URL: https://preprod.citizensvoice.com/
Submission: On September 24 via automatic, source certstream-suspicious — Scanned from DE

Summary

This website contacted 25 IPs in 6 countries across 20 domains to perform 50 HTTP transactions. The main IP is 192.0.66.112, located in San Francisco, United States and belongs to AUTOMATTIC, US. The main domain is preprod.citizensvoice.com.
TLS certificate: Issued by E5 on September 24th 2024. Valid for: 3 months.
This is the only time preprod.citizensvoice.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
14 192.0.66.112 2635 (AUTOMATTIC)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 23.38.98.114 20940 (AKAMAI-ASN1)
2 192.0.76.3 2635 (AUTOMATTIC)
2 2a00:1450:400... 15169 (GOOGLE)
2 142.250.186.163 15169 (GOOGLE)
1 23.213.164.238 16625 (AKAMAI-AS)
1 52.36.224.135 16509 (AMAZON-02)
1 63.34.212.217 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2620:116:800d... 16509 (AMAZON-02)
1 2600:9000:275... 16509 (AMAZON-02)
1 3 18.244.18.122 16509 (AMAZON-02)
1 4 2a02:2638:3::c 44788 (ASN-CRITE...)
2 162.19.138.83 16276 (OVH)
1 54.228.75.221 16509 (AMAZON-02)
1 35.71.131.137 16509 (AMAZON-02)
1 2001:4860:480... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 216.58.212.163 15169 (GOOGLE)
5 172.217.16.206 15169 (GOOGLE)
1 162.19.138.119 16276 (OVH)
1 185.64.189.226 62713 (AS-PUBMATIC)
50 25
Apex Domain
Subdomains
Transfer
14 citizensvoice.com
preprod.citizensvoice.com
222 KB
7 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 52
22 KB
4 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 471
mug.criteo.com — Cisco Umbrella Rank: 3419
1 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 194
853 B
2 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 555
1 KB
2 postrelease.com
postrelease.com — Cisco Umbrella Rank: 1006
jadserve.postrelease.com — Cisco Umbrella Rank: 1211
606 B
2 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 597
t.pubmatic.com — Cisco Umbrella Rank: 2983
87 KB
2 gstatic.com
fonts.gstatic.com
81 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 57
264 KB
2 wp.com
stats.wp.com — Cisco Umbrella Rank: 3846
pixel.wp.com — Cisco Umbrella Rank: 3792
3 KB
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 46
ajax.googleapis.com — Cisco Umbrella Rank: 454
32 KB
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 998
308 B
1 google.de
www.google.de — Cisco Umbrella Rank: 9833
63 B
1 doubleclick.net
stats.g.doubleclick.net — Cisco Umbrella Rank: 152
251 B
1 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 4111
1 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 413
428 B
1 crwdcntrl.net
id.crwdcntrl.net — Cisco Umbrella Rank: 2951
323 B
1 liadm.com
b-code.liadm.com — Cisco Umbrella Rank: 4125
43 KB
1 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1614
10 KB
1 ntv.io
s.ntv.io — Cisco Umbrella Rank: 4445
183 KB
50 20
Domain Requested by
14 preprod.citizensvoice.com preprod.citizensvoice.com
7 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 sb.scorecardresearch.com 1 redirects preprod.citizensvoice.com
2 id5-sync.com ads.pubmatic.com
2 mug.criteo.com
2 gum.criteo.com 1 redirects
2 fonts.gstatic.com fonts.googleapis.com
2 www.googletagmanager.com preprod.citizensvoice.com
www.googletagmanager.com
1 t.pubmatic.com ads.pubmatic.com
1 lb.eu-1-id5-sync.com ads.pubmatic.com
1 www.google.de preprod.citizensvoice.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 match.adsrvr.org ads.pubmatic.com
1 id.crwdcntrl.net ads.pubmatic.com
1 b-code.liadm.com www.googletagmanager.com
1 secure.quantserve.com www.googletagmanager.com
1 jadserve.postrelease.com s.ntv.io
1 postrelease.com s.ntv.io
1 ads.pubmatic.com s.ntv.io
1 pixel.wp.com preprod.citizensvoice.com
1 stats.wp.com preprod.citizensvoice.com
1 s.ntv.io preprod.citizensvoice.com
1 ajax.googleapis.com preprod.citizensvoice.com
1 fonts.googleapis.com preprod.citizensvoice.com
50 25

This site contains no links.

Subject Issuer Validity Valid
preprod.citizensvoice.com
E5
2024-09-24 -
2024-12-23
3 months crt.sh
upload.video.google.com
WR2
2024-08-26 -
2024-11-18
3 months crt.sh
*.ntv.io
DigiCert TLS RSA SHA256 2020 CA1
2024-07-31 -
2025-07-31
a year crt.sh
*.wp.com
Sectigo ECC Domain Validation Secure Server CA
2023-11-28 -
2024-12-28
a year crt.sh
*.google-analytics.com
WR2
2024-08-26 -
2024-11-18
3 months crt.sh
*.gstatic.com
WR2
2024-08-26 -
2024-11-18
3 months crt.sh
*.pubmatic.com
DigiCert TLS RSA SHA256 2020 CA1
2023-11-26 -
2024-11-26
a year crt.sh
*.postrelease.com
Amazon RSA 2048 M03
2024-07-31 -
2025-08-30
a year crt.sh
quantserve.com
R11
2024-08-23 -
2024-11-21
3 months crt.sh
*.liadm.com
Amazon RSA 2048 M03
2023-12-02 -
2024-12-29
a year crt.sh
*.scorecardresearch.com
Sectigo RSA Organization Validation Secure Server CA
2023-12-11 -
2024-12-10
a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1
2024-09-24 -
2024-12-25
3 months crt.sh
*.id5-sync.com
E5
2024-09-01 -
2024-11-30
3 months crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M03
2024-09-08 -
2025-10-08
a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020
2024-04-23 -
2025-05-25
a year crt.sh
*.g.doubleclick.net
WR2
2024-08-26 -
2024-11-18
3 months crt.sh
*.google.de
WR2
2024-08-26 -
2024-11-18
3 months crt.sh
*.eu-1-id5-sync.com
R10
2024-09-01 -
2024-11-30
3 months crt.sh

This page contains 2 frames:

Primary Page: https://preprod.citizensvoice.com/
Frame ID: B7440367BDBC61BA4644F0D22D64C3F0
Requests: 47 HTTP requests in this frame

Frame: https://postrelease.com/iframes/topics.html
Frame ID: 88970A1B9EAEF54AA574EA8C41D60B42
Requests: 1 HTTP requests in this frame

Screenshot

Page Title

Wilkes-Barre Citizens' Voice

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/

Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js

Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js

Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com

Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js

Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

50
Requests

94 %
HTTPS

38 %
IPv6

20
Domains

25
Subdomains

25
IPs

6
Countries

982 kB
Transfer

3375 kB
Size

13
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 31
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpreprod.citizensvoice.com%2F&domain=preprod.citizensvoice.com&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=THT6VnxRS0lKRE5zSzF0WkF3cG5FNUdIMnprMzlFakFZTk9ydzRiWUY0dWhQSE8yNG8zZXFuVTl4amFqemsyaEZVNisyL1lNTW9RMzBQSlR3ZlQrU1pDUjdEeHVHN0xFbXpRdTV2eU5NeVlpVnBvQ3VoMU5vazQ4TDVNNmN1MnA0REVGOSsvZUFGb2pybXlYQlJjbGZHZC9Gdnc0K0hEQ251dk5uaUdFZjhwTzk4ckE3MTBnYi9ZRUU4bVFlZDZoUDkzQXRiTlBWZFQvRHVGRlFjS0FDYkdFR3VKNldHRndCeE5sM0pDak9xY2dWc2dFS1NkSnZIaE5kNUt0T1prMmNKUUxITTFpdkJIWUEvRDhjMTd0WUJpeC9Udz09fA&cppv=2
Request Chain 42
  • https://sb.scorecardresearch.com/c2/6035443/cs.js HTTP 302
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js

50 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
preprod.citizensvoice.com/
56 KB
14 KB
Document
General
Full URL
https://preprod.citizensvoice.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.112 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
2dbf3dda9aaefcc8506629cc6ffdbf24ba30300b26458f716b188027b71edc55
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: data: blob: wss://realtimeeventfeeds.viafoura.co wss://sub.viafoura.co; media-src blob: data: https:; object-src https:; child-src https: data: blob:; upgrade-insecure-requests; block-all-mixed-content;

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
cache-control
max-age=300, must-revalidate
content-encoding
br
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: data: blob: wss://realtimeeventfeeds.viafoura.co wss://sub.viafoura.co; media-src blob: data: https:; object-src https:; child-src https: data: blob:; upgrade-insecure-requests; block-all-mixed-content;
content-type
text/html; charset=UTF-8
date
Tue, 24 Sep 2024 18:38:09 GMT
host-header
a9130478a60e5f9135f765b23f26593b
link
<https://preprod.citizensvoice.com/wp-json/>; rel="https://api.w.org/"
server
nginx
vary
Accept-Encoding
x-cache
MISS
x-hacker
If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by
WordPress VIP <https://wpvip.com>
x-robots-tag
noindex, nofollow
x-rq
hhn1 111 254 443
/
preprod.citizensvoice.com/_static/
793 B
482 B
Stylesheet
General
Full URL
https://preprod.citizensvoice.com/_static/??/wp-content/themes/wp-mason/static/css/osano-custom.css,/wp-content/client-mu-plugins/src/Sitemap/includes/style.css?m=1726941611
Requested by
Host: preprod.citizensvoice.com
URL: https://preprod.citizensvoice.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.112 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
5cac9367b11594280628142b59a38fcb6ec8fad5896fd69b92ea2b3345b4cb6c

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://preprod.citizensvoice.com/

Response headers

cache-control
max-age=31536000
content-encoding
br
x-rq
hhn1 111 253 443
accept-ranges
bytes
x-cache
MISS
date
Tue, 24 Sep 2024 18:38:09 GMT
content-type
text/css;charset=utf-8
vary
Accept-Encoding
server
nginx
last-modified
Sat, 21 Sep 2024 18:00:11 GMT
mobile-adhesion-style.css
preprod.citizensvoice.com/wp-content/client-mu-plugins/src/Ads/assets/css/
1 KB
594 B
Stylesheet
General
Full URL
https://preprod.citizensvoice.com/wp-content/client-mu-plugins/src/Ads/assets/css/mobile-adhesion-style.css?m=1670265514g
Requested by
Host: preprod.citizensvoice.com
URL: https://preprod.citizensvoice.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.112 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
6ef1aa2d1945fd9fb1bd4eb00c603d868f89477a33e9ec2ef7c7035c5a16df31

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://preprod.citizensvoice.com/

Response headers

cache-control
max-age=31536000
content-encoding
br
x-rq
hhn1 111 253 443
etag
W/"638e3aaa-441"
accept-ranges
bytes
x-cache
MISS
date
Tue, 24 Sep 2024 18:38:09 GMT
content-type
text/css
last-modified
Mon, 05 Dec 2022 18:38:34 GMT
server
nginx
vary
Accept-Encoding
css
fonts.googleapis.com/
17 KB
2 KB
Stylesheet
General
Full URL
https://fonts.googleapis.com/css?family=Noto+Sans%3A400%2C700%7CNoto+Serif%3A400%2C400i%2C700%2C700i%7CArvo%3A400%2C400i%2C700%2C700i&ver=6.6.2
Requested by
Host: preprod.citizensvoice.com
URL: https://preprod.citizensvoice.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d0e11a13fc8611dd1a1a364b9ef9581faa85b762ebb3820517600b499b3f21cf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://preprod.citizensvoice.com
Referer
https://preprod.citizensvoice.com/

Response headers

content-encoding
gzip
x-content-type-options
nosniff
expires
Tue, 24 Sep 2024 18:38:09 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Sep 2024 18:38:09 GMT
content-type
text/css; charset=utf-8
last-modified
Tue, 24 Sep 2024 18:38:09 GMT
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
x-xss-protection
0
server
ESF
/
preprod.citizensvoice.com/_static/
888 KB
169 KB
Stylesheet
General
Full URL
https://preprod.citizensvoice.com/_static/??/wp-content/themes/assets/static/css/boldcoastal.css,/wp-content/mu-plugins/jetpack-13.8/css/jetpack.css?m=1727113295
Requested by
Host: preprod.citizensvoice.com
URL: https://preprod.citizensvoice.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.112 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1dabb37e2e981b4a0cebe7095bde30783fd105011da52d1f3894c468b8ebba75

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://preprod.citizensvoice.com/

Response headers

cache-control
max-age=31536000
content-encoding
br
x-rq
hhn1 111 254 443
accept-ranges
bytes
x-cache
MISS
date
Tue, 24 Sep 2024 18:38:11 GMT
content-type
text/css;charset=utf-8
vary
Accept-Encoding
server
nginx
last-modified
Mon, 23 Sep 2024 17:41:35 GMT
sso-tools.min.js
preprod.citizensvoice.com/wp-content/client-mu-plugins/src/SSO/assets/js/
11 KB
2 KB
Script
General
Full URL
https://preprod.citizensvoice.com/wp-content/client-mu-plugins/src/SSO/assets/js/sso-tools.min.js?m=1726941611g
Requested by
Host: preprod.citizensvoice.com
URL: https://preprod.citizensvoice.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.112 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ff8bbeed09c55ffbff2607d7e8751d9889df3a3bd6f213f0e5607246fa89e17b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://preprod.citizensvoice.com/

Response headers

cache-control
max-age=31536000
content-encoding
br
x-rq
hhn1 111 254 443
etag
W/"66ef09ab-2b55"
accept-ranges
bytes
x-cache
MISS
date
Tue, 24 Sep 2024 18:38:09 GMT
content-type
application/javascript
last-modified
Sat, 21 Sep 2024 18:00:11 GMT
server
nginx
vary
Accept-Encoding
79d6114c-6f77-4960-835c-d3eca9a369df
https://preprod.citizensvoice.com/ Frame
0
0

jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.5.1/
87 KB
31 KB
Script
General
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.5.1/jquery.min.js?ver=3.5.1
Requested by
Host: preprod.citizensvoice.com
URL: https://preprod.citizensvoice.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://preprod.citizensvoice.com/

Response headers

content-encoding
gzip
age
37643
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
x-content-type-options
nosniff
expires
Wed, 24 Sep 2025 08:10:46 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Sep 2024 08:10:46 GMT
last-modified
Fri, 08 May 2020 07:05:03 GMT
content-type
text/javascript; charset=UTF-8
vary
Accept-Encoding
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
accept-ranges
bytes
access-control-allow-origin
*
content-length
31021
x-xss-protection
0
server
sffe
osano-custom.js
preprod.citizensvoice.com/wp-content/themes/wp-mason/static/js/
170 B
364 B
Script
General
Full URL
https://preprod.citizensvoice.com/wp-content/themes/wp-mason/static/js/osano-custom.js?m=1726941611g
Requested by
Host: preprod.citizensvoice.com
URL: https://preprod.citizensvoice.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.112 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
af4f1c75a83db62f0501567679807463810efe73aa3f46c6f932542bef587cb1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://preprod.citizensvoice.com/

Response headers

cache-control
max-age=31536000
x-rq
hhn1 111 254 443
etag
"66ef09ab-aa"
accept-ranges
bytes
x-cache
MISS
content-length
170
date
Tue, 24 Sep 2024 18:38:09 GMT
content-type
application/javascript
last-modified
Sat, 21 Sep 2024 18:00:11 GMT
server
nginx
ads.js
preprod.citizensvoice.com/wp-content/themes/wp-mason/static/js/
87 B
280 B
Script
General
Full URL
https://preprod.citizensvoice.com/wp-content/themes/wp-mason/static/js/ads.js?ver=1.0
Requested by
Host: preprod.citizensvoice.com
URL: https://preprod.citizensvoice.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.112 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
b36d838681171ab6906d3206d2fd6cc17a7a7a5867213c7595fe0865aeb9e969

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://preprod.citizensvoice.com/

Response headers

cache-control
max-age=31536000
x-rq
hhn1 111 253 443
etag
"638e3aac-57"
accept-ranges
bytes
x-cache
MISS
content-length
87
date
Tue, 24 Sep 2024 18:38:09 GMT
content-type
application/javascript
last-modified
Mon, 05 Dec 2022 18:38:36 GMT
server
nginx
/
preprod.citizensvoice.com/_static/
70 KB
20 KB
Script
General
Full URL
https://preprod.citizensvoice.com/_static/??/wp-content/themes/assets/static/js/polyfills.min.js,/wp-content/themes/assets/static/js/boldcoastal.min.js?m=1727108438j
Requested by
Host: preprod.citizensvoice.com
URL: https://preprod.citizensvoice.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.112 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1e0965dbbf100802215f3bfe869c335f13e862186d29073806dc33625af171bb

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://preprod.citizensvoice.com/

Response headers

cache-control
max-age=31536000
content-encoding
br
x-rq
hhn1 111 254 443
accept-ranges
bytes
x-cache
MISS
date
Tue, 24 Sep 2024 18:38:09 GMT
content-type
application/javascript
vary
Accept-Encoding
server
nginx
last-modified
Mon, 23 Sep 2024 16:20:38 GMT
load.js
s.ntv.io/serve/
584 KB
183 KB
Script
General
Full URL
https://s.ntv.io/serve/load.js
Requested by
Host: preprod.citizensvoice.com
URL: https://preprod.citizensvoice.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.38.98.114 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-38-98-114.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
b47571fc38b5dceaeb464210fa494e12926d5943fb7cbc4d5c2c52e3910ef11d

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://preprod.citizensvoice.com/

Response headers

Content-Encoding
gzip
ETag
"8cc3985dac4c7fa4cb716e292a20d86f"
Access-Control-Allow-Methods
GET
Date
Tue, 24 Sep 2024 18:38:09 GMT
Last-Modified
Mon, 23 Sep 2024 22:16:31 GMT
Vary
Accept-Encoding
Content-Type
application/x-javascript
x-amz-id-2
BJrBjLNJYLzbM0ISiSXIaL+X2WVzuLLe8EWsFcmBKilJJEtfA/s5eS7yohRXaZ8axHNkUtQtT48=
Transfer-Encoding
chunked
Access-Control-Allow-Headers
*
Cache-Control
public, max-age=3600
Connection
keep-alive, Transfer-Encoding
x-amz-request-id
G4H3S2H1FAJ8WDTJ
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Server
AmazonS3
x-amz-server-side-encryption
AES256
logo-img-attr.min.js
preprod.citizensvoice.com/wp-content/themes/wp-mason/static/js/
178 B
372 B
Script
General
Full URL
https://preprod.citizensvoice.com/wp-content/themes/wp-mason/static/js/logo-img-attr.min.js?m=1703780155g
Requested by
Host: preprod.citizensvoice.com
URL: https://preprod.citizensvoice.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.112 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a5967883c65d3ba40dad64176a4c6abbb541ae08e20b34f01190468199e1ccff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://preprod.citizensvoice.com/

Response headers

cache-control
max-age=31536000
x-rq
hhn1 111 253 443
etag
"658d9f3b-b2"
accept-ranges
bytes
x-cache
MISS
content-length
178
date
Tue, 24 Sep 2024 18:38:09 GMT
content-type
application/javascript
last-modified
Thu, 28 Dec 2023 16:15:55 GMT
server
nginx
e-202439.js
stats.wp.com/
7 KB
3 KB
Script
General
Full URL
https://stats.wp.com/e-202439.js
Requested by
Host: preprod.citizensvoice.com
URL: https://preprod.citizensvoice.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
5badd609a51ede5bab5b89534fc3011a4dd1ab487cc7081d7cf38479bcbab855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://preprod.citizensvoice.com/

Response headers

cache-control
max-age=31536000
content-encoding
br
x-nc
HIT hhn
etag
W/14421-1717166113627.1218
x-minify
t
x-minify-cache
hit
access-control-allow-methods
GET, HEAD
expires
Sun, 21 Sep 2025 12:07:34 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
date
Tue, 24 Sep 2024 18:38:09 GMT
content-type
application/javascript
vary
Accept-Encoding
server
nginx
gtm.js
www.googletagmanager.com/
695 KB
165 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TLFP4R
Requested by
Host: preprod.citizensvoice.com
URL: https://preprod.citizensvoice.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
bf1b4de270602e082ca70c0e8f3c4d02a49fd842577680105a5ba877c7940345
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://preprod.citizensvoice.com/

Response headers

content-encoding
gzip
expires
Tue, 24 Sep 2024 18:38:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Sep 2024 18:38:11 GMT
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
last-modified
Tue, 24 Sep 2024 18:00:00 GMT
access-control-allow-headers
Cache-Control
strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
access-control-allow-origin
*
content-length
167954
x-xss-protection
0
server
Google Tag Manager
common-async.chunk.min.js
preprod.citizensvoice.com/wp-content/themes/assets/static/js/
46 KB
6 KB
Script
General
Full URL
https://preprod.citizensvoice.com/wp-content/themes/assets/static/js/common-async.chunk.min.js
Requested by
Host: preprod.citizensvoice.com
URL: https://preprod.citizensvoice.com/_static/??/wp-content/themes/assets/static/js/polyfills.min.js,/wp-content/themes/assets/static/js/boldcoastal.min.js?m=1727108438j
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.112 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f5c38a1ee16dc10ffdc63b0fad80055741dc4d1ca94bf691b054626c3b084e21

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://preprod.citizensvoice.com/

Response headers

cache-control
max-age=31536000
content-encoding
br
x-rq
hhn1 111 253 443
etag
W/"66f19556-b8c3"
accept-ranges
bytes
x-cache
MISS
date
Tue, 24 Sep 2024 18:38:11 GMT
content-type
application/javascript
last-modified
Mon, 23 Sep 2024 16:20:38 GMT
server
nginx
vary
Accept-Encoding
boldcoastal-async.chunk.min.js
preprod.citizensvoice.com/wp-content/themes/assets/static/js/
3 KB
2 KB
Script
General
Full URL
https://preprod.citizensvoice.com/wp-content/themes/assets/static/js/boldcoastal-async.chunk.min.js
Requested by
Host: preprod.citizensvoice.com
URL: https://preprod.citizensvoice.com/_static/??/wp-content/themes/assets/static/js/polyfills.min.js,/wp-content/themes/assets/static/js/boldcoastal.min.js?m=1727108438j
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.112 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
a6f335796c627bd677b0232c8d791f9b0eca4c356b8d64a69e8c74da86187886

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://preprod.citizensvoice.com/

Response headers

cache-control
max-age=31536000
content-encoding
br
x-rq
hhn1 111 254 443
etag
W/"66f19556-ccf"
accept-ranges
bytes
x-cache
MISS
date
Tue, 24 Sep 2024 18:38:11 GMT
content-type
application/javascript
last-modified
Mon, 23 Sep 2024 16:20:38 GMT
server
nginx
vary
Accept-Encoding
truncated
/
29 KB
29 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c2ad103f45a8d1684a0be752a18c156ec4555b9cbd0893cfffddc800c3753eac

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://preprod.citizensvoice.com
Referer

Response headers

Content-Type
font/truetype
o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2
fonts.gstatic.com/s/notosans/v36/
38 KB
39 KB
Font
General
Full URL
https://fonts.gstatic.com/s/notosans/v36/o-0bIpQlx3QUlC5A4PNB6Ryti20_6n1iPHjc5a7duw.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans%3A400%2C700%7CNoto+Serif%3A400%2C400i%2C700%2C700i%7CArvo%3A400%2C400i%2C700%2C700i&ver=6.6.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
91c01ec0de315f973f4c00041b7ae25e1a790cedff79a6fbb56c571bba379142
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://preprod.citizensvoice.com
Referer
https://fonts.googleapis.com/

Response headers

age
36747
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 24 Sep 2025 08:25:44 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Sep 2024 08:25:44 GMT
last-modified
Wed, 14 Feb 2024 22:43:09 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
39412
x-xss-protection
0
server
sffe
ga6daw1J5X9T9RW6j9bNVls-hfgvz8JcMofYTYf6D30.woff2
fonts.gstatic.com/s/notoserif/v23/
42 KB
42 KB
Font
General
Full URL
https://fonts.gstatic.com/s/notoserif/v23/ga6daw1J5X9T9RW6j9bNVls-hfgvz8JcMofYTYf6D30.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Noto+Sans%3A400%2C700%7CNoto+Serif%3A400%2C400i%2C700%2C700i%7CArvo%3A400%2C400i%2C700%2C700i&ver=6.6.2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s08-in-f3.1e100.net
Software
sffe /
Resource Hash
9d3959df4ebd84904a1622b6d7c9728f487e0c4d372f9bc2f59d0c480702f9c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Origin
https://preprod.citizensvoice.com
Referer
https://fonts.googleapis.com/

Response headers

age
38340
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
x-content-type-options
nosniff
expires
Wed, 24 Sep 2025 07:59:11 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Sep 2024 07:59:11 GMT
last-modified
Tue, 24 Oct 2023 00:59:26 GMT
content-type
font/woff2
cache-control
public, max-age=31536000
timing-allow-origin
*
cross-origin-opener-policy
same-origin; report-to="apps-themes"
cross-origin-resource-policy
cross-origin
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
accept-ranges
bytes
access-control-allow-origin
*
content-length
43212
x-xss-protection
0
server
sffe
undefined
preprod.citizensvoice.com/
3 KB
3 KB
Image
General
Full URL
https://preprod.citizensvoice.com/undefined
Requested by
Host: preprod.citizensvoice.com
URL: https://preprod.citizensvoice.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.112 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx / WordPress VIP <https://wpvip.com>
Resource Hash
8ed222207f4d24a1193ebe769257bebc1bb79053626d1e93ad536c12eb3cc438
Security Headers
Name Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: data: blob: wss://realtimeeventfeeds.viafoura.co wss://sub.viafoura.co; media-src blob: data: https:; object-src https:; child-src https: data: blob:; upgrade-insecure-requests; block-all-mixed-content;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://preprod.citizensvoice.com/

Response headers

x-robots-tag
noindex, nofollow
link
<https://preprod.citizensvoice.com/wp-json/>; rel="https://api.w.org/"
content-security-policy
default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: data: blob: wss://realtimeeventfeeds.viafoura.co wss://sub.viafoura.co; media-src blob: data: https:; object-src https:; child-src https: data: blob:; upgrade-insecure-requests; block-all-mixed-content;
content-encoding
br
x-rq
hhn1 111 254 443
x-cache
MISS
date
Tue, 24 Sep 2024 18:38:11 GMT
host-header
a9130478a60e5f9135f765b23f26593b
content-type
text/html; charset=UTF-8
x-powered-by
WordPress VIP <https://wpvip.com>
vary
Accept-Encoding
server
nginx
x-hacker
If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
g.gif
pixel.wp.com/
50 B
177 B
Image
General
Full URL
https://pixel.wp.com/g.gif?v=ext&blog=235470529&post=0&tz=0&srv=preprod.citizensvoice.com&hp=vip&j=1%3A13.8.1&host=preprod.citizensvoice.com&ref=&fcp=0&rand=0.4090349678729692
Requested by
Host: preprod.citizensvoice.com
URL: https://preprod.citizensvoice.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://preprod.citizensvoice.com/

Response headers

cache-control
no-cache
access-control-allow-origin
*
content-length
50
alt-svc
h3=":443"; ma=86400
date
Tue, 24 Sep 2024 18:38:11 GMT
content-type
image/gif
server
nginx
pwt.js
ads.pubmatic.com/AdServer/js/pwt/156500/13793/
274 KB
87 KB
Script
General
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/156500/13793/pwt.js
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.213.164.238 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-213-164-238.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1aa84d80aba2bc14029f0e99721c199f51cdaeb06a66aa9433f2bc4977a79f67

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://preprod.citizensvoice.com/

Response headers

cache-control
max-age=102263
content-encoding
gzip
expires
Wed, 25 Sep 2024 23:02:34 GMT
accept-ranges
bytes
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
88884
date
Tue, 24 Sep 2024 18:38:11 GMT
last-modified
Mon, 15 Jul 2024 19:01:17 GMT
content-type
application/javascript
server
Apache
vary
Accept-Encoding
topics.html
postrelease.com/iframes/ Frame 8897
0
0
Document
General
Full URL
https://postrelease.com/iframes/topics.html
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.36.224.135 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-36-224-135.us-west-2.compute.amazonaws.com
Software
AmazonS3 /
Resource Hash

Request headers

Referer
https://preprod.citizensvoice.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

accept-ranges
bytes
content-length
582
content-type
text/html
date
Tue, 24 Sep 2024 18:38:11 GMT
etag
"ec22fdd2cd0ccf11c7761864efa96c06"
last-modified
Fri, 15 Mar 2024 21:34:47 GMT
server
AmazonS3
x-amz-id-2
KCehudlxgWL0s7vsPpNwaBAHikCnMHv7EuWiPEvIHHfpGJYzvwuNgetgknfDQffhTGifqkGGsQc=
x-amz-request-id
DDN99PNY2MA0CA9A
x-amz-server-side-encryption
AES256
t
jadserve.postrelease.com/
267 B
606 B
Script
General
Full URL
https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fpreprod.citizensvoice.com%2F&ntv_mvi
Requested by
Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.212.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-212-217.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
966a8421df082b4dfde5790dbb6174025661a8a33976e431f8a4a7207e19dc90

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://preprod.citizensvoice.com/

Response headers

cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding
gzip
pragma
no-cache
expires
Mon, 1 Jan 1990 12:00:00 GMT
access-control-allow-origin
*
content-length
194
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
date
Tue, 24 Sep 2024 18:38:11 GMT
content-type
text/javascript;charset=UTF-8
server
nginx
wp-emoji-release.min.js
preprod.citizensvoice.com/wp-includes/js/
18 KB
5 KB
Script
General
Full URL
https://preprod.citizensvoice.com/wp-includes/js/wp-emoji-release.min.js?ver=6.6.2
Requested by
Host: preprod.citizensvoice.com
URL: https://preprod.citizensvoice.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.112 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://preprod.citizensvoice.com/

Response headers

cache-control
max-age=31536000
content-encoding
br
x-rq
hhn1 111 254 443
etag
W/"66e0662d-4926"
accept-ranges
bytes
x-cache
MISS
date
Tue, 24 Sep 2024 18:38:11 GMT
content-type
application/javascript
last-modified
Tue, 10 Sep 2024 15:30:53 GMT
server
nginx
vary
Accept-Encoding
js
www.googletagmanager.com/gtag/
296 KB
100 KB
Script
General
Full URL
https://www.googletagmanager.com/gtag/js?id=G-JZ6RLCL0HJ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLFP4R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
c8ddb9a3b693d383bdcb8f277e90e3908ed77f57e2e49158676b3c1edeb6bbe6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://preprod.citizensvoice.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
cache-control
private, max-age=900
content-encoding
br
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Tue, 24 Sep 2024 18:38:11 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
101841
date
Tue, 24 Sep 2024 18:38:11 GMT
x-xss-protection
0
content-type
application/javascript; charset=UTF-8
vary
Accept-Encoding
server
Google Tag Manager
access-control-allow-headers
Cache-Control
analytics.js
www.google-analytics.com/
52 KB
21 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLFP4R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://preprod.citizensvoice.com/

Response headers

strict-transport-security
max-age=31536000; includeSubDomains; preload
cache-control
public, max-age=7200
content-encoding
gzip
age
4083
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Tue, 24 Sep 2024 19:30:08 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
date
Tue, 24 Sep 2024 17:30:08 GMT
last-modified
Tue, 12 Dec 2023 18:09:08 GMT
content-type
text/javascript
server
Golfe2
vary
Accept-Encoding
quant.js
secure.quantserve.com/
24 KB
10 KB
Script
General
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLFP4R
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
f2fc6772e824c1d3866a2107144edff9253211b7f35feae27aefdc3dd1d2eb89

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://preprod.citizensvoice.com/

Response headers

cache-control
private, max-age=604800
content-encoding
gzip
etag
"8gtdTWVstgyGltrNRsdTsg=="
expires
Tue, 01 Oct 2024 18:38:11 GMT
accept-ranges
bytes
date
Tue, 24 Sep 2024 18:38:11 GMT
content-type
application/javascript
vary
Accept-Encoding
0.min.js
b-code.liadm.com/
127 KB
43 KB
Script
General
Full URL
https://b-code.liadm.com/0.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TLFP4R
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:275d:1600:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e64a4b3a4b49c09052164a940fee45c872e1b926ecaa4ccb824730d56cad3198

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://preprod.citizensvoice.com/

Response headers

cache-control
public,max-age=86400
content-encoding
gzip
age
57906
via
1.1 111f802abddccd55d219ff1635e1aa4a.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-id
syf_-JGJhylFdAgYEMBrfk7BA6U7WUrJ675c79Jl376AS8dFrDurkA==
date
Tue, 24 Sep 2024 02:33:05 GMT
content-type
application/javascript
vary
Accept-Encoding
x-amz-cf-pop
FRA56-P11
b
sb.scorecardresearch.com/
0
227 B
Image
General
Full URL
https://sb.scorecardresearch.com/b?c1=2&c2=6035443&ns__t=1727203091542&ns_c=UTF-8&c8=Wilkes-Barre%20Citizens%27%20Voice&c7=https%3A%2F%2Fpreprod.citizensvoice.com%2F&c9=
Requested by
Host: preprod.citizensvoice.com
URL: https://preprod.citizensvoice.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.244.18.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-122.fra56.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://preprod.citizensvoice.com/

Response headers

via
1.1 553c17cdbfc8c5ba81390077b0e5d2d4.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
x-amz-cf-id
UTxMZdkx9N2yVAN81Iru_fIdnSmS1JET9lZbvMkEVpiPJKjXJp-hyg==
date
Tue, 24 Sep 2024 18:38:11 GMT
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA56-P11
json
gum.criteo.com/sid/ Frame
0
0
Preflight
General
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpreprod.citizensvoice.com%2F&domain=preprod.citizensvoice.com&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://preprod.citizensvoice.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://preprod.citizensvoice.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 24 Sep 2024 18:38:11 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
194596
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fpreprod.citizensvoice.com%2F&domain=preprod.citizensvoice.com&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=THT6VnxRS0lKRE5zSzF0WkF3cG5FNUdIMnprMzlFakFZTk9ydzRiWUY0dWhQSE8yNG8zZXFuVTl4amFqemsyaEZVNisyL1lNTW9RMzBQSlR3ZlQrU1pDUjdEeHVHN0xFbXpRdTV2eU5NeVlpVnBvQ3VoMU5vazQ4TDVNNm...
365 B
653 B
Fetch
General
Full URL
https://mug.criteo.com/sid?cpp=THT6VnxRS0lKRE5zSzF0WkF3cG5FNUdIMnprMzlFakFZTk9ydzRiWUY0dWhQSE8yNG8zZXFuVTl4amFqemsyaEZVNisyL1lNTW9RMzBQSlR3ZlQrU1pDUjdEeHVHN0xFbXpRdTV2eU5NeVlpVnBvQ3VoMU5vazQ4TDVNNmN1MnA0REVGOSsvZUFGb2pybXlYQlJjbGZHZC9Gdnc0K0hEQ251dk5uaUdFZjhwTzk4ckE3MTBnYi9ZRUU4bVFlZDZoUDkzQXRiTlBWZFQvRHVGRlFjS0FDYkdFR3VKNldHRndCeE5sM0pDak9xY2dWc2dFS1NkSnZIaE5kNUt0T1prMmNKUUxITTFpdkJIWUEvRDhjMTd0WUJpeC9Udz09fA&cppv=2
Protocol
H2
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
18224e939571d073e60f12abf915b73369b0eec29c7417d139cd8f9e0b28c5b5
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://preprod.citizensvoice.com/

Response headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
349757
expires
0
access-control-allow-origin
null
date
Tue, 24 Sep 2024 18:38:11 GMT
content-type
application/json; charset=utf-8
vary
Accept-Encoding
server
Kestrel

Redirect headers

strict-transport-security
max-age=31536000; preload;
cache-control
no-cache, no-store, must-revalidate
location
https://mug.criteo.com/sid?cpp=THT6VnxRS0lKRE5zSzF0WkF3cG5FNUdIMnprMzlFakFZTk9ydzRiWUY0dWhQSE8yNG8zZXFuVTl4amFqemsyaEZVNisyL1lNTW9RMzBQSlR3ZlQrU1pDUjdEeHVHN0xFbXpRdTV2eU5NeVlpVnBvQ3VoMU5vazQ4TDVNNmN1MnA0REVGOSsvZUFGb2pybXlYQlJjbGZHZC9Gdnc0K0hEQ251dk5uaUdFZjhwTzk4ckE3MTBnYi9ZRUU4bVFlZDZoUDkzQXRiTlBWZFQvRHVGRlFjS0FDYkdFR3VKNldHRndCeE5sM0pDak9xY2dWc2dFS1NkSnZIaE5kNUt0T1prMmNKUUxITTFpdkJIWUEvRDhjMTd0WUJpeC9Udz09fA&cppv=2
pragma
no-cache
access-control-allow-credentials
true
access-control-allow-methods
GET
server-processing-duration-in-ticks
277089
expires
0
access-control-allow-origin
https://preprod.citizensvoice.com
content-length
0
date
Tue, 24 Sep 2024 18:38:11 GMT
server
Kestrel
prebid
id5-sync.com/api/config/
194 B
674 B
Fetch
General
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156500/13793/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
cfe103cb575c16171ee932e2daae7d0bd56a88838f0e29e6d549c9b1b989faf5
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://preprod.citizensvoice.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://preprod.citizensvoice.com
p3p
CP="CAO PSA OUR"
date
Tue, 24 Sep 2024 18:38:11 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
access-control-allow-credentials
true
id
id.crwdcntrl.net/
43 B
323 B
Fetch
General
Full URL
https://id.crwdcntrl.net/id?c=17207
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156500/13793/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.228.75.221 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-228-75-221.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://preprod.citizensvoice.com/

Response headers

cache-control
no-cache
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://preprod.citizensvoice.com
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
content-length
43
date
Tue, 24 Sep 2024 18:38:11 GMT
content-type
application/json;charset=utf-8
x-server
10.45.29.75
server
Jetty(9.4.38.v20210224)
rid
match.adsrvr.org/track/
63 B
428 B
Fetch
General
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156500/13793/pwt.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
f6e27ce2dad148d5ae3a4f84dc81eb1a89098050182ed2925e363ad9a673b660

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
text/plain
Referer
https://preprod.citizensvoice.com/

Response headers

cache-control
private
content-encoding
gzip
access-control-allow-credentials
true
expires
Thu, 24 Oct 2024 18:38:11 GMT
access-control-allow-origin
https://preprod.citizensvoice.com
date
Tue, 24 Sep 2024 18:38:11 GMT
content-type
application/json
vary
Origin, Accept-Encoding
server
Kestrel
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
linkid.js
www.google-analytics.com/plugins/ua/
2 KB
1 KB
Script
General
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://preprod.citizensvoice.com/

Response headers

content-encoding
br
age
1589
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
x-content-type-options
nosniff
expires
Tue, 24 Sep 2024 19:11:42 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
date
Tue, 24 Sep 2024 18:11:42 GMT
last-modified
Fri, 30 Jun 2023 18:58:00 GMT
content-type
text/javascript
vary
Accept-Encoding
cache-control
public, max-age=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
content-length
697
x-xss-protection
0
server
sffe
collect
region1.analytics.google.com/g/
0
0
Fetch
General
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-JZ6RLCL0HJ&gtm=45je49j0h1v881788034z871194413za200zb71194413&_p=1727203091265&_gaz=1&gcd=13l3l3l2l1l1&npa=1&dma_cps=syphamo&dma=1&tag_exp=0&cid=1995910770.1727203092&ecid=64478237&ul=de-de&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=noapi&ec_mode=a&_s=1&sid=1727203091&sct=1&seg=0&dl=https%3A%2F%2Fpreprod.citizensvoice.com%2F&dt=Wilkes-Barre%20Citizens%27%20Voice&en=page_view&_fv=1&_ss=1&ep.ReturnURL=Not%20Set&ep.Slug_Referral=Not%20Set&ep.MG2_Checkout_Referrer=&ep.User_Agent=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F129.0.0.0%20Safari%2F537.36&ep.pw_CampaignID=Not%20Set&ep.NoBlocker=true&ep.Keywords=&ep.Quantcast_Label=&ep.Quantcast=&ep.Page_Title=Home&ep.URL=https%3A%2F%2Fpreprod.citizensvoice.com%2F&ep.Content_Title=Home&ep.Publisher_State=&ep.Page_Type=home&ep.Canonical_URL=https%3A%2F%2Fpreprod.citizensvoice.com%2F&ep.Taxonomy5=&ep.Taxonomy4=&ep.Taxonomy3=&ep.Section=Home&ep.Platform=WP&ep.Digital_Publisher=&ep.Release_Version=6.6.2&ep.kv=home&ep.Mobile_Presentation=no&ep.Auth0State=unknown&ep.Publisher_Product=citizensvoice-com-preprod.go-vip.net&ep.Publisher_Domain=&ep.Taxonomy1=&ep.Taxonomy2=&ep.logged_in_status=no&tfd=2777
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JZ6RLCL0HJ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://preprod.citizensvoice.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://preprod.citizensvoice.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Tue, 24 Sep 2024 18:38:11 GMT
content-type
text/plain
server
Golfe2
collect
stats.g.doubleclick.net/g/
0
251 B
Ping
General
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-JZ6RLCL0HJ&cid=1995910770.1727203092&gtm=45je49j0h1v881788034z871194413za200zb71194413&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=0
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-JZ6RLCL0HJ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://preprod.citizensvoice.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://preprod.citizensvoice.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Tue, 24 Sep 2024 18:38:11 GMT
content-type
text/plain
server
Golfe2
ga-audiences
www.google.de/ads/
42 B
63 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-JZ6RLCL0HJ&cid=1995910770.1727203092&gtm=45je49j0h1v881788034z871194413za200zb71194413&aip=1&dma=1&dma_cps=syphamo&gcd=13l3l3l2l1l1&npa=1&frm=0&tag_exp=0&tag_exp=0&z=835256395
Requested by
Host: preprod.citizensvoice.com
URL: https://preprod.citizensvoice.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
216.58.212.163 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
ams15s22-in-f3.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://preprod.citizensvoice.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
pragma
no-cache
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-length
42
date
Tue, 24 Sep 2024 18:38:11 GMT
x-xss-protection
0
content-type
image/gif
server
cafe
collect
www.google-analytics.com/j/
3 B
23 B
XHR
General
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=1281433559&t=pageview&_s=1&dl=https%3A%2F%2Fpreprod.citizensvoice.com%2F&dr=&dp=%2F&ul=de-de&de=UTF-8&dt=Wilkes-Barre%20Citizens%27%20Voice&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBACEAjBAAAACgFK~&jid=189124109&gjid=866294310&cid=1995910770.1727203092&tid=UA-61435456-39&_gid=1362001859.1727203092&_r=1&_slc=1&gtm=45He49j0n71TLFP4Rv71194413za200&cd2=&cd3=citizensvoice-com-preprod.go-vip.net&cd8=unknown&cd9=no&cd10=home&cd11=6.6.2&cd12=&cd13=WP&cd14=Home&cd15=&cd16=&cd17=&cd18=&cd19=&cd21=https%3A%2F%2Fpreprod.citizensvoice.com%2F&cd24=home&cd25=&cd27=Home&cd28=https%3A%2F%2Fpreprod.citizensvoice.com%2F&cd29=Home&cd30=&cd32=&cd33=&cd34=true&cd35=&cd42=Not%20Set&cd50=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F129.0.0.0%20Safari%2F537.36&cd51=&cd61=Not%20Set&cd63=Not%20Set&cd65=Wilkes-Barre%20Citizens%27%20Voice&cd67=None&cd68=None&cd69=None&cd70=None&cd71=None&cd72=none&cd73=none&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=0&cd53=1995910770.1727203092&npa=1&z=1708554638
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain
Referer
https://preprod.citizensvoice.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
cross-origin-resource-policy
cross-origin
access-control-allow-credentials
true
x-content-type-options
nosniff
expires
Fri, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
https://preprod.citizensvoice.com
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
date
Tue, 24 Sep 2024 18:38:11 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
text/plain
server
Golfe2
v1
lb.eu-1-id5-sync.com/lb/
56 B
308 B
Fetch
General
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156500/13793/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.119 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533570.ip-162-19-138.eu
Software
/
Resource Hash
4a1866eb01e975c6b5015f44573b8b80ab5efed251a9ede1270a29efe0ae7897
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://preprod.citizensvoice.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://preprod.citizensvoice.com
date
Tue, 24 Sep 2024 18:38:11 GMT
content-type
application/json;charset=UTF-8
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
wl
t.pubmatic.com/
17 B
188 B
Fetch
General
Full URL
https://t.pubmatic.com/wl?pubid=156500
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156500/13793/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.226 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
content-type
application/x-www-form-urlencoded
Referer
https://preprod.citizensvoice.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
access-control-allow-credentials
true
expires
0
access-control-allow-origin
https://preprod.citizensvoice.com
content-length
17
date
Tue, 24 Sep 2024 18:38:11 GMT
content-type
text/plain; charset=utf-8
cs.js
sb.scorecardresearch.com/internal-c2/default/
Redirect Chain
  • https://sb.scorecardresearch.com/c2/6035443/cs.js
  • https://sb.scorecardresearch.com/internal-c2/default/cs.js
0
366 B
Script
General
Full URL
https://sb.scorecardresearch.com/internal-c2/default/cs.js
Protocol
H2
Server
18.244.18.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-244-18-122.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://preprod.citizensvoice.com/

Response headers

cache-control
max-age=86400
etag
"d41d8cd98f00b204e9800998ecf8427e"
age
56374
via
1.1 553c17cdbfc8c5ba81390077b0e5d2d4.cloudfront.net (CloudFront)
accept-ranges
bytes
x-cache
Hit from cloudfront
content-length
0
x-amz-cf-id
mby7MpNy_t8d2jpBFUa-TjGOQQChewXbkpBHPKt9Swv4pRwxZemj6Q==
date
Tue, 24 Sep 2024 02:58:38 GMT
content-type
application/javascript
last-modified
Mon, 03 Jul 2023 14:48:48 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P11
x-amz-server-side-encryption
AES256

Redirect headers

location
/internal-c2/default/cs.js
accept-ch
UA, Platform, Arch, Model, Mobile
via
1.1 553c17cdbfc8c5ba81390077b0e5d2d4.cloudfront.net (CloudFront)
x-cache
Miss from cloudfront
content-length
0
x-amz-cf-id
G1Ro73TJHQehh_DRDkg8KrMVqv3uH9x50UKnM_rUnK2JreQXttNrQg==
date
Tue, 24 Sep 2024 18:38:11 GMT
x-amz-cf-pop
FRA56-P11
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1281433559&t=event&ni=1&_s=1&dl=https%3A%2F%2Fpreprod.citizensvoice.com%2F&dr=&dp=%2F&ul=de-de&de=UTF-8&dt=Wilkes-Barre%20Citizens%27%20Voice&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Tracking&ea=25%25&el=%2F&_u=aGDACEAjBAAAACgFKAC~&jid=&gjid=&cid=1995910770.1727203092&tid=UA-61435456-39&_gid=1362001859.1727203092&gtm=45He49j0n71TLFP4Rv71194413za200&cd2=&cd3=citizensvoice-com-preprod.go-vip.net&cd8=unknown&cd9=no&cd10=home&cd11=6.6.2&cd12=&cd13=WP&cd14=Home&cd15=&cd16=&cd17=&cd18=&cd19=&cd21=https%3A%2F%2Fpreprod.citizensvoice.com%2F&cd24=home&cd25=&cd27=Home&cd28=https%3A%2F%2Fpreprod.citizensvoice.com%2F&cd29=Home&cd30=&cd32=&cd33=&cd34=true&cd35=&cd42=Not%20Set&cd50=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F129.0.0.0%20Safari%2F537.36&cd51=&cd61=Not%20Set&cd63=Not%20Set&cd65=Wilkes-Barre%20Citizens%27%20Voice&cd67=None&cd68=None&cd69=None&cd70=None&cd71=None&cd72=none&cd73=none&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=0&cd53=1995910770.1727203092&npa=1&z=989917282
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://preprod.citizensvoice.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
age
35265
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
date
Tue, 24 Sep 2024 08:50:26 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
image/gif
server
Golfe2
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1281433559&t=event&ni=1&_s=1&dl=https%3A%2F%2Fpreprod.citizensvoice.com%2F&dr=&dp=%2F&ul=de-de&de=UTF-8&dt=Wilkes-Barre%20Citizens%27%20Voice&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Tracking&ea=50%25&el=%2F&_u=aGDACEAjBAAAACgFKAC~&jid=&gjid=&cid=1995910770.1727203092&tid=UA-61435456-39&_gid=1362001859.1727203092&gtm=45He49j0n71TLFP4Rv71194413za200&cd2=&cd3=citizensvoice-com-preprod.go-vip.net&cd8=unknown&cd9=no&cd10=home&cd11=6.6.2&cd12=&cd13=WP&cd14=Home&cd15=&cd16=&cd17=&cd18=&cd19=&cd21=https%3A%2F%2Fpreprod.citizensvoice.com%2F&cd24=home&cd25=&cd27=Home&cd28=https%3A%2F%2Fpreprod.citizensvoice.com%2F&cd29=Home&cd30=&cd32=&cd33=&cd34=true&cd35=&cd42=Not%20Set&cd50=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F129.0.0.0%20Safari%2F537.36&cd51=&cd61=Not%20Set&cd63=Not%20Set&cd65=Wilkes-Barre%20Citizens%27%20Voice&cd67=None&cd68=None&cd69=None&cd70=None&cd71=None&cd72=none&cd73=none&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=0&cd53=1995910770.1727203092&npa=1&z=252131508
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://preprod.citizensvoice.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
age
35265
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
date
Tue, 24 Sep 2024 08:50:26 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
image/gif
server
Golfe2
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1281433559&t=event&ni=1&_s=1&dl=https%3A%2F%2Fpreprod.citizensvoice.com%2F&dr=&dp=%2F&ul=de-de&de=UTF-8&dt=Wilkes-Barre%20Citizens%27%20Voice&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Tracking&ea=75%25&el=%2F&_u=aGDACEAjBAAAACgFKAC~&jid=&gjid=&cid=1995910770.1727203092&tid=UA-61435456-39&_gid=1362001859.1727203092&gtm=45He49j0n71TLFP4Rv71194413za200&cd2=&cd3=citizensvoice-com-preprod.go-vip.net&cd8=unknown&cd9=no&cd10=home&cd11=6.6.2&cd12=&cd13=WP&cd14=Home&cd15=&cd16=&cd17=&cd18=&cd19=&cd21=https%3A%2F%2Fpreprod.citizensvoice.com%2F&cd24=home&cd25=&cd27=Home&cd28=https%3A%2F%2Fpreprod.citizensvoice.com%2F&cd29=Home&cd30=&cd32=&cd33=&cd34=true&cd35=&cd42=Not%20Set&cd50=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F129.0.0.0%20Safari%2F537.36&cd51=&cd61=Not%20Set&cd63=Not%20Set&cd65=Wilkes-Barre%20Citizens%27%20Voice&cd67=None&cd68=None&cd69=None&cd70=None&cd71=None&cd72=none&cd73=none&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=0&cd53=1995910770.1727203092&npa=1&z=901210645
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://preprod.citizensvoice.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
age
35265
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
date
Tue, 24 Sep 2024 08:50:26 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
image/gif
server
Golfe2
collect
www.google-analytics.com/
35 B
55 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j101&a=1281433559&t=event&ni=1&_s=1&dl=https%3A%2F%2Fpreprod.citizensvoice.com%2F&dr=&dp=%2F&ul=de-de&de=UTF-8&dt=Wilkes-Barre%20Citizens%27%20Voice&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scroll%20Tracking&ea=100%25&el=%2F&_u=aGDACEAjBAAAACgFKAC~&jid=&gjid=&cid=1995910770.1727203092&tid=UA-61435456-39&_gid=1362001859.1727203092&gtm=45He49j0n71TLFP4Rv71194413za200&cd2=&cd3=citizensvoice-com-preprod.go-vip.net&cd8=unknown&cd9=no&cd10=home&cd11=6.6.2&cd12=&cd13=WP&cd14=Home&cd15=&cd16=&cd17=&cd18=&cd19=&cd21=https%3A%2F%2Fpreprod.citizensvoice.com%2F&cd24=home&cd25=&cd27=Home&cd28=https%3A%2F%2Fpreprod.citizensvoice.com%2F&cd29=Home&cd30=&cd32=&cd33=&cd34=true&cd35=&cd42=Not%20Set&cd50=Mozilla%2F5.0%20(X11%3B%20Linux%20x86_64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F129.0.0.0%20Safari%2F537.36&cd51=&cd61=Not%20Set&cd63=Not%20Set&cd65=Wilkes-Barre%20Citizens%27%20Voice&cd67=None&cd68=None&cd69=None&cd70=None&cd71=None&cd72=none&cd73=none&gcd=13l3l3l2l1l1&dma_cps=syphamo&dma=1&tag_exp=0&cd53=1995910770.1727203092&npa=1&z=474382751
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.206 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s08-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://preprod.citizensvoice.com/

Response headers

cache-control
no-cache, no-store, must-revalidate
pragma
no-cache
age
35265
cross-origin-resource-policy
cross-origin
x-content-type-options
nosniff
expires
Mon, 01 Jan 1990 00:00:00 GMT
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
35
date
Tue, 24 Sep 2024 08:50:26 GMT
last-modified
Sun, 17 May 1998 03:00:00 GMT
content-type
image/gif
server
Golfe2
favicon.ico
preprod.citizensvoice.com/
198 B
393 B
Other
General
Full URL
https://preprod.citizensvoice.com/favicon.ico
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.66.112 San Francisco, United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software
nginx /
Resource Hash
9deb629637088856fe61dc868bf40a7d21ed942e4117659f3d6c3408f59b906b

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Referer
https://preprod.citizensvoice.com/

Response headers

cache-control
max-age=300, must-revalidate
x-rq
hhn1 111 254 443
etag
"66974770-c6"
accept-ranges
bytes
x-cache
MISS
content-length
198
date
Tue, 24 Sep 2024 18:38:12 GMT
content-type
image/x-icon
last-modified
Wed, 17 Jul 2024 04:24:16 GMT
server
nginx
429.json
id5-sync.com/g/v2/
251 B
456 B
Fetch
General
Full URL
https://id5-sync.com/g/v2/429.json
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/156500/13793/pwt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.83 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31532338.ip-162-19-138.eu
Software
/
Resource Hash
93bd5351227bdc44861334b1aa05a197090dac4b12cc94bba86709f1b3684f5c
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Content-Type
text/plain;charset=UTF-8
Referer
https://preprod.citizensvoice.com/

Response headers

strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-origin
https://preprod.citizensvoice.com
date
Tue, 24 Sep 2024 18:38:11 GMT
content-type
application/json
vary
Origin
access-control-allow-credentials
true
sid
mug.criteo.com/ Frame
0
0
Preflight
General
Full URL
https://mug.criteo.com/sid?cpp=THT6VnxRS0lKRE5zSzF0WkF3cG5FNUdIMnprMzlFakFZTk9ydzRiWUY0dWhQSE8yNG8zZXFuVTl4amFqemsyaEZVNisyL1lNTW9RMzBQSlR3ZlQrU1pDUjdEeHVHN0xFbXpRdTV2eU5NeVlpVnBvQ3VoMU5vazQ4TDVNNmN1MnA0REVGOSsvZUFGb2pybXlYQlJjbGZHZC9Gdnc0K0hEQ251dk5uaUdFZjhwTzk4ckE3MTBnYi9ZRUU4bVFlZDZoUDkzQXRiTlBWZFQvRHVGRlFjS0FDYkdFR3VKNldHRndCeE5sM0pDak9xY2dWc2dFS1NkSnZIaE5kNUt0T1prMmNKUUxITTFpdkJIWUEvRDhjMTd0WUJpeC9Udz09fA&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Tue, 24 Sep 2024 18:38:11 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
203483
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
preprod.citizensvoice.com
URL
blob:https://preprod.citizensvoice.com/79d6114c-6f77-4960-835c-d3eca9a369df

Verdicts & Comments Add Verdict or Comment

65 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| scriptHelpers object| _wpemojiSettings number| MNG_SSO_TOOLS_GLOBAL_START_TIME function| analyticsEvent function| analyticsSocial function| analyticsVPV function| analyticsClearVPV function| analyticsForm object| dataLayer function| closeMobileAdhesionAd function| keyboardHandler function| $ function| jQuery boolean| dfmCanRunAds object| webpackChunkknowlton function| Headroom function| Hammer function| st_go function| linktracker_init object| wpcom object| _stq number| ntvLoadStart object| ntv object| prdom object| ntvValidTopWindow object| onFocusEvents object| ntvData function| ntvjQueryInit function| ntvExtends function| ntvAppendStylesheet function| ntvAppendScript function| ntvGetElementViewability function| ntvArticleTracker function| ntvViewableImpressionTracker object| PostRelease object| ntvToutAds boolean| onFocus object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data string| GoogleAnalyticsObject function| ga number| comscoreID object| _qevents function| atsDirectPass object| ihowpbjsChunk object| ihowpbjs object| _pbjsGlobals object| regeneratorRuntime object| IHPWT string| partnerName string| key object| twemoji object| wp object| gaplugins object| gaGlobal object| gaData function| onYouTubeIframeAPIReady function| quantserve function| __qc object| ezt object| liQHub object| liQ

13 Cookies

Domain/Path Name / Value
.postrelease.com/ Name: opt_out
Value: 1
.citizensvoice.com/ Name: _gcl_au
Value: 1.1.461552147.1727203092
.citizensvoice.com/ Name: _pubcid
Value: 88089f11-5679-4e02-9bd0-4bf587a2ba60
.citizensvoice.com/ Name: _pubcid_cst
Value: zix7LPQsHA%3D%3D
.citizensvoice.com/ Name: _gid
Value: GA1.2.1362001859.1727203092
.citizensvoice.com/ Name: _ga_JZ6RLCL0HJ
Value: GS1.1.1727203091.1.0.1727203091.60.0.64478237
.id5-sync.com/ Name: id5
Value: 290e2703-18fe-7704-881c-752f16dc5447#1727203091605#1
.citizensvoice.com/ Name: _gat_UA-61435456-39
Value: 1
preprod.citizensvoice.com/ Name: pbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222024-09-24T18%3A38%3A11%22%7D
preprod.citizensvoice.com/ Name: pbjs-unifiedid_cst
Value: zix7LPQsHA%3D%3D
.citizensvoice.com/ Name: _ga
Value: GA1.2.1995910770.1727203092
.citizensvoice.com/ Name: cto_bundle
Value: aLJW8V9Pd1BEbVhIb2VlNiUyRnVIOXVLZVIwOE1HMWdScVRUOVJocyUyQlEyUHZxRW5pR2EydTA0UUtpdzlvVG1IaDVROFl5cW1BVVBuY2hmNjlvek1rJTJCelZqek52NFBXJTJCZW9hUExwZXlXQ3pzNk01N3BRJTJGTnozQmNsdVBOVWNDYVFSSVh6WWs
.citizensvoice.com/ Name: cto_bidid
Value: Pgbyr19UN1RIRDlwY3FCaTklMkZvVFRjeGxFd0Vxb3ZjdHVBdTNuMjJxJTJCdXJRRW8yV3IyU3ZRdzNaMjlxNlBBRGZCMll2SU9acWxwUXR2cjA2WUJmV082JTJCQkpHQSUzRCUzRA

1 Console Messages

Source Level URL
Text
network error URL: https://preprod.citizensvoice.com/undefined
Message:
Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy default-src data: 'unsafe-inline' 'unsafe-eval' https:; script-src data: 'unsafe-inline' 'unsafe-eval' https: blob:; style-src 'unsafe-inline' https:; img-src data: https: blob:; font-src data: https:; connect-src https: data: blob: wss://realtimeeventfeeds.viafoura.co wss://sub.viafoura.co; media-src blob: data: https:; object-src https:; child-src https: data: blob:; upgrade-insecure-requests; block-all-mixed-content;

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.pubmatic.com
ajax.googleapis.com
b-code.liadm.com
fonts.googleapis.com
fonts.gstatic.com
gum.criteo.com
id.crwdcntrl.net
id5-sync.com
jadserve.postrelease.com
lb.eu-1-id5-sync.com
match.adsrvr.org
mug.criteo.com
pixel.wp.com
postrelease.com
preprod.citizensvoice.com
region1.analytics.google.com
s.ntv.io
sb.scorecardresearch.com
secure.quantserve.com
stats.g.doubleclick.net
stats.wp.com
t.pubmatic.com
www.google-analytics.com
www.google.de
www.googletagmanager.com
preprod.citizensvoice.com
142.250.186.163
162.19.138.119
162.19.138.83
172.217.16.206
18.244.18.122
185.64.189.226
192.0.66.112
192.0.76.3
2001:4860:4802:34::36
216.58.212.163
23.213.164.238
23.38.98.114
2600:9000:275d:1600:8:8845:1500:93a1
2620:116:800d:21:ef75:8280:f209:5ba1
2a00:1450:4001:806::200e
2a00:1450:4001:80b::200a
2a00:1450:4001:81c::200a
2a00:1450:4001:831::2008
2a00:1450:400c:c00::9d
2a02:2638:3::c
35.71.131.137
52.36.224.135
54.228.75.221
63.34.212.217
0d111d61901004eafd87c672f12f6cd54b3c376513aa672bf58100506dfe76f5
18224e939571d073e60f12abf915b73369b0eec29c7417d139cd8f9e0b28c5b5
1aa84d80aba2bc14029f0e99721c199f51cdaeb06a66aa9433f2bc4977a79f67
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1dabb37e2e981b4a0cebe7095bde30783fd105011da52d1f3894c468b8ebba75
1e0965dbbf100802215f3bfe869c335f13e862186d29073806dc33625af171bb
2dbf3dda9aaefcc8506629cc6ffdbf24ba30300b26458f716b188027b71edc55
4a1866eb01e975c6b5015f44573b8b80ab5efed251a9ede1270a29efe0ae7897
4e6ce5444c7f396cef0eb1fa3611034151e485dd06fbe5573a5583e1eebc98c3
5badd609a51ede5bab5b89534fc3011a4dd1ab487cc7081d7cf38479bcbab855
5cac9367b11594280628142b59a38fcb6ec8fad5896fd69b92ea2b3345b4cb6c
6ef1aa2d1945fd9fb1bd4eb00c603d868f89477a33e9ec2ef7c7035c5a16df31
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8ed222207f4d24a1193ebe769257bebc1bb79053626d1e93ad536c12eb3cc438
91c01ec0de315f973f4c00041b7ae25e1a790cedff79a6fbb56c571bba379142
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
93bd5351227bdc44861334b1aa05a197090dac4b12cc94bba86709f1b3684f5c
966a8421df082b4dfde5790dbb6174025661a8a33976e431f8a4a7207e19dc90
9d3959df4ebd84904a1622b6d7c9728f487e0c4d372f9bc2f59d0c480702f9c5
9deb629637088856fe61dc868bf40a7d21ed942e4117659f3d6c3408f59b906b
a5967883c65d3ba40dad64176a4c6abbb541ae08e20b34f01190468199e1ccff
a6f335796c627bd677b0232c8d791f9b0eca4c356b8d64a69e8c74da86187886
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
af4f1c75a83db62f0501567679807463810efe73aa3f46c6f932542bef587cb1
b36d838681171ab6906d3206d2fd6cc17a7a7a5867213c7595fe0865aeb9e969
b47571fc38b5dceaeb464210fa494e12926d5943fb7cbc4d5c2c52e3910ef11d
bf1b4de270602e082ca70c0e8f3c4d02a49fd842577680105a5ba877c7940345
c2ad103f45a8d1684a0be752a18c156ec4555b9cbd0893cfffddc800c3753eac
c8ddb9a3b693d383bdcb8f277e90e3908ed77f57e2e49158676b3c1edeb6bbe6
cfe103cb575c16171ee932e2daae7d0bd56a88838f0e29e6d549c9b1b989faf5
d0e11a13fc8611dd1a1a364b9ef9581faa85b762ebb3820517600b499b3f21cf
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64a4b3a4b49c09052164a940fee45c872e1b926ecaa4ccb824730d56cad3198
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2fc6772e824c1d3866a2107144edff9253211b7f35feae27aefdc3dd1d2eb89
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f5c38a1ee16dc10ffdc63b0fad80055741dc4d1ca94bf691b054626c3b084e21
f6e27ce2dad148d5ae3a4f84dc81eb1a89098050182ed2925e363ad9a673b660
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
ff8bbeed09c55ffbff2607d7e8751d9889df3a3bd6f213f0e5607246fa89e17b