lacrossetribune.com Open in urlscan Pro
192.104.182.109 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://lacrossefoxxyshopper.com/
Effective URL:
https://lacrossetribune.com/ads/
Submission: On November 30 via api (November 30th 2022, 8:05:30 pm UTC) from US — Scanned from DE

Summary HTTP 136 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 37 IPs in 4 countries across 36 domains to perform 136 HTTP transactions. The main IP is 192.104.182.109, located in United States and belongs to LEE-ASN, US. The main domain is lacrossetribune.com. The Cisco Umbrella rank of the primary domain is 238487.
TLS certificate: Issued by GTS CA 1P5 on November 15th 2022. Valid for: 3 months.

This is the only time lacrossetribune.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	192.104.182.209 192.104.182.209	10668 (LEE-ASN) (LEE-ASN)
1 10	192.104.182.109 192.104.182.109	10668 (LEE-ASN) (LEE-ASN)
39	104.16.133.24 104.16.133.24	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	65.9.66.104 65.9.66.104	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:211... 2600:9000:211e:f200:3:b7e:8940:93a1	16509 (AMAZON-02) (AMAZON-02)
1 3	13.32.28.197 13.32.28.197	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:20e... 2600:9000:20eb:9c00:11:1ed0:3900:21	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
3	65.9.66.8 65.9.66.8	16509 (AMAZON-02) (AMAZON-02)
7	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:801::2002	15169 (GOOGLE) (GOOGLE)
1 4	15.197.193.217 15.197.193.217	16509 (AMAZON-02) (AMAZON-02)
1	143.204.205.113 143.204.205.113	16509 (AMAZON-02) (AMAZON-02)
1	99.86.3.236 99.86.3.236	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
9	44.197.57.16 44.197.57.16	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
1	52.17.7.52 52.17.7.52	16509 (AMAZON-02) (AMAZON-02)
4	99.86.8.175 99.86.8.175	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
1	52.36.48.34 52.36.48.34	16509 (AMAZON-02) (AMAZON-02)
1 2	34.243.37.252 34.243.37.252	16509 (AMAZON-02) (AMAZON-02)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
2 2	35.186.253.211 35.186.253.211	15169 (GOOGLE) (GOOGLE)
2 2	34.255.67.248 34.255.67.248	16509 (AMAZON-02) (AMAZON-02)
3 3	185.89.210.212 185.89.210.212	29990 (ASN-APPNEX) (ASN-APPNEX)
2 2	76.223.111.18 76.223.111.18	16509 (AMAZON-02) (AMAZON-02)
1	216.52.2.30 216.52.2.30	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
1	37.157.3.30 37.157.3.30	() ()
2 2	3.75.15.124 3.75.15.124	() ()
1	18.194.69.136 18.194.69.136	() ()
2	88.221.168.201 88.221.168.201	() ()
2 2	104.18.33.19 104.18.33.19	() ()
1	185.64.190.78 185.64.190.78	() ()
3 4	37.157.6.242 37.157.6.242	() ()
2 2	185.29.132.245 185.29.132.245	() ()
6	185.64.190.80 185.64.190.80	() ()
2 2	213.155.156.185 213.155.156.185	() ()
1	178.250.0.163 178.250.0.163	() ()
1 2	67.220.224.150 67.220.224.150	() ()
6 6	142.250.186.130 142.250.186.130	() ()
1	198.47.127.20 198.47.127.20	() ()
1 1	141.94.171.212 141.94.171.212	() ()
1	35.204.74.118 35.204.74.118	() ()
136	37

1 192.104.182.209 (United States) 1 redirects

ASN10668 (LEE-ASN, US)
PTR: cms.chicago2.vip.townnews.com

lacrossefoxxyshopper.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 192.104.182.109 (United States) 1 redirects

ASN10668 (LEE-ASN, US)
PTR: cms.chicago2.vip.townnews.com

lacrossetribune.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 104.16.133.24 (None, )

ASN13335 (CLOUDFLARENET, US)

bloximages.chicago2.vip.townnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.104 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-104.fra56.r.cloudfront.net

tags.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:211e:f200:3:b7e:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.osano.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.28.197 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-28-197.fra56.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:9c00:11:1ed0:3900:21 (United States)

ASN16509 (AMAZON-02, US)

d3div1mtym39ic.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.66.8 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-8.fra56.r.cloudfront.net

tagan.adlightning.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 15.197.193.217 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.205.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-205-113.fra53.r.cloudfront.net

d1eoo1tco6rr5e.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.86.3.236 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-3-236.fra6.r.cloudfront.net

aax-dtb-cf.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

18307f700dbbae360687308152dd7f10.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 44.197.57.16 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-197-57-16.compute-1.amazonaws.com

bidder.newspassid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.17.7.52 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-17-7-52.eu-west-1.compute.amazonaws.com

bcp.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 99.86.8.175 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-86-8-175.fra6.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.36.48.34 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-36-48-34.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.243.37.252 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-37-252.eu-west-1.compute.amazonaws.com

ads.avct.cloud	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.253.211 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.255.67.248 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-255-67-248.eu-west-1.compute.amazonaws.com

ad2.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.210.212 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 76.223.111.18 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com

eb2.3lift.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.30 (United States)

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.157.3.30 (None, )

ASN- ()

cm.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.75.15.124 (None, ) 2 redirects

ASN- ()

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.194.69.136 (None, )

ASN- ()

match.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.221.168.201 (None, )

ASN- ()

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.33.19 (None, ) 2 redirects

ASN- ()

ssum.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.78 (None, )

ASN- ()

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.157.6.242 (None, ) 3 redirects

ASN- ()

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.29.132.245 (None, ) 2 redirects

ASN- ()

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 185.64.190.80 (None, )

ASN- ()

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 213.155.156.185 (None, ) 2 redirects

ASN- ()

d5p.de17a.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (None, )

ASN- ()

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 67.220.224.150 (None, ) 1 redirects

ASN- ()

aax-eu.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.130 (None, ) 6 redirects

ASN- ()

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.47.127.20 (None, )

ASN- ()

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.94.171.212 (None, ) 1 redirects

ASN- ()

pixel.onaudience.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.204.74.118 (None, )

ASN- ()

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	townnews.com bloximages.chicago2.vip.townnews.com — Cisco Umbrella Rank: 18605	525 KB
10	pubmatic.com ads.pubmatic.com image6.pubmatic.com simage2.pubmatic.com image2.pubmatic.com image4.pubmatic.com	25 KB
10	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 101 18307f700dbbae360687308152dd7f10.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 139	42 KB
10	lacrossetribune.com 1 redirects lacrossetribune.com — Cisco Umbrella Rank: 238487	87 KB
9	newspassid.com bidder.newspassid.com — Cisco Umbrella Rank: 30685	19 KB
9	doubleclick.net 6 redirects securepubads.g.doubleclick.net — Cisco Umbrella Rank: 189 cm.g.doubleclick.net	159 KB
7	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 48	514 KB
6	amazon-adsystem.com 2 redirects c.amazon-adsystem.com — Cisco Umbrella Rank: 309 aax-dtb-cf.amazon-adsystem.com — Cisco Umbrella Rank: 533 aax-eu.amazon-adsystem.com	6 KB
5	adform.net 3 redirects cm.adform.net c1.adform.net	2 KB
4	segment.com cdn.segment.com — Cisco Umbrella Rank: 1272	33 KB
4	adsrvr.org 1 redirects insight.adsrvr.org — Cisco Umbrella Rank: 567 match.adsrvr.org	936 B
3	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 204	3 KB
3	adlightning.com tagan.adlightning.com — Cisco Umbrella Rank: 1749	74 KB
2	de17a.com 2 redirects d5p.de17a.com	562 B
2	mathtag.com 2 redirects sync.mathtag.com	1 KB
2	casalemedia.com 2 redirects ssum.casalemedia.com	2 KB
2	bidswitch.net 2 redirects x.bidswitch.net	960 B
2	3lift.com 2 redirects eb2.3lift.com — Cisco Umbrella Rank: 333	792 B
2	360yield.com 2 redirects ad2.360yield.com — Cisco Umbrella Rank: 14998	675 B
2	openx.net 2 redirects rtb.openx.net — Cisco Umbrella Rank: 1403	545 B
2	avct.cloud 1 redirects ads.avct.cloud — Cisco Umbrella Rank: 2783	530 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 27	21 KB
2	gstatic.com www.gstatic.com	13 KB
2	cloudfront.net d3div1mtym39ic.cloudfront.net d1eoo1tco6rr5e.cloudfront.net	40 KB
2	osano.com cmp.osano.com — Cisco Umbrella Rank: 6366	96 KB
2	crwdcntrl.net tags.crwdcntrl.net — Cisco Umbrella Rank: 1156 bcp.crwdcntrl.net — Cisco Umbrella Rank: 853	12 KB
1	simpli.fi um.simpli.fi	610 B
1	onaudience.com 1 redirects pixel.onaudience.com	418 B
1	criteo.com dis.criteo.com	363 B
1	sharethrough.com match.sharethrough.com	35 B
1	lijit.com ap.lijit.com — Cisco Umbrella Rank: 592	277 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 292	239 B
1	segment.io api.segment.io — Cisco Umbrella Rank: 1106	176 B
1	google.de ampcid.google.de — Cisco Umbrella Rank: 66268	463 B
1	google.com ampcid.google.com — Cisco Umbrella Rank: 2097	534 B
1	lacrossefoxxyshopper.com 1 redirects lacrossefoxxyshopper.com	171 B
136	36

	Domain	Requested by
39	bloximages.chicago2.vip.townnews.com	lacrossetribune.com bloximages.chicago2.vip.townnews.com
10	lacrossetribune.com	1 redirects lacrossetribune.com
9	bidder.newspassid.com	bloximages.chicago2.vip.townnews.com cmp.osano.com bidder.newspassid.com
7	www.googletagmanager.com	lacrossetribune.com cmp.osano.com
6	cm.g.doubleclick.net	6 redirects
6	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
4	c1.adform.net	3 redirects ads.pubmatic.com
4	cdn.segment.com	cmp.osano.com cdn.segment.com
3	image2.pubmatic.com	ads.pubmatic.com
3	simage2.pubmatic.com	ads.pubmatic.com
3	ib.adnxs.com	3 redirects
3	tpc.googlesyndication.com	cmp.osano.com
3	securepubads.g.doubleclick.net	cmp.osano.com securepubads.g.doubleclick.net
3	tagan.adlightning.com	lacrossetribune.com cmp.osano.com
3	c.amazon-adsystem.com	1 redirects c.amazon-adsystem.com
2	match.adsrvr.org
2	aax-eu.amazon-adsystem.com	1 redirects ads.pubmatic.com
2	d5p.de17a.com	2 redirects
2	sync.mathtag.com	2 redirects
2	ssum.casalemedia.com	2 redirects
2	ads.pubmatic.com	bidder.newspassid.com
2	x.bidswitch.net	2 redirects
2	eb2.3lift.com	2 redirects
2	ad2.360yield.com	2 redirects
2	rtb.openx.net	2 redirects
2	ads.avct.cloud	1 redirects
2	www.google-analytics.com	cmp.osano.com
2	insight.adsrvr.org	1 redirects d1eoo1tco6rr5e.cloudfront.net
2	www.gstatic.com	lacrossetribune.com
2	cmp.osano.com	lacrossetribune.com cmp.osano.com
1	um.simpli.fi
1	pixel.onaudience.com	1 redirects
1	image4.pubmatic.com
1	dis.criteo.com	ads.pubmatic.com
1	image6.pubmatic.com	ads.pubmatic.com
1	match.sharethrough.com
1	cm.adform.net
1	ap.lijit.com
1	pixel.rubiconproject.com
1	api.segment.io	cdn.segment.com
1	bcp.crwdcntrl.net	cmp.osano.com
1	ampcid.google.de	www.google-analytics.com
1	ampcid.google.com	www.google-analytics.com
1	18307f700dbbae360687308152dd7f10.safeframe.googlesyndication.com	cmp.osano.com
1	aax-dtb-cf.amazon-adsystem.com	c.amazon-adsystem.com
1	d1eoo1tco6rr5e.cloudfront.net	cmp.osano.com
1	d3div1mtym39ic.cloudfront.net	lacrossetribune.com
1	tags.crwdcntrl.net	lacrossetribune.com
1	lacrossefoxxyshopper.com	1 redirects
136	49

This site contains links to these domains. Also see Links.

Domain
subscriberservices.lee.net
www.stringr.com
www.wisconsinpublicnotice.org
lee.net
www.winonadailynews.com
chippewa.com
rivervalleymediagroup.com
bloxcms.com
townnews.com

Subject Issuer	Validity	Valid
lacrossetribune.com GTS CA 1P5	`2022-11-15` - `2023-02-13`	3 months	crt.sh
bloximages.chicago2.vip.townnews.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-11` - `2023-04-11`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
cmp.osano.com Amazon	`2022-09-02` - `2023-09-30`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.adlightning.com Amazon	`2022-06-09` - `2023-07-07`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
c.amazon-adsystem.com Amazon	`2022-05-09` - `2023-04-18`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com Amazon	`2022-06-15` - `2023-06-15`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
bidder.newspassid.com Amazon	`2022-03-14` - `2023-04-11`	a year	crt.sh
*.google.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.segment.com Amazon	`2022-01-12` - `2023-02-10`	a year	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-11-02` - `2023-01-25`	3 months	crt.sh
*.segment.io Amazon	`2022-02-10` - `2023-03-11`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2022-06-27` - `2023-06-05`	a year	crt.sh
*.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-05-18` - `2023-06-16`	a year	crt.sh
*.sharethrough.com Amazon	`2022-07-14` - `2023-08-12`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2022-02-04` - `2023-02-03`	a year	crt.sh
track.adform.net DigiCert TLS RSA SHA256 2020 CA1	`2022-09-20` - `2023-09-20`	a year	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-10-31` - `2023-01-26`	3 months	crt.sh
aax-eu.amazon-adsystem.com Amazon	`2022-07-20` - `2023-07-19`	a year	crt.sh
*.simpli.fi DigiCert TLS RSA SHA256 2020 CA1	`2022-11-07` - `2023-12-08`	a year	crt.sh

This page contains 14 frames:

Primary Page: https://lacrossetribune.com/ads/
Frame ID: 20D785D0CE2CAFC15D9E0E875191951D
Requests: 101 HTTP requests in this frame

Frame: https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe
Frame ID: 4C197196BF40F9E80DBB192A1A98A7CE
Requests: 2 HTTP requests in this frame

Frame: https://18307f700dbbae360687308152dd7f10.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 18F36350E8D8D67AE7220406F3701F26
Requests: 1 HTTP requests in this frame

Frame: https://cmp.osano.com/
Frame ID: A42CF710FAA4E1A9E1F68F9616F22A93
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/c=6894/rand=837878978/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20lacrossetribune%20%3A%20Total%20Site%20Traffic/int=%23OpR%2372332%23Site%20Section%20%3A%20ads/med=%23OpR%2372333%23Keyword%20%3A%20Ads%2C%20shopping%20in%20La%20Crosse%2C%20Winona%2C%20chippewa%20Falls%2C%20Dining%2C%20Entertainment%2C%20Cars%2C%20Shopping%2C%20Jewelry%2C%20Clothing%2C%20auctions/rb=%7B%22meta_tag%22%3A%22Ads%2C%20shopping%20in%20La%20Crosse%2C%20Winona%2C%20chippewa%20Falls%2C%20Dining%2C%20Entertainment%2C%20Cars%2C%20Shopping%2C%20Jewelry%2C%20Clothing%2C%20auctions%22%7D/rt=ifr
Frame ID: 060B4CF34684CBFAC9EED1924FCDCF69
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: B79E6364FA2C265872D74690E8F1DD4A
Requests: 3 HTTP requests in this frame

Frame: https://bidder.newspassid.com/static/load-cookie.html?usp_consent=1---&pubcid=248b21c4-70a9-4009-8851-bdd6bb81d049&publisherId=NPID10000001&siteId=3500000339&cb=1669838725372&bidder=newspassid
Frame ID: 59228C6763FF75825BE9CAEE763FC102
Requests: 13 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Frame ID: D751828170C2400F1C2FB38DE7DB4A2C
Requests: 10 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=A42D0732-06C3-4412-8D84-EF79828D9011&gdpr=0&gdpr_consent=
Frame ID: 18E762C6883A88F922BD4C8CAF1CB04A
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:cdb76387-b78a-4e00-8f6a-a5090f09c692&gdpr=0&gdpr_consent=
Frame ID: B0CF97302DFD4396FE2916C71467504D
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8229103810386838440
Frame ID: 3D6480C265FE44D7DBB6AC7E8C1D2CF1
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 7CF496C8C0E7A00AEC319CAA30634694
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=A42D0732-06C3-4412-8D84-EF79828D9011&redir=true&gdpr=0&gdpr_consent=&dcc=t
Frame ID: 867498ACCDEC4E93CE0B3DC5609DC2B4
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6811001653098004387&gdpr=0&gdpr_consent=
Frame ID: 351E61B75310871D5FCF5901DBEDE5BC
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

La Crosse Advertising | lacrossetribune.com

Page URL History Show full URLs

http://lacrossefoxxyshopper.com/ HTTP 301
http://lacrossetribune.com/ads/ HTTP 301
https://lacrossetribune.com/ads/ Page URL

Detected technologies

Firebase (Databases) Expand

Overall confidence: 100%
Detected patterns

/firebasejs/([\d.]+)/firebase

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

owl\.carousel.*\.js

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.segment\.com/analytics\.js

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

136
Requests

79 %
HTTPS

23 %
IPv6

36
Domains

49
Subdomains

37
IPs

4
Countries

1667 kB
Transfer

4972 kB
Size

13
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://subscriberservices.lee.net/subscriberservices/Content/paymentpagesingle.aspx?Domain=lacrossetribune.com&SubscriberLevel=DOP&Return=https%3A%2F%2Flacrossetribune.com%2Fads%2F#tracking-source=header&ir=true
Title: Subscribe $1 for 6 months

Search URL Search Domain Scan URL

URL: https://www.stringr.com/xlBubQUiuqB
Title: Share Video

Search URL Search Domain Scan URL

URL: http://www.wisconsinpublicnotice.org/
Title: Wisconsin Public Notices

Search URL Search Domain Scan URL

URL: https://subscriberservices.lee.net/subscriberservices/Content/AccountStatus.aspx?Domain=lacrossetribune.com
Title: My Subscription

Search URL Search Domain Scan URL

URL: http://lee.net/careers/opportunities/?utm_source=newspaper&utm_medium=blox&utm_campaign=workhere
Title: Work here

Search URL Search Domain Scan URL

URL: https://www.winonadailynews.com/community/houstonconews/
Title: Houston County News

Search URL Search Domain Scan URL

URL: http://www.winonadailynews.com/
Title: Winona Daily News

Search URL Search Domain Scan URL

URL: http://chippewa.com/
Title: Chippewa Herald

Search URL Search Domain Scan URL

URL: https://chippewa.com/community/dunnconnect/
Title: Dunn County News

Search URL Search Domain Scan URL

URL: http://rivervalleymediagroup.com/
Title: River Valley Media Group

Search URL Search Domain Scan URL

URL: https://bloxcms.com/
Title: BLOX Content Management System

Search URL Search Domain Scan URL

URL: https://townnews.com/
Title: TownNews.com

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://lacrossefoxxyshopper.com/ HTTP 301
http://lacrossetribune.com/ads/ HTTP 301
https://lacrossetribune.com/ads/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

https://c.amazon-adsystem.com/aax2/apstag.js HTTP 301
https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js

Request Chain 62

https://insight.adsrvr.org/tags/nebsjkp/21usqg2/iframe HTTP 303
https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe

Request Chain 110

https://ads.avct.cloud/getuid?&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&url=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%7BUUID%7D%7D HTTP 307
https://ads.avct.cloud/getuid?bounce=true&&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&url=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%7BUUID%7D%7D

Request Chain 112

https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%24%7BUID%7D HTTP 302
https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%24%7BUID%7D&ox_sc=1 HTTP 302
https://bidder.newspassid.com/setuid?bidder=openx&uid=9e4c8ad2-8fb3-46c2-8d1b-51c97ac1f9bd

Request Chain 113

https://ad2.360yield.com/server_match?r=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D HTTP 302
https://ad2.360yield.com/ul_cb/server_match?r=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D HTTP 302
https://bidder.newspassid.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=6d5fac6e-2151-4c47-af1f-8d172337e5dd

Request Chain 114

https://ib.adnxs.com/getuid?https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fbidder.newspassid.com%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D0%2526gdpr_consent%253D%2526uid%253D%2524UID HTTP 302
https://bidder.newspassid.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=6811001653098004387

Request Chain 115

https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=pbs-ozone&redir=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=pbs-ozone&redir=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID HTTP 302
https://bidder.newspassid.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=2335111511775231039511

Request Chain 118

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone HTTP 302
https://bidder.newspassid.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=fc23d13a-c711-4cab-bf3f-712ad3bf8e0e

Request Chain 121

https://ssum.casalemedia.com/usermatchredir?us_privacy=pbs-ozone&gdpr=0&gdpr_consent=&s=189937&cb=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D HTTP 302
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D&gdpr=0&gdpr_consent=&s=189937&us_privacy=pbs-ozone&C=1 HTTP 302
https://bidder.newspassid.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=Y4e3ih5b7CrEee0eLRgUsAAA%261123

Request Chain 123

https://c1.adform.net/serving/cookie/match?party=14&cid=A42D0732-06C3-4412-8D84-EF79828D9011&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=A42D0732-06C3-4412-8D84-EF79828D9011&gdpr=0&gdpr_consent=

Request Chain 124

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:cdb76387-b78a-4e00-8f6a-a5090f09c692&gdpr=0&gdpr_consent=

Request Chain 125

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8229103810386838440

Request Chain 127

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=A42D0732-06C3-4412-8D84-EF79828D9011&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=A42D0732-06C3-4412-8D84-EF79828D9011&redir=true&gdpr=0&gdpr_consent=&dcc=t

Request Chain 128

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6811001653098004387&gdpr=0&gdpr_consent=

Request Chain 129

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=pC0HMgbDRBKNhO95go2QEQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=pC0HMgbDRBKNhO95go2QEQ%3D%3D&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

Request Chain 130

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=32086387-b78a-4700-a7cf-074d17d02c62

Request Chain 131

https://pixel.onaudience.com/?partner=214&mapped=A42D0732-06C3-4412-8D84-EF79828D9011&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0

Request Chain 132

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTQyRDA3MzItMDZDMy00NDEyLThEODQtRUY3OTgyOEQ5MDEx&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTQyRDA3MzItMDZDMy00NDEyLThEODQtRUY3OTgyOEQ5MDEx&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 133

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFZLTT3RQwZPnDs26djy-gg&google_cver=1

Request Chain 135

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=836611729246241063

136 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
lacrossetribune.com/ads/
Redirect Chain

http://lacrossefoxxyshopper.com/
http://lacrossetribune.com/ads/
https://lacrossetribune.com/ads/

252 KB
41 KB

494ms
244ms

Document
text/html

192.104.182.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL

https://lacrossetribune.com/ads/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.104.182.109 , United States, ASN10668 (LEE-ASN, US),

Reverse DNS

cms.chicago2.vip.townnews.com

Software

Resource Hash

1c7fec8c4d8066d33192062e2d730804b1ffa39dee21b621c12eaf0262e49827

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 3
cache-control: public, max-age=300
content-encoding: gzip
content-length: 39535
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Wed, 30 Nov 2022 20:05:20 GMT
etag: W/ad68368e2dfacfebf6a2fcaa87d86280
last-modified: Wed, 30 Nov 2022 20:05:19 GMT
link: <https://bloximages.chicago2.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin <https://bloximages.chicago2.vip.townnews.com/lacrossetribune.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js>; rel=preload; as=script </shared-content/art/tncms/user/user.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/lacrossetribune.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/lacrossetribune.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/lacrossetribune.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.7b5fd2a1aa906214ae39b25cd6ec9283.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/lacrossetribune.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.ef1ae2cf9d9803199a19b009dc464018.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/lacrossetribune.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js>; rel=preload; as=script
referrer-policy: strict-origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: X-IPCountry, X-Townnews-Now-API-Version, Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-loop: 1
x-robots-tag: noarchive
x-tncms: 1.65.2; app8; 0.48s; 6.7M
x-ua-compatible: IE=edge
x-vcache: HIT
x-xss-protection: 1; mode=block

Redirect headers

age: 3
cache-control: public, max-age=300
content-encoding: gzip
content-length: 1784
content-security-policy: upgrade-insecure-requests
content-type: text/html; charset=UTF-8
date: Wed, 30 Nov 2022 20:05:19 GMT
link: <https://bloximages.chicago2.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin
location: https://lacrossetribune.com/ads/
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-loop: 1
x-robots-tag: noarchive
x-tncms: 1.65.2; app8; 0.01s; 1.2M
x-vcache: HIT
x-xss-protection: 1; mode=block

GET
H2 200 jquery.min.d6d18fcf88750a16d256e72626e676a6.js Show response
bloximages.chicago2.vip.townnews.com/lacrossetribune.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/ 98 KB
34 KB 109ms
44ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/lacrossetribune.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lacrossetribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:05:23 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 26737208
last-modified: Wed, 07 Jul 2021 20:09:22 GMT
x-vcache: HIT
server: cloudflare
etag: W/"60e609f2-1882c"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 77263297ecb99bd4-FRA
expires: Wed, 31 Aug 2022 19:01:20 GMT

GET
H2 200 user.js Show response
lacrossetribune.com/shared-content/art/tncms/user/ 12 KB
4 KB 125ms
122ms Script
application/x-javascript 192.104.182.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://lacrossetribune.com/shared-content/art/tncms/user/user.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.chicago2.vip.townnews.com
Software: /
Resource Hash: 514338ec6bbb3440a50029e6cbc2ba9034d6971c4776d2759a4b829c94dedfb9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lacrossetribune.com/ads/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:01:15 GMT
content-encoding: gzip
last-modified: Mon, 21 Nov 2022 17:47:40 GMT
x-vcache: HIT
age: 248
etag: W/"637bb9bc-2f01"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
accept-ranges: bytes
content-length: 4332
service-worker-allowed: /

GET
H2 200 bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js Show response
bloximages.chicago2.vip.townnews.com/lacrossetribune.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/ 39 KB
11 KB 111ms
46ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/lacrossetribune.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lacrossetribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:05:23 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 673737
last-modified: Fri, 06 Sep 2019 14:16:03 GMT
x-vcache: MISS
server: cloudflare
etag: W/"5d726a23-9bd8"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 77263297fcdb9bd4-FRA
expires: Sun, 23 Apr 2023 08:15:43 GMT

GET
H2 200 common.08a61544f369cc43bf02e71b2d10d49f.js Show response
bloximages.chicago2.vip.townnews.com/lacrossetribune.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 32 KB
13 KB 112ms
48ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/lacrossetribune.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddd1991e3d8ce67431989f8cca95743706d110f064ed2b3609041a3f20e50d2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lacrossetribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:05:23 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 4883833
last-modified: Tue, 10 May 2022 15:14:36 GMT
x-vcache: MISS
server: cloudflare
etag: W/"627a815c-8154"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 77263297ecb69bd4-FRA
expires: Thu, 11 May 2023 19:06:10 GMT

GET
H2 200 tnt.7b5fd2a1aa906214ae39b25cd6ec9283.js Show response
bloximages.chicago2.vip.townnews.com/lacrossetribune.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 22 KB
6 KB 105ms
42ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/lacrossetribune.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.7b5fd2a1aa906214ae39b25cd6ec9283.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc9b9e9735d3620722247b3e0e02d8dc432a252acbade9af3a81146feefb7085

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lacrossetribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:05:23 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 4321850
cross-origin-resource-policy: cross-origin
last-modified: Tue, 13 Sep 2022 18:22:38 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6320ca6e-5800"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 77263297fcce9bd4-FRA
expires: Wed, 11 Oct 2023 19:01:15 GMT

GET
H2 200 application.ef1ae2cf9d9803199a19b009dc464018.js Show response
bloximages.chicago2.vip.townnews.com/lacrossetribune.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 4 KB
2 KB 95ms
32ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/lacrossetribune.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.ef1ae2cf9d9803199a19b009dc464018.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ae6c4eb375a9a08f2c21183d6857943c7762e78c45c185670d4a5cc17fabfb57

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lacrossetribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:05:23 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 2506090
cross-origin-resource-policy: cross-origin
last-modified: Thu, 27 Oct 2022 20:59:04 GMT
x-vcache: MISS
server: cloudflare
etag: W/"635af118-114a"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 77263297fcd89bd4-FRA
expires: Wed, 01 Nov 2023 19:01:27 GMT

GET
H2 200 tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js Show response
bloximages.chicago2.vip.townnews.com/lacrossetribune.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 2 KB
969 B 109ms
47ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75845ddd51e5f375f7b7aa868937566eb92118d0ee118cd3154db1a95d7b8dd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lacrossetribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:05:23 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 26728164
last-modified: Tue, 06 Jul 2021 13:05:12 GMT
x-vcache: MISS
server: cloudflare
etag: W/"60e45508-9ae"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 77263297fcde9bd4-FRA
expires: Wed, 06 Jul 2022 19:01:08 GMT

GET
H2 200 bootstrap.min.d655407c2beee1a5e5788ed5c20be9d9.css
bloximages.chicago2.vip.townnews.com/lacrossetribune.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/ 107 KB
18 KB 91ms
34ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/lacrossetribune.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/bootstrap.min.d655407c2beee1a5e5788ed5c20be9d9.css

Requested by

Host: lacrossetribune.com
URL: https://lacrossetribune.com/ads/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6065cc42cf9789426f27a40563bc5c313b5ed33a7bc384c3ffaa0d047eb93ff2

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lacrossetribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:05:23 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 79421
cross-origin-resource-policy: cross-origin
last-modified: Mon, 21 Nov 2022 16:28:46 GMT
x-vcache: MISS
server: cloudflare
etag: W/"637ba73e-1ac24"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 77263297ecaa9bd4-FRA
expires: Wed, 29 Nov 2023 20:01:27 GMT

GET
H2 200 layout.aafcf93cf41daa238a62a66cb77cee24.css
bloximages.chicago2.vip.townnews.com/lacrossetribune.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/ 156 KB
28 KB 92ms
36ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/lacrossetribune.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/layout.aafcf93cf41daa238a62a66cb77cee24.css

Requested by

Host: lacrossetribune.com
URL: https://lacrossetribune.com/ads/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

96d9c5ad06dd9ecbc22566335cceecbf07fb4f80bf90c2de8826f33306db6300

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lacrossetribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:05:23 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 83734
cross-origin-resource-policy: cross-origin
last-modified: Mon, 21 Nov 2022 16:30:11 GMT
x-vcache: MISS
server: cloudflare
etag: W/"637ba793-26e07"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 77263297ecab9bd4-FRA
expires: Wed, 29 Nov 2023 20:01:27 GMT

GET
H2 200 lee.ds.css
bloximages.chicago2.vip.townnews.com/lacrossetribune.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/styles/ 95 KB
17 KB 108ms
52ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/lacrossetribune.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/styles/lee.ds.css?_dc=1669708852

Requested by

Host: lacrossetribune.com
URL: https://lacrossetribune.com/ads/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

618e9e1cdd1e1ba2d1e089793d7102ddd2f406e401caecce53b26c08d212e14b

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lacrossetribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:05:23 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 114705
cross-origin-resource-policy: cross-origin
last-modified: Tue, 29 Nov 2022 08:00:52 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6385bc34-17d6c"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 77263297ecac9bd4-FRA
expires: Wed, 29 Nov 2023 08:06:16 GMT

GET
H2 200 flex-notification-controls.e115619c5ab5d4eb38fbd29cc0d2ea9b.css
bloximages.chicago2.vip.townnews.com/lacrossetribune.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/ 6 KB
2 KB 102ms
47ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/lacrossetribune.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/flex-notification-controls.e115619c5ab5d4eb38fbd29cc0d2ea9b.css

Requested by

Host: lacrossetribune.com
URL: https://lacrossetribune.com/ads/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ef0cb2e94b5b79911d8647651823f8c4a39b0f1192bf85b2caa9ce9db3fd7e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lacrossetribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:05:23 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 2506090
last-modified: Tue, 10 May 2022 15:15:27 GMT
x-vcache: MISS
server: cloudflare
etag: W/"627a818f-189c"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 77263297ecaf9bd4-FRA
expires: Thu, 25 May 2023 06:09:53 GMT

GET
H2 200 flex-utility-text-promo.945a2efac4892ce469180c513f411107.css
bloximages.chicago2.vip.townnews.com/lacrossetribune.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/ 531 B
367 B 194ms
139ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/lacrossetribune.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/flex-utility-text-promo.945a2efac4892ce469180c513f411107.css

Requested by

Host: lacrossetribune.com
URL: https://lacrossetribune.com/ads/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8888b39fcef68347451a49b9c12fbd7f5af165a42f289fbeef6c4db2f8a33228

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lacrossetribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:05:23 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
cross-origin-resource-policy: cross-origin
last-modified: Mon, 21 Nov 2022 16:30:13 GMT
x-vcache: MISS
server: cloudflare
etag: W/"637ba795-213"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 77263297ecb39bd4-FRA
expires: Thu, 30 Nov 2023 17:10:11 GMT

GET
H2 200 owl.carousel.d631cca58a0d014854c4a6c1815f1da3.css
bloximages.chicago2.vip.townnews.com/lacrossetribune.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/styles/ 5 KB
1 KB 97ms
42ms Stylesheet
text/css 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/lacrossetribune.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/styles/owl.carousel.d631cca58a0d014854c4a6c1815f1da3.css

Requested by

Host: lacrossetribune.com
URL: https://lacrossetribune.com/ads/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f43f4ee69c1e53622d634119250c9ecc2b189983c3e9dcf6bca4c59523b2b4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lacrossetribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:05:23 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 4607646
last-modified: Tue, 10 May 2022 15:15:33 GMT
x-vcache: MISS
server: cloudflare
etag: W/"627a8195-12b0"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 77263297ecb29bd4-FRA
expires: Thu, 25 May 2023 06:44:18 GMT

GET
H2 200 cc.js Show response
tags.crwdcntrl.net/c/6894/ 38 KB
12 KB 35ms
8ms Script
application/json 65.9.66.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.crwdcntrl.net/c/6894/cc.js?ns=_cc6894
Requested by: Host: lacrossetribune.com
URL: https://lacrossetribune.com/ads/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.104 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-104.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5a2f10e09cd6e81eb686dbca9e6056ed485e87d3869bac347455547c294cb036

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lacrossetribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 12:56:08 GMT
content-encoding: gzip
via: 1.1 c359abeab0060e721cfaac65ce34b1cc.cloudfront.net (CloudFront)
last-modified: Mon, 03 Oct 2022 21:56:24 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 25807
x-amz-server-side-encryption: AES256
etag: W/"8cd042d9f203fe2e01747c7444f95498"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
cache-control: max-age: 86400
x-amz-cf-id: R6xzm1G_c9BEFneGFV1pdh_RnZlee2yMNRnVH9rIjBqp6rBeTW6mHQ==

GET
H2 200 access.js Show response
lacrossetribune.com/shared-content/art/tncms/api/ 86 KB
34 KB 122ms
122ms Script
application/x-javascript 192.104.182.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://lacrossetribune.com/shared-content/art/tncms/api/access.js
Requested by: Host: lacrossetribune.com
URL: https://lacrossetribune.com/ads/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.chicago2.vip.townnews.com
Software: /
Resource Hash: 19f9276f53dbe297e9a198481caa8327ca36f3454c83853428ef025e16dbcf1b

Request headers

Referer: https://lacrossetribune.com/ads/
Origin: https://lacrossetribune.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:00:49 GMT
content-encoding: gzip
last-modified: Thu, 10 Nov 2022 22:19:45 GMT
x-vcache: HIT
age: 274
etag: W/"636d7901-15914"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
accept-ranges: bytes
content-length: 35065
service-worker-allowed: /

GET
H2 200 osano.js Show response
cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/ 424 KB
95 KB 72ms
11ms Script
application/javascript 2600:9000:211e:f200:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Requested by

Host: lacrossetribune.com
URL: https://lacrossetribune.com/ads/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:f200:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

CloudFront /

Resource Hash

f13e922400d4fe464c0e32b6f85483056cf9ba7d3d7e7c24524c2217f1a5995e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lacrossetribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 05:12:21 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000
via: 1.1 9928105291571d6cae52bcb916c898d8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 53582
x-cache: Hit from cloudfront
content-length: 96683
x-xss-protection: mode=block
last-modified: Wed, 26 Oct 2022 18:55:53 GMT
server: CloudFront
etag: "ed6a6ac92a0aa601a1ff81d7dd0ab1f4"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-id: EmCQ_q29TIgCfnEtPL-bhkJCn8r2onwTnwYJTLur4fwUIBajEUlyHw==

GET
H2

200

apstag.js Show response
d3div1mtym39ic.cloudfront.net/aax2/
Redirect Chain

https://c.amazon-adsystem.com/aax2/apstag.js
https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js

178 KB
40 KB

32ms
10ms

Script
application/javascript

2600:9000:20eb:9c00:11:1ed0:3900:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
Requested by: Host: lacrossetribune.com
URL: https://lacrossetribune.com/ads/
Protocol: H2
Server: 2600:9000:20eb:9c00:11:1ed0:3900:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bd8b521307332fcb0a59ff2cbfe324322d6f4108b24363b6c8d26a0ec8be50da

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lacrossetribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 19:57:54 GMT
content-encoding: br
via: 1.1 0e75d8f2d484ce463fc04f5c422aa178.cloudfront.net (CloudFront)
last-modified: Wed, 09 Nov 2022 20:51:50 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 450
x-amz-server-side-encryption: AES256
etag: W/"e675a6dfe90787fca79a6c96fd29c2d8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: public, max-age=3600
x-amz-cf-id: c3x9zIC1IyNJ_RJijzBJzkqlijpbAYbGFgwr1mENVJBp7xMHqDJJwg==

Redirect headers

date: Wed, 30 Nov 2022 01:01:48 GMT
via: 1.1 adc51edbb4dc468fb382e40b115a2f62.cloudfront.net (CloudFront), 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: FRA60-P1, FRA56-C2
age: 68615
x-cache: Hit from cloudfront
content-type: text/html
location: https://d3div1mtym39ic.cloudfront.net/aax2/apstag.js
content-length: 167
x-amz-cf-id: iC2DGSFLakkgHZlS2ao6pbzuRsn81zcJuFdjOus2yc5b2GYBwxGDDA==

GET
H2 200 lacrossetribune.com.js Show response
bloximages.chicago2.vip.townnews.com/leetemplates.com/content/tncms/live/global/resources/scripts/falcon/ 7 KB
2 KB 198ms
147ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/leetemplates.com/content/tncms/live/global/resources/scripts/falcon/lacrossetribune.com.js?_dc=113014

Requested by

Host: lacrossetribune.com
URL: https://lacrossetribune.com/ads/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

085be93e6e47b5817cd25c48f6b80a51ecc1e3da8dda4106c43748a50296eb52

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lacrossetribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:05:23 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
cross-origin-resource-policy: cross-origin
last-modified: Wed, 30 Nov 2022 15:44:30 GMT
x-vcache: MISS
server: cloudflare
etag: W/"63877a5e-1cae"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 77263297fcd29bd4-FRA
expires: Thu, 30 Nov 2023 20:00:08 GMT

GET
H2 200 owl.carousel.50dc41fa734414148ce4b489fd904c5f.js Show response
bloximages.chicago2.vip.townnews.com/lacrossetribune.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 40 KB
11 KB 35ms
33ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/lacrossetribune.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/owl.carousel.50dc41fa734414148ce4b489fd904c5f.js

Requested by

Host: lacrossetribune.com
URL: https://lacrossetribune.com/ads/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1794ab1a330fa566f4f21116012908a58001e21fb254959ac7cbcd41b25bba34

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lacrossetribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:05:24 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 2446449
last-modified: Thu, 21 Jul 2022 21:07:13 GMT
x-vcache: MISS
server: cloudflare
etag: W/"62d9c001-9ff8"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 77263299e8e89bd4-FRA
expires: Wed, 26 Jul 2023 16:40:56 GMT

GET
H2 200 tnt.notify.a814fe612f2dcba9061edc229aeaf90b.js Show response
bloximages.chicago2.vip.townnews.com/lacrossetribune.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 3 KB
1 KB 26ms
24ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/lacrossetribune.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.notify.a814fe612f2dcba9061edc229aeaf90b.js

Requested by

Host: lacrossetribune.com
URL: https://lacrossetribune.com/ads/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

15c5217bab15791da899bebeec1b32e57bcd02d20f8847c6440f47ededcdf625

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lacrossetribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:05:24 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 26728165
last-modified: Tue, 06 Jul 2021 13:05:11 GMT
x-vcache: MISS
server: cloudflare
etag: W/"60e45507-db8"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 77263299e8ea9bd4-FRA
expires: Wed, 06 Jul 2022 19:01:09 GMT

GET
H2 200 tnt.notify.panel.bacbeac9a1ca6ee75b79b21a0e2e99f2.js Show response
bloximages.chicago2.vip.townnews.com/lacrossetribune.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 7 KB
2 KB 24ms
22ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: lacrossetribune.com
URL: https://lacrossetribune.com/ads/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3b6854831be14d28fdfdb1758ebebe2893bf8e5be5f176b8d3e1b1b0f874d90e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lacrossetribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:05:24 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 15809526
last-modified: Mon, 23 May 2022 19:54:05 GMT
x-vcache: MISS
server: cloudflare
etag: W/"628be65d-1ba0"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 77263299e8ed9bd4-FRA
expires: Wed, 31 May 2023 19:01:11 GMT

GET
H2 200 firebase-app.js Show response
www.gstatic.com/firebasejs/6.6.2/ 11 KB
4 KB 37ms
11ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/6.6.2/firebase-app.js

Requested by

Host: lacrossetribune.com
URL: https://lacrossetribune.com/ads/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b10a075758097bb0578287af03c76a9fcd82fa4607587109ae41fe2d24756600

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lacrossetribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 01:06:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 154743
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3945
x-xss-protection: 0
last-modified: Thu, 19 Sep 2019 21:11:52 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Wed, 29 Nov 2023 01:06:21 GMT

GET
H2 200 firebase-messaging.js Show response
www.gstatic.com/firebasejs/6.6.2/ 31 KB
9 KB 38ms
12ms Script
text/javascript 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/firebasejs/6.6.2/firebase-messaging.js

Requested by

Host: lacrossetribune.com
URL: https://lacrossetribune.com/ads/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5e55a21dfa3a20ceb298737c8f4c517a83d7960468c7f53b3f33c567bacff3c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lacrossetribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Mon, 28 Nov 2022 19:15:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 175767
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8653
x-xss-protection: 0
last-modified: Thu, 19 Sep 2019 21:11:54 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="firebase-js"
vary: Accept-Encoding
report-to: {"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 28 Nov 2023 19:15:57 GMT

GET
H2 200 messaging.js Show response
lacrossetribune.com/shared-content/art/tncms/api/ 4 KB
1 KB 124ms
122ms Script
application/x-javascript 192.104.182.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://lacrossetribune.com/shared-content/art/tncms/api/messaging.js
Requested by: Host: lacrossetribune.com
URL: https://lacrossetribune.com/ads/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.chicago2.vip.townnews.com
Software: /
Resource Hash: fe5d23d415187d71dfa026db8852418f98513ef7f7a1c3e1321bc95d6d6a0f5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lacrossetribune.com/ads/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:05:07 GMT
content-encoding: gzip
last-modified: Mon, 21 Nov 2022 17:47:40 GMT
x-vcache: HIT
age: 16
etag: W/"637bb9bc-11aa"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
accept-ranges: bytes
content-length: 1259
service-worker-allowed: /

GET
H2 200 tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js Show response
bloximages.chicago2.vip.townnews.com/lacrossetribune.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/ 200 B
275 B 82ms
33ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/lacrossetribune.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js

Requested by

Host: lacrossetribune.com
URL: https://lacrossetribune.com/ads/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0ac4a1580edb443420c38896152a03c80c8fa8e5f1f09853896b810d87309a80

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lacrossetribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:05:23 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 673737
last-modified: Tue, 10 May 2022 15:15:16 GMT
x-vcache: MISS
server: cloudflare
etag: W/"627a8184-c8"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 77263297fcd59bd4-FRA
expires: Wed, 24 May 2023 10:46:51 GMT

GET
H2 200 tracking.js Show response
lacrossetribune.com/shared-content/art/tncms/ 3 KB
1 KB 124ms
122ms Script
application/x-javascript 192.104.182.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://lacrossetribune.com/shared-content/art/tncms/tracking.js
Requested by: Host: lacrossetribune.com
URL: https://lacrossetribune.com/ads/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.chicago2.vip.townnews.com
Software: /
Resource Hash: 18eadbed616a1c6d3afcf2750befa4c653869688479efbfdb0020c7c836d718b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lacrossetribune.com/ads/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:02:05 GMT
content-encoding: gzip
last-modified: Mon, 21 Nov 2022 17:47:40 GMT
x-vcache: HIT
age: 198
etag: W/"637bb9bc-a4b"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
accept-ranges: bytes
content-length: 1149
service-worker-allowed: /

GET
H2 200 prebid7.9.0.js Show response
bloximages.chicago2.vip.townnews.com/lacrossetribune.com/content/tncms/live/libraries/flex/components/ads_dfp/resources/scripts/ 197 KB
61 KB 95ms
47ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/lacrossetribune.com/content/tncms/live/libraries/flex/components/ads_dfp/resources/scripts/prebid7.9.0.js?_dc=1668758494

Requested by

Host: lacrossetribune.com
URL: https://lacrossetribune.com/ads/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

77b109dd53ec2921d47af5eedcf39cbea8bc92bf8b59a970aa104c5ed2d5b3c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lacrossetribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:05:23 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 1074077
cross-origin-resource-policy: cross-origin
last-modified: Fri, 18 Nov 2022 08:01:34 GMT
x-vcache: MISS
server: cloudflare
etag: W/"63773bde-313f5"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 77263297fccd9bd4-FRA
expires: Sat, 18 Nov 2023 08:06:54 GMT

GET
H2 200 lee.common.js Show response
bloximages.chicago2.vip.townnews.com/lacrossetribune.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/scripts/ 9 KB
3 KB 91ms
43ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/lacrossetribune.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/scripts/lee.common.js?_dc=1669708853

Requested by

Host: lacrossetribune.com
URL: https://lacrossetribune.com/ads/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

efdffa93d62eb8cdc6420060cefbd4a1b68c8fb1ff6f853c86d6e1d1e0345291

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lacrossetribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:05:23 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 114705
cross-origin-resource-policy: cross-origin
last-modified: Tue, 29 Nov 2022 08:00:53 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6385bc35-2426"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 77263297fcdd9bd4-FRA
expires: Wed, 29 Nov 2023 08:06:17 GMT

GET
H2 200 fontawesome.a7c71fa5a63ad1158170fb2c085be042.js Show response
bloximages.chicago2.vip.townnews.com/lacrossetribune.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 264 KB
95 KB 31ms
29ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/lacrossetribune.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/fontawesome.a7c71fa5a63ad1158170fb2c085be042.js

Requested by

Host: lacrossetribune.com
URL: https://lacrossetribune.com/ads/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ec681300bf92d8a2d7a67a0e7b2dd7651ec4b35e5dcc67f180a4bacd0ed6937

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lacrossetribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:05:24 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 4321850
cross-origin-resource-policy: cross-origin
last-modified: Thu, 06 Oct 2022 20:59:11 GMT
x-vcache: MISS
server: cloudflare
etag: W/"633f419f-41e71"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 77263299e8f09bd4-FRA
expires: Wed, 11 Oct 2023 19:01:18 GMT

GET
H2 200 tracker.js Show response
lacrossetribune.com/shared-content/art/stats/common/ 9 KB
3 KB 123ms
122ms Script
application/x-javascript 192.104.182.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://lacrossetribune.com/shared-content/art/stats/common/tracker.js
Requested by: Host: lacrossetribune.com
URL: https://lacrossetribune.com/ads/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.chicago2.vip.townnews.com
Software: /
Resource Hash: d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lacrossetribune.com/ads/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:02:05 GMT
content-encoding: gzip
last-modified: Wed, 08 Dec 2021 15:26:09 GMT
x-vcache: HIT
age: 198
etag: W/"61b0ce91-2200"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: public, max-age=600
accept-ranges: bytes
content-length: 3224
service-worker-allowed: /

GET
H2 200 18ed4dea-172b-11ec-896b-175e65cc432b.png
bloximages.chicago2.vip.townnews.com/lacrossetribune.com/content/tncms/custom/image/ 6 KB
6 KB 34ms
33ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/lacrossetribune.com/content/tncms/custom/image/18ed4dea-172b-11ec-896b-175e65cc432b.png

Requested by

Host: lacrossetribune.com
URL: https://lacrossetribune.com/ads/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

351cdc5ff1b9721196948d9c863a47e5caa47d911ae47a1fbc9bcadb3efc487d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lacrossetribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:05:24 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 23770246
cf-polished: origFmt=png, origSize=7001
content-disposition: inline; filename="18ed4dea-172b-11ec-896b-175e65cc432b.webp"
content-length: 6148
cf-bgj: imgq:85,h2pri
last-modified: Thu, 16 Sep 2021 20:17:21 GMT
server: cloudflare
x-vcache: MISS
etag: "6143a651-1b59"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 77263299e8f29bd4-FRA
expires: Sat, 25 Feb 2023 19:08:09 GMT

GET
H2 200 user_no_avatar.82c8fc38eb25dca10493a994ca1bfb90.png
bloximages.chicago2.vip.townnews.com/lacrossetribune.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/images/ 978 B
1 KB 33ms
32ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/lacrossetribune.com/shared-content/art/tncms/templates/libraries/flex/components/themes/resources/images/user_no_avatar.82c8fc38eb25dca10493a994ca1bfb90.png

Requested by

Host: lacrossetribune.com
URL: https://lacrossetribune.com/ads/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6b96eb73da5fe3c20e4507bf752917f6d7978be8881c1dea934db282b028407d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lacrossetribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:05:24 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 23770246
cf-polished: origFmt=png, origSize=3610
content-disposition: inline; filename="user_no_avatar.webp"
content-length: 978
cf-bgj: imgq:85,h2pri
last-modified: Thu, 02 Apr 2015 21:53:54 GMT
server: cloudflare
x-vcache: MISS
etag: "551dba72-e1a"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 77263299e8f39bd4-FRA
expires: Sat, 25 Feb 2023 22:29:33 GMT

GET
H2 200 ilad-logo.png
bloximages.chicago2.vip.townnews.com/central.leetemplates.com/content/tncms/live/global/resources/images/blocks/deal-widget/ 8 KB
8 KB 35ms
34ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/central.leetemplates.com/content/tncms/live/global/resources/images/blocks/deal-widget/ilad-logo.png?_dc=22.11.30.02

Requested by

Host: lacrossetribune.com
URL: https://lacrossetribune.com/ads/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

00c148948ab047ce93d74182b92ce47710fef7b720b961e6a4df28a169292e57

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lacrossetribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:05:24 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 40260
cf-polished: origFmt=png, origSize=13011
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="ilad-logo.webp"
content-length: 8256
cf-bgj: imgq:85,h2pri
last-modified: Tue, 29 Sep 2020 18:45:56 GMT
server: cloudflare
x-vcache: MISS
etag: "5f7380e4-32d3"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 77263299f9249bd4-FRA
expires: Thu, 30 Nov 2023 07:06:37 GMT

GET
H2 200 op.js Show response
tagan.adlightning.com/leeenterprises/ 44 KB
17 KB 46ms
8ms Script
application/javascript 65.9.66.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/leeenterprises/op.js
Requested by: Host: lacrossetribune.com
URL: https://lacrossetribune.com/ads/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-8.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8446fae9b690b72203ab7fa42c5c6242d696ee14da4e7ffa27cf95ea2612b4d8

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lacrossetribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-amz-version-id: pBzWCSkADIUAj.gHMrUZ2XGryG9a8IIc
content-encoding: gzip
via: 1.1 cf2939e85531f45f3306f792ea104eaa.cloudfront.net (CloudFront)
date: Wed, 30 Nov 2022 19:25:26 GMT
x-amz-cf-pop: FRA56-C1
age: 2419
x-cache: Hit from cloudfront
content-length: 17341
x-amz-meta-git_commit: 8db6969
last-modified: Tue, 29 Nov 2022 13:22:49 GMT
server: AmazonS3
etag: "5fdb71fe31cb28f2f8210ea52095011f"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: Fm0hwuHuXcW0_CkqZ5I6QUeDitXtkMjggfWu2MnU31nYaN54x04fsg==

GET
H2 200 dmp.reactive.727b4e3bfa0f1d9c7a22279342b1b5f5.js Show response
bloximages.chicago2.vip.townnews.com/lacrossetribune.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/ 1 KB
572 B 198ms
196ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/lacrossetribune.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/dmp.reactive.727b4e3bfa0f1d9c7a22279342b1b5f5.js

Requested by

Host: lacrossetribune.com
URL: https://lacrossetribune.com/ads/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

95628f1f9076cd20be6e0cedd3915cfb79e0f0eea48aac79e9aa7f64fc5873cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lacrossetribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:05:24 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 0
cross-origin-resource-policy: cross-origin
last-modified: Fri, 18 Nov 2022 17:15:46 GMT
x-vcache: MISS
server: cloudflare
etag: W/"6377bdc2-4ad"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 77263299e8dc9bd4-FRA
expires: Wed, 29 Nov 2023 18:56:58 GMT

GET
H2 200 dfp.floor.js Show response
bloximages.chicago2.vip.townnews.com/leetemplates.com/content/tncms/live/global/resources/scripts/ 178 B
226 B 25ms
23ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/leetemplates.com/content/tncms/live/global/resources/scripts/dfp.floor.js?_dc=113014

Requested by

Host: lacrossetribune.com
URL: https://lacrossetribune.com/ads/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1e8a02509c4d963962da9a455673b7ebfd5f957cea4e14d764ce1d0293072306

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lacrossetribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:05:24 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 3630
cross-origin-resource-policy: cross-origin
last-modified: Fri, 30 Sep 2022 05:00:05 GMT
x-vcache: MISS
server: cloudflare
etag: W/"633677d5-b2"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 77263299e8e39bd4-FRA
expires: Thu, 30 Nov 2023 15:00:43 GMT

GET
H2 200 lacrossetribune.com.js Show response
bloximages.chicago2.vip.townnews.com/lacrossetribune.com/content/tncms/live/libraries/flex/components/ads_dfp/resources/scripts/pb-config/ 1 KB
436 B 23ms
21ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/lacrossetribune.com/content/tncms/live/libraries/flex/components/ads_dfp/resources/scripts/pb-config/lacrossetribune.com.js?_dc=1668758494

Requested by

Host: lacrossetribune.com
URL: https://lacrossetribune.com/ads/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

776e4de03041a08c41b99083174bc08d3e6bf54871eb5790794c599b69690c96

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lacrossetribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:05:24 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 1074078
cross-origin-resource-policy: cross-origin
last-modified: Fri, 18 Nov 2022 08:01:34 GMT
x-vcache: MISS
server: cloudflare
etag: W/"63773bde-5b9"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 77263299e8e69bd4-FRA
expires: Sat, 18 Nov 2023 08:06:56 GMT

GET
H2 200 dfp.lazy.pbjs.js Show response
bloximages.chicago2.vip.townnews.com/lacrossetribune.com/content/tncms/live/libraries/flex/components/ads_dfp/resources/scripts/ 17 KB
4 KB 24ms
22ms Script
application/x-javascript 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/lacrossetribune.com/content/tncms/live/libraries/flex/components/ads_dfp/resources/scripts/dfp.lazy.pbjs.js?_dc=1668758494

Requested by

Host: lacrossetribune.com
URL: https://lacrossetribune.com/ads/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

acaf0b24b9f0059aabefa51db920150d5581c1d9fbb85359c47c0b99da4915b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lacrossetribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:05:24 GMT
strict-transport-security: max-age=604800
content-encoding: br
cf-cache-status: HIT
age: 1074078
cross-origin-resource-policy: cross-origin
last-modified: Fri, 18 Nov 2022 08:01:34 GMT
x-vcache: MISS
server: cloudflare
etag: W/"63773bde-45d5"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 77263299e8e79bd4-FRA
expires: Sat, 18 Nov 2023 08:06:56 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 202 KB
68 KB 51ms
25ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N

Requested by

Host: lacrossetribune.com
URL: https://lacrossetribune.com/ads/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7ecbabbee41cf88fa99962fe8ed2644226cb200fe106e2a2be3daee7bbacf8df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lacrossetribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:05:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69561
x-xss-protection: 0
last-modified: Wed, 30 Nov 2022 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 30 Nov 2022 20:05:24 GMT

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 25ms
8ms XHR
application/javascript 13.32.28.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-28-197.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lacrossetribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-amz-version-id: vkCJAv2LVCiDvkjoOZrS5s9fefeFFUOq
content-encoding: gzip
via: 1.1 08b9c2fd11813ffdb8fa03129d0a465c.cloudfront.net (CloudFront)
date: Wed, 30 Nov 2022 05:23:37 GMT
x-amz-cf-pop: FRA56-C2
age: 52908
x-cache: Hit from cloudfront
last-modified: Fri, 18 Nov 2022 03:05:15 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
vary: Accept-Encoding,Origin
x-amz-cf-id: j233U1x25j_armr5cBMD1SPEj1TknfEWQUC4L5EuT7ZVHdrrAL1Y7w==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 428 B
788 B 9ms
9ms XHR
application/json 13.32.28.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=3266&u=https%3A%2F%2Flacrossetribune.com
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.28.197 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-28-197.fra56.r.cloudfront.net
Software: Server /
Resource Hash: 38cbad3f0760fd779e554bb11c9ba0811125c5409237405f99d94d087afcf16c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lacrossetribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 19:15:33 GMT
via: 1.1 0d5d2d408eb42296c7636196e25ef8a2.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA56-C2
age: 2991
x-cache: Hit from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://lacrossetribune.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 428
x-amz-cf-id: oW4vYTwZ_ijXnUymzN1x56hKi8paaWQdSX6Em_YHoTMIYtF2zrLvZw==

GET
BLOB 200
OK a6da88be-c8a7-454f-bf81-4b6933151f7d
https://lacrossetribune.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://lacrossetribune.com/a6da88be-c8a7-454f-bf81-4b6933151f7d
Requested by: Host: lacrossetribune.com
URL: https://lacrossetribune.com/ads/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 tracker.gif
lacrossetribune.com/shared-content/art/stats/common/ 0
145 B 122ms
122ms Image
image/gif 192.104.182.109
LEE-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://lacrossetribune.com/shared-content/art/stats/common/tracker.gif?tnms_rs=1600x1200x24&tnms_vtum=1&tnms_vt=1&tnms_vid=166983872414616001200635445681335&tnms_dt=La%20Crosse%20Advertising%20%7C%20lacrossetribune.com&tnms_upage=1&tnms_do=lacrossetribune.com&tnms_uri=/ads/&tnms_ref=&rt=1669838724147
Requested by: Host: lacrossetribune.com
URL: https://lacrossetribune.com/ads/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.chicago2.vip.townnews.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lacrossetribune.com/ads/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:05:24 GMT
last-modified: Thu, 16 Oct 2008 20:11:25 GMT
x-vcache: MISS
age: 0
etag: "48f79fed-0"
content-type: image/gif
cache-control: no-cache, no-store
accept-ranges: bytes
content-length: 0

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 47ms
17ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

da43e76e310064f1c794e2eeb4dd1e2bf426386dffea441a7dc0755139490d97

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lacrossetribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:05:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27269
x-xss-protection: 0
server: sffe
etag: "1408 / 307 of 1000 / last-modified: 1669810540"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Wed, 30 Nov 2022 20:05:24 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 502 KB
119 KB 103ms
87ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TDWDC2

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

04b8fa95b5ba6f0969a6970fbed47cc0ef8345687b3e5d1a838a0aada08bf99b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lacrossetribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:05:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 121905
x-xss-protection: 0
last-modified: Wed, 30 Nov 2022 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 30 Nov 2022 20:05:24 GMT

GET
DATA 200
OK truncated
/ 73 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 75 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e31c42447e764b1195ff393437950867800ce2465dd3724c95640f4f5b34487c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 cars-bg.jpg
bloximages.chicago2.vip.townnews.com/central.leetemplates.com/content/tncms/live/global/resources/images/blocks/ads-subnav/ 41 KB
41 KB 130ms
130ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/central.leetemplates.com/content/tncms/live/global/resources/images/blocks/ads-subnav/cars-bg.jpg

Requested by

Host: lacrossetribune.com
URL: https://lacrossetribune.com/ads/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7c21a2b22ed7af917fd2fc5f5b2035066bd4778c33383de549084b7d57ab94cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lacrossetribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:05:24 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=57104
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="cars-bg.webp"
content-length: 42112
cf-bgj: imgq:85,h2pri
last-modified: Wed, 07 Mar 2018 23:28:37 GMT
server: cloudflare
x-vcache: MISS
etag: "5aa075a5-df10"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 7726329a8a9d9bd4-FRA
expires: Thu, 30 Nov 2023 07:09:33 GMT

GET
H2 200 jobs-bg.jpg
bloximages.chicago2.vip.townnews.com/central.leetemplates.com/content/tncms/live/global/resources/images/blocks/ads-subnav/ 20 KB
21 KB 29ms
29ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/central.leetemplates.com/content/tncms/live/global/resources/images/blocks/ads-subnav/jobs-bg.jpg

Requested by

Host: lacrossetribune.com
URL: https://lacrossetribune.com/ads/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53b412ba49585fe9a8685e169369b76a3003edaefe6345165f09429ee440e9b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lacrossetribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:05:24 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 183512
cf-polished: qual=85, origFmt=jpeg, origSize=34943
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="jobs-bg.webp"
content-length: 20988
cf-bgj: imgq:85,h2pri
last-modified: Wed, 07 Mar 2018 23:28:31 GMT
server: cloudflare
x-vcache: MISS
etag: "5aa0759f-887f"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 7726329a8aa19bd4-FRA
expires: Wed, 22 Nov 2023 21:49:06 GMT

GET
H2 200 homes-bg.jpg
bloximages.chicago2.vip.townnews.com/central.leetemplates.com/content/tncms/live/global/resources/images/blocks/ads-subnav/ 46 KB
46 KB 145ms
145ms Image
image/webp 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/central.leetemplates.com/content/tncms/live/global/resources/images/blocks/ads-subnav/homes-bg.jpg

Requested by

Host: lacrossetribune.com
URL: https://lacrossetribune.com/ads/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

79d14063a53d80583eab08a0c45d804a3aad02178fb8ed58083d5fe87098bde3

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lacrossetribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:05:24 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
cf-polished: qual=85, origFmt=jpeg, origSize=64976
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="homes-bg.webp"
content-length: 46694
cf-bgj: imgq:85,h2pri
last-modified: Wed, 07 Mar 2018 23:28:24 GMT
server: cloudflare
x-vcache: MISS
etag: "5aa07598-fdd0"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 7726329a8aaa9bd4-FRA
expires: Wed, 29 Nov 2023 09:38:05 GMT

GET
H2 200 serif-ds.woff2
bloximages.chicago2.vip.townnews.com/lacrossetribune.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/images/ 26 KB
26 KB 63ms
36ms Font
application/font-woff2 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://bloximages.chicago2.vip.townnews.com/lacrossetribune.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/images/serif-ds.woff2

Requested by

Host: bloximages.chicago2.vip.townnews.com
URL: https://bloximages.chicago2.vip.townnews.com/lacrossetribune.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/styles/lee.ds.css?_dc=1669708852

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f98e8196d88bff2a006872a05d79c2d695f6dda36e0aecdd0ace020207809f40

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://bloximages.chicago2.vip.townnews.com/lacrossetribune.com/content/tncms/live/libraries/flex/components/lee_ds_v3/resources/styles/lee.ds.css?_dc=1669708852
Origin: https://lacrossetribune.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:05:24 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 26737207
content-length: 26164
last-modified: Tue, 21 Sep 2021 07:01:28 GMT
x-vcache: MISS
server: cloudflare
etag: "61498348-6634"
vary: Accept-Encoding
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 7726329abedb5bed-FRA
expires: Wed, 21 Sep 2022 15:03:41 GMT

GET
H2 200 63852ff09ba72.preview.jpg
bloximages.chicago2.vip.townnews.com/lacrossetribune.com/content/tncms/assets/v3/classifieds/b/39/b39b06e1-59af-5cb1-a70a-04c220c555d9/ 6 KB
6 KB 119ms
118ms Image
image/jpeg 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/lacrossetribune.com/content/tncms/assets/v3/classifieds/b/39/b39b06e1-59af-5cb1-a70a-04c220c555d9/63852ff09ba72.preview.jpg?resize=98%2C200

Requested by

Host: lacrossetribune.com
URL: https://lacrossetribune.com/ads/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e5a2e084d268b67b8fcab4cac9b9f62195759c3cd12a260d0299ff0c8e36345

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lacrossetribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:05:24 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
cf-polished: origSize=6186, status=webp_bigger
cross-origin-resource-policy: cross-origin
content-length: 6046
cf-bgj: imgq:85,h2pri
last-modified: Mon, 28 Nov 2022 22:02:24 GMT
server: cloudflare
x-vcache: MISS
etag: "592a381d7a0c17fe85dd337013ca0227"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 7726329aeba79bd4-FRA
expires: Thu, 30 Nov 2023 13:45:23 GMT

GET
H2 200 6373a98df3105.preview.jpg
bloximages.chicago2.vip.townnews.com/lacrossetribune.com/content/tncms/assets/v3/classifieds/a/9a/a9ab71b9-023f-5525-9fa5-ab2f47036b51/ 8 KB
9 KB 142ms
142ms Image
image/jpeg 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/lacrossetribune.com/content/tncms/assets/v3/classifieds/a/9a/a9ab71b9-023f-5525-9fa5-ab2f47036b51/6373a98df3105.preview.jpg?resize=110%2C200

Requested by

Host: lacrossetribune.com
URL: https://lacrossetribune.com/ads/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1e19cbf886f7a9d2923b27a0f8b8c1517b107f95c09feb0d6f161abb06a15b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lacrossetribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:05:24 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
cf-polished: origSize=8629, status=webp_bigger
cross-origin-resource-policy: cross-origin
content-length: 8505
cf-bgj: imgq:85,h2pri
last-modified: Tue, 15 Nov 2022 15:00:31 GMT
server: cloudflare
x-vcache: MISS
etag: "de69073cbb239bf32ce2dca73fda67cb"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 7726329aeba99bd4-FRA
expires: Tue, 28 Nov 2023 17:02:12 GMT

GET
H2 200 637be72d1f0f9.preview.jpg
bloximages.chicago2.vip.townnews.com/lacrossetribune.com/content/tncms/assets/v3/classifieds/5/85/58561178-4b71-5d28-bb77-f7fe53988802/ 8 KB
8 KB 124ms
124ms Image
image/jpeg 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/lacrossetribune.com/content/tncms/assets/v3/classifieds/5/85/58561178-4b71-5d28-bb77-f7fe53988802/637be72d1f0f9.preview.jpg?resize=110%2C200

Requested by

Host: lacrossetribune.com
URL: https://lacrossetribune.com/ads/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82a6ecd1ce6a1af11b10ec6436609c5e9fb81811c04aa9c9b1dd7de6b413e8e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lacrossetribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:05:24 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
cf-polished: origSize=8579, status=webp_bigger
cross-origin-resource-policy: cross-origin
content-length: 8461
cf-bgj: imgq:85,h2pri
last-modified: Mon, 21 Nov 2022 21:01:34 GMT
server: cloudflare
x-vcache: MISS
etag: "d37421a341ed4bd9639154e7bf7d106e"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 7726329aebaf9bd4-FRA
expires: Thu, 30 Nov 2023 20:05:20 GMT

GET
H2 200 pubads_impl_2022113001.js Show response
securepubads.g.doubleclick.net/gpt/ 384 KB
130 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022113001.js?cb=31071080

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

728e669b9c7cb9efcdc7fd22a9b2250ea2f9ea278392fd8f48cdc40f1946944e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lacrossetribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 11:51:38 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 29626
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133236
x-xss-protection: 0
last-modified: Wed, 30 Nov 2022 09:36:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Thu, 30 Nov 2023 11:51:38 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 347 B
166 B 90ms
68ms XHR
application/json 2a00:1450:4001:801::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=lacrossetribune.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

542a62981ce4a55b4b44a8f7256ac40575bd9c72379d50dac28db2aa69e4ab09

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lacrossetribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:05:24 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 141
x-xss-protection: 0
expires: Wed, 30 Nov 2022 20:05:24 GMT

GET
H2 200 b-8db6969-b1d44f2c.js Show response
tagan.adlightning.com/leeenterprises/ 95 KB
35 KB 14ms
14ms Script
application/javascript 65.9.66.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/leeenterprises/b-8db6969-b1d44f2c.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-8.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: dc900e9cb9919a3488f49b56acbb290617d1bc2609d38410b7faeb06c331f682

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lacrossetribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 08:40:48 GMT
content-encoding: gzip
via: 1.1 cf2939e85531f45f3306f792ea104eaa.cloudfront.net (CloudFront)
x-amz-version-id: NfwkvRb6BVhgrB5B0dLqLsRWBOvNPil4
x-amz-cf-pop: FRA56-C1
age: 818677
x-cache: Hit from cloudfront
content-length: 35296
x-amz-meta-git_commit: 8db6969
last-modified: Mon, 31 Oct 2022 22:00:27 GMT
server: AmazonS3
etag: "3e6907b4af90bc84d12e516475e4521c"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: q3vdjseBTxL_Qd2WKzfiaJgki9762R48zb_zKUbt3Vsz4XUxKQIZWg==

GET
H2 200 bl-ecd04a8-1232023b.js Show response
tagan.adlightning.com/leeenterprises/ 52 KB
22 KB 18ms
17ms Script
application/javascript 65.9.66.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/leeenterprises/bl-ecd04a8-1232023b.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.66.8 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-66-8.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f82317f5c0f8ebffcc716ae1a1910b01444531bad51a7dd4a98995917f36d7e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lacrossetribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Tue, 29 Nov 2022 13:23:42 GMT
content-encoding: gzip
via: 1.1 cf2939e85531f45f3306f792ea104eaa.cloudfront.net (CloudFront)
x-amz-version-id: p4t7cCmSF07LB8l.HSlrhXgMVeBBToB6
x-amz-cf-pop: FRA56-C1
age: 110503
x-cache: Hit from cloudfront
content-length: 22217
x-amz-meta-git_commit: ecd04a8
last-modified: Tue, 29 Nov 2022 13:22:19 GMT
server: AmazonS3
etag: "9c7acf93fa5a82a4e859771196aba382"
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: sI1c2nTQfLurzPzUoJZo-l7641g6xTJtBP-uyyjrV_bWiGMukO5xLg==

GET
BLOB 200
OK e8f32dee-1334-48fe-821e-7ed68d23e7a2
https://lacrossetribune.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://lacrossetribune.com/e8f32dee-1334-48fe-821e-7ed68d23e7a2
Requested by: Host: lacrossetribune.com
URL: https://lacrossetribune.com/ads/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK e9c683ec-1390-47b0-85c2-8653a25e7ce7
https://lacrossetribune.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://lacrossetribune.com/e9c683ec-1390-47b0-85c2-8653a25e7ce7
Requested by: Host: lacrossetribune.com
URL: https://lacrossetribune.com/ads/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 56f919d3-86b9-461d-aff9-fffd77a6a08f
https://lacrossetribune.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://lacrossetribune.com/56f919d3-86b9-461d-aff9-fffd77a6a08f
Requested by: Host: lacrossetribune.com
URL: https://lacrossetribune.com/ads/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 62e0c9f0694e8.image.jpg
bloximages.chicago2.vip.townnews.com/lacrossetribune.com/content/tncms/assets/v3/editorial/a/41/a41544e4-6ddc-5c12-85e4-f405f3c532dc/ 3 KB
4 KB 108ms
107ms Image
image/jpeg 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/lacrossetribune.com/content/tncms/assets/v3/editorial/a/41/a41544e4-6ddc-5c12-85e4-f405f3c532dc/62e0c9f0694e8.image.jpg?crop=600%2C338%2C0%2C31&resize=150%2C84&order=crop%2Cresize

Requested by

Host: lacrossetribune.com
URL: https://lacrossetribune.com/ads/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf7f4107815e79d43b0bd82348aa0d00dacb83967a9394e496b418f15e091ba1

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lacrossetribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:05:24 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
cf-polished: origSize=3494, status=webp_bigger
cross-origin-resource-policy: cross-origin
content-length: 3331
cf-bgj: imgq:85,h2pri
last-modified: Wed, 27 Jul 2022 05:15:28 GMT
server: cloudflare
x-vcache: MISS
etag: "29209b9e4c26c76352f5aa0ed5a48288"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 7726329c1e7f9bd4-FRA
expires: Thu, 30 Nov 2023 18:56:01 GMT

GET
H/1.1

200
OK

iframe Show response
d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/ Frame 4C19
Redirect Chain

https://insight.adsrvr.org/tags/nebsjkp/21usqg2/iframe
https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe

138 B
668 B

39ms
9ms

Document
text/html

143.204.205.113
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.205.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-205-113.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 3f7d4fce911e0a58ed4224b9f65d90a98d8bb7b76d25ad2610485b9baaa1d447

Request headers

Referer: https://lacrossetribune.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Age: 81711
Cache-Control: max-age=86400
Connection: keep-alive
Content-Length: 138
Content-Type: text/html
Date: Tue, 29 Nov 2022 21:28:26 GMT
ETag: "50351b1f6590b5c4886c111874e016a0"
Last-Modified: Fri, 01 Oct 2021 23:50:10 GMT
Server: AmazonS3
Via: 1.1 25ffb5a941b5a46b102cd385a9cdbb50.cloudfront.net (CloudFront)
X-Amz-Cf-Id: GK3R5y2CdzIpREGb-yFeN7_A6vZhbuC30PRFybZlU-MI3fpM_lve7A==
X-Amz-Cf-Pop: FRA53-C1
X-Cache: Hit from cloudfront
x-amz-server-side-encryption: AES256

Redirect headers

content-length: 183
content-type: text/html; charset=UTF-8
date: Wed, 30 Nov 2022 20:05:24 GMT
location: https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET

GET
H2 200 bid Show response
aax-dtb-cf.amazon-adsystem.com/e/dtb/ 64 B
504 B 111ms
42ms XHR
text/javascript 99.86.3.236
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-dtb-cf.amazon-adsystem.com/e/dtb/bid?src=3266&u=https%3A%2F%2Flacrossetribune.com%2Fads%2F&pid=raaUou3AZnD9N&cb=0&ws=1600x1200&v=22.1107.1609&t=2000&slots=%5B%7B%22sd%22%3A%22breakout_top%22%2C%22s%22%3A%5B%22970x250%22%2C%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F8438%2Flacrossetribune.com%2Fads%22%7D%5D&pj=%7B%22sections%22%3A%22ads%22%7D&gdpre=1&gdprc=CAAAAAAAAAAAAEXABADECFCwAAAAAH_AAAYgIgAB4C5GQCFDeHhNAJsUAAQTQMQAAaAgAAAFgQAACBoAAIwCEAAwAACCAAgCAAIAIAQBAAEAAAgAAAEAQAAAAAAAAAAAAAAAIAIAAAAAAAAAAAAIAAAAAAAAAAAAAAAAwAAAAAIAEEAAEAAAIAEAAAAAABAgAgAAAAAAAAAAAAAIAAAAQAAAAAAEEQAAQBUjIAChLDAkgASKAAAIIAAAAFAAAAACwAAABAwAAEYBCAAAAABBAAQAAAEAEAIAgAAAAAQAAAAAIAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAAACCAACAAAEAAAAAAAAAAQAAAAAAAAAAAAAAAEAAAAAAAAAAACAAAA.YAAAAAAAAAAA&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.86.3.236 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-3-236.fra6.r.cloudfront.net

Software

Server /

Resource Hash

d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lacrossetribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:05:24 GMT
strict-transport-security: max-age=47474747; includeSubDomains; preload
via: 1.1 a350f357b825293e306b1b0a2cb490c0.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA6-C1
x-amz-rid: G0QEVQ5Q47YN7SYJ9FF9
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://lacrossetribune.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 64
x-amz-cf-id: uamIlSEpDrS60cev6LRfb0rc1VypRsxrbwSaIMSjksZlS2djZgurIw==

GET
H2 200 ads Show response
pagead2.googlesyndication.com/gampad/ 0
60 B 67ms
42ms XHR
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=4072713137444833&correlator=437851537795878&eid=31071080&output=ldjh&gdfp_req=1&vrg=2022113001&ptt=17&impl=fif&gdpr_consent=CAAAAAAAAAAAAEXABADECFCwAAAAAH_AAAYgIgAB4C5GQCFDeHhNAJsUAAQTQMQAAaAgAAAFgQAACBoAAIwCEAAwAACCAAgCAAIAIAQBAAEAAAgAAAEAQAAAAAAAAAAAAAAAIAIAAAAAAAAAAAAIAAAAAAAAAAAAAAAAwAAAAAIAEEAAEAAAIAEAAAAAABAgAgAAAAAAAAAAAAAIAAAAQAAAAAAEEQAAQBUjIAChLDAkgASKAAAIIAAAAFAAAAACwAAABAwAAEYBCAAAAABBAAQAAAEAEAIAgAAAAAQAAAAAIAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAAACCAACAAAEAAAAAAAAAAQAAAAAAAAAAAAAAAEAAAAAAAAAAACAAAA.YAAAAAAAAAAA&gdpr=1&us_privacy=1---&iu_parts=8438%2Clacrossetribune.com%2Cads&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=2x1&ifi=1&adks=3060532600&didk=2287489771&sfv=1-0-40&prev_scp=pos%3Dfixed-impact-top%2Catf%26inview%3Dtrue%26density%3Dstandard%26lee_group%3D8%26lee_hours%3D20%26lee_day%3D3%26fp%3D148&eri=1&cust_params=amznbid%3D0%26amznp%3D0%26k%3DAds%252Cshopping%2520in%2520La%2520Crosse%252CWinona%252Cchippewa%2520Falls%252CDining%252CEntertainment%252CCars%252CShopping%252CJewelry%252CClothing%26sub%3Dno%26page%3Dindex%252Capp-classifieds%252Cmd_screen%26browser%3DChrome&sc=1&abxe=1&dt=1669838724648&lmt=1669838719&dlt=1669838723751&idt=854&adxs=799&adys=0&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=1&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Flacrossetribune.com%2Fads%2F&frm=20&vis=1&psz=1600x1&msz=1600x1&fws=4&ohw=1600&ga_vid=730233221.1669838725&ga_sid=1669838725&ga_hid=23118664&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022113001.js?cb=31071080

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lacrossetribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:05:24 GMT
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-creative-id: -2
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://lacrossetribune.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
pagead2.googlesyndication.com/gampad/ 0
538 B 65ms
41ms XHR
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=4072713137444833&correlator=490554221930079&eid=31071080&output=ldjh&gdfp_req=1&vrg=2022113001&ptt=17&impl=fif&gdpr_consent=CAAAAAAAAAAAAEXABADECFCwAAAAAH_AAAYgIgAB4C5GQCFDeHhNAJsUAAQTQMQAAaAgAAAFgQAACBoAAIwCEAAwAACCAAgCAAIAIAQBAAEAAAgAAAEAQAAAAAAAAAAAAAAAIAIAAAAAAAAAAAAIAAAAAAAAAAAAAAAAwAAAAAIAEEAAEAAAIAEAAAAAABAgAgAAAAAAAAAAAAAIAAAAQAAAAAAEEQAAQBUjIAChLDAkgASKAAAIIAAAAFAAAAACwAAABAwAAEYBCAAAAABBAAQAAAEAEAIAgAAAAAQAAAAAIAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAAACCAACAAAEAAAAAAAAAAQAAAAAAAAAAAAAAAEAAAAAAAAAAACAAAA.YAAAAAAAAAAA&gdpr=1&us_privacy=1---&iu_parts=8438%2Clacrossetribune.com%2Cads&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=5x1&ifi=2&adks=3975343484&didk=2851316612&sfv=1-0-40&prev_scp=pos%3Dmembers-impact%2Catf%26inview%3Dtrue%26density%3Dstandard%26lee_group%3D5%26lee_hours%3D20%26lee_day%3D3%26fp%3D148&eri=1&cust_params=k%3DAds%252Cshopping%2520in%2520La%2520Crosse%252CWinona%252Cchippewa%2520Falls%252CDining%252CEntertainment%252CCars%252CShopping%252CJewelry%252CClothing%26sub%3Dno%26page%3Dindex%252Capp-classifieds%252Cmd_screen%26browser%3DChrome&sc=1&abxe=1&dt=1669838724653&lmt=1669838719&dlt=1669838723751&idt=854&adxs=798&adys=4865&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=1&ucis=2&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Flacrossetribune.com%2Fads%2F&frm=20&vis=1&psz=1600x1&msz=1600x1&fws=4&ohw=1600&ga_vid=730233221.1669838725&ga_sid=1669838725&ga_hid=23118664&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022113001.js?cb=31071080

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lacrossetribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:05:24 GMT
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-creative-id: -2
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://lacrossetribune.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
18307f700dbbae360687308152dd7f10.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 18F3 6 KB
3 KB 81ms
16ms Document
text/html 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://18307f700dbbae360687308152dd7f10.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lacrossetribune.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 30 Nov 2022 20:05:24 GMT
expires: Thu, 30 Nov 2023 20:05:24 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 / Show response
cmp.osano.com/ Frame A42C 4 KB
1 KB 9ms
8ms Document
text/html 2600:9000:211e:f200:3:b7e:8940:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cmp.osano.com/

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:211e:f200:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a48b96eb4dbabdf7d10b4a7667062cd55b7c1f9aab381f05c916798ec4308f68

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://lacrossetribune.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 34227
content-encoding: br
content-type: text/html
date: Wed, 30 Nov 2022 10:34:58 GMT
etag: W/"287b497c992487af362d33204f87d28f"
last-modified: Thu, 21 Oct 2021 22:01:08 GMT
referrer-policy: same-origin
server: AmazonS3
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Accept-Encoding Origin
via: 1.1 9928105291571d6cae52bcb916c898d8.cloudfront.net (CloudFront)
x-amz-cf-id: vOudXbYPoZW-9tTKaYAtW1deBuiy7GsAkLSgw5DhT35ODVawhHQoVA==
x-amz-cf-pop: FRA56-C2
x-amz-version-id: xT1PkIFehetvNf5lINcU02FbT3u47kBr
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
BLOB 200
OK 6f012788-ebf5-44ed-abed-9d492e3586dd
https://lacrossetribune.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://lacrossetribune.com/6f012788-ebf5-44ed-abed-9d492e3586dd
Requested by: Host: lacrossetribune.com
URL: https://lacrossetribune.com/ads/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 806cd9ff-c447-4167-81ba-a54594981a14
https://lacrossetribune.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://lacrossetribune.com/806cd9ff-c447-4167-81ba-a54594981a14
Requested by: Host: lacrossetribune.com
URL: https://lacrossetribune.com/ads/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK ac80d02b-e369-49f7-a67c-e45fb5ac8897
https://lacrossetribune.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://lacrossetribune.com/ac80d02b-e369-49f7-a67c-e45fb5ac8897
Requested by: Host: lacrossetribune.com
URL: https://lacrossetribune.com/ads/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 048415ca-5f84-4646-8f11-4531ddfa5388
https://lacrossetribune.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://lacrossetribune.com/048415ca-5f84-4646-8f11-4531ddfa5388
Requested by: Host: lacrossetribune.com
URL: https://lacrossetribune.com/ads/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 7a99e3e8-a872-408d-82ca-a679ba93e42f
https://lacrossetribune.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://lacrossetribune.com/7a99e3e8-a872-408d-82ca-a679ba93e42f
Requested by: Host: lacrossetribune.com
URL: https://lacrossetribune.com/ads/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 200 /
insight.adsrvr.org/track/pxl/ Frame 4C19 70 B
260 B 31ms
31ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://insight.adsrvr.org/track/pxl/?adv=nebsjkp&ct=0:21usqg2&fmt=3
Requested by: Host: d1eoo1tco6rr5e.cloudfront.net
URL: https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://d1eoo1tco6rr5e.cloudfront.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 30 Nov 2022 20:05:24 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
BLOB 200
OK 6fe18849-48fe-432c-9d2d-b3bb837427a7
https://lacrossetribune.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://lacrossetribune.com/6fe18849-48fe-432c-9d2d-b3bb837427a7
Requested by: Host: lacrossetribune.com
URL: https://lacrossetribune.com/ads/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

POST
H2 200 auction Show response
bidder.newspassid.com/openrtb2/ 118 B
330 B 483ms
256ms XHR
application/json 44.197.57.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.newspassid.com/openrtb2/auction
Requested by: Host: bloximages.chicago2.vip.townnews.com
URL: https://bloximages.chicago2.vip.townnews.com/lacrossetribune.com/content/tncms/live/libraries/flex/components/ads_dfp/resources/scripts/prebid7.9.0.js?_dc=1668758494
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.197.57.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-197-57-16.compute-1.amazonaws.com
Software: /
Resource Hash: 54a16ddabc565ffbe79825af0ab1a1d5f002cf1ec44bb59539566d1ae48e0109

Request headers

Referer: https://lacrossetribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 20:05:25 GMT
vary: Origin
content-type: application/json
access-control-allow-origin: https://lacrossetribune.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 118
expires: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 33ms
7ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lacrossetribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Wed, 30 Nov 2022 19:24:43 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 2441
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Wed, 30 Nov 2022 21:24:43 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 164 KB
58 KB 51ms
29ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WXMV2VZ&l=dataLayer

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5dc81b154b9c47e7771e179dcc8300c55c3b7861c5f13a2ae9c956513e6cb651

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lacrossetribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:05:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58928
x-xss-protection: 0
last-modified: Wed, 30 Nov 2022 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 30 Nov 2022 20:05:24 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 117 KB
43 KB 49ms
29ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5MTD44X&l=dataLayer

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

48252958d9157bf6db39ee7972e73f9f47652778f63544f8d4e135385a8ddc21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lacrossetribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:05:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44149
x-xss-protection: 0
last-modified: Wed, 30 Nov 2022 18:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 30 Nov 2022 20:05:24 GMT

GET
BLOB 200
OK 2f11e842-421c-4271-aa9d-245f2f9105f8
https://lacrossetribune.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://lacrossetribune.com/2f11e842-421c-4271-aa9d-245f2f9105f8
Requested by: Host: lacrossetribune.com
URL: https://lacrossetribune.com/ads/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 216 KB
75 KB 25ms
24ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-F8FFLLVDEZ&l=dataLayer&cx=c

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

154b1ae849ba8e9c0f66ebaf06ce73bf1a002d17bed1afe98e29581b008ac75d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lacrossetribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:05:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76879
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 30 Nov 2022 20:05:24 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 220 KB
76 KB 30ms
30ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-N7R7HPQLE7&l=dataLayer&cx=c

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

094f85bceae8fd5a71ce9d7f9d06465a5888a70685c658369902ff230ca742f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lacrossetribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:05:24 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77807
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 30 Nov 2022 20:05:24 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
534 B 54ms
15ms XHR
application/json 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://lacrossetribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 30 Nov 2022 20:05:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://lacrossetribune.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 94
x-xss-protection: 0

GET
BLOB 200
OK 8069684d-916b-4817-9c2f-124fac1c1a43
https://lacrossetribune.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://lacrossetribune.com/8069684d-916b-4817-9c2f-124fac1c1a43
Requested by: Host: lacrossetribune.com
URL: https://lacrossetribune.com/ads/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H3 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
884 B 27ms
8ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lacrossetribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 19:44:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1234
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 859
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Wed, 30 Nov 2022 20:44:50 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
463 B 70ms
16ms XHR
application/json 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://lacrossetribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

date: Wed, 30 Nov 2022 20:05:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://lacrossetribune.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23
x-xss-protection: 0

GET
BLOB 200
OK 47be9890-52ae-4b3a-9b67-8d3c8ed0e7f5
https://lacrossetribune.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://lacrossetribune.com/47be9890-52ae-4b3a-9b67-8d3c8ed0e7f5
Requested by: Host: lacrossetribune.com
URL: https://lacrossetribune.com/ads/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
BLOB 200
OK 32b69d82-74d9-46cd-ad8a-40bc44937bce
https://lacrossetribune.com/ 390 B
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://lacrossetribune.com/32b69d82-74d9-46cd-ad8a-40bc44937bce
Requested by: Host: lacrossetribune.com
URL: https://lacrossetribune.com/ads/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Length: 390
Content-Type: text/javascript

GET
H2 404 rt=ifr Show response
bcp.crwdcntrl.net/5/c=6894/rand=837878978/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20lacrossetribune%20%3A%20Total%20S... Frame 060B 181 B
408 B 100ms
30ms Document
text/html 52.17.7.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bcp.crwdcntrl.net/5/c=6894/rand=837878978/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20lacrossetribune%20%3A%20Total%20Site%20Traffic/int=%23OpR%2372332%23Site%20Section%20%3A%20ads/med=%23OpR%2372333%23Keyword%20%3A%20Ads%2C%20shopping%20in%20La%20Crosse%2C%20Winona%2C%20chippewa%20Falls%2C%20Dining%2C%20Entertainment%2C%20Cars%2C%20Shopping%2C%20Jewelry%2C%20Clothing%2C%20auctions/rb=%7B%22meta_tag%22%3A%22Ads%2C%20shopping%20in%20La%20Crosse%2C%20Winona%2C%20chippewa%20Falls%2C%20Dining%2C%20Entertainment%2C%20Cars%2C%20Shopping%2C%20Jewelry%2C%20Clothing%2C%20auctions%22%7D/rt=ifr
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.17.7.52 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-17-7-52.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: eb922d8aa175b8fe481c695f4fb7e741c8eb665ef7469c305d2d4414a5e2d678

Request headers

Referer: https://lacrossetribune.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
cache-control: no-cache
content-length: 181
content-type: text/html;charset=utf-8
date: Wed, 30 Nov 2022 20:05:25 GMT
expires: 0
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
pragma: no-cache
server: Jetty(9.4.38.v20210224)
x-server: 10.45.18.12

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 14 KB
11 KB 73ms
56ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022113001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022113001.js?cb=31071080

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1cc0ac5e53deb63516fcffec26d6707c363d2a003f67aec786a86462ac71984e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lacrossetribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:05:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11034
x-xss-protection: 0

GET
H2 200 6377c83e2aa77.preview.jpg
bloximages.chicago2.vip.townnews.com/lacrossetribune.com/content/tncms/assets/v3/classifieds/3/ff/3ffe8c4b-3615-568b-8b3c-5eabe57ace15/ 22 KB
22 KB 130ms
130ms Image
image/jpeg 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/lacrossetribune.com/content/tncms/assets/v3/classifieds/3/ff/3ffe8c4b-3615-568b-8b3c-5eabe57ace15/6377c83e2aa77.preview.jpg?resize=300%2C291

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

451327a71db851c0d724616849c658732506ba395e3d1e84bf9a11fb46be91f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lacrossetribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:05:25 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
cf-polished: origSize=22316, status=webp_bigger
cross-origin-resource-policy: cross-origin
cf-bgj: imgq:85,h2pri
last-modified: Fri, 18 Nov 2022 18:00:30 GMT
server: cloudflare
x-vcache: MISS
etag: "f533fea72ac83b3e3b41e77182e3692c"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
x-robots-tag: noarchive
cf-ray: 7726329fde869bd4-FRA
expires: Wed, 29 Nov 2023 18:57:02 GMT

GET
H2 200 637bf6c2ac2fa.preview.jpg
bloximages.chicago2.vip.townnews.com/lacrossetribune.com/content/tncms/assets/v3/classifieds/8/6c/86c7fe73-2704-5091-a7ca-e5b2e0d875b1/ 5 KB
5 KB 109ms
109ms Image
image/jpeg 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/lacrossetribune.com/content/tncms/assets/v3/classifieds/8/6c/86c7fe73-2704-5091-a7ca-e5b2e0d875b1/637bf6c2ac2fa.preview.jpg?resize=300%2C61

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c46210c9d97edb03f5b7463d5407d22a6746c8af77ad92c3ae3925a98084578e

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lacrossetribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:05:25 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
cf-polished: origSize=5494, status=webp_bigger
cross-origin-resource-policy: cross-origin
content-length: 5327
cf-bgj: imgq:85,h2pri
last-modified: Mon, 21 Nov 2022 22:08:02 GMT
server: cloudflare
x-vcache: MISS
etag: "f5f75b2ffac68db75bf4240743631b7d"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 7726329fde8a9bd4-FRA
expires: Mon, 27 Nov 2023 18:43:57 GMT

GET
H2 200 63866e45dc3fa.image.jpg
bloximages.chicago2.vip.townnews.com/lacrossetribune.com/content/tncms/assets/v3/editorial/3/6b/36bb9535-55cf-5199-bd65-dd0ed720ade8/ 4 KB
4 KB 119ms
118ms Image
image/jpeg 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/lacrossetribune.com/content/tncms/assets/v3/editorial/3/6b/36bb9535-55cf-5199-bd65-dd0ed720ade8/63866e45dc3fa.image.jpg?crop=1000%2C563%2C0%2C52&resize=150%2C84&order=crop%2Cresize

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c5871d2709e50f46dbe8f2c6f91887e21d7a0094fa18d301c16c505bf9f97232

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lacrossetribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:05:25 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
cf-polished: origSize=3826, status=webp_bigger
cross-origin-resource-policy: cross-origin
content-length: 3683
cf-bgj: imgq:85,h2pri
last-modified: Tue, 29 Nov 2022 20:40:38 GMT
server: cloudflare
x-vcache: MISS
etag: "ca6e40bbf2cd131ce42c521d9996c804"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 7726329fde8d9bd4-FRA
expires: Wed, 29 Nov 2023 23:05:45 GMT

GET
H2 200 638459162050e.image.jpg
bloximages.chicago2.vip.townnews.com/lacrossetribune.com/content/tncms/assets/v3/editorial/2/8d/28d2e304-dfa4-5794-92e7-2f89a4af9e0c/ 4 KB
4 KB 120ms
119ms Image
image/jpeg 104.16.133.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/lacrossetribune.com/content/tncms/assets/v3/editorial/2/8d/28d2e304-dfa4-5794-92e7-2f89a4af9e0c/638459162050e.image.jpg?crop=600%2C338%2C0%2C31&resize=150%2C84&order=crop%2Cresize

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.133.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

94bdd3d35f27d699eaa2340135cdd0b5daf664282781ab249cfdbd599b0c6b42

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lacrossetribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:05:25 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
cf-polished: origSize=3852, status=webp_bigger
cross-origin-resource-policy: cross-origin
content-length: 3717
cf-bgj: imgq:85,h2pri
last-modified: Mon, 28 Nov 2022 06:45:42 GMT
server: cloudflare
x-vcache: MISS
etag: "ba2e4796e75aa77f62ff49b2458b8d44"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 7726329fde919bd4-FRA
expires: Wed, 29 Nov 2023 19:33:12 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 215 KB
75 KB 16ms
16ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-4T2EB147B8&l=dataLayer&cx=c

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1c2c7d4bd3e9cf80cb0cc2449e1b5c521c475d4e037b8d7f16053866c8d2ab08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lacrossetribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:05:25 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76500
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 30 Nov 2022 20:05:25 GMT

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/ 100 KB
27 KB 54ms
9ms Script
text/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f5226aeea6d61d1ce536482f83567a6114cad48f51847c1e964f73a1a97e48fd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lacrossetribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-amz-version-id: x_1oi6KR7dounrNuPW41.R4Wj64UvGIa
content-encoding: br
via: 1.1 25c6baf0a31a5ef699c1e219b25ce7b8.cloudfront.net (CloudFront)
date: Wed, 30 Nov 2022 20:04:20 GMT
x-amz-cf-pop: FRA6-C1
age: 82
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Wed, 23 Nov 2022 01:33:08 GMT
server: AmazonS3
etag: W/"fbb9c5adf872861e75f2196677824b78"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=120
vary: Accept-Encoding
x-amz-cf-id: dQXjHpCkGNmCdC4BjlQm4ue78AFB2V9itufwejA9ZTtm5nrbIR5Z1A==

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 57ms
34ms Script
text/javascript 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lacrossetribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:05:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Wed, 30 Nov 2022 20:05:25 GMT

GET
H2 200 settings Show response
cdn.segment.com/v1/projects/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/ 722 B
1 KB 25ms
8ms XHR
application/json 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/settings
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c2539f2b47632e33d78cdab3837c4ace727bb13fa8565fe11e52ed40284e7d33

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lacrossetribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

x-amz-version-id: AkqwkNQO1LNxdC3cyLLKB9L5ASsnVzl0
date: Wed, 30 Nov 2022 17:50:00 GMT
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 8130
x-cache: Hit from cloudfront
x-amz-replication-status: PENDING
content-length: 722
last-modified: Wed, 16 Nov 2022 20:47:56 GMT
server: AmazonS3
etag: "1c69d06ebc4b6cfe7babce6f22a7562c"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
vary: Accept-Encoding
accept-ranges: bytes
x-amz-cf-id: jttl6zUNhEcGR7ovV4oPYvaHbc14WPnjObs_T--Ky5qos_vSavdRJw==

GET
H2 200 ajs-destination.bundle.f10d3096539d72f6123e.js Show response
cdn.segment.com/analytics-next/bundles/ 8 KB
3 KB 7ms
7ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.f10d3096539d72f6123e.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d69f268036b3545e930a8b74711a739e7e973debc9bd006841cbd2a558b44432

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lacrossetribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Mon, 21 Nov 2022 21:48:16 GMT
x-amz-version-id: 3Hf4h.Co5DPn4jNS77iC2GtWq8FAh9Ck
content-encoding: br
via: 1.1 25c6baf0a31a5ef699c1e219b25ce7b8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 771430
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 21 Nov 2022 21:43:29 GMT
server: AmazonS3
etag: W/"3fe4d92339c7d21c57f0044fcdcf5274"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: UF6QP7X0qNFLOF-G3FSOlzpKQ5Hi4XwwaXIqgrfWZ8x-YTDzgBmtew==

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame B79E 13 KB
5 KB 26ms
8ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://lacrossetribune.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 5390
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Wed, 30 Nov 2022 18:35:35 GMT
expires: Thu, 30 Nov 2023 18:35:35 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 schemaFilter.bundle.debb169c1abb431faaa6.js Show response
cdn.segment.com/analytics-next/bundles/ 2 KB
1 KB 9ms
8ms Script
application/javascript 99.86.8.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics-next/bundles/schemaFilter.bundle.debb169c1abb431faaa6.js
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.8.175 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-8-175.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: e8771b238c60c36fc935fd2dad0aed6e70cea50a635ff4f89f394a968a258c42

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lacrossetribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Sat, 05 Nov 2022 02:10:35 GMT
x-amz-version-id: PLd.pUpm7LMRbNOoL15lZ8ocuYHxqnzt
content-encoding: br
via: 1.1 25c6baf0a31a5ef699c1e219b25ce7b8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
age: 2224491
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Sat, 05 Nov 2022 01:03:42 GMT
server: AmazonS3
etag: W/"3e448afdfea355c0f19700d04431ce7d"
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
vary: Accept-Encoding
x-amz-cf-id: O5I4zZx_mn1ag8tw1GtFUQivKeo_jThSffGn3mDT0_8fEKXlPfdhdw==

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
176 B 544ms
178ms Fetch
application/json 52.36.48.34
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/p

Requested by

Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/YNwPRuYDOjrAr7O9PCSVIw1QoK0Oimn6/analytics.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.36.48.34 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-36-48-34.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://lacrossetribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://lacrossetribune.com
date: Wed, 30 Nov 2022 20:05:25 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

GET
H3 200 Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js Show response
pagead2.googlesyndication.com/bg/ Frame B79E 36 KB
16 KB 29ms
9ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Cy76TGYNwlBdeFKzRh_Qc2a075RKB_J9dWAUlCdaUYI.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 16:54:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 11453
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15969
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 30 Nov 2023 16:54:32 GMT

GET
H3 200 ads Show response
pagead2.googlesyndication.com/gampad/ 0
23 B 40ms
40ms XHR
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?pvsid=4072713137444833&correlator=1468640254616521&eid=31071080&output=ldjh&gdfp_req=1&vrg=2022113001&ptt=17&impl=fif&gdpr_consent=CAAAAAAAAAAAAEXABADECFCwAAAAAH_AAAYgIgAB4C5GQCFDeHhNAJsUAAQTQMQAAaAgAAAFgQAACBoAAIwCEAAwAACCAAgCAAIAIAQBAAEAAAgAAAEAQAAAAAAAAAAAAAAAIAIAAAAAAAAAAAAIAAAAAAAAAAAAAAAAwAAAAAIAEEAAEAAAIAEAAAAAABAgAgAAAAAAAAAAAAAIAAAAQAAAAAAEEQAAQBUjIAChLDAkgASKAAAIIAAAAFAAAAACwAAABAwAAEYBCAAAAABBAAQAAAEAEAIAgAAAAAQAAAAAIAAAAAAAAAAAAAAAAAEAAAAAAAAAAAAAAAAAAAAAAAAAAAAAQAAAAAAACCAACAAAEAAAAAAAAAAQAAAAAAAAAAAAAAAEAAAAAAAAAAACAAAA.YAAAAAAAAAAA&gdpr=1&us_privacy=1---&iu_parts=8438%2Clacrossetribune.com%2Cads&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=970x250%7C970x90%7C728x90&ifi=3&adks=3813688503&didk=143978982&sfv=1-0-40&prev_scp=pos%3Dbreakout_top%2Cbtf%26density%3Dstandard%26lee_group%3D5%26lee_hours%3D20%26lee_day%3D3%26fp%3D148%26amznbid%3D2%26amznp%3D2&eri=1&cust_params=k%3DAds%252Cshopping%2520in%2520La%2520Crosse%252CWinona%252Cchippewa%2520Falls%252CDining%252CEntertainment%252CCars%252CShopping%252CJewelry%252CClothing%26sub%3Dno%26page%3Dindex%252Capp-classifieds%252Cmd_screen%26browser%3DChrome&ppid=248b21c470a940098851bdd6bb81d049&sc=1&abxe=1&dt=1669838725382&lmt=1669838719&dlt=1669838723751&idt=854&adxs=315&adys=613&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0&ucis=3&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd&nvt=1&url=https%3A%2F%2Flacrossetribune.com%2Fads%2F&frm=20&vis=1&psz=1600x250&msz=1600x250&fws=4&ohw=1600&cbidsp=CkgIARIRCgpuZXdzcGFzc2lkEOwDIAIYAiIkZWI5MDMwOWQtZTJlNC00YTU0LTg5ZWEtNDllYTdlYjgyNGNjKgQIAyAASgBA6Ac.

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022113001.js?cb=31071080

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lacrossetribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:05:25 GMT
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-creative-id: -2
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://lacrossetribune.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame B79E 0
10 B 10ms
10ms Image
text/plain 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?UIsSFQ
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:05:25 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

POST
H2 200 /
lacrossetribune.com/tncms/tracking/tncms-dmp/audience-extraction/ 0
154 B 125ms
122ms Ping
application/octet-stream 192.104.182.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://lacrossetribune.com/tncms/tracking/tncms-dmp/audience-extraction/?d=%7B%22name%22%3A%22client%22%2C%22value%22%3A6881%2C%22provider%22%3A%22lotame%22%7D&i=1669838724699,
Requested by: Host: lacrossetribune.com
URL: https://lacrossetribune.com/shared-content/art/tncms/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.chicago2.vip.townnews.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lacrossetribune.com/ads/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:05:25 GMT
real-hostname: lacrossetribune.com
cache-control: s-maxage=0, private, no-cache
x-vcache: MISS
age: 0
content-length: 0
content-type: application/octet-stream

POST
H2 200 /
lacrossetribune.com/tncms/tracking/classifieds/featured/ 0
154 B 124ms
123ms Ping
application/octet-stream 192.104.182.109
LEE-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://lacrossetribune.com/tncms/tracking/classifieds/featured/?i=ead87c85-9aa9-543c-bb44-33ad5ea63230,
Requested by: Host: lacrossetribune.com
URL: https://lacrossetribune.com/shared-content/art/tncms/tracking.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.104.182.109 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS: cms.chicago2.vip.townnews.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lacrossetribune.com/ads/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:05:25 GMT
real-hostname: lacrossetribune.com
cache-control: s-maxage=0, private, no-cache
x-vcache: MISS
age: 0
content-length: 0
content-type: application/octet-stream

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 49ms
47ms Image
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_2022113001&jk=4072713137444833&bg=!Pj2lPXnNAAbvMpMzzzI7ACkAdvg8WjGDiiFfEAQxgQpotdO12xZg4r1IQDjpJuRIxnYbaAR22tj5VQIAAABCUgAAAAVoAQeZArN5aVVEd54jQUIXpY1DwfB6ML5oMNPUth3HulMDd5XPd3NPcv1o4GxpZsrO4ySAqt0BRdmABbl68CksP0jtAYNlyKBXmUZASobl55kN6PupiSlfKDjdsdyJwRQRH0UZvWAKQgoU_A7vf9Evu2zMFJB2PIFgzbyw5-IYKnGOmd-bCwDJamCV92HzzytCiG1XhjBinh4YBxuUlcC07FkO_Z-qlHrppKCyVujsCU02lCJSqUv8ca_dhyHeRWHfLjZHRRz31qmHkBFxYuUe9aI_9aMS4v-iEALfqBECRoRMmkmt5Js11uQiNM25Sh07kOMsuWd3Ab71gL5A7yI6XNF_vQsn4nBNCLeXq4iSxJ4cb-MdV9I9jvZgEuB6YRo-m7y1uVwCLdqGt7RL0mdMIFaV4QpUNICAAlBZnTt1F4hIjdz6sxbR9eSnk1QGWfReB1DOUUI4QxllokSH8tJ1-rkIsxr6r23V9k9wDm-_AClYAayDOkAYl8ra-Pw6haFCJ2_-BGBsI5YfxgLQvJZgPA8igM9jVOkEprm1Nkwd53mW-hivr_SUiGUfRxBkm7j1OLUIkerMhDPLoIxMPmdn3azrpPOIzc1QxQmB39eTMGJnyP-uCj6NG1S-8yjAyUW8WBupF5PhKbKFc3jxcTIfN1C5O_5CoVhvArivkq6T4OAC2B6fvI6RIRPfe-gtHGNXdjMWSS8b7eWpQUnVQ1e24BL6DiFbpoipcGmkBqhndA30eei3KCVxs5WjXkxTCkrla43GFpti_fHwrscAcMGEYodmUCn3V9NuJ5pAeav09FGPTYaPaDO52CuRNbNl437ACEAU-8pBf-0jVKT-0xr1O_uibf7VZyQV8vxjgAoOLHCov_3Ug-suImTDcnXvr3KAjPeVQ3brG4rOCCcFCbDRG4ohm-_h8pMg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://lacrossetribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

GET
H2 200 load-cookie.html Show response
bidder.newspassid.com/static/ Frame 5922 12 KB
12 KB 92ms
91ms Document
text/html 44.197.57.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.newspassid.com/static/load-cookie.html?usp_consent=1---&pubcid=248b21c4-70a9-4009-8851-bdd6bb81d049&publisherId=NPID10000001&siteId=3500000339&cb=1669838725372&bidder=newspassid
Requested by: Host: cmp.osano.com
URL: https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.197.57.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-197-57-16.compute-1.amazonaws.com
Software: /
Resource Hash: 040ae90345fee63a0728d0b737dc6e94ac84313a98213b45c4135915a8cd0188

Request headers

Referer: https://lacrossetribune.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: no-cache, no-store, must-revalidate
content-length: 11885
content-type: text/html; charset=utf-8
date: Wed, 30 Nov 2022 20:05:28 GMT
expires: 0
last-modified: Mon, 28 Nov 2022 11:41:39 GMT
pragma: no-cache
vary: Origin

POST
H2 200 cookie_sync Show response
bidder.newspassid.com/ Frame 5922 3 KB
3 KB 92ms
91ms XHR
text/plain 44.197.57.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.newspassid.com/cookie_sync
Requested by: Host: bidder.newspassid.com
URL: https://bidder.newspassid.com/static/load-cookie.html?usp_consent=1---&pubcid=248b21c4-70a9-4009-8851-bdd6bb81d049&publisherId=NPID10000001&siteId=3500000339&cb=1669838725372&bidder=newspassid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.197.57.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-197-57-16.compute-1.amazonaws.com
Software: /
Resource Hash: 6172b0b188ea410b0b2cb5f4b917c06cf7ef22581787194917780acd00496fc4

Request headers

Referer: https://bidder.newspassid.com/static/load-cookie.html?usp_consent=1---&pubcid=248b21c4-70a9-4009-8851-bdd6bb81d049&publisherId=NPID10000001&siteId=3500000339&cb=1669838725372&bidder=newspassid
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 20:05:28 GMT
vary: Origin
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://bidder.newspassid.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
expires: 0

GET
H2

204

getuid
ads.avct.cloud/ Frame 5922
Redirect Chain

https://ads.avct.cloud/getuid?&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&url=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%7BUUID%7D%7D
https://ads.avct.cloud/getuid?bounce=true&&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&url=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%7BUU...

0
0

30ms
30ms

Image
text/plain

34.243.37.252
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.avct.cloud/getuid?bounce=true&&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&url=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%7BUUID%7D%7D
Protocol: H2
Server: 34.243.37.252 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-243-37-252.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bidder.newspassid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Redirect headers

location: /getuid?bounce=true&&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&url=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Davocet%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7B%7BUUID%7D%7D
date: Wed, 30 Nov 2022 20:05:28 GMT
p3p: policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-length: 239
content-type: text/html; charset=utf-8

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 5922 0
239 B 75ms
9ms Image
image/gif 69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=pbs-ozone&gdpr=0&gdpr_consent=
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bidder.newspassid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

200

setuid
bidder.newspassid.com/ Frame 5922
Redirect Chain

https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%24%7BUID%7D
https://rtb.openx.net/sync/prebid?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&r=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dopenx%26uid%3D%24%7BUID%7D&ox_sc=1
https://bidder.newspassid.com/setuid?bidder=openx&uid=9e4c8ad2-8fb3-46c2-8d1b-51c97ac1f9bd

0
373 B

93ms
93ms

Image
text/plain

44.197.57.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bidder.newspassid.com/setuid?bidder=openx&uid=9e4c8ad2-8fb3-46c2-8d1b-51c97ac1f9bd
Protocol: H2
Server: 44.197.57.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-197-57-16.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bidder.newspassid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 20:05:28 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 30 Nov 2022 20:05:28 GMT
via: 1.1 google
server: Cowboy
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: null
location: https://bidder.newspassid.com/setuid?bidder=openx&uid=9e4c8ad2-8fb3-46c2-8d1b-51c97ac1f9bd
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-request-id: hq2isvevb17k6lijpka222e4lkvb0tg4

GET
H2

200

setuid
bidder.newspassid.com/ Frame 5922
Redirect Chain

https://ad2.360yield.com/server_match?r=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D
https://ad2.360yield.com/ul_cb/server_match?r=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dimprovedigital%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%7BPUB_USER_ID%7D
https://bidder.newspassid.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=6d5fac6e-2151-4c47-af1f-8d172337e5dd

0
515 B

94ms
94ms

Image
text/plain

44.197.57.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bidder.newspassid.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=6d5fac6e-2151-4c47-af1f-8d172337e5dd
Protocol: H2
Server: 44.197.57.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-197-57-16.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bidder.newspassid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 20:05:29 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

location: https://bidder.newspassid.com/setuid?bidder=improvedigital&gdpr=0&gdpr_consent=&uid=6d5fac6e-2151-4c47-af1f-8d172337e5dd
access-control-allow-origin: *
date: Wed, 30 Nov 2022 20:05:29 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2

200

setuid
bidder.newspassid.com/ Frame 5922
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dadnxs%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fbidder.newspassid.com%252Fsetuid%253Fbidder%253Dadnxs%2526gdpr%253D0%2526gdpr_consent%253D%2526uid%253D%2524UID
https://bidder.newspassid.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=6811001653098004387

0
624 B

93ms
93ms

Image
text/plain

44.197.57.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bidder.newspassid.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=6811001653098004387
Protocol: H2
Server: 44.197.57.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-197-57-16.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bidder.newspassid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 20:05:29 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 30 Nov 2022 20:05:29 GMT
AN-X-Request-Uuid: 954ccafe-f73b-4faf-8f5e-9beb35f07215
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://bidder.newspassid.com/setuid?bidder=adnxs&gdpr=0&gdpr_consent=&uid=6811001653098004387
Connection: keep-alive
X-Proxy-Origin: 81.95.5.39; 81.95.5.39; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

setuid
bidder.newspassid.com/ Frame 5922
Redirect Chain

https://eb2.3lift.com/getuid?gdpr=0&cmp_cs=&us_privacy=pbs-ozone&redir=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=pbs-ozone&redir=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dtriplelift%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
https://bidder.newspassid.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=2335111511775231039511

0
738 B

93ms
92ms

Image
text/plain

44.197.57.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bidder.newspassid.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=2335111511775231039511
Protocol: H2
Server: 44.197.57.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-197-57-16.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bidder.newspassid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 20:05:29 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

location: https://bidder.newspassid.com/setuid?bidder=triplelift&gdpr=0&gdpr_consent=&uid=2335111511775231039511
date: Wed, 30 Nov 2022 20:05:29 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1 204
No Content pixel
ap.lijit.com/ Frame 5922 0
277 B 53ms
16ms Image
text/plain 216.52.2.30
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ap.lijit.com/pixel?redir=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dsovrn%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bidder.newspassid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Date: Wed, 30 Nov 2022 20:05:29 GMT
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Access-Control-Allow-Methods: GET, POST, DELETE, PUT

GET
H2 200 cookie
cm.adform.net/ Frame 5922 43 B
106 B 81ms
19ms Image
image/gif 37.157.3.30

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dadform%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 37.157.3.30 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bidder.newspassid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:05:29 GMT
server: nginx
content-length: 43
content-type: image/gif

GET
H2

200

setuid
bidder.newspassid.com/ Frame 5922
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dgrid%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24%7BBSW_UUID%7D?gdpr=0&gdpr_consent=&us_privacy=pbs-ozone
https://bidder.newspassid.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=fc23d13a-c711-4cab-bf3f-712ad3bf8e0e

0
864 B

91ms
91ms

Image
text/plain

44.197.57.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bidder.newspassid.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=fc23d13a-c711-4cab-bf3f-712ad3bf8e0e
Protocol: H2
Server: 44.197.57.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-197-57-16.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bidder.newspassid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 20:05:30 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

location: https://bidder.newspassid.com/setuid?bidder=grid&gdpr=0&gdpr_consent=&uid=fc23d13a-c711-4cab-bf3f-712ad3bf8e0e
date: Wed, 30 Nov 2022 20:05:29 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 204 v1
match.sharethrough.com/FGMrCMMc/ Frame 5922 0
35 B 45ms
10ms Image
text/plain 18.194.69.136

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.sharethrough.com/FGMrCMMc/v1?redirectUri=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dsharethrough%26gdpr%3D0%26gdpr_consent%3D%26uid%3D%24UID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.69.136 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bidder.newspassid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:05:30 GMT

GET
H2 200 user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame D751 15 KB
6 KB 41ms
8ms Document
text/html 88.221.168.201

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Requested by: Host: bidder.newspassid.com
URL: https://bidder.newspassid.com/static/load-cookie.html?usp_consent=1---&pubcid=248b21c4-70a9-4009-8851-bdd6bb81d049&publisherId=NPID10000001&siteId=3500000339&cb=1669838725372&bidder=newspassid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 88.221.168.201 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Referer: https://bidder.newspassid.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
cache-control: max-age=137713
content-encoding: gzip
content-length: 5549
content-type: text/html; charset=UTF-8
date: Wed, 30 Nov 2022 20:05:30 GMT
etag: "1300708-3de4-5d6ef246ef4cf"
expires: Fri, 02 Dec 2022 10:20:43 GMT
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: Apache
vary: Accept-Encoding

GET
H2

200

setuid
bidder.newspassid.com/ Frame 5922
Redirect Chain

https://ssum.casalemedia.com/usermatchredir?us_privacy=pbs-ozone&gdpr=0&gdpr_consent=&s=189937&cb=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26us_privac...
https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dix%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D&gdpr=0&gdpr_consent=&s=18993...
https://bidder.newspassid.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=Y4e3ih5b7CrEee0eLRgUsAAA%261123

0
986 B

93ms
92ms

Image
text/plain

44.197.57.16
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bidder.newspassid.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=Y4e3ih5b7CrEee0eLRgUsAAA%261123
Protocol: H2
Server: 44.197.57.16 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-44-197-57-16.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bidder.newspassid.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 30 Nov 2022 20:05:30 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
vary: Origin
expires: 0

Redirect headers

pragma: no-cache
date: Wed, 30 Nov 2022 20:05:30 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=SVV2Yzhy88%2BflFiY0pvwVX0lYNGpQChwklQwo%2BxJUYn0k0EgkhqD%2Bbp04wJx3K4N15VfNKdAvAd%2B6kuXZQzKbCY0085lh2Wg5w8cZR5Mc7XmfvLww%2B7mYn3k8InBttM4ZqQPcs4b"}],"group":"cf-nel","max_age":604800}
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location: https://bidder.newspassid.com/setuid?bidder=ix&gdpr=0&gdpr_consent=&us_privacy=pbs-ozone&uid=Y4e3ih5b7CrEee0eLRgUsAAA%261123
cache-control: no-cache
cf-ray: 772632c02dc6918e-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame D751 3 KB
3 KB 68ms
19ms Script
text/html 185.64.190.78

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=84180562&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0e6e0020d475ac2af4b23618308c4e01b9c0f3381fd31f8b453815ea61aa1102

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

content-type: text/html; charset=UTF-8
date: Wed, 30 Nov 2022 20:05:29 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame 18E7
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=A42D0732-06C3-4412-8D84-EF79828D9011&gdpr=0&gdpr_consent=
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=A42D0732-06C3-4412-8D84-EF79828D9011&gdpr=0&gdpr_consent=

35 B
476 B

30ms
29ms

Document
image/gif

37.157.6.242

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=A42D0732-06C3-4412-8D84-EF79828D9011&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.242 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-type: image/gif
date: Wed, 30 Nov 2022 20:05:30 GMT
expires: -1
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: no-cache, no-store, must-revalidate, no-transform
content-length: 0
date: Wed, 30 Nov 2022 20:05:30 GMT
expires: -1
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=A42D0732-06C3-4412-8D84-EF79828D9011&gdpr=0&gdpr_consent=
pragma: no-cache
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame B0CF
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:cdb76387-b78a-4e00-8f6a-a5090f09c692&gdpr=0&gdpr_consent=

42 B
546 B

20ms
19ms

Document
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:cdb76387-b78a-4e00-8f6a-a5090f09c692&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 30 Nov 2022 20:05:28 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

Access-Control-Allow-Origin: *
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 0
Content-Type: image/gif
Date: Wed, 30 Nov 2022 20:05:30 GMT
Expires: Wed, 30 Nov 2022 20:05:29 GMT
Keep-Alive: timeout=360
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server: MT3 169 32252b7 master zrh-pixel-x11 config:1.0.0
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:cdb76387-b78a-4e00-8f6a-a5090f09c692&gdpr=0&gdpr_consent=

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 3D64
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8229103810386838440

42 B
273 B

23ms
22ms

Document
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8229103810386838440
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, private
content-length: 42
content-type: image/gif; charset=utf-8
date: Wed, 30 Nov 2022 20:05:30 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server: nginx

Redirect headers

content-length: 0
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=8229103810386838440
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 7CF4 43 B
363 B 73ms
25ms Document
image/gif 178.250.0.163

General

Check archive.org

Show headers Download Go to

Full URL

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.163 -, , ASN (),

Reverse DNS

Software

Kestrel /

Resource Hash

4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-type: image/gif
cross-origin-resource-policy: cross-origin
date: Wed, 30 Nov 2022 20:05:29 GMT
expires: Wed, 30 Nov 2022 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma: no-cache
server: Kestrel
server-processing-duration-in-ticks: 687685
strict-transport-security: max-age=31536000; preload;
x-errorlevel: 0

GET
H/1.1

200
OK

dcm Show response
aax-eu.amazon-adsystem.com/s/ Frame 8674
Redirect Chain

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=A42D0732-06C3-4412-8D84-EF79828D9011&redir=true&gdpr=0&gdpr_consent=
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=A42D0732-06C3-4412-8D84-EF79828D9011&redir=true&gdpr=0&gdpr_consent=&dcc=t

43 B
855 B

192ms
192ms

Document
image/gif

67.220.224.150

General

Check archive.org

Show headers Download Go to

Full URL

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=A42D0732-06C3-4412-8D84-EF79828D9011&redir=true&gdpr=0&gdpr_consent=&dcc=t

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

67.220.224.150 -, , ASN (),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif
Date: Wed, 30 Nov 2022 20:05:30 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: 361E5RMMJH74GB6JVCJN

Redirect headers

Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Date: Wed, 30 Nov 2022 20:05:30 GMT
Expires: Thu, 01 Jan 1970 00:00:00 GMT
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=A42D0732-06C3-4412-8D84-EF79828D9011&redir=true&gdpr=0&gdpr_consent=&dcc=t
Pragma: no-cache
Server: Server
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid: AQX4EBKV1SZ040MVRWH9

GET
H2

502

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 351E
Redirect Chain

https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6811001653098004387&gdpr=0&gdpr_consent=

568 B
650 B

69ms
18ms

Document
text/html

185.64.190.80

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6811001653098004387&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&predirect=&us_privacy=pbs-ozonehttps%3A%2F%2Fbidder.newspassid.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3Dpbs-ozone%26uid%3D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 7921a6035cc8a0981a5dee737dd3d29b150ddd48407717d3fca4b6376f2b0e70

Request headers

Referer: https://ads.pubmatic.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 568
content-type: text/html; charset=UTF-8
date: Wed, 30 Nov 2022 20:05:30 GMT
server: nginx

Redirect headers

AN-X-Request-Uuid: 0e294692-c012-4b39-8e80-b33ea30f6d06
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
Content-Type: text/html; charset=utf-8
Date: Wed, 30 Nov 2022 20:05:30 GMT
Expires: Sat, 15 Nov 2008 16:00:00 GMT
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6811001653098004387&gdpr=0&gdpr_consent=
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Pragma: no-cache
Server: nginx/1.21.3
X-Proxy-Origin: 81.95.5.39; 81.95.5.39; 942.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
X-XSS-Protection: 0

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D751
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=pC0HMgbDRBKNhO95go2QEQ%3D%3D&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=pC0HMgbDRBKNhO95go2QEQ%3D%3D&gdpr=0&gdpr_consent=&google_tc=
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=

13 KB
13 KB

12ms
12ms

Image
text/html

88.221.168.201

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Protocol: H2
Server: 88.221.168.201 -, , ASN (),
Reverse DNS
Software: Apache /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:05:30 GMT
content-encoding: gzip
last-modified: Tue, 01 Feb 2022 06:38:00 GMT
server: Apache
etag: "1300708-3de4-5d6ef246ef4cf"
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=137713
accept-ranges: bytes
content-length: 5549
expires: Fri, 02 Dec 2022 10:20:43 GMT

Redirect headers

pragma: no-cache
date: Wed, 30 Nov 2022 20:05:30 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame D751
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=32086387-b78a-4700-a7cf-074d17d02c62

0
260 B

59ms
14ms

Image
text/plain

198.47.127.20

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=32086387-b78a-4700-a7cf-074d17d02c62
Protocol: H2
Server: 198.47.127.20 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:05:29 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Wed, 30 Nov 2022 20:05:30 GMT
Server: MT3 169 32252b7 master zrh-pixel-x24 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=32086387-b78a-4700-a7cf-074d17d02c62
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Wed, 30 Nov 2022 20:05:29 GMT

GET
H2

200

generic
match.adsrvr.org/track/cmf/ Frame D751
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=A42D0732-06C3-4412-8D84-EF79828D9011&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0

70 B
264 B

31ms
31ms

Image
image/gif

15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Protocol: H2
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 30 Nov 2022 20:05:30 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location: https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame D751
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTQyRDA3MzItMDZDMy00NDEyLThEODQtRUY3OTgyOEQ5MDEx&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QTQyRDA3MzItMDZDMy00NDEyLThEODQtRUY3OTgyOEQ5MDEx&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
95 B

29ms
19ms

Image
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Protocol: H2
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 30 Nov 2022 20:05:28 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 30 Nov 2022 20:05:30 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame D751
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm=&google_sc=&gdpr=0&gdpr_consent=&google_tc=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFZLTT3RQwZPnDs26djy-gg&google_cver=1

42 B
380 B

29ms
19ms

Image
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFZLTT3RQwZPnDs26djy-gg&google_cver=1
Protocol: H2
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 30 Nov 2022 20:05:29 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 30 Nov 2022 20:05:30 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEFZLTT3RQwZPnDs26djy-gg&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame D751 43 B
610 B 69ms
22ms Image
image/gif 35.204.74.118

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

35.204.74.118 -, , ASN (),

Reverse DNS

Software

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

date: Wed, 30 Nov 2022 20:05:30 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Tue, 29 Nov 2022 20:05:30 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame D751
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=836611729246241063

42 B
216 B

19ms
19ms

Image
image/gif

185.64.190.80

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=836611729246241063
Protocol: H2
Server: 185.64.190.80 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

content-type: image/gif; charset=utf-8
date: Wed, 30 Nov 2022 20:05:30 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Wed, 30 Nov 2022 20:05:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
access-control-max-age: 86400
access-control-allow-methods: GET
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=836611729246241063
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame D751 70 B
264 B 38ms
32ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.71 Safari/537.36

Response headers

content-type: image/gif
pragma: no-cache
date: Wed, 30 Nov 2022 20:05:30 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Verdicts & Comments Add Verdict or Comment

109 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
lacrossetribune.com/	1970-01-20 17:26:38	Name: TNNoMobile Value: 1
lacrossetribune.com/	1969-12-31 23:59:59	Name: classifieds_map_closed_2008140 Value: undefined
lacrossetribune.com/	1970-01-20 08:33:50	Name: _pbjs_userid_consent_data Value: 3524755945110770
.lacrossetribune.com/	1970-01-20 07:50:42	Name: AMP_TOKEN Value: %24NOT_FOUND
lacrossetribune.com/	1970-01-20 16:36:14	Name: ajs_anonymous_id Value: 5cebb8dc-f337-4233-8a92-1ee5e0fb4211
.bidder.newspassid.com/	1970-01-20 10:00:14	Name: newspassid_uid Value: 2IHVvmCYrQDIx5NAYEHfLTj4NQq
ads.avct.cloud/	1970-01-20 16:36:14	Name: uuid Value: 381ac9e8-43f6-41e6-a68f-3420cbbd7176
.openx.net/	1970-01-20 16:36:14	Name: i Value: 743e3a44-9fab-4adc-bc41-59349fbd08cd\|1669838728
.360yield.com/	1970-01-20 10:00:14	Name: tuuid Value: 6d5fac6e-2151-4c47-af1f-8d172337e5dd
.360yield.com/	1970-01-20 10:00:14	Name: tuuid_lu Value: 1669838729
.adnxs.com/	1970-01-20 10:00:14	Name: uuid2 Value: 6811001653098004387
.3lift.com/	1970-01-20 10:00:14	Name: tluid Value: 2335111511775231039511
.bidder.newspassid.com/	1970-01-20 10:00:14	Name: uids Value: eyJ0ZW1wVUlEcyI6eyJhZG54cyI6eyJ1aWQiOiI2ODExMDAxNjUzMDk4MDA0Mzg3IiwiZXhwaXJlcyI6IjIwMjItMTItMTRUMjA6MDU6MjkuNDI1Mjk4MzE3WiIsInNvdXJjZSI6ImNvb2tpZSJ9LCJpbXByb3ZlZGlnaXRhbCI6eyJ1aWQiOiI2ZDVmYWM2ZS0yMTUxLTRjNDctYWYxZi04ZDE3MjMzN2U1ZGQiLCJleHBpcmVzIjoiMjAyMi0xMi0xNFQyMDowNToyOS4yMjMzNjM3NzlaIiwic291cmNlIjoiY29va2llIn0sIm9wZW54Ijp7InVpZCI6IjllNGM4YWQyLThmYjMtNDZjMi04ZDFiLTUxYzk3YWMxZjliZCIsImV4cGlyZXMiOiIyMDIyLTEyLTE0VDIwOjA1OjI4LjkyNTQ0MDAyN1oiLCJzb3VyY2UiOiJjb29raWUifSwidHJpcGxlbGlmdCI6eyJ1aWQiOiIyMzM1MTExNTExNzc1MjMxMDM5NTExIiwiZXhwaXJlcyI6IjIwMjItMTItMTRUMjA6MDU6MjkuNTg1NDQ0NzU3WiIsInNvdXJjZSI6ImNvb2tpZSJ9fSwiYmRheSI6IjIwMjItMTEtMzBUMjA6MDU6MjguOTI1NDM3OTExWiJ9

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://bcp.crwdcntrl.net/5/c=6894/rand=837878978/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20lacrossetribune%20%3A%20Total%20Site%20Traffic/int=%23OpR%2372332%23Site%20Section%20%3A%20ads/med=%23OpR%2372333%23Keyword%20%3A%20Ads%2C%20shopping%20in%20La%20Crosse%2C%20Winona%2C%20chippewa%20Falls%2C%20Dining%2C%20Entertainment%2C%20Cars%2C%20Shopping%2C%20Jewelry%2C%20Clothing%2C%20auctions/rb=%7B%22meta_tag%22%3A%22Ads%2C%20shopping%20in%20La%20Crosse%2C%20Winona%2C%20chippewa%20Falls%2C%20Dining%2C%20Entertainment%2C%20Cars%2C%20Shopping%2C%20Jewelry%2C%20Clothing%2C%20auctions%22%7D/rt=ifr Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=6811001653098004387&gdpr=0&gdpr_consent= Message: Failed to load resource: the server responded with a status of 502 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

18307f700dbbae360687308152dd7f10.safeframe.googlesyndication.com
aax-dtb-cf.amazon-adsystem.com
aax-eu.amazon-adsystem.com
ad2.360yield.com
ads.avct.cloud
ads.pubmatic.com
ampcid.google.com
ampcid.google.de
ap.lijit.com
api.segment.io
bcp.crwdcntrl.net
bidder.newspassid.com
bloximages.chicago2.vip.townnews.com
c.amazon-adsystem.com
c1.adform.net
cdn.segment.com
cm.adform.net
cm.g.doubleclick.net
cmp.osano.com
d1eoo1tco6rr5e.cloudfront.net
d3div1mtym39ic.cloudfront.net
d5p.de17a.com
dis.criteo.com
eb2.3lift.com
ib.adnxs.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
insight.adsrvr.org
lacrossefoxxyshopper.com
lacrossetribune.com
match.adsrvr.org
match.sharethrough.com
pagead2.googlesyndication.com
pixel.onaudience.com
pixel.rubiconproject.com
rtb.openx.net
securepubads.g.doubleclick.net
simage2.pubmatic.com
ssum.casalemedia.com
sync.mathtag.com
tagan.adlightning.com
tags.crwdcntrl.net
tpc.googlesyndication.com
um.simpli.fi
www.google-analytics.com
www.googletagmanager.com
www.gstatic.com
x.bidswitch.net
104.16.133.24
104.18.33.19
13.32.28.197
141.94.171.212
142.250.186.130
143.204.205.113
15.197.193.217
178.250.0.163
18.194.69.136
185.29.132.245
185.64.190.78
185.64.190.80
185.89.210.212
192.104.182.109
192.104.182.209
198.47.127.20
213.155.156.185
216.52.2.30
2600:9000:20eb:9c00:11:1ed0:3900:21
2600:9000:211e:f200:3:b7e:8940:93a1
2a00:1450:4001:800::2002
2a00:1450:4001:801::2002
2a00:1450:4001:806::2003
2a00:1450:4001:80e::200e
2a00:1450:4001:810::2001
2a00:1450:4001:827::200e
2a00:1450:4001:82f::2001
2a00:1450:4001:82f::200e
2a00:1450:4001:830::2008
3.75.15.124
34.243.37.252
34.255.67.248
35.186.253.211
35.204.74.118
37.157.3.30
37.157.6.242
44.197.57.16
52.17.7.52
52.36.48.34
65.9.66.104
65.9.66.8
67.220.224.150
69.173.144.165
76.223.111.18
88.221.168.201
99.86.3.236
99.86.8.175
00c148948ab047ce93d74182b92ce47710fef7b720b961e6a4df28a169292e57
040ae90345fee63a0728d0b737dc6e94ac84313a98213b45c4135915a8cd0188
04b8fa95b5ba6f0969a6970fbed47cc0ef8345687b3e5d1a838a0aada08bf99b
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
085be93e6e47b5817cd25c48f6b80a51ecc1e3da8dda4106c43748a50296eb52
094f85bceae8fd5a71ce9d7f9d06465a5888a70685c658369902ff230ca742f0
0ac4a1580edb443420c38896152a03c80c8fa8e5f1f09853896b810d87309a80
0b2efa4c660dc2505d7852b3461fd07366b4ef944a07f27d75601494275a5182
0e6e0020d475ac2af4b23618308c4e01b9c0f3381fd31f8b453815ea61aa1102
0f43f4ee69c1e53622d634119250c9ecc2b189983c3e9dcf6bca4c59523b2b4e
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
154b1ae849ba8e9c0f66ebaf06ce73bf1a002d17bed1afe98e29581b008ac75d
15c5217bab15791da899bebeec1b32e57bcd02d20f8847c6440f47ededcdf625
1794ab1a330fa566f4f21116012908a58001e21fb254959ac7cbcd41b25bba34
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18eadbed616a1c6d3afcf2750befa4c653869688479efbfdb0020c7c836d718b
19f9276f53dbe297e9a198481caa8327ca36f3454c83853428ef025e16dbcf1b
1c2c7d4bd3e9cf80cb0cc2449e1b5c521c475d4e037b8d7f16053866c8d2ab08
1c7fec8c4d8066d33192062e2d730804b1ffa39dee21b621c12eaf0262e49827
1cc0ac5e53deb63516fcffec26d6707c363d2a003f67aec786a86462ac71984e
1e8a02509c4d963962da9a455673b7ebfd5f957cea4e14d764ce1d0293072306
1ec681300bf92d8a2d7a67a0e7b2dd7651ec4b35e5dcc67f180a4bacd0ed6937
351cdc5ff1b9721196948d9c863a47e5caa47d911ae47a1fbc9bcadb3efc487d
38cbad3f0760fd779e554bb11c9ba0811125c5409237405f99d94d087afcf16c
3b6854831be14d28fdfdb1758ebebe2893bf8e5be5f176b8d3e1b1b0f874d90e
3f7d4fce911e0a58ed4224b9f65d90a98d8bb7b76d25ad2610485b9baaa1d447
451327a71db851c0d724616849c658732506ba395e3d1e84bf9a11fb46be91f3
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
48252958d9157bf6db39ee7972e73f9f47652778f63544f8d4e135385a8ddc21
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ef0cb2e94b5b79911d8647651823f8c4a39b0f1192bf85b2caa9ce9db3fd7e1
514338ec6bbb3440a50029e6cbc2ba9034d6971c4776d2759a4b829c94dedfb9
53b412ba49585fe9a8685e169369b76a3003edaefe6345165f09429ee440e9b7
542a62981ce4a55b4b44a8f7256ac40575bd9c72379d50dac28db2aa69e4ab09
54a16ddabc565ffbe79825af0ab1a1d5f002cf1ec44bb59539566d1ae48e0109
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
5a2f10e09cd6e81eb686dbca9e6056ed485e87d3869bac347455547c294cb036
5dc81b154b9c47e7771e179dcc8300c55c3b7861c5f13a2ae9c956513e6cb651
6065cc42cf9789426f27a40563bc5c313b5ed33a7bc384c3ffaa0d047eb93ff2
6172b0b188ea410b0b2cb5f4b917c06cf7ef22581787194917780acd00496fc4
618e9e1cdd1e1ba2d1e089793d7102ddd2f406e401caecce53b26c08d212e14b
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6b96eb73da5fe3c20e4507bf752917f6d7978be8881c1dea934db282b028407d
728e669b9c7cb9efcdc7fd22a9b2250ea2f9ea278392fd8f48cdc40f1946944e
75845ddd51e5f375f7b7aa868937566eb92118d0ee118cd3154db1a95d7b8dd0
776e4de03041a08c41b99083174bc08d3e6bf54871eb5790794c599b69690c96
77b109dd53ec2921d47af5eedcf39cbea8bc92bf8b59a970aa104c5ed2d5b3c0
7921a6035cc8a0981a5dee737dd3d29b150ddd48407717d3fca4b6376f2b0e70
79d14063a53d80583eab08a0c45d804a3aad02178fb8ed58083d5fe87098bde3
7c21a2b22ed7af917fd2fc5f5b2035066bd4778c33383de549084b7d57ab94cd
7ecbabbee41cf88fa99962fe8ed2644226cb200fe106e2a2be3daee7bbacf8df
82a6ecd1ce6a1af11b10ec6436609c5e9fb81811c04aa9c9b1dd7de6b413e8e1
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8446fae9b690b72203ab7fa42c5c6242d696ee14da4e7ffa27cf95ea2612b4d8
8888b39fcef68347451a49b9c12fbd7f5af165a42f289fbeef6c4db2f8a33228
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
94bdd3d35f27d699eaa2340135cdd0b5daf664282781ab249cfdbd599b0c6b42
95628f1f9076cd20be6e0cedd3915cfb79e0f0eea48aac79e9aa7f64fc5873cf
96d9c5ad06dd9ecbc22566335cceecbf07fb4f80bf90c2de8826f33306db6300
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
9e5a2e084d268b67b8fcab4cac9b9f62195759c3cd12a260d0299ff0c8e36345
a48b96eb4dbabdf7d10b4a7667062cd55b7c1f9aab381f05c916798ec4308f68
acaf0b24b9f0059aabefa51db920150d5581c1d9fbb85359c47c0b99da4915b6
ae6c4eb375a9a08f2c21183d6857943c7762e78c45c185670d4a5cc17fabfb57
b10a075758097bb0578287af03c76a9fcd82fa4607587109ae41fe2d24756600
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2acf0f03e69229d991ef09e7d97a16e078ae026dd777a36922a588fe9914dd5
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332
bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938
bd8b521307332fcb0a59ff2cbfe324322d6f4108b24363b6c8d26a0ec8be50da
bf7f4107815e79d43b0bd82348aa0d00dacb83967a9394e496b418f15e091ba1
c1e19cbf886f7a9d2923b27a0f8b8c1517b107f95c09feb0d6f161abb06a15b1
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2539f2b47632e33d78cdab3837c4ace727bb13fa8565fe11e52ed40284e7d33
c46210c9d97edb03f5b7463d5407d22a6746c8af77ad92c3ae3925a98084578e
c5871d2709e50f46dbe8f2c6f91887e21d7a0094fa18d301c16c505bf9f97232
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f
d69f268036b3545e930a8b74711a739e7e973debc9bd006841cbd2a558b44432
da43e76e310064f1c794e2eeb4dd1e2bf426386dffea441a7dc0755139490d97
dc900e9cb9919a3488f49b56acbb290617d1bc2609d38410b7faeb06c331f682
dc9b9e9735d3620722247b3e0e02d8dc432a252acbade9af3a81146feefb7085
ddd1991e3d8ce67431989f8cca95743706d110f064ed2b3609041a3f20e50d2c
e31c42447e764b1195ff393437950867800ce2465dd3724c95640f4f5b34487c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e8771b238c60c36fc935fd2dad0aed6e70cea50a635ff4f89f394a968a258c42
eb922d8aa175b8fe481c695f4fb7e741c8eb665ef7469c305d2d4414a5e2d678
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efdffa93d62eb8cdc6420060cefbd4a1b68c8fb1ff6f853c86d6e1d1e0345291
f13e922400d4fe464c0e32b6f85483056cf9ba7d3d7e7c24524c2217f1a5995e
f5226aeea6d61d1ce536482f83567a6114cad48f51847c1e964f73a1a97e48fd
f5e55a21dfa3a20ceb298737c8f4c517a83d7960468c7f53b3f33c567bacff3c
f82317f5c0f8ebffcc716ae1a1910b01444531bad51a7dd4a98995917f36d7e4
f98e8196d88bff2a006872a05d79c2d695f6dda36e0aecdd0ace020207809f40
fe5d23d415187d71dfa026db8852418f98513ef7f7a1c3e1321bc95d6d6a0f5f

lacrossetribune.com Open in urlscan Pro 192.104.182.109 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

136 Requests

79 %HTTPS

23 %IPv6

36 Domains

49 Subdomains

37 IPs

4 Countries

1667 kBTransfer

4972 kBSize

13 Cookies

12 Outgoing links

Page URL History

Redirected requests

136 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

lacrossetribune.com Open in urlscan Pro
192.104.182.109 Public Scan

Screenshot
Live screenshot

Full Image

136
Requests

79 %
HTTPS

23 %
IPv6

36
Domains

49
Subdomains

37
IPs

4
Countries

1667 kB
Transfer

4972 kB
Size

13
Cookies

136 HTTP transactions
2 data transactions