJRnVo_DgDQMpUEFCx25fN5kV-qIefWjesdhs6Zh_P_bZ4H_s5E89YZ8J7-xf_OXFP5yEqP_1i1tmRHkdvjGgV-XS0NG5XX6ORj_ufp-nOU-MXTz9d6gj3bLJdhhc11xeD0qsJKGd_L21WNtE-so4gkoiNZ9R0XoQk_B7qA5LRrGXFxfQaZWp8eygnEjMnJAJOhffqAIOhs9QM1stwiCQIymvKb-mdqsQKr6CPsVY439LIrvSO9SA-iPspV1Pq5eszD7ic1W_YuYYHOe1VXlpGEhMutHnAilqXvJBEpENd_x8Yh290DmBeC2cIZm0hlJ7dWXaV_tEDXEJJaeLSHtARtyo3czXVECYq_kMOUQPTIopvEjWBrmMDa4oqEvL8owzm6moaZxuxrH-EqIUPoWx7XNar75CcdCjHNotjnKUcTelkoU4oQVFZXWanGhyZ5DN95rFsCi5Myw2kXzfOAejuTMaEvCIDDEcL-bSNoQOzO5DmsOQ-FE-R_WWIa6JSvBNbrUxn8mmjlRVa6Oi2Mr1QjfciCCbJM9lM69ZMXKoW8bOUiYx75P53UijSLAgD98cxvrCir0gUfwpVkQhW353NPBUxBs1vUwd4B_-p0np0xLai4_MNZbH3xQ9DwMYxtar3Dmp5g8NTGrjMgXqS1GSzhIgRLbDg8clH1pP31X4T93VuwjFQrhhm07bikzlT7eYeTqqyy9UDq308sbILsBwWvjt2WZcq9Y9EmsyyJU9S_4F3V5ynptnKpa4YykAuj6E-tkqyQqxIKHT4QQ2Y71A1xaUUWAdJpt7FqAZJIPVOnCSK8QVpV82LX4tp6sf_oIy7isjJx6Y9sO7bEx78eJz-&ap_size=2816&nfcpm=0.8&placement=3&plcmt=2&skip=1&skipafter=5
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.96.200.17 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
openresty /
Resource Hash
696ee2ff10f4d06272e23a40622ce122854f2f6bf39a7166179b79b78cdf9285

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Nov 2023 07:08:25 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/xml;charset=UTF-8
access-control-allow-origin
https://www.sonomamag.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
0
rtb_vast_proxy
p.channelexco.com/ 		60 B
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.channelexco.com/rtb_vast_proxy?ap=azZeUSEwLzFfYSVkUWN3YrhM_kPkH1pK0aZdxbQhgWgLzLEPSIfrSP8cw3tOM3o3CDIRQaGUGaSnfhpczqN7TfSbwsHzgs1hITeBep72BCfJqdw9Cnm3cOqYwCy4UtPasSt3sHNVQps0N3wMSFDTxutkc3OH6LM1Fy4l14MPqOgtS8pecPkBMMYbzz9M43D1_VdD1AhPzReZohNWpMypLBDmxcZkXnRIkA_D2CGbR9WpS41iDJpi7U2OKGowHWgFXb2wn5vlwpPXpNAE8lDzvevfeizO5nNHpkaEXvVDbbf3HCrgOtLg3HU1eBMP79oAIXxklSkTRk0vbEIEJeoKGQWIzvNYUJkUY9rqsy0Ney7SVs3HQ8b8ztYmCcaJYgYsGEGxU0gNoesGF1rYnpLBwAsgQH1iYjXF-Z6tjSVhZrG6j8CzgupIJAzu9ZEFjtXewG0b76jEKXes2hxQPM6H-6K8LaRfeqbeP8hNEXYlJj9-Ez7HX4iuhy_pqOrTRIyWosqBIMXXwmwJQyCRPV8u_553RFs1vxYY8Wfa8ChDr-NOoUIVoedete5qxACoxnvp_KE9E_suKCTM_ibBzFzHhSu7RqiOXsM1Er-OGT1WSVws9GDtdAu2-Ha_dr_TaGxVLVoQCj6j_Z5B2ge5QpziswEPbef66ahrUVcizwtdXPKXBPedm6G0thNpZR5G51PUGOuVQAkwqCuTADqwKph-GIJsX4iwcZTA9tmb1R4WBjPqPuZ9cgY0voDlShRui6BGMHog02cvV51vs3T6r5rWrmafa4HbIrqIOhNXxUMjCZ9rwkJ2F-C5-JK-vorpkvbMTW_sHyup-zXQdYuEktGIbCyzmenbj-EsYhdldgrtMobT8n3aHV6hfSgHHtgXAAsmFtYJr-41FfYtHjnks4hT6y9zwlKFApm5JSnMrpjytQ7FgFSR0UloI2iE3-MyuGF9mDDyu4T_7Kj304ppYmCMJawEfsNP5hC3yXzNVrnapsWat5rsW8l_5VbRyyjduMmfYYytFtov1U8wGM5Aj5-Ef8m9EJkdqIRldUjO49E0xQ6ferLy6fB1iBjDnoURMk-ILFE-ygqGKEQqBQVwYX7GlOLxGRdIeBWjjOGCGoFSMaKl6Y6QhmN4ZGrLjcWOunSCiW_u0wn4u0Nx4GAZU3BKfEIgmK01_4Trz6ugZzmL75ICuSlkKL8UD9bCvraGxLYUwEg5B79SJREpVczjke2mpAsMuWMzKXZWckCTQGBjCRmQnYBfxxdNsBYdEssWHXM7gheiL1-PrY70nSSCBCzdCSd0VXS9_WyXc-BqXHbCQgOjETuSzhVyHfp_2ftCxkgC_nwJB8ftahIIsK9OGywpxJAyGhfulMtHW1d6jHQTUnHQI5nxiEBPZVri-cqlRUb9Y-3sjKvtZLsvIyb4piKRETnj4S3F46G5i9UX1VNgQpOF6THO1WSuXiY0XtXi4hBoD2trqMsqSKTiKnyl-rznoE3lGF-YCn-C5HdqvD1rk8tQKsB4ALx3yNa7udVdvU_en8SP8_DXJJ_FUzrTgHuu4JdxdZqepBok0d8Zl_TsIYbLRx485fomsftZ30299-1ONQzNM6Q2N_LrLABLGolwg9B7Owba003vxv9lxk5_JIbDMNArzLyFwLLW0HxeNVLXB1-Wrz_0eKkl_30F1hl7MMu3CgIdSs4jnXOZsONPJc-eAT03egeDZOZSnooKuUZlH7JRn5axp0go1ROfw65Lzo7Gr3U0hi5NyFBPHlBqq1vqwKKFXPW6Rc354vc_EBHkv4sG8B9L0NrVK30QHVnGLca4HyvbBdi1pdSCC655ibH3t1XPDAvgbQgtMT5MzfHk-2eHBqTz0TujED4EUXNJ5NpFGEAja1DfawIcrQwlvfcfWizrddJAie3PFWSHIPsmSGx9LyxTmJzu9AYrhCoLnA8VJUu6fs-xKQLUJok3blrX6rw0sv5B2EAOpY5wNMmfasHigT3WlqIhd_inj5gTc1rGm9O84KPT9CmNLal3KbsmxR7Q840h2MLWjeyLlaIJw0LQ7yVrSPRbDQCJOeOytK9hyjhQWknxNFgRHoiOacWbRSKk9_cXoqGS0mQvpJ32t1m4_nKQS5Nupjf6VEhLkeTkMgtlTwuEZJZ2TNoF2OPBhI5G6tQY7_2URo0sEOYOaZArAmDmT6fNKIqNy5KGWrkSUrji6l9O9GvCpboUD0oWyfJneloIzoO-WdXr2gJfg_DayoTN2bClJ-bBf2mmM7On2DSroDNVHIM782XOluSm5BfgoIihw0J-F-FAPtZjBJyn1JoPhF0T9DrJnDh6J7sbieUpQSJFHn0eSAZkzSEDPr-9TJ1W0o6Z14qIhlkgcu32n3Op932atOL2INV4w5FWW_XsW2ZCivfvfuBAOvoChJDVTSarbzMqC9Cgi0CieRxmdydGU8fIXHElyitFmOFHzvQwNoR5v84YSylicWQDKo2HQmH95dWlv-NTnqbqWQGRsCOnJ_C0cEQnRzQFlUvuQnWEJUL056I2XJrVA1_TF_IOo-F5iEaum68etxAzwyAe_ZEFsY6vnM23BU8QFl9rKExx02sSbPJmSkfdRbqaHgyOxlG-zzQrxDD2GJEuzGrVsL0RNkjHccoaIm1sBaweOT12oZUdJF6hSdR2AiWqdmvN4B7ADyf1YLED-KfKNUimIx1diYzCnpKuuxvc348TBaXTXInb4JOzlVd4rYwI1lZqmFSrjLBc54rNCE384eS0ggOAusXkGXo9Fs1aj_E7zzftS4ZIll_eZcueO2yQt-HPHSFbxahMtWECTLTf&ap_size=2816&nfcpm=0.8&placement=3&plcmt=2&skip=1&skipafter=5
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.96.200.17 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
openresty /
Resource Hash
696ee2ff10f4d06272e23a40622ce122854f2f6bf39a7166179b79b78cdf9285

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Nov 2023 07:08:25 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/xml;charset=UTF-8
access-control-allow-origin
https://www.sonomamag.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
0
rtb_vast_proxy
p.channelexco.com/ 		60 B
438 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://p.channelexco.com/rtb_vast_proxy?ap=UVFAUnBhdF4gJHdLdFktcRj6N-xxe-jdUsuKzx4CK8mKwtb3p-asWrCaN6q_NVR95REqu004-O1JxG486mMAPVfE9PJcUd6m_W696VN7g_lK-Ang9tGm0wr50YJgjH9CNle9AN63tFwpRapjjv-HWaNOOGPd5wHU_pa1Ai_dVTavVXx15cYdOhBoOAwEvt9_C4Rzf9O9usvImzTGGwGLIDHRbQEJ19K-vJyD4hmAZv4oLFas2Za2VWrp9aA5nfIEGY9k1ZbgDo5wVk36D1f32EdrsT3fk_WRtD-df0Ubkm1G0jkY965BvUyayNUO9JUXpowZ2c0fOAKA5fzIobP0F-VhQ_0WsPVFOxcg-TZ632m23TSySUO4nRAUO9urV8vM63bMpcUxbNeE8b3ntMd7f-4mSKbBm36nt-mIL9V_Pc5HLUuEdjAM0JsQSboPJxhnOKxBNbwaeQfLZNOmnTHoh_wgdr7OLRh1wNy6AgkQgcl65wIlvcZAJhS0ghbSTz8cU-9rnpEmeYCc_qOuITPcw0jadJL1GqDd6F6YjEecBosh2LxYAFBD3fCICq-0KQChVv-3i1h1nUq3KIsYajRcHk776dRSzuiQPKAXZazrTPxHYaLmwpLLn69sAJnWUuo4fBXgXC8v2OA-rZXe52y-Q2V70_Wm-qX-X_Ia78Jn73tv7cvy-CvTXNwsbIgHzElROAsk9-xm3Comc8eIWRMGISflqIXRdqosQpkIVjTLBc4HCw0g0eUf4DYMLtkjTc5ZIeBNOjt_uKQUc8DL-nllmz5vALDz3-C4dJOEUFZNqUMLyzgubpMfSbPX695UBtdjexehlik4XwUOrnYwBdEsMbjTYc7lGpwsfEb_oItLURRRuuZ6V4E3-iHnlAe4rZSCHr2jI6kXLFzP3ZN8c_vJYhs-EtI_dPSGcx8SDf0hQ-BzC_tvzw3z7RHzE95dc_F3l0x7OOlIS1MDSHGY0ZkKYvm7gdccnKYoyV6jbHIWcSpPZUV3H1arrjXiEalInA0h8b4eJe4HrXeGrepnvFP4BIih5gw1rJa8iToObtCtRgVfdji5mkJxbd-cZCSWGrwAi2raaTMVgBdxbEzBGIiV1ph4sa0EWtpig25jfjDYHji3rB6YXFsr9bpSxkkXDZzjaPETfrOr9p7vjXnrpHEfDsPAW63mGh7FxVRJNxYV-nlT7UiUGFQbI-WHHa15QWRPlogKnDyoNk487LfblrD5StCPiW08WFukDl2EDwcuf9gAeq3dQchYPNe12dl1I8qDvuqBhEJXGpz19K6BuqeRuhkBNFLP-UUM7SvI4hpnEiWXBvQ1LLdSj6vs4JNnysoaVfbBzHxcnUnafLGZbCOF4FAzMwb9R0o2nFkKCHsocbE0XxzQxavQRHIJt-UAgd09DxCuLHV8gOuUPpSQFNmr5C28RiM9RI4bNaYsKlknr-6FBzX0DELmOxsK-riYt-5RmR9nATquL4baewLLhaJY2-lc_4S14jkkM_iXnatY41yrjB1aIJAmOHIsWPMPQuuUJVxHUtwoinwJGLWgvj1hQkwS5ZeiNiJQO3oaDAhsHu64HKo-r3RCxC-SA4Yqz4tpYR_lVD7a5uygROZ8qMQmWvv52d0CijUlGcZ_ATBFKQip0aSjjwlvrlCWBa4eXFebNwp2m2-cLrWuV02kuHHbHfSYf6ko5YW-mshBCYVFbTjVfqQ1WyjRs5D6nPqoQDR7AUF7E1PHty674-iOBMp3-ThS41WHzv3IltlwzegabpzTi9SrXvFNcrsOd32cWvswgm04Bze3DSSakl8arJ7Z6oDSN6C07AdNgQerujqml8jZxEgPro-g_iVUrxzoPbDind3rJGMvKmb1qm-18QJPil4K-bwdyHz2U0SSX8Ndv1CB6vGrN4Ls0RtzV5iiameuixTzgoams_2o8Nk9kYgxkXkqd-Rm6MNvv0TPoyNMglUos0c4g8XPWhCKMl1zkl5w9pQ1poqgYDkRF7XXfYzcedw_80hPFfhN9ZZ9pLY9trKXjK9OtAU0u0MKkY5qake3O7qNkPgBOmldZ6KEfG_ESDKp-WVzz_ft2KeDGgChUimD8ueWwq0E3_wXyEDcpKvdxhk9RwU3ox0US4G663AsxHJ8Rrv7pJWVC4dE6DBBDTa8jcWYQzsEOM9Ykz9ehPhEo7yCmqDrANTlp-bJASHjhE7uYKSHKXaKtxrRnsMvHP67K5AfB9am3RdvWvxM5z3EezFRscuJvjXUJY_DeYFOu9t-NmDfoUHpyex8N_93iBDeei0qkE4Rp5J9mHAAJUigp0ZOA6ffBSnpju9EPayWReS5moVWI2SgR6c8CviGGcH9iuMmYDEKo9RWZSE-T72BMOhfDcVbczLrIJdtN1Oa73v2r1x2ZXHP1x4svX5xOJmPeSqswYJEjZC_TWfQMOA5L3dLgLqzx7IDW8SgLgBW0xDZxpFwdZOmzSXhXkod9dOnx0j7CrQEXjORQWfmKQ5THCBqW53UZTJElxpbYSqaQkEiY62a8mp52B_xTr-P7rVigmzxAvveUyny3HWLamW2cqR06ogHeFzlQsZ1uOuiquH6sFMMfGaLkSpJqekR3frV6-zyumTYt1OMt0zFut29uJI5kjSZSZNDvoyMXK2XPqAzs2k5oXEBwQc_HTVCfhZK_QHsUTQsBRHxPu3F-oSx7fj3WdO-5g_BjD11SP9YcABSh8KvypDEGkBtiOPh2khS9zHzz0nRidPJEMBoPk_ZTQu-SPCGVHR5F3Jmr0fVnQpWfdiviPf2TQtSHt_yms-tqK0fJlKXvbqdsS5kIZZk&ap_size=2816&nfcpm=0.8&placement=3&plcmt=2&skip=1&skipafter=5
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
192.96.200.17 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
openresty /
Resource Hash
696ee2ff10f4d06272e23a40622ce122854f2f6bf39a7166179b79b78cdf9285

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Nov 2023 07:08:25 GMT
content-encoding
gzip
server
openresty
vary
Accept-Encoding
access-control-allow-methods
GET, POST
content-type
text/xml;charset=UTF-8
access-control-allow-origin
https://www.sonomamag.com
cache-control
no-store, no-cache, must-revalidate, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
expires
0
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.sonomamag.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Mon, 30 Oct 2023 23:02:07 GMT
x-content-type-options
nosniff
age
374778
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Tue, 29 Oct 2024 23:02:07 GMT
landscape781bc3cc-139e-42c2-b5b0-c873ec5e240e.webp
mcd.ex.co/video/upload/w_295,so_4/v1490095101/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mcd.ex.co/video/upload/w_295,so_4/v1490095101/landscape781bc3cc-139e-42c2-b5b0-c873ec5e240e.webp
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.53.42.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-130.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
add4400980125165d8125294944eb910e951f05af198801665a1e7d2c0bd576c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Sat, 04 Nov 2023 07:08:25 GMT
Cache-Tag
494320572674794536297121460370749692436,266460673134253583867341487109298160643,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Disposition
inline; filename="landscape781bc3cc-139e-42c2-b5b0-c873ec5e240e.webp"
Connection
keep-alive
Content-Length
6988
X-Served-By
cache-lga21973-LGA
Last-Modified
Sat, 04 Nov 2023 00:34:47 GMT
Server
cloudinary
Surrogate-Reporting
width=295,height=165,bytes=6988,owidth=1280,oheight=718,obytes=72585
X-Timer
S1699059397.309782,VS0,VE3
ETag
"18b2a7d1351d741826d468cd26e1b0cb"
Content-Type
image/webp
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31535260
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
expb.js
cdn.ex.co/prebid/production/release/1.9.0/latest/ Frame B4E2 		551 KB
183 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ex.co/prebid/production/release/1.9.0/latest/expb.js
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/3.65.1-e4cd5b7/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.42.114 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-114.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
afdaf4fc3a8230cf1dd665db50b472d7cf1c8aa134b9aeedb7df883bd24fbaab

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:25 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
content-length
186719
last-modified
Thu, 19 Oct 2023 12:40:28 GMT
server
AmazonS3
etag
"e43f12f66d20c421ebc97141a2513430"
vary
Accept-Encoding
access-control-max-age
86400
access-control-allow-methods
GET,POST
access-control-allow-origin
*
content-type
application/javascript
cache-control
must-revalidate, proxy-revalidate, max-age=604800, s-maxage=31536000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Sat, 11 Nov 2023 07:08:25 GMT
af3de389-ce21-4c39-9d15-9c73d61f8f58_null__1676049151929.png
cdn.ex.co/logos/ 		9 KB
9 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.ex.co/logos/af3de389-ce21-4c39-9d15-9c73d61f8f58_null__1676049151929.png
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.53.42.114 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-114.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
3902e82a1c05acc3f757c81957d7428f06d9828eb538403bd998370c0ce3408d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:25 GMT
content-encoding
gzip
x-amz-server-side-encryption
AES256
content-length
8800
last-modified
Fri, 10 Feb 2023 17:12:32 GMT
server
AmazonS3
etag
"1d344032f370e9b9de031d69705ec195"
vary
Accept-Encoding
access-control-max-age
86400
content-type
application/octet-stream
access-control-allow-origin
*
access-control-allow-methods
GET,POST
cache-control
max-age=31536000
access-control-allow-credentials
false
accept-ranges
bytes
access-control-allow-headers
*
expires
Sun, 03 Nov 2024 07:08:25 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202310310101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Sat, 04 Nov 2023 07:08:25 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F216 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sonomamag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
62905
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
5046
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy
cross-origin
date
Fri, 03 Nov 2023 13:40:00 GMT
expires
Sat, 02 Nov 2024 13:40:00 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
aframe
www.google.com/recaptcha/api2/ Frame 2887 		829 B
559 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
aed12eff7e7796c182fc14917b37963f5f5b8fabfb5985a13acebaa5de83407a
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-dgr43RUpqDFFeeefdzXy9g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.sonomamag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private, max-age=300
content-encoding
gzip
content-security-policy
script-src 'report-sample' 'nonce-dgr43RUpqDFFeeefdzXy9g' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Sat, 04 Nov 2023 07:08:25 GMT
expires
Sat, 04 Nov 2023 07:08:25 GMT
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server
GSE
x-content-type-options
nosniff
x-xss-protection
1; mode=block
landscape781bc3cc-139e-42c2-b5b0-c873ec5e240e.m3u8
mcd.ex.co/video/upload/sp_hd/v1490095101/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/sp_hd/v1490095101/landscape781bc3cc-139e-42c2-b5b0-c873ec5e240e.m3u8
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.53.42.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-130.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
0c3a7498bba9b829748ae8fa69997d25819a9af6f02ee4c3e4bf1e9062e11e6b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Sat, 04 Nov 2023 07:08:25 GMT
Cache-Tag
494320572674794536297121460370749692436,394554537382471183304184472313687845759,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Connection
keep-alive
Content-Length
1057
X-Served-By
cache-lga21973-LGA
Last-Modified
Sat, 04 Nov 2023 00:34:54 GMT
Server
cloudinary
X-Timer
S1699059402.936389,VS0,VE2
ETag
"7cde617e2815d42f83d3ee61a476c00f"
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31535258
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
landscape781bc3cc-139e-42c2-b5b0-c873ec5e240e.m3u8
mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1699058076/ 		398 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1699058076/landscape781bc3cc-139e-42c2-b5b0-c873ec5e240e.m3u8
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.53.42.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-130.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
f194cfb91c435caaf3f7a12f8c08d7a7c8c4755dbe7787f8342fc278e206b0b1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Sat, 04 Nov 2023 07:08:25 GMT
Cache-Tag
494320572674794536297121460370749692436,484104238383510269782950376486441993307,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Connection
keep-alive
Content-Length
398
X-Served-By
cache-lga21973-LGA
Last-Modified
Sat, 04 Nov 2023 00:34:41 GMT
Server
cloudinary
X-Timer
S1699059410.929906,VS0,VE182
ETag
"517516864c1869501fff3a79bfe0b8e8"
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31535342
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
0
sodar
pagead2.googlesyndication.com/pagead/ Frame 2887 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202310310101&jk=626507463571779&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers
4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
pagead2.googlesyndication.com/bg/ Frame F216 		38 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/4WwaGfWzeDAeGvs0ZrtmWMJUG7fu6zGPBJzQt4duOkA.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Fri, 03 Nov 2023 13:40:01 GMT
content-encoding
br
x-content-type-options
nosniff
age
62905
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15096
x-xss-protection
0
last-modified
Tue, 31 Oct 2023 13:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 02 Nov 2024 13:40:01 GMT
events
e.channelexco.com/ 		0
247 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://e.channelexco.com/events
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/3.65.1-e4cd5b7/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.19.226.132 New York, United States, ASN396362 (LEASEWEB-USA-NYC, US),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sonomamag.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 04 Nov 2023 07:08:26 GMT
access-control-request-method
GET, POST
server
openresty
access-control-allow-methods
GET, POST
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
*
landscape781bc3cc-139e-42c2-b5b0-c873ec5e240e.ts
mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1699058076/ 		86 KB
87 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_320,h_240,vc_h264:baseline:3.0,br_192k/v1699058076/landscape781bc3cc-139e-42c2-b5b0-c873ec5e240e.ts
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.53.42.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-130.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
a4d505270310483ef128eeb6da36a78f853e7bd80f23934c00ec550f240892dd

Request headers

Referer
https://www.sonomamag.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Range
bytes=0-88359

Response headers

Date
Sat, 04 Nov 2023 07:08:26 GMT
Cache-Tag
494320572674794536297121460370749692436,484104238383510269782950376486441993307,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 0-88359/217328
Connection
keep-alive
Content-Length
88360
X-Served-By
cache-iad-kiad7000052-IAD
Last-Modified
Sat, 04 Nov 2023 00:34:40 GMT
Server
cloudinary
Surrogate-Reporting
width=320,height=180,abps=21467,fps=24.917,du=10.124,vc="h264",bytes=217328,owidth=1280,oheight=720,oabps=72103,ofps=24.9,odu=10.0,ovc="h264",obytes=721027,oformat="mp4",abr="c"
X-Timer
S1699058506.101475,VS0,VE1
ETag
"f63ca672b87648e9103532dccfbed671"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31534281
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
landscape781bc3cc-139e-42c2-b5b0-c873ec5e240e.m3u8
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1699058076/ 		401 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1699058076/landscape781bc3cc-139e-42c2-b5b0-c873ec5e240e.m3u8
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.53.42.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-130.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
070802044313bf1c3632ff4006fc069e141b75200f324cf289f56b8aa634fe55

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Sat, 04 Nov 2023 07:08:26 GMT
Cache-Tag
494320572674794536297121460370749692436,242129432464203716531710096271398543033,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Connection
keep-alive
Content-Length
401
X-Served-By
cache-iad-kiad7000052-IAD
Last-Modified
Sat, 04 Nov 2023 00:34:45 GMT
Server
cloudinary
X-Timer
S1699058507.071355,VS0,VE3
ETag
"3f25e8809b4050873ea84ff743ec1412"
Content-Type
application/x-mpegURL
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31534256
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
landscape781bc3cc-139e-42c2-b5b0-c873ec5e240e.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1699058076/ 		166 KB
167 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1699058076/landscape781bc3cc-139e-42c2-b5b0-c873ec5e240e.ts
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.53.42.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-130.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
ab7202afb005a049d338a5966222e11485955f144d8ffcc237ed46a73c57888e

Request headers

Referer
https://www.sonomamag.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Range
bytes=0-169763

Response headers

Date
Sat, 04 Nov 2023 07:08:26 GMT
Cache-Tag
494320572674794536297121460370749692436,242129432464203716531710096271398543033,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 0-169763/426384
Connection
keep-alive
Content-Length
169764
X-Served-By
cache-iad-kiad7000052-IAD
Last-Modified
Sat, 04 Nov 2023 00:34:45 GMT
Server
cloudinary
Surrogate-Reporting
width=640,height=360,abps=42117,fps=24.917,du=10.124,vc="h264",bytes=426384,owidth=1280,oheight=720,oabps=72103,ofps=24.9,odu=10.0,ovc="h264",obytes=721027,oformat="mp4",abr="c"
X-Timer
S1699058507.231099,VS0,VE1
ETag
"4d0f6e6ad9a07affe0a8edcb8c3b70df"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31534356
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
generate_204
tpc.googlesyndication.com/ Frame F216 		0
10 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?uBuc4Q
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:26 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
0553ba64-dd9e-4297-9878-e17a0b9de7ca
https://www.sonomamag.com/ 		366 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.sonomamag.com/0553ba64-dd9e-4297-9878-e17a0b9de7ca
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
53d8eef3539a9d91d12716c42ec389d935f989ab2c3be9ac00b81e99b799722d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Content-Length
374783
Content-Type
text/javascript
shim.gif
creatives.sascdn.com/ 		43 B
388 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://creatives.sascdn.com/shim.gif
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:780::210:ca73 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Sat, 04 Nov 2023 07:08:27 GMT
Last-Modified
Fri, 17 Aug 2018 12:23:00 GMT
Server
AkamaiNetStorage
ETag
"221d8352905f2c38b3cb2bd191d630b0:1534508580"
Content-Type
image/gif
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
43
Expires
Sun, 03 Nov 2024 07:08:27 GMT
landscape781bc3cc-139e-42c2-b5b0-c873ec5e240e.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1699058076/ 		164 KB
165 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1699058076/landscape781bc3cc-139e-42c2-b5b0-c873ec5e240e.ts
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.53.42.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-130.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
7884ed3ee110f0ed96f4fd84f487ffdfbd952aca0937766932b053eb1f09b79d

Request headers

Referer
https://www.sonomamag.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Range
bytes=169764-337459

Response headers

Date
Sat, 04 Nov 2023 07:08:26 GMT
Cache-Tag
494320572674794536297121460370749692436,242129432464203716531710096271398543033,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 169764-337459/426384
Connection
keep-alive
Content-Length
167696
X-Served-By
cache-iad-kiad7000052-IAD
Last-Modified
Sat, 04 Nov 2023 00:34:45 GMT
Server
cloudinary
Surrogate-Reporting
width=640,height=360,abps=42117,fps=24.917,du=10.124,vc="h264",bytes=426384,owidth=1280,oheight=720,oabps=72103,ofps=24.9,odu=10.0,ovc="h264",obytes=721027,oformat="mp4",abr="c"
X-Timer
S1699058507.231099,VS0,VE1
ETag
"4d0f6e6ad9a07affe0a8edcb8c3b70df"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31534356
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
landscape781bc3cc-139e-42c2-b5b0-c873ec5e240e.ts
mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1699058076/ 		87 KB
88 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://mcd.ex.co/video/upload/c_limit,w_640,h_360,vc_h264:baseline:3.0,br_2m/v1699058076/landscape781bc3cc-139e-42c2-b5b0-c873ec5e240e.ts
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.53.42.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-130.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
0273b1f5eaf5990c0326696bcb7dd432b8e433074c0d99ca9a089b336e15a787

Request headers

Referer
https://www.sonomamag.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Range
bytes=337460-426383

Response headers

Date
Sat, 04 Nov 2023 07:08:26 GMT
Cache-Tag
494320572674794536297121460370749692436,242129432464203716531710096271398543033,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Range
bytes 337460-426383/426384
Connection
keep-alive
Content-Length
88924
X-Served-By
cache-iad-kiad7000052-IAD
Last-Modified
Sat, 04 Nov 2023 00:34:45 GMT
Server
cloudinary
Surrogate-Reporting
width=640,height=360,abps=42117,fps=24.917,du=10.124,vc="h264",bytes=426384,owidth=1280,oheight=720,oabps=72103,ofps=24.9,odu=10.0,ovc="h264",obytes=721027,oformat="mp4",abr="c"
X-Timer
S1699058507.231099,VS0,VE1
ETag
"4d0f6e6ad9a07affe0a8edcb8c3b70df"
Content-Type
video/mp2t
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31534356
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
sodar
pagead2.googlesyndication.com/pagead/ 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202310310101&jk=626507463571779&bg=!2dql2pXNAAb4oU7C2KE7ADQBe5WfOBid24Jiej9VNg4m-gHfA6Pr2UOYlAOH2WbPSrEowt1AB0-QtS7rhSriW2oXx7XsAgAAARNSAAAAD2gBB5kDEfxTz6CAhc-sjeq6YER_1Fd4ESskRqlpsuKi2CLtexbacDrthuxVoAtVM8EfgWEgZyrNIvottl2gRLnq3IAi6Xor-0F8SuwFpazFU8KGhzoERuXAuMKY6dDQds0VygiFDgZ6oKvcBRvMhMfvQzI5NX1qWzWXnKX_LOHAElykSo-v8In4pl-4TAHRWMlMt8Q3Tg3hJB-s9b7XGWqpcA82FSNxyDJuVkxsZr0LGUS_u5Sdw1gSnVVcblV5vTynlTk21jx5BahYDjRh6J09aRwsbMy_e845ey9rq-S8vX6Pjv8LcWKtdGcrV-QDTKSWMQIIAGfj-DVxpxU_ZwZH-2uABm07rKUhzsqsZNXYh7EGPKIsiV5N5Kz7BU7MaZeEj34hvhD_FSp1beF189EZ-nakllBjSD2hx9Sm9b8_n_065WMKT72iK_mu4CE26-4pbIM5Xh7TDHzoLT3z8uSp5U4gqkWYDWBh11WFQiQwHaK5HOCnFsnzIVlk-P3DNMQTTUeyDCF1t1UmbODufyfmbc7fCZTacow85_knqDFFs4De-8EN7zhJFCYG-V7jcnOFzVLs7XxM2jUXTkozfUM6KydZYJBKWIvDncOerZTz3Iv4CA5xnbyzVDgckZe6OsFPdmxIvmyBk3uhcsjAasXSrhbJhcTkbHibfKqQZNAqFFZe_YxjoteDIcT229c-di5dX1sLYF4U0cMUr_w3Ggs86BBqQjLA8TGBo91pwo5YTWhyr9fYk7tOgNxBjAl8tt-eQj4dkflFOF07R0TUBZ_r6Yhk-ZQni8bmZa_5qpGxRByyYxB0d1ZVGRAbMj_dgkzTb1kSYXIeT-QM6MjXRsLEHjBXkR10lqQLwnEfP32QQgFCgHIkVr327iSbZcyc8AvK1Yn9AePY0N1LyE-8SLZTsdPOKWqr_zo9qQ4_RXNNH4F2Wl6xtnM83VOBvAjZoLfS1br0uhAgMEPrlRknbw9IAfw8X9y9x57R3QuWHk2HXafDDnlpLuW7Jnfr8AMGDv6aWzVeKJT988iVJWoYEvWPP-C9U70x
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers
index.js
cdn.pranmcpkx.com/ 		7 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.pranmcpkx.com/index.js
Requested by
Host: cdn.pranmcpkx.com
URL: https://cdn.pranmcpkx.com/prod/smi/t8y9347t.min.js?2023104
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (ama/489D) /
Resource Hash
6941d870c4bac732a6ed7718c594a73cc27000379eaaf241c9e47d982e44f407

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

x-ms-blob-type
BlockBlob
date
Sat, 04 Nov 2023 07:08:27 GMT
content-encoding
gzip
content-md5
nynBpfvYghYqzIzsvfssRw==
age
105406
x-cache
HIT
content-length
2382
x-ms-lease-status
unlocked
last-modified
Fri, 17 Jun 2022 17:08:13 GMT
server
ECAcc (ama/489D)
etag
0x8DA5083F65AD9E0
vary
Accept-Encoding
content-type
text/javascript
access-control-allow-origin
*
x-ms-request-id
8d571686-a01e-004a-29f8-0d5431000000
access-control-expose-headers
x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
x-ms-version
2009-09-19
ad_300_250.jpg
paywall-ad-bucket.s3.amazonaws.com/ 		631 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://paywall-ad-bucket.s3.amazonaws.com/ad_300_250.jpg
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.231.202.121 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1-w.amazonaws.com
Software
AmazonS3 /
Resource Hash
0859f5f9bf49348ef81d01f953d520c10a2a857961ef1bfad4a7903609889de5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Sat, 04 Nov 2023 07:08:28 GMT
Last-Modified
Tue, 15 Oct 2019 13:44:16 GMT
Server
AmazonS3
x-amz-request-id
3V15ZBJZ16KS5WTY
ETag
"ef2cc7f55b7ab677b023e36033e26471"
Content-Type
image/jpeg
Accept-Ranges
bytes
Content-Length
631
x-amz-id-2
dDeGevGxVeYG6YS5ssFcsw6b6jmr3QMrkEJHLhnuSNGAY+xz4tRFD0/XmBIziOVh6ePBQCm5sVU=
x-amz-meta-s3b-last-modified
20191015T134358Z
collect
region1.analytics.google.com/g/ Frame 1410 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-BKQ8B1L124&gtm=45je3b11v894309520&_p=1699081702406&gcd=11l1l1l1l1&cid=1661253279.1699081701&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1699081702&sct=1&seg=0&dl=https%3A%2F%2Fnewsletter.sonomamag.com%2Fframed%2Fsmag%2Finline%2Fb5a5fb7f64e61dfa271df912c7bbfa8f%3Fpref%3Dsmag_cork-fork%26fid%3D5798&dr=https%3A%2F%2Fwww.sonomamag.com%2F&dt=Sonoma%20Magazine&en=scroll&epn.percent_scrolled=90&tfd=5934
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BKQ8B1L124
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsletter.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Nov 2023 07:08:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://newsletter.sonomamag.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ Frame 819F 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-BKQ8B1L124&gtm=45je3b11v894309520&_p=1699081702715&gcd=11l1l1l1l1&cid=1661253279.1699081701&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1699081702&sct=1&seg=1&dl=https%3A%2F%2Fnewsletter.sonomamag.com%2Fframed%2Fsmag%2Finline%2Fb5a5fb7f64e61dfa271df912c7bbfa8f%3Fpref%3Dsmag_cork-fork%26fid%3D5232&dr=https%3A%2F%2Fwww.sonomamag.com%2F&dt=Sonoma%20Magazine&en=scroll&epn.percent_scrolled=90&tfd=6097
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BKQ8B1L124
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsletter.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Nov 2023 07:08:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://newsletter.sonomamag.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ Frame 7028 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-BKQ8B1L124&gtm=45je3b11v894309520&_p=1699081702734&gcd=11l1l1l1l1&cid=1661253279.1699081701&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AEA&_s=2&sid=1699081702&sct=1&seg=1&dl=https%3A%2F%2Fnewsletter.sonomamag.com%2Fframed%2Fsubscribe%2Fc436dadced448bd5c492ca666ecde2a4%26fid%3D8843&dr=https%3A%2F%2Fwww.sonomamag.com%2F&dt=Sonoma%20Magazine&en=scroll&epn.percent_scrolled=90&tfd=6131
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-BKQ8B1L124
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://newsletter.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Nov 2023 07:08:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://newsletter.sonomamag.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
prebid
id5-sync.com/api/config/ Frame B4E2 		136 B
419 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/prebid/production/release/1.9.0/latest/expb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
22cd820b748bdabf96448ca563642ddc782ba91756d5428113a23392839752ef
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.sonomamag.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sonomamag.com
date
Sat, 04 Nov 2023 07:08:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
envelope
api.rlcdn.com/api/identity/ Frame B4E2 		0
254 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity/envelope?pid=13963
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/prebid/production/release/1.9.0/latest/expb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sonomamag.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 04 Nov 2023 07:08:28 GMT
via
1.1 google
access-control-allow-methods
GET, OPTIONS
access-control-allow-origin
https://www.sonomamag.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
0
id
id.crwdcntrl.net/ Frame B4E2 		43 B
318 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/prebid/production/release/1.9.0/latest/expb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.8.73 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-8-73.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer
https://www.sonomamag.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 04 Nov 2023 07:08:28 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.sonomamag.com
cache-control
no-cache
x-server
10.45.2.201
access-control-allow-credentials
true
content-length
43
expires
0
rid
match.adsrvr.org/track/ Frame B4E2 		63 B
422 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=343asog&fmt=json
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/prebid/production/release/1.9.0/latest/expb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
d976f2f527edb9e293e8595bb9eb6c37383685f995a006f0854604cf8d93e8ef

Request headers

Referer
https://www.sonomamag.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

date
Sat, 04 Nov 2023 07:08:28 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.sonomamag.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Mon, 04 Dec 2023 07:08:28 GMT
v1
btlr.sharethrough.com/universal/ Frame B4E2 		0
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/prebid/production/release/1.9.0/latest/expb.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.93.74 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-93-74.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sonomamag.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sonomamag.com
date
Sat, 04 Nov 2023 07:08:28 GMT
cache-control
private, no-cache, no-store, must-revalidate
access-control-allow-credentials
true
vary
Origin
auction
prebid-server.rubiconproject.com/openrtb2/ Frame B4E2 		173 B
468 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/prebid/production/release/1.9.0/latest/expb.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e253689b1615427bc504f72b43fdf6120cf967ac79dfd40107704438b7b28d31

Request headers

Referer
https://www.sonomamag.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/2.1.0
Content-Type
application/json
access-control-allow-origin
https://www.sonomamag.com
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
168
Expires
0
pbjs
htlb.casalemedia.com/openrtb/ Frame B4E2 		36 B
392 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=624104
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/prebid/production/release/1.9.0/latest/expb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2f25d8ce3573c3353d5f8930b552d673f985133ddcd2b8ee535fe00fd9b30313

Request headers

Referer
https://www.sonomamag.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 04 Nov 2023 07:08:28 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=j7VICFpWE%2BNZxgwX70sTVICILtm%2F7s9qKoVbaBDMted1EfFPuuMDSAyJ3SQMXGhPNF8n%2FxHqKRItxZrHBM61pAg0dVfqGsufC1PH6idjF6ERa5W16EmdGAqyo2afBB7G5Y0tysh2"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.sonomamag.com
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
820b06a75f8591de-FRA
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
v1
prg.smartadserver.com/prebid/ Frame B4E2 		171 B
564 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/prebid/production/release/1.9.0/latest/expb.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.16 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer
https://www.sonomamag.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Sat, 04 Nov 2023 07:08:27 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.sonomamag.com
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
lb.eu-1-id5-sync.com/lb/ Frame B4E2 		33 B
276 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/prebid/production/release/1.9.0/latest/expb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
b66bb2d7ab34e9461816f4bfca95e6751cf29c81f8132a24733b4db381f0f1ef
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.sonomamag.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sonomamag.com
date
Sat, 04 Nov 2023 07:08:27 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		363 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/3.65.1-e4cd5b7/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
59256d68959f1c40218d6a6c7f9dc0a89346c35e6bac1f4c42be4490217b5eff
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
127581
x-xss-protection
0
expires
Sat, 04 Nov 2023 07:08:28 GMT
1235.json
id5-sync.com/g/v2/ Frame B4E2 		251 B
533 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/1235.json
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/prebid/production/release/1.9.0/latest/expb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.116 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533567.ip-162-19-138.eu
Software
/
Resource Hash
fc64f40907557bc58d142718cfb123e3db8f03efc08b60bd3d0966a62c9c1e0d
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.sonomamag.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.sonomamag.com
date
Sat, 04 Nov 2023 07:08:28 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
bridge3.600.0_en.html
imasdk.googleapis.com/js/core/ Frame C5F4 		754 KB
242 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0e7bf5514e66181229677ebc30bc00ceec297229f58021ab622021b54cbbc1c2
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.sonomamag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
100545
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
247634
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Fri, 03 Nov 2023 03:12:43 GMT
expires
Sat, 02 Nov 2024 03:12:43 GMT
last-modified
Mon, 30 Oct 2023 17:07:50 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:28 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 04 Nov 2023 07:08:28 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 3A2F 		40 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 06:28:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2419
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13893
x-xss-protection
0
last-modified
Wed, 09 Aug 2023 15:57:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Sat, 04 Nov 2023 07:28:09 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame C5F4 		156 B
354 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F94166617%2C94238257%2Fca-video-pub-9790762811057699-tag%2FMCD_2.0_Ced_Desktop_sonomamag.com_9&description_url=https%3A%2F%2Fwww.sonomamag.com&sz=400x300%7C640x400%7C640x480&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1359200506172475&cust_params=pf%3D2f169f9b4e6a&sdkv=h.3.600.0&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=2137692774&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.600.0&sid=A75A9FB7-F66F-4816-A071-C2537B1E5AB3&nel=0&eid=44770825%2C44772139%2C44777649%2C44781409%2C44802463%2C44804614&url=https%3A%2F%2Fwww.sonomamag.com%2F&dt=1699081709009&cookie=ID%3D961e6f9c50f6818a%3AT%3D1699081702%3ART%3D1699081702%3AS%3DALNI_MZbckzau0o8MZRTrM_WoNQj-qcg6g&gpic=UID%3D00000cb3c37b55a1%3AT%3D1699081702%3ART%3D1699081702%3AS%3DALNI_MaeInOf8iwfgDLRUmA2kQ39hJAZYA&scor=798818532039869&ged=ve4_td8_tt0_pd8_la8000_er2435.2340.2593.2640_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.600.0_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:29 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame C5F4 		0
0
events
collector.ex.co/main/ 		17 B
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector.ex.co/main/events
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.31.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-31-117.compute-1.amazonaws.com
Software
/
Resource Hash
cebe87559cf861d01e9c6b1cefd38ab1db9e13c8fe316b85a296b6cf220f883e

Request headers

Referer
https://www.sonomamag.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 04 Nov 2023 07:08:29 GMT
etag
W/"11-MaL8I3MaqLPWbOrdrabTmSWS9PM"
content-length
17
content-type
application/json; charset=utf-8
csi
csi.gstatic.com/ Frame C5F4 		0
0
landscape781bc3cc-139e-42c2-b5b0-c873ec5e240e.webp
mcd.ex.co/video/upload/w_295,so_4/v1490095101/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mcd.ex.co/video/upload/w_295,so_4/v1490095101/landscape781bc3cc-139e-42c2-b5b0-c873ec5e240e.webp
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.53.42.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-130.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
add4400980125165d8125294944eb910e951f05af198801665a1e7d2c0bd576c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Sat, 04 Nov 2023 07:08:29 GMT
Cache-Tag
494320572674794536297121460370749692436,266460673134253583867341487109298160643,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Content-Disposition
inline; filename="landscape781bc3cc-139e-42c2-b5b0-c873ec5e240e.webp"
Connection
keep-alive
Content-Length
6988
X-Served-By
cache-lga21973-LGA
Last-Modified
Sat, 04 Nov 2023 00:34:47 GMT
Server
cloudinary
Surrogate-Reporting
width=295,height=165,bytes=6988,owidth=1280,oheight=718,obytes=72585
X-Timer
S1699059397.309782,VS0,VE3
ETag
"18b2a7d1351d741826d468cd26e1b0cb"
Content-Type
image/webp
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31535256
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
events
e.channelexco.com/ 		0
246 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://e.channelexco.com/events
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/player/ap/3.65.1-e4cd5b7/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.19.226.132 New York, United States, ASN396362 (LEASEWEB-USA-NYC, US),
Reverse DNS
Software
openresty /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.sonomamag.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Sat, 04 Nov 2023 07:08:31 GMT
access-control-request-method
GET, POST
server
openresty
access-control-allow-methods
GET, POST
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
access-control-allow-credentials
true
access-control-allow-headers
*
landscape546d5411-5f1c-43e6-8a17-6e6815fbfc43.webp
mcd.ex.co/video/upload/w_295,so_4/v1490095101/ 		9 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mcd.ex.co/video/upload/w_295,so_4/v1490095101/landscape546d5411-5f1c-43e6-8a17-6e6815fbfc43.webp
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.53.42.130 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-53-42-130.deploy.static.akamaitechnologies.com
Software
cloudinary /
Resource Hash
f8ddf93c5cf5aa9a520859bab84bdae6763b4df7b126ef7abc07926fcb0584ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.sonomamag.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Sat, 04 Nov 2023 07:08:31 GMT
Cache-Tag
297201648795842742398178986549764712226,266460673134253583867341487109298160643,c8ca5d8e4a43f8ef61d39b48fd5ffa31
Status
200 OK
Content-Disposition
inline; filename="landscape546d5411-5f1c-43e6-8a17-6e6815fbfc43.webp"
Connection
keep-alive
Content-Length
9126
X-Request-Id
b1942d200edb588816c4750d9f933fea
X-Served-By
cache-iad-kiad7000176-IAD
Last-Modified
Fri, 03 Nov 2023 21:30:03 GMT
Server
cloudinary
Surrogate-Reporting
width=295,height=165,bytes=9126,owidth=1280,oheight=718,obytes=60942
X-Timer
S1699047648.323581,VS0,VE1
ETag
"f275cc464b02f1ea7e63aeedbf8d29f3"
Content-Type
image/webp
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31523581
Accept-Ranges
bytes
Timing-Allow-Origin
*
Access-Control-Allow-Headers
X-Requested-With
X-Cache-Hits
1
events
collector.ex.co/main/ 		17 B
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://collector.ex.co/main/events
Requested by
Host: az416426.vo.msecnd.net
URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.224.31.117 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-224-31-117.compute-1.amazonaws.com
Software
/
Resource Hash
cebe87559cf861d01e9c6b1cefd38ab1db9e13c8fe316b85a296b6cf220f883e

Request headers

Referer
https://www.sonomamag.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Sat, 04 Nov 2023 07:08:31 GMT
etag
W/"11-MaL8I3MaqLPWbOrdrabTmSWS9PM"
content-length
17
content-type
application/json; charset=utf-8
usync.html
eus.rubiconproject.com/ Frame 4A84 		281 B
555 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/prebid/production/release/1.9.0/latest/expb.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.sonomamag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Sat, 04 Nov 2023 07:08:32 GMT
ETag
"280525-119-60930cbd3cec0"
Last-Modified
Thu, 02 Nov 2023 19:57:23 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 4318 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: cdn.ex.co
URL: https://cdn.ex.co/prebid/production/release/1.9.0/latest/expb.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb

Request headers

Referer
https://www.sonomamag.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
126
cache-control
public, max-age=14400
cf-cache-status
HIT
cf-ray
820b06bc78b4929f-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 04 Nov 2023 07:08:32 GMT
expires
Sat, 04 Nov 2023 11:08:32 GMT
last-modified
Mon, 25 Jul 2022 19:18:19 GMT
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
server
cloudflare
vary
Accept-Encoding
usync.js
eus.rubiconproject.com/ Frame 4A84 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.30.22.30 -, , ASN (),
Reverse DNS
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
2370824014f588c0a504d6bcca32475f2684a93fa4e54071ac08aea47465433f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Date
Sat, 04 Nov 2023 07:08:32 GMT
Content-Encoding
gzip
Last-Modified
Fri, 03 Nov 2023 21:07:15 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=50309
Connection
keep-alive
Content-Length
13281
Expires
Sat, 04 Nov 2023 21:07:01 GMT
usermatch
ssum-sec.casalemedia.com/ Frame BDEE 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sonomamag.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ff6d2eec4e3ca80fb616c3cf49e83f4c5c44fa1a4e0bc202392684144d84fe43

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache
cf-cache-status
DYNAMIC
cf-ray
820b06bcebaa3642-FRA
content-encoding
br
content-type
text/html
date
Sat, 04 Nov 2023 07:08:32 GMT
expires
0
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VJ28yzWj3khSCi%2BBrsvT5VdFIfngQhRfRBT2ZUs0%2BSH7daKTpEVuNi70rOlXOzdgjgo3p7Dzw%2BEWVddo%2BOwaOqMecdlTD1CC4D9iQS%2FAJnd%2BRWlSEItZJaIR7xs8O6O%2BgBHvXSRrTqxD9A%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
khaos.json
token.rubiconproject.com/ Frame 4A84 		7 B
380 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://token.rubiconproject.com/khaos.json?
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://eus.rubiconproject.com
Cache-Control
no-cache,no-store,must-revalidate
access-control-allow-credentials
true
content-length
7
X-RPHost
704c1e4d3fcc922a3031d436b584678b
Expires
0
sync
live.rezync.com/ Frame BDEE
Redirect Chain
  • https://i.liadm.com/s/31327?bidder_id=14481&bidder_uuid=ZUXt6GGdlack8EYiYy27oAAA%265257&gpdr=&gdpr_consent=&us_privacy=&gpp=&gpp_sid=
  • https://i.liadm.com/s/31327?gdpr_consent=&bidder_id=14481&gpp=&bidder_uuid=ZUXt6GGdlack8EYiYy27oAAA%265257&_li_chk=true&gpp_sid=&us_privacy=&gpdr=&previous_uuid=e8b3edd993a8410299053500f0cd6311
  • https://d.turn.com/r/dd/id/L21rdC8xOTcxL2NpZC8xNzQ5ODczMjc1L3QvMg/url/https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=$!%7BTURN_UUID%7D
  • https://i.liadm.com/s/53233?bidder_id=183658&bidder_uuid=8895773545145174356
  • https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=e8b3edd9-93a8-4102-9905-3500f0cd6311
0
0
ZUXt6GGdlack8EYiYy27oAAAFIkAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame BDEE 		43 B
602 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZUXt6GGdlack8EYiYy27oAAAFIkAAAIB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sonomamag.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3605:1d34:e0a9:a5ed:8538 -, , ASN (),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:32 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
crum
dsum-sec.casalemedia.com/ Frame BDEE
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2867029333300452141
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2867029333300452141
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sonomamag.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Nov 2023 07:08:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ltLC7oa28O35vcvv2b5Q%2F0RomC2qOMZulpsl%2BRItopf4Y%2FGBkhmfwqaz526gEbBzsgIjZQBWXY6hH%2FeMoImKMjZxEx9eUXjjAHW6V2Y01hVWXyS8QALG5fO4XE%2Bd9KKEaLfzySMVttEc3A%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
820b06bd6bfa3642-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 04 Nov 2023 07:08:32 GMT
an-x-request-uuid
98df8553-11b8-41f2-a378-432cbb770e94
server
nginx/1.23.4
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=2867029333300452141
x-proxy-origin
45.141.152.75; 45.141.152.75; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame BDEE
Redirect Chain
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZUXt6GGdlack8EYiYy27oAAAFIkAAAIB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
70 B
148 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sonomamag.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:32 GMT
server
Kestrel
content-length
70
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Sat, 04 Nov 2023 07:08:32 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1699081712083084-535
Expires
Sat, 04 Nov 2023 07:08:32 GMT
crum
dsum-sec.casalemedia.com/ Frame BDEE
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=29
  • https://c1.adform.net/serving/cookie/match?CC=1&party=29
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=6432240455056384945&expiration=1700291312
43 B
734 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=6432240455056384945&expiration=1700291312
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sonomamag.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Nov 2023 07:08:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=g7ckArjGYLEZ1rZ8CQGzXOHdvpDpynzvWN1Zg0pxHgb%2FN497sptfdXpGQzYHapQNVNpbmpypbhilayO2VBfgOLmT0qmYDkQaZiodmmhtwLAS7VEtUCpr1E%2FGNL%2FR2RBKXwu6jZE%2B8PxdZA%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
820b06bf5d993642-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 04 Nov 2023 07:08:32 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=111&external_user_id=6432240455056384945&expiration=1700291312
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
crum
dsum-sec.casalemedia.com/ Frame BDEE
Redirect Chain
  • https://cm.ctnsnet.com/int/cm?exc=19
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=8a6c803f26a74205b00d0ad54f75f921&expiration=1701673712
43 B
738 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=8a6c803f26a74205b00d0ad54f75f921&expiration=1701673712
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sonomamag.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H3
Server
172.64.151.101 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Nov 2023 07:08:32 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W256kJKw3P%2Fd6fhtApEUHIocWT8WQfADnGd2EHpjIneXcPaOwRMs%2FAuz4n%2FLJEY%2FaYkD033yUfyO8FxASZc4WggyuXU1R%2BmJDFOc%2BMpi%2BlEtDlGIpSAq3tAm0V%2B0jztjnczgql1WGgW4kQ%3D%3D"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
content-type
image/gif
cache-control
no-cache
cf-ray
820b06befd323642-FRA
alt-svc
h3=":443"; ma=86400
content-length
43
expires
0

Redirect headers

pragma
no-cache
date
Sat, 04 Nov 2023 07:08:31 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=109&external_user_id=8a6c803f26a74205b00d0ad54f75f921&expiration=1701673712
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
demconf.jpg
dpm.demdex.net/ Frame BDEE
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=23728&dpuuid=ZUXt6GGdlack8EYiYy27oAAA%265257?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZUXt6GGdlack8EYiYy27oAAA%265257
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZUXt6GGdlack8EYiYy27oAAA%265257
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sonomamag.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
52.209.134.254 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v053-06ec0c431.edge-irl1.demdex.com 4 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
gUP9mlooQO0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-irl1-2-v053-0e17007ef.edge-irl1.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
aHGtC0fiRGE=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=23728&dpuuid=ZUXt6GGdlack8EYiYy27oAAA%265257
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
bridge
cm.adgrx.com/ Frame BDEE 		43 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sonomamag.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.251.232.165 -, , ASN (),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

pragma
no-cache
date
Sat, 04 Nov 2023 07:08:32 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
ams-delivery-9
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT
htw-pixel.gif
cdn.indexww.com/ht/ Frame BDEE 		43 B
229 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.indexww.com/ht/htw-pixel.gif?ZUXt6GGdlack8EYiYy27oAAA%265257
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fwww.sonomamag.com%2F&s=184674&cb=https%3A%2F%2Fcdn.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.38.76 -, , ASN (),
Reverse DNS
Software
cloudflare /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.105 Safari/537.36

Response headers

date
Sat, 04 Nov 2023 07:08:32 GMT
cf-cache-status
HIT
last-modified
Tue, 24 Jan 2017 19:36:04 GMT
server
cloudflare
age
24515
etag
"da1f1d-2b-546dc3a097100"
vary
Accept-Encoding
content-type
image/gif
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=86400
accept-ranges
bytes
cf-ray
820b06bd3910929f-FRA
content-length
43
expires
Sun, 05 Nov 2023 07:08:32 GMT
areq
a.channelexco.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~lojpdp4u&c=2423189318585&slotId=1211594659292.5&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~lojpdpgi&c=2423189318585&slotId=1211594659292.5&uet=2&ghmsh_eids=44770825%2C44772139%2C44777649%2C44781409%2C44802463%2C44804614
Domain
live.rezync.com
URL
https://live.rezync.com/sync?c=0aa2530f29e4f4a05b5d5d9bb35d60c2&p=93c1662463a616a7155169889dd99651&pid=e8b3edd9-93a8-4102-9905-3500f0cd6311
Domain
a.channelexco.com
URL
https://a.channelexco.com/areq?sid=&domain=https%3A%2F%2Fwww.sonomamag.com&se=efc95d42-45c2-4809-97d3-23e2a4997d1f&pv=117.59&dd=www.sonomamag.com&gpvck=v022831802__300x168______DEF__nil__408&sa=shd&dmid1=1069754223-1016326434-83826257-1477400787&dmid2=1069754223-1016326434-83826257-55609253&dmid3=1069754223-1016326434-83826257-421257535&dmid4=1069754223-1016326434-83826257-260672383&dmid5=1069754223-1016326434-83826257-410366044&dmid6=1069754223-1016326434-83826257-1058314172&cb=1699081712745

Verdicts & Comments Add Verdict or Comment

196 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| documentPictureInPicture function| CookieScript object| dataLayer function| sendGooglePageView number| dfpShowAmazonAds object| _sf_async_config function| fbq function| _fbq undefined| $ function| jQuery function| dfpLoadAmazonAds object| googletag object| dfpAds function| displayDfpAdSlot function| displayScrollToDfpAdSlot function| getDeferredDfpAd number| deferredDfpAdCount function| displayDeferredDfpAdSlot function| refreshDfpAds function| isDfpAdInViewport object| apstag function| smagSetCookie function| smagGetCookieByName function| hasLocalAndSessionStorage object| MG2Loader object| runtime object| regeneratorRuntime object| wp function| sprintf function| vsprintf object| uiAutocompleteL10n object| postCategories string| pageSlug string| axel string| a object| matherData object| pSUPERFLY_mab object| _cbq object| pSUPERFLY object| google_tag_manager object| google_tag_data function| setCookies function| getCookie object| params object| urlParams number| arrayLength object| keys object| values object| map string| url object| urlStr function| createParam function| setUrlParams string| key string| value object| _aps boolean| apstagLOADED object| apscustom object| ggeac object| google_js_reporting_queue object| _mather object| _mg2q object| _matherq object| cnvr_launcher_options function| onYouTubeIframeAPIReady object| gaGlobal object| appInsights object| conversant object| PublisherCommonId undefined| google_measure_js_timing object| AI object| Microsoft function| __extends function| _endsWith boolean| nlFrameSizeListener object| g2ExtendInits object| G2Analytics object| G2Insights object| MG2Insights object| nxtBundle object| webpackJsonpnxtBundle object| NxtInner object| Connext object| CnnXt object| publink_options string| fpVersion string| fpBuild object| DeviceDetector object| Fingerprint object| coreid function| Swiper object| DIGIOH_LOADER boolean| SENT_LIGHTBOX_PV object| _cb_shared undefined| nQuery number| ntvLoadStart object| ntv object| prdom object| onFocusEvents function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvGetElementViewability function| ntvArticleTracker function| ntvViewableImpressionTracker object| PostRelease object| ntvToutAds boolean| onFocus object| TRUE_ANTHEM number| google_unique_id object| tid object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager undefined| ct undefined| et undefined| hourElapsed undefined| msg undefined| pixelDomain undefined| pxSrc undefined| px object| Moat#G23 object| MoatSuperV23 boolean| _lastFocusState object| Moat#PML#23#1.2 boolean| Moat#EVA undefined| MoatOCR function| moatOcrSample object| MoatContent string| __EXCO_INTEGRATION_TYPE boolean| msgData object| MG2DL object| STREAM_CONFIGS string| STREAM_ID object| __EXCO object| wpJsonpExCoStreamSdk function| setImmediate function| clearImmediate function| _____WB$wombat$assign$function_____ function| __WB_pmw object| gPartners string| GoogleAnalyticsObject function| ga object| chartbeatConversionScript object| myScript object| firstScript string| pbPageIdentifier object| gaplugins object| gaData object| __wpcc function| chartbeat object| wpJsonpExCoAdPlayer object| ID5 object| CEDATO_API object| CEDATO_TAG object| __id5_instances object| GoogleGcLKhOms function| Hls object| google_image_requests object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_manager_loaded_event object| goog object| closure_lm_999120 object| closure_lm_261001

50 Cookies

Domain/Path Name / Value
.lightboxcdn.com/ Name: _cfuvid
Value: fLQWJp9DGP6MKnYJFJhPn9mW6bv_PlqjxFv_SRQD.CQ-1699081701224-0-604800000
.sonomamag.com/ Name: _fbp
Value: fb.1.1699081701409.375025982
.sonomamag.com/ Name: _ga_XBMKBT1D08
Value: GS1.1.1699081701.1.0.1699081701.60.0.0
.sonomamag.com/ Name: _ga_84Q5ST7BN6
Value: GS1.1.1699081701.1.0.1699081701.60.0.0
newsletter.sonomamag.com/ Name: PHPSESSID
Value: 7hjdb6lpg6ekbaa13nsh8j5c7g
www.sonomamag.com/ Name: ai_user
Value: qKXg4|2023-11-04T07:08:21.678Z
.sonomamag.com/ Name: _cb
Value: C8i-m-CHahOZBdMIwO
.sonomamag.com/ Name: _chartbeat2
Value: .1699081702067.1699081702067.1.BEs08QCRwtsQDzz8ogD6TTRFeYEkC.1
.sonomamag.com/ Name: _cb_svref
Value: null
.postrelease.com/ Name: opt_out
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUk9xyrBZCemmIl6dJB06KNNPMRrW-Jp68GoiJff5N9oXj_26Y9hCcf_dZcIaBs
www.sonomamag.com/ Name: ntvSession
Value: {"id":2618525,"placementID":1046443,"lastInteraction":1699081702905,"sessionStart":1699081702905,"sessionEndDate":1699138800000,"experiment":""}
.sonomamag.com/ Name: _ga_BKQ8B1L124
Value: GS1.1.1699081702.1.1.1699081703.59.0.0
.sonomamag.com/ Name: __gads
Value: ID=961e6f9c50f6818a:T=1699081702:RT=1699081702:S=ALNI_MZbckzau0o8MZRTrM_WoNQj-qcg6g
.sonomamag.com/ Name: __gpi
Value: UID=00000cb3c37b55a1:T=1699081702:RT=1699081702:S=ALNI_MaeInOf8iwfgDLRUmA2kQ39hJAZYA
.sonomamag.com/ Name: _sp_ses.c0dc
Value: *
.sonomamag.com/ Name: _sp_id.c0dc
Value: a239f596-d12c-4e06-9443-2ae2d47e5dba.1699081703.1.1699081704.1699081703
.sonomamag.com/ Name: _matheriSegs
Value: MATHER_U9I_REGMET2_20211001
.sonomamag.com/ Name: _matherSegments
Value: MATHER_U9I_REGMET2_20211001
.doubleclick.net/ Name: DSID
Value: NO_DATA
.sonomamag.com/ Name: anonDeviceId
Value: 9928b50b2d8718beafc8992c06e73adc
.sonomamag.com/ Name: nxt_last_visit
Value: 1699081703956
www.sonomamag.com/ Name: exco-uid
Value: 4ghknteuxbg8l584
.sonomamag.com/ Name: _ga
Value: GA1.2.1661253279.1699081701
.sonomamag.com/ Name: _gid
Value: GA1.2.884975763.1699081704
www.sonomamag.com/ Name: ai_session
Value: u4Ixf|1699081704380.4|1699081704380.4
.ex.co/ Name: exco-uid
Value: 2e3632312e313534
.openx.net/ Name: i
Value: a302f542-d45e-4150-91bc-ede4e59fe2a3|1699081704
.casalemedia.com/ Name: CMID
Value: ZUXt6GGdlack8EYiYy27oAAA
.casalemedia.com/ Name: CMPS
Value: 5257
.casalemedia.com/ Name: CMPRO
Value: 5257
.ads.stickyadstv.com/ Name: UID
Value: c59dec1779daa799bf99ee87c83d0e0
.adnxs.com/ Name: uuid2
Value: 2867029333300452141
.quantserve.com/ Name: d
Value: EH0BDQGsKrjvsQA
.quantserve.com/ Name: mc
Value: 6545ede9-09e06-0daa5-0d006
.turn.com/ Name: uid
Value: 8895773545145174356
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-f7b13f3a-fbcb-4ba1-9428-97d13a1a1154-003%22%7D
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-f7b13f3a-fbcb-4ba1-9428-97d13a1a1154-003%22%7D
.brand-display.com/ Name: _knxq_
Value: c4721abf-f802-3d34-d094fe31.1699081705.0.1699081705.1699081705
.fwmrm.net/ Name: _uid
Value: uml2528_7298063333162987273
.ads.stickyadstv.com/ Name: uid-bp-36033
Value: uml2528_7298063333162987273
.ads.stickyadstv.com/ Name: MRM_UID
Value: uml2528_7298063333162987273
.ex.co/ Name: exco-uids
Value: {"ix":{"UID":"ZUXt6GGdlack8EYiYy27oAAA\u00265257","Expire":"2023-11-11T07:08:25.060630308Z"},"unruly":{"UID":"RX-f7b13f3a-fbcb-4ba1-9428-97d13a1a1154-003","Expire":"2023-11-11T07:08:25.211672336Z"}}
.amazon-adsystem.com/ Name: ad-id
Value: A0w-c1aJOk6cjNyUBrh-HSI
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.sonomamag.com/ Name: CookieScriptConsent
Value: {"googleconsentmap":{"ad_storage":"targeting","analytics_storage":"performance","functionality_storage":"functionality","personalization_storage":"functionality","security_storage":"functionality"},"firstpage":"https://www.sonomamag.com/"}
www.sonomamag.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
www.sonomamag.com/ Name: _lr_retry_request
Value: true
www.sonomamag.com/ Name: _lr_env_src_ats
Value: false
www.sonomamag.com/ Name: pbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-11-04T07%3A08%3A28%22%7D

2 Console Messages

Source Level URL
Text
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=13963
Message:
Failed to load resource: the server responded with a status of 451 ()
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 505)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1f2e7.v.fwmrm.net
a.channelexco.com
aax.amazon-adsystem.com
ad.turn.com
ads.pubmatic.com
ads.stickyadstv.com
ap.lijit.com
api-mg2.db-ip.com
api.rlcdn.com
az416426.vo.msecnd.net
btlr.sharethrough.com
c.amazon-adsystem.com
c1.adform.net
casale-match.dotomi.com
cdn.ampproject.org
cdn.cookie-script.com
cdn.ex.co
cdn.indexww.com
cdn.mircheigeshoa.com
cdn.o1ych4jb.com
cdn.pranmcpkx.com
cdn.pressdemocrat.com
cdn.wgchrrammzv.com
cdnjs.cloudflare.com
cm.adgrx.com
cm.ctnsnet.com
cm.g.doubleclick.net
cms.quantserve.com
collector.ex.co
config.aps.amazon-adsystem.com
connect.facebook.net
creatives.sascdn.com
csi.gstatic.com
d1sve9khgp0cw0.cloudfront.net
d82f6a585ccfe6f5ee3005553abad2f4.safeframe.googlesyndication.com
dc.services.visualstudio.com
dmp.brand-display.com
dpm.demdex.net
dsum-sec.casalemedia.com
dsum.casalemedia.com
e.channelexco.com
eus.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
gpv.ex.co
htlb.casalemedia.com
id.crwdcntrl.net
id5-sync.com
image6.pubmatic.com
imasdk.googleapis.com
jadserve.postrelease.com
js-sec.indexww.com
js.matheranalytics.com
lb.eu-1-id5-sync.com
live.rezync.com
loader-cdn.azureedge.net
match.adsrvr.org
mcd.ex.co
newsletter.sonomamag.com
p.channelexco.com
p.typekit.net
pagead2.googlesyndication.com
paywall-ad-bucket.s3.amazonaws.com
ping.chartbeat.net
player.ex.co
polyfill.io
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prg.smartadserver.com
proc.ad.cpe.dotomi.com
pubads.g.doubleclick.net
region1.analytics.google.com
s-09.channelexco.com
s-jsonp.moatads.com
s.amazon-adsystem.com
s.ntv.io
s0.2mdn.net
secure.adnxs.com
secure.cdn.fastclick.net
securepubads.g.doubleclick.net
ssbsync-global.smartadserver.com
ssum-sec.casalemedia.com
static.chartbeat.com
stats.g.doubleclick.net
sync.1rx.io
sync.ex.co
sync.targeting.unrulymedia.com
token.rubiconproject.com
tpc.googlesyndication.com
tru.am
u.openx.net
use.typekit.net
vop.sundaysky.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.i.matheranalytics.com
www.lightboxcdn.com
www.sonomamag.com
www9.smartadserver.com
x.bidswitch.net
z.moatads.com
a.channelexco.com
csi.gstatic.com
live.rezync.com
104.18.38.76
104.26.5.15
107.178.250.234
13.224.192.181
13.32.119.77
13.69.106.215
151.101.2.132
162.19.138.116
162.19.138.83
172.217.18.2
172.64.151.101
18.134.84.22
18.198.93.74
184.169.129.237
184.30.17.133
184.30.211.26
184.30.22.30
185.64.190.78
185.86.138.16
185.89.210.46
192.96.200.17
193.108.153.21
2001:4860:4802:34::36
2001:678:cb4:bbbb::11
216.52.2.39
217.182.178.224
23.19.226.132
23.212.213.167
23.32.184.192
23.53.42.114
23.53.42.130
2600:9000:2644:cc00:5:5a52:9000:21
2600:9000:2646:1200:18:1fcd:353:c61
2606:2800:133:206e:1315:22a5:2006:24fd
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700:20::ac43:4af5
2606:4700::6811:180e
2606:4700::6813:d483
2620:116:800d:21:7eb1:3826:be7e:d981
2a00:1450:4001:800::2002
2a00:1450:4001:806::2002
2a00:1450:4001:808::2002
2a00:1450:4001:80b::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:810::2001
2a00:1450:4001:810::200a
2a00:1450:4001:811::2008
2a00:1450:4001:812::2002
2a00:1450:4001:827::2003
2a00:1450:4001:827::2006
2a00:1450:4001:828::2004
2a00:1450:4001:82a::2003
2a00:1450:4001:82b::200a
2a00:1450:4001:830::2001
2a00:1450:4001:830::200e
2a00:1450:400c:c06::9a
2a02:26f0:480:f::213:7ee1
2a02:26f0:780::210:ca73
2a02:fa8:8806:16::1460
2a02:fa8:8806:20::2010
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a04:4e42:400::282
2a05:d018:d29:3605:1d34:e0a9:a5ed:8538
3.223.39.7
3.224.31.117
3.33.220.150
34.120.133.55
34.160.19.107
34.198.220.199
34.237.233.44
34.98.64.218
35.186.193.173
37.157.6.243
46.228.174.117
52.19.8.73
52.202.161.16
52.209.134.254
52.28.119.39
52.46.130.91
52.52.12.191
52.73.21.116
54.219.243.149
54.231.202.121
54.90.248.117
63.251.232.165
65.108.188.9
69.173.144.137
69.173.144.139
81.17.55.123
99.86.4.128
018342cae92806f9a8474ab5b7017b2035fe9b93d2d1f825c17225c5cc7bbb91
0273b1f5eaf5990c0326696bcb7dd432b8e433074c0d99ca9a089b336e15a787
02dd7bed19f11268f216636c812d0d4062ce5638ec197ed0fd506d28c8f9642b
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
070802044313bf1c3632ff4006fc069e141b75200f324cf289f56b8aa634fe55
074326ee32f2bc68dbbc78c0531daf45bc45a56fa8b7840fb67f4b00852bf8e2
0859f5f9bf49348ef81d01f953d520c10a2a857961ef1bfad4a7903609889de5
08e5c233c50ee56daf56a4b074a32969777a50a58ffbd43b0b6e43bb7455441d
092fe19f163db4c73e1789cf4d0c6b73392047d2944ea79056031efab9ca61ae
0c3a7498bba9b829748ae8fa69997d25819a9af6f02ee4c3e4bf1e9062e11e6b
0cff03129f16a73a8ff89d06578b0b1a1127bddb582fd05f0ab62f8ccc6b62f7
0e7bf5514e66181229677ebc30bc00ceec297229f58021ab622021b54cbbc1c2
0fb3eb2da3f5d7d228605ed034801827281e207ce7ae5aaa10a2386600d232fe
1029ba9d788434ec8b881389e56e9d8063e54d782252943805e6d3a2b313ba75
111041158b9290ae7cc0c6da69d7c4f5600e8a73b4c7399d675df7f15ba7b063
12f1a9a1c79c08a18cd4d5a0f40d1fff2c169683ede544e668b48b72d79acec2
14af47320898bd93f367026f7833c9956f14e24856976e4f9e10be31155cdcf2
166c7c3bb5f76f977a9f2a5490589b3466374eb2b3f064802e56f08bad71fbf0
17ec7ad5a109d73f79bdbd6621427676bf2cb87cb726fd936679bf5aeb5dca6d
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3
1e4307ac8b8c4d489c755729b6b1914a876f8693590e802b43ee4ac91b9aa354
1eda037ef70b5587c93b2677785521e8642e1e791cdcaebd5efa8647faf2b633
20bc54fd9bc30794a4233ed34ce4460e8a8298c5017100f7848c0bcb49b86eec
213ff5149dbbd291afeb912c82ca0ec3c653add3f42828c2b9048f84f8e7f7f8
2241d391f10f461a915b6ef47bc0c8103bf0e7289aff47e1bcfed5ff2a84d119
22cd820b748bdabf96448ca563642ddc782ba91756d5428113a23392839752ef
2307a7142cff506f4697bd2448e7c5dc50a23912e2ac6c5812437fdeb584e679
2370824014f588c0a504d6bcca32475f2684a93fa4e54071ac08aea47465433f
25c834aa2b8d083ff67315afdce006cc51d07a1ed26fe78a62f478075aef2dfe
26eabc7c87a3cb3b96ab97f25d260876a1ae2176022acf592bae6ec70d7db87e
27f5091c35bf3f526e50e4d48d4e5fec689ed3a5b123dbc50996538a94ec21b5
28894da63f29cba9596847db6453c4443d79bab5d2931527cdf53260c662c0d3
28900d71bfd70228f4a5258665ab4a3ebc9c77f1a983398b8ca92161cc738aa6
28b0275c9a5d52ac2d453b6e6eaf3986b4dabb4bc72da0ced74a2be31aeb5466
298a07337c7e4aba00b2dae8a06ec5ef8e533197caa2597acd81a115665eac8f
2abf7942533958b3fcb83e1a0ce9607a9c7bd02fd4faa65228f47d99fd69d29b
2c2a447b645ee166d404779a08b2d45076000ac02b98350a292be81d7f6c9650
2db65123658e777ad9db1be48fe86c969c79d6cbb35ad405d1ed0a45655bd652
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f25d8ce3573c3353d5f8930b552d673f985133ddcd2b8ee535fe00fd9b30313
301e66f1bf220431b0f82b7393f04243e158f16409b84703875abbc717d3e443
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
365973dce343af1048e494b3e00a55d613fb897d1356a1d53f102c81238a7728
382615c5da5718191adba3886c422e046910e72024266ec83fd72a3353699a05
3902e82a1c05acc3f757c81957d7428f06d9828eb538403bd998370c0ce3408d
3e136e77083bfc6ef14ffc5abd19da89a82bf12fc0cda3c603e01582b93303c8
3f1e33499499bbd3edcbdb81218df1b7c8535321f2269724f1b04635518e0c0e
3fd5f29043b5f7a4d559c1cf572ab5676138c5c4d0721940c887cf5ee2e05f6c
3fdeead014175f8aa0be34573c2e0d969ba7dc548ab3aac695b27ed4265c4e4b
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
401d5c523f0d2dd193df65b0c6f3115f94a8c7c305129df8570072cb05ccff8c
41d511bcd8511da9cb1f673d030c44fbadb09271c96e4fbb40bfa306572dcca3
4217045a8d701cac3b4a766a11076e7cc5342087464a8a6e3cc7e4f9feec09a3
424144da1285b9e64bec27b6984bf01af57d2a644f29a5c5a72b8cd1beaaef23
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
467f4c3950f4612684394cf8286300ed6709c49ca691bef12a1c912e00ef0c4f
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
47293687dd2154cf57b14c2acb7ccc0588dcf16ef3781b8074cca705c5ff703d
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4aee3f291e8081db6438e755065e241537d763ac096d526aa42066fc97db5a7c
4b8f230af668f20a7b50021f1edb1fac1c96cab1aa576933a2064e5d7807179b
4c0ced2cb3830d045cdd74f745fd4d6dcb082d8edd3a9fe46e39295e30cb8032
4e19e2b13e0271aa50a2e4aca33736936e9e83042c59f196552abace3f562088
51052486f545eb90cb335ae99c0888055c388a5e1fc0f178dbb0ba45a4d92da0
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
5274f11e6fb32ae0cf2dfb9f8043272865c397a7c4223b4cfa7d50ea52fbde89
53d8eef3539a9d91d12716c42ec389d935f989ab2c3be9ac00b81e99b799722d
53de6b3616f57459d3f1b898926fb83eafca2116a34feae66a807ea244291e8c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
550bd732a44de84afa4849cbcceb5cf8df099db412264a3a485c8ac5da1c1f10
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5668d185d349a669f5430bf540ec1b2bf99c54a2cfb2f92d61f87b6c0c8b2d32
57de7f9619f97652c5c830685b3aedac5ebe2be072c2333be00f4c82ebc2fbc2
59256d68959f1c40218d6a6c7f9dc0a89346c35e6bac1f4c42be4490217b5eff
5a8e632b5f851e7131365636b29104dfd8c1ef5b393d20eefda79bf79dd9d096
5c93f77799d122fb5255ee24da285f9f228cc118cba11e6ceb2b6bda8cdf4164
5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5
5de827f682d6a4e4dea64140aa2ed12b08fdff1c467a1296eae21d41d9e1583f
613603afe8c5203c59d7f9df1cbac87109df7ffdf245fd20becfa6bd95b92155
6139dddd3b6b6b847bccd476918dc8fb4f4f5a10908e5707c704f155e0918e84
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
622a01426683e02966eb2693dd3fd914b55b55522ab23f89d1611e5fe3c45ad7
6300f448d738e70ac11f0140df0b3ce91a2de9e0da7fdf09d32d28031600ba51
6463c8e174a08f3907b434ef8238751148ca234503f341f917ae83306ace82ba
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
6941d870c4bac732a6ed7718c594a73cc27000379eaaf241c9e47d982e44f407
696ee2ff10f4d06272e23a40622ce122854f2f6bf39a7166179b79b78cdf9285
6974bfd8fa06b7831f05cb4b25860c851a5ad3f02a6699ebe688987dd7a6ebe6
698e93fe491cc7bbf07a470579a33dbd0db53c19142b7be41ebfd39a23aef11f
6a15af42dcf8e6705a1ecea1dc8a864ce0c050b8c2dc5365d760f6f8b2477825
6a399de34ed4a5947f9d16f7f1b6ee1afb380fd09c4c525d2294df575449f5e0
6d6e563a86f03998f5372172bc74b8eb63c11df9781ece3c738ddbc1f68bcf64
6e1599484899609457513626a439ae86b7b8ffcdfa30ab556fa306de5faca728
6e852d42516fb0a46bc60bcaf11fd079d36f8580a38239e0c058d3676b80af6f
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36
724980b2f5e554f7a65a4d4d4ba209ef43d6cc02a51335d566958d0ce233fb3a
74266e76ba042b42787cb323fa9f437ec7cb4fb8a2b54bfe5a8d303727c4369d
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
75e911e2a8db4e07a70f22de176d959fc4bbd034c6e4232b7b57617838e07874
767d44b7ea55c357f7b19bc0b86cea7167236e5c2b44872b3d9d3c97e525d2e8
7742a35c163f4089a588cb327b1df3d88018ed26a8d49c90a516588eea9ac143
7868467c94a5aa0b3f11ef542f45287967f9627b3b5acdc86e47f8f77a126596
7884ed3ee110f0ed96f4fd84f487ffdfbd952aca0937766932b053eb1f09b79d
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7a20b371f96093be0c049b07134deb9bec533817ce791e865aaab7b60dfe4beb
7bb8f25f111a5c210d1c97b500680682cf9b39730b2a332eb5009a7af047ef56
7e28625c9340698b7968ba0cb1642f8db7a941ba0c07198bdcf7846f56ea5c99
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8037aae9cfab224b75b37ab2aa6a870146fdfa1c9ebae15523fda78ab9b270fc
807e8eef08eb8327812a2120239b3bff0b78205db862bb62e8510527ba3c7656
81c2cbe50044dac07e1ac9ea9841ac415bdc38dd2f6b915ab044bf69ee71c628
82a080c9cc1de7a4ed1887f97dba5057fb14017f15e08ddc4c4ecb6e623c3377
82d2dc44aae1eda52abc17afd30c6031b7175c13ee6955410164c66ae755adfb
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84703f2f990b5e1b6c0e0ea13a5dfa56515ef4cb1f183a053a4abaab036d3daa
85297a9778e3138e5c9393984e9a5fc6dbce360e5017087bfe160c67ed2462af
8707089168b73b7cd96350ead9ba151998c91a2ec5235e5c7f3dca85a0d4309c
88db56f3db4253b3fbff67c7f0c5a96687ae5951add8f3e9702b36045943cb0c
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d26410844b58ad0841c37651e4d9aae3248a85b32e7e0dba5bd01e9d2a2974d
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dcc1beab58e7315392e4371eaf02041138288ab7b329fa2403894f60e5f65f4
8ec3cdfcdc79223ee04ed060812314854cb3b3d9d1914390c755934366fc3693
8f7932dec2f08aa32a08ae07f1b532561b865d64a92133763ac01d456220014e
915327f6b6815a22f4e1fc70ee61855342bd946af70f0f78c64da6f801b89a00
9274c1a7129f442f1e35d9700751cb05981b1d4286302abb84417be65e624f39
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068
97ce4e98f3a3be297f48ebd5b771e74928f31754d43324fd795d1cd81cc41b35
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9961e32d2cc313d516ad15b8b436973923c5632d6159cc0a8b4889debc60ad97
9a4eb2c9445287c34cb0a9ed5cc673460362483f0855bc91f8230dfa46a955e1
9afd12dd53317329dd5eebf0f55a47c9f9e6a2230e41be50d85c4b5ca6ffa29b
9c79d6c40fcaa89df0b7dd1b9ce3436768df4917a3f6b934b4bb5240ba3f8e4e
9eb820e620503c6d291c0ba91810f58aedf367b24a443a662654761a7b82ab88
9ffbfa02b53c9e42834db0edebc350a07476d524d1688e59a5fed4a3da2a1447
9ffc69d6aed132e976d1c036a900dda8ec34c719ef05ef7d3de22477b922547b
a014bd94936853ae7b5ca458265d3aa32908e5623c46d2fe819c009373754df3
a05a87cc997c4972e63a45c5a508b3968a43a1dd3e3f038e4193a136e38777b4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a1c9a21ede44774a26110c312c2c5398e074132f6e243011c15b4bfd660702ab
a4d505270310483ef128eeb6da36a78f853e7bd80f23934c00ec550f240892dd
a7b6ac83d0a5dbb3a50fb28ff292d09cdd262834c50beb293d9aad1550eac5a1
a7e4c98842ea2078f5ff1404c580b4bd3bb59c6c356fb9c2b74b4a31db688275
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
aaf3d816eff8bdd9c4304412db65b6e9394f2c20ab902450baea1dba76ef4f4c
ab7202afb005a049d338a5966222e11485955f144d8ffcc237ed46a73c57888e
add4400980125165d8125294944eb910e951f05af198801665a1e7d2c0bd576c
aed12eff7e7796c182fc14917b37963f5f5b8fabfb5985a13acebaa5de83407a
afdaf4fc3a8230cf1dd665db50b472d7cf1c8aa134b9aeedb7df883bd24fbaab
aff3eee4d52737b6819c3bbba7ccdede3b72b1901b86770bbd87c2787e759667
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b264a2787c17d1a93cda47266c6557039f2478ddd1d8dbbed5527ad757920b3c
b56854b2feab76851e44cda448ae467094f921d98e3db4eca17c96ea11952611
b63e057ee460c341004441dbefd9de5eeb9a75eb28c9c5242990554188453df0
b66bb2d7ab34e9461816f4bfca95e6751cf29c81f8132a24733b4db381f0f1ef
b84677c9d507861ede2db86349957b3fff926d3857fb11595ab96d8866314798
b9c9a3785a696cbec46facfd1d63bc9ace79409ed2e3aa881238d7b3cdea9b97
bc4a6950662e216b3ca13c8e4a2cd0bf2ef9447ca4524aeede040d29b636ab90
c0491d4c3be6d601c4bdc6fbc2be7c476660a70a961e91be1c41f2b20030fc64
c1a9a3e223bad631dff12d33b5499eb145cb08d8621c20d9d73870e78d97afe4
c20e938074f0ac902cd68c11605dcdb0fa8c337a05a37f22b0003b7e1cb5080e
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2ecff291918a3caf0b7e470323e89f2a1f05b92e12a10649e598cacebe62acf
c4bb5b20146a15b4dc100b09133c80afcf7456f5f00d836aa7d2f9d736ccbf56
c5ce58dbddc6ace071c45efb5f5f45806f31ccb272867a0c92ad58585f8e4cf1
c6e243d760551a3a2e65cc602b46589d33714df21c083bd9948b631c1cf9450f
c7fffffaf60b8c9ba8bc76e763e2d421fb8964e8de4d64f7ddde785e6907327e
c87b7f745cfb4a994801488584e6e0e78d6c4f0ad567e985a781fc0b86074724
c8f46f3a4470800a0a5ce4e0ad6d4d0c2a8dcd3a5cd8af71e0767b8c49afa876
c905a799c91593b68a840f7aae0bd411b7f0d2d475c8f5f5a780d54018fb61b8
ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f
caf62570da3489e34fc0704b8b0430b7e1279026c4f9dc653ac824a6cca04b05
cd0b7385c8a691d9b2e7af11f3fbe1e7b1f42ecf11531882594908bf4a1b830e
ce33ba52109f9edb4cd12361219cd57b2621598b913c8ddde88ce90671e5b099
ce94d17e63ad798a279cc65324e6df976a9e86ac410665a019a02daac0cd97f1
cebe87559cf861d01e9c6b1cefd38ab1db9e13c8fe316b85a296b6cf220f883e
cf103958d2848a336c46102c8f10daea4566f623facb9825943eb0899925967a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d2323f0eab8fea50abf841184d3266c331022e7e49e80e24f76f18bfd060d005
d2c0f0db9c59c91e6cea322f7a505c64a7226394004aaf280a43500cce2ee624
d35faa1c0b45cc142295ae07a0c6e6e7824e0e64b58b81a83e7850251586e0df
d3882f356c0b3f72917c2ee39e2c5f47d2c7bbb28f31a9093d739a66652866e5
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f
d3d3df6971ef0f91fd8a590bfcb75068af657fab8f014358cb886337b589265f
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
d792afdac7f7ae5de7c6964950c6c61dc6e3f3813180a59e141c7cb4ac4364dc
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
d9185c606398d40a48d24ef32c1c7ab20c472390b5ed9daa2e190c9b2eaba492
d976f2f527edb9e293e8595bb9eb6c37383685f995a006f0854604cf8d93e8ef
dbd29dd7a21559b570910e7b58a6179318d3b7c93dfd11e76a2e650e55ab4710
dc50c28f1db50dbce579d4738a0e55001a5f954df3307ca5d502f42202d1d05c
dcf7f9fff97e3e057c1f62718b09e84e7b28b0bc599721ce009e71f12a84e27b
ddfd863e880836fa1d6f036411499658e8a3a0296f90e94db3416fe4853dcc64
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e00967719a72e53adae7ef6b740698d0d9398ab6c9882916bd07ef08c737d84d
e08f26d48b863ef9558a7a91fef68d7e91e0fc68dbba416c7a7157c248d1d441
e16c1a19f5b378301e1afb3466bb6658c2541bb7eeeb318f049cd0b7876e3a40
e253689b1615427bc504f72b43fdf6120cf967ac79dfd40107704438b7b28d31
e326968c45db7b36ab908ee334082ce785e4643617ba156bd69fea691177cfbe
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4818942c1c353c9bb10fb372edb8a98493ef7d88f74016963a7cf6fb4b341b7
e5e9bb24ae7c06f8c03e85e337e60442ed5a57d2b7aa5482b3fd4e641baae335
e8cf20f6e98c91ff5a877209649b0839bb06e5751793babfb0dbbbb60a9e811a
ea54ce101c12ac192252fd1c00e0b6691ae23b4d6ee1f9589839f89a89341ef9
ecd8730c2807babfabea9e405e2d8c12619934834aa127235980fc951906bfbe
ed65b39005c1bddba1ba1dacc2d987acd5643be5054b11b923db0497aa47f79a
eede07af324df385f71fb5bd362086fa92890516cf99d0ef0f8bb4df4e14902a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f194cfb91c435caaf3f7a12f8c08d7a7c8c4755dbe7787f8342fc278e206b0b1
f30416693bbcafb7c6ccfd5fcb10b789150ee3d0d7d8e1b2d4d16cd46ff5e4f8
f3148da8993ca4f39229962619112e87cc971945efae37c2d6af00a2e6649f8f
f3f618c26ed3a3b83a520a46588a4fce7b5b50eb71720dbb029c59beb8e8116e
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f61448deedc4107d0ebdda233fdfb49dc52f31a721859f90b724f490865a7e0d
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f822d2488a72b1af90efb80b46743ab37c0ff2e37eadee4f3733d7fc4a163b2d
f8ddf93c5cf5aa9a520859bab84bdae6763b4df7b126ef7abc07926fcb0584ed
f8e18fa372ec7256c5c038536e1154b55a0073152a6fa6224b31d3f5d8a3e595
f981cd12a95a3d5cd29fed7b0e95e8b292061ca5d5237ff572d0b88e6894aaef
fa8169d930c422d887710e1985d3b025973b7eb370295b66b64b2cbefd3e8861
fae0321e6d2700288a4e66c2b69744ba4cac5abbdcfcdb8b77f5c95ce803875b
fae79a2ed6930017122b4c6e27b7031d8bc5dec66f5e6198c4919a0c549c9a64
fbc58176d281ddc0caa4af91ba0154a26d901cf3481ba9964c1e4804a4075c12
fc6331841715263ae056f785114a5ab1e48d8298bd2898470ce16eb6ea974ca7
fc64f40907557bc58d142718cfb123e3db8f03efc08b60bd3d0966a62c9c1e0d
fde0fa74a4cd0de48b236dc1a15bffd4a3c5364fd4797d8a7886721e8534bf4f
feb16b2155b0e928d6b042e2f51bdae41580afd66888402dc1ec151cea6690d9
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff6d2eec4e3ca80fb616c3cf49e83f4c5c44fa1a4e0bc202392684144d84fe43