www.sonomanews.com Open in urlscan Pro
107.154.114.50 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://sonomanews.com/
Effective URL:
https://www.sonomanews.com/
Submission: On February 08 via api (February 8th 2019, 5:13:41 pm UTC) from IS

Summary HTTP 228 Redirects Links 36 Behaviour Indicators

Summary

This website contacted 50 IPs in 8 countries across 34 domains to perform 228 HTTP transactions. The main IP is 107.154.114.50, located in Redwood City, United States and belongs to INCAPSULA - Incapsula Inc, US. The main domain is www.sonomanews.com.
TLS certificate: Issued by COMODO RSA Domain Validation Secure S... on July 10th 2018. Valid for: a year.

This is the only time www.sonomanews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	107.154.105.50 107.154.105.50	19551 (INCAPSULA) (INCAPSULA - Incapsula Inc)
23	107.154.114.50 107.154.114.50	19551 (INCAPSULA) (INCAPSULA - Incapsula Inc)
2	2a00:1450:400... 2a00:1450:4001:81b::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
2	209.197.3.15 209.197.3.15	20446 (HIGHWINDS3) (HIGHWINDS3 - Highwinds Network Group)
23	192.237.253.150 192.237.253.150	19994 (RACKSPACE) (RACKSPACE - Rackspace Hosting)
1	2a00:1450:400... 2a00:1450:4001:818::200a	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2600:9000:200... 2600:9000:200c:3400:18:1fcd:348:2461	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	52.222.150.238 52.222.150.238	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a02:26f0:6c0... 2a02:26f0:6c00:296::63cc	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2.18.234.163 2.18.234.163	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
4	149.126.77.33 149.126.77.33	19551 (INCAPSULA) (INCAPSULA - Incapsula Inc)
2	2606:4700:20:... 2606:4700:20::6819:a322	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1 2	107.178.250.234 107.178.250.234	15169 (GOOGLE) (GOOGLE - Google LLC)
4	2a00:1450:400... 2a00:1450:400c:c08::9a	15169 (GOOGLE) (GOOGLE - Google LLC)
12	2a00:1450:400... 2a00:1450:4001:806::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
8	100.25.49.178 100.25.49.178	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
2	2a00:1450:400... 2a00:1450:4001:818::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	52.19.153.98 52.19.153.98	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a04:4e42::714 2a04:4e42::714	54113 (FASTLY) (FASTLY - Fastly)
1	52.44.230.13 52.44.230.13	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
2	64.191.16.85 64.191.16.85	18915 (MONKEY-US-01) (MONKEY-US-01 - SurveyMonkey Inc.)
1 3	34.235.251.19 34.235.251.19	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
3	2a00:1450:400... 2a00:1450:4001:816::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a00:1450:400... 2a00:1450:4001:819::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
23	216.58.208.34 216.58.208.34	15169 (GOOGLE) (GOOGLE - Google LLC)
1	52.22.2.8 52.22.2.8	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
3	52.222.150.253 52.222.150.253	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
3	2606:4700::68... 2606:4700::6813:c797	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	34.196.223.248 34.196.223.248	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
12	2a00:1450:400... 2a00:1450:4001:819::2001	15169 (GOOGLE) (GOOGLE - Google LLC)
7	50.57.214.178 50.57.214.178	19994 (RACKSPACE) (RACKSPACE - Rackspace Hosting)
8	35.170.181.65 35.170.181.65	14618 (AMAZON-AES) (AMAZON-AES - Amazon.com)
2	52.222.150.61 52.222.150.61	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	23.253.160.145 23.253.160.145	19994 (RACKSPACE) (RACKSPACE - Rackspace Hosting)
6	2606:4700:10:... 2606:4700:10::6814:180b	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
23	2600:9000:200... 2600:9000:200c:aa00:10:3422:3f00:93a1	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
4	185.33.223.208 185.33.223.208	29990 (ASN-APPNEXUS) (ASN-APPNEXUS - AppNexus)
3	185.86.138.79 185.86.138.79	201081 (SMARTADSE...) (SMARTADSERVER)
3	213.19.162.71 213.19.162.71	26667 (RUBICONPR...) (RUBICONPROJECT - The Rubicon Project)
2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS - Akamai Technologies)
2	178.162.133.150 178.162.133.150	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
3	54.229.133.169 54.229.133.169	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
4	35.203.66.107 35.203.66.107	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a02:fa8:8806... 2a02:fa8:8806:12::1430	25751 (VALUECLICK) (VALUECLICK - Conversant)
6	2606:4700:20:... 2606:4700:20::681a:2cf	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
2	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2600:9000:200... 2600:9000:200c:b600:1c:386f:ec80:21	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
2	2a00:1450:400... 2a00:1450:4001:821::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	151.101.122.2 151.101.122.2	54113 (FASTLY) (FASTLY - Fastly)
1	2a00:1450:400... 2a00:1450:4001:818::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
228	50

1 107.154.105.50 (Redwood City, United States) 1 redirects

ASN19551 (INCAPSULA - Incapsula Inc, US)
PTR: 107.154.105.50.ip.incapdns.net

sonomanews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 107.154.114.50 (Redwood City, United States)

ASN19551 (INCAPSULA - Incapsula Inc, US)
PTR: 107.154.114.50.ip.incapdns.net

www.sonomanews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:81b::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.197.3.15 (Phoenix, United States)

ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US)
PTR: vip0x00f.map2.ssl.hwcdn.net

maxcdn.bootstrapcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 192.237.253.150 (San Antonio, United States)

ASN19994 (RACKSPACE - Rackspace Hosting, US)

code.sonomanews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.sonomanews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.pressdemocrat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
code.pressdemocrat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::200a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:200c:3400:18:1fcd:348:2461 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.150.238 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-150-238.fra53.r.cloudfront.net

cdn.blueconic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:296::63cc (European Union)

ASN20940 (AKAMAI-ASN1, US)

b-code.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.163 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-234-163.deploy.static.akamaitechnologies.com

s.ntv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 149.126.77.33 (Frankfurt, Germany)

ASN19551 (INCAPSULA - Incapsula Inc, US)
PTR: 149.126.77.33.ip.incapdns.net

www.pressdemocrat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:20::6819:a322 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

tru.am	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.250.234 (Mountain View, United States) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)
PTR: 234.250.178.107.bc.googleusercontent.com

js.matheranalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c08::9a (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:806::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 100.25.49.178 (United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-100-25-49-178.compute-1.amazonaws.com

smi.blueconic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:818::2003 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.19.153.98 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-19-153-98.eu-west-1.compute.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42::714 (European Union)

ASN54113 (FASTLY - Fastly, US)

mab.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.44.230.13 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-44-230-13.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.191.16.85 (Palo Alto, United States)

ASN18915 (MONKEY-US-01 - SurveyMonkey Inc., US)

pressdemocrat.wufoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.235.251.19 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-235-251-19.compute-1.amazonaws.com

lcidc.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:816::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:819::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 216.58.208.34 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s12-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.22.2.8 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-52-22-2-8.compute-1.amazonaws.com

c.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.222.150.253 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-150-253.fra53.r.cloudfront.net

plugins.blueconic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6813:c797 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.196.223.248 (Ashburn, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-34-196-223-248.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:819::2001 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 50.57.214.178 (San Antonio, United States)

ASN19994 (RACKSPACE - Rackspace Hosting, US)
PTR: ads.adventive.com

ads.adventive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 35.170.181.65 (Seattle, United States)

ASN14618 (AMAZON-AES - Amazon.com, Inc., US)
PTR: ec2-35-170-181-65.compute-1.amazonaws.com

www.i.matheranalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.222.150.61 (Seattle, United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: server-52-222-150-61.fra53.r.cloudfront.net

d2na2p72vtqyok.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.253.160.145 (San Antonio, United States)

ASN19994 (RACKSPACE - Rackspace Hosting, US)

valleytalking.blogs.sonomanews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:10::6814:180b (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

geoip.insticator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dashboard.insticator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cms.insticator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2600:9000:200c:aa00:10:3422:3f00:93a1 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

df80k0z3fi8zg.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.33.223.208 (European Union)

ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US)

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.86.138.79 (France)

ASN201081 (SMARTADSERVER, FR)

prg.smartadserver.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.162.71 (United Kingdom)

ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (European Union)

ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.162.133.150 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com

apex.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.229.133.169 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-54-229-133-169.eu-west-1.compute.amazonaws.com

g2.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.203.66.107 (Ann Arbor, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: 107.66.203.35.bc.googleusercontent.com

dmx.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:fa8:8806:12::1430 (Sweden)

ASN25751 (VALUECLICK - Conversant, Inc., US)

web.hb.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:20::681a:2cf (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

assets.adventivecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2002 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:200c:b600:1c:386f:ec80:21 (United States)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)

d3lcz8vpax4lo2.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:821::200e (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.122.2 (San Francisco, United States)

ASN54113 (FASTLY - Fastly, US)

media0.giphy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:818::2004 (Ireland)

ASN15169 (GOOGLE - Google LLC, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
46	sonomanews.com 1 redirects sonomanews.com www.sonomanews.com code.sonomanews.com img.sonomanews.com valleytalking.blogs.sonomanews.com	1011 KB
27	doubleclick.net stats.g.doubleclick.net securepubads.g.doubleclick.net	313 KB
26	cloudfront.net d2na2p72vtqyok.cloudfront.net df80k0z3fi8zg.cloudfront.net d3lcz8vpax4lo2.cloudfront.net	642 KB
14	googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	126 KB
12	googletagservices.com www.googletagservices.com	141 KB
12	blueconic.net cdn.blueconic.net smi.blueconic.net plugins.blueconic.net	167 KB
10	matheranalytics.com 1 redirects js.matheranalytics.com www.i.matheranalytics.com	39 KB
7	adventive.com ads.adventive.com	91 KB
6	adventivecdn.com assets.adventivecdn.com	109 KB
6	insticator.com geoip.insticator.com dashboard.insticator.com cms.insticator.com	4 KB
6	pressdemocrat.com www.pressdemocrat.com img.pressdemocrat.com code.pressdemocrat.com	137 KB
6	liadm.com 1 redirects b-code.liadm.com i.liadm.com lcidc.liadm.com c.liadm.com	35 KB
4	districtm.io dmx.districtm.io	1 KB
4	adnxs.com ib.adnxs.com	5 KB
4	google.com adservice.google.com www.google.com	569 B
3	gumgum.com g2.gumgum.com	1 KB
3	rubiconproject.com fastlane.rubiconproject.com	4 KB
3	smartadserver.com prg.smartadserver.com	4 KB
3	cloudflare.com cdnjs.cloudflare.com	10 KB
3	google.de adservice.google.de	513 B
3	chartbeat.com static.chartbeat.com mab.chartbeat.com	23 KB
3	googleapis.com fonts.googleapis.com ajax.googleapis.com	30 KB
2	google-analytics.com www.google-analytics.com	17 KB
2	dotomi.com web.hb.ad.cpe.dotomi.com	2 KB
2	sonobi.com apex.go.sonobi.com	1 KB
2	casalemedia.com as-sec.casalemedia.com	3 KB
2	wufoo.com pressdemocrat.wufoo.com	5 KB
2	gstatic.com fonts.gstatic.com	25 KB
2	tru.am tru.am	13 KB
2	bootstrapcdn.com maxcdn.bootstrapcdn.com	69 KB
1	giphy.com media0.giphy.com	2 MB
1	chartbeat.net ping.chartbeat.net	168 B
1	postrelease.com jadserve.postrelease.com	1 KB
1	ntv.io s.ntv.io	76 KB
228	34

	Domain	Requested by
23	df80k0z3fi8zg.cloudfront.net	d2na2p72vtqyok.cloudfront.net
23	securepubads.g.doubleclick.net	www.googletagservices.com securepubads.g.doubleclick.net www.sonomanews.com d2na2p72vtqyok.cloudfront.net
23	www.sonomanews.com	www.sonomanews.com
12	tpc.googlesyndication.com	securepubads.g.doubleclick.net www.sonomanews.com d2na2p72vtqyok.cloudfront.net
12	www.googletagservices.com	www.sonomanews.com securepubads.g.doubleclick.net d2na2p72vtqyok.cloudfront.net
12	code.sonomanews.com	www.sonomanews.com
9	img.sonomanews.com	www.sonomanews.com
8	www.i.matheranalytics.com
8	smi.blueconic.net	cdn.blueconic.net
7	ads.adventive.com	securepubads.g.doubleclick.net ads.adventive.com www.sonomanews.com srcdoc
6	assets.adventivecdn.com	srcdoc
4	dmx.districtm.io	df80k0z3fi8zg.cloudfront.net
4	ib.adnxs.com	df80k0z3fi8zg.cloudfront.net
4	stats.g.doubleclick.net	www.sonomanews.com
4	www.pressdemocrat.com	www.sonomanews.com
3	g2.gumgum.com	df80k0z3fi8zg.cloudfront.net
3	fastlane.rubiconproject.com	df80k0z3fi8zg.cloudfront.net
3	prg.smartadserver.com	df80k0z3fi8zg.cloudfront.net
3	geoip.insticator.com	d2na2p72vtqyok.cloudfront.net d3lcz8vpax4lo2.cloudfront.net
3	cdnjs.cloudflare.com	ajax.googleapis.com ads.adventive.com
3	plugins.blueconic.net	smi.blueconic.net
3	adservice.google.com	www.googletagservices.com d2na2p72vtqyok.cloudfront.net
3	adservice.google.de	www.googletagservices.com d2na2p72vtqyok.cloudfront.net
3	lcidc.liadm.com	1 redirects www.sonomanews.com
2	dashboard.insticator.com	d3lcz8vpax4lo2.cloudfront.net
2	www.google-analytics.com	www.sonomanews.com
2	pagead2.googlesyndication.com
2	web.hb.ad.cpe.dotomi.com	df80k0z3fi8zg.cloudfront.net
2	apex.go.sonobi.com	df80k0z3fi8zg.cloudfront.net
2	as-sec.casalemedia.com	df80k0z3fi8zg.cloudfront.net
2	d2na2p72vtqyok.cloudfront.net	www.sonomanews.com
2	pressdemocrat.wufoo.com	www.sonomanews.com pressdemocrat.wufoo.com
2	fonts.gstatic.com	b-code.liadm.com
2	js.matheranalytics.com	1 redirects www.sonomanews.com
2	tru.am	www.sonomanews.com tru.am
2	static.chartbeat.com	www.sonomanews.com
2	maxcdn.bootstrapcdn.com	www.sonomanews.com b-code.liadm.com
2	fonts.googleapis.com	www.sonomanews.com d3lcz8vpax4lo2.cloudfront.net
1	www.google.com	www.sonomanews.com
1	media0.giphy.com
1	cms.insticator.com	d3lcz8vpax4lo2.cloudfront.net
1	d3lcz8vpax4lo2.cloudfront.net	d2na2p72vtqyok.cloudfront.net
1	valleytalking.blogs.sonomanews.com
1	code.pressdemocrat.com	smi.blueconic.net
1	ping.chartbeat.net	www.sonomanews.com
1	img.pressdemocrat.com	www.sonomanews.com
1	c.liadm.com	www.sonomanews.com
1	i.liadm.com	b-code.liadm.com
1	mab.chartbeat.com	static.chartbeat.com
1	jadserve.postrelease.com	s.ntv.io
1	s.ntv.io	www.sonomanews.com
1	b-code.liadm.com	www.sonomanews.com
1	cdn.blueconic.net	www.sonomanews.com
1	ajax.googleapis.com	www.sonomanews.com
1	sonomanews.com	1 redirects
228	55

This site contains links to these domains. Also see Links.

Domain
customercare.sonomanews.com
sonomanews.com
pressdemocrat.jobboard.recruitology.com
classifieds.pressdemocrat.com
adportal.pressdemocrat.com
valleytalking.blogs.sonomanews.com
www.pressdemocrat.com
www.petaluma360.com
www.northbaybusinessjournal.com
www.sonomamag.com
www.emeraldreport.com
www.laprensasonoma.com
www.facebook.com
twitter.com
www.instagram.com
events.pressdemocrat.com
events.sonomanews.com
www.northbayhousesforsale.com
santarosapressdemocrat.ca.newsmemory.com
www.capublicnotice.com
www.pdmediasource.com
www.sonomamediainvestments.com
nl.newsbank.com

Subject Issuer	Validity	Valid
pressdemocrat.com COMODO RSA Domain Validation Secure Server CA	`2018-07-10` - `2019-07-10`	a year	crt.sh
*.googleapis.com Google Internet Authority G3	`2019-01-23` - `2019-04-17`	3 months	crt.sh
*.bootstrapcdn.com COMODO RSA Domain Validation Secure Server CA	`2018-10-03` - `2019-10-12`	a year	crt.sh
*.chartbeat.com Gandi Standard SSL CA 2	`2018-04-02` - `2019-04-18`	a year	crt.sh
*.blueconic.net Thawte RSA CA 2018	`2017-12-13` - `2019-12-13`	2 years	crt.sh
b-code.liadm.com DigiCert ECC Secure Server CA	`2018-07-16` - `2019-07-16`	a year	crt.sh
*.ntv.io DigiCert SHA2 Secure Server CA	`2018-06-12` - `2019-12-11`	a year	crt.sh
ssl389962.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-01-10` - `2019-07-19`	6 months	crt.sh
js.matheranalytics.com COMODO RSA Domain Validation Secure Server CA	`2017-04-07` - `2019-04-07`	2 years	crt.sh
*.g.doubleclick.net Google Internet Authority G3	`2019-01-23` - `2019-04-17`	3 months	crt.sh
*.google.com Google Internet Authority G3	`2019-01-23` - `2019-04-17`	3 months	crt.sh
*.postrelease.com Amazon	`2018-04-25` - `2019-05-25`	a year	crt.sh
f6.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-02-07` - `2019-09-12`	7 months	crt.sh
*.liadm.com Amazon	`2019-01-25` - `2020-02-25`	a year	crt.sh
*.wufoo.com DigiCert SHA2 Secure Server CA	`2017-03-14` - `2020-05-15`	3 years	crt.sh
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2018-09-22` - `2019-03-31`	6 months	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2018-12-20` - `2020-01-01`	a year	crt.sh
tpc.googlesyndication.com Google Internet Authority G3	`2019-01-23` - `2019-04-17`	3 months	crt.sh
*.adventive.com Go Daddy Secure Certificate Authority - G2	`2017-01-21` - `2019-02-22`	2 years	crt.sh
www.i.matheranalytics.com COMODO RSA Domain Validation Secure Server CA	`2017-12-10` - `2020-02-08`	2 years	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2018-10-08` - `2019-10-09`	a year	crt.sh
*.insticator.com COMODO RSA Organization Validation Secure Server CA	`2018-05-25` - `2020-08-26`	2 years	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
*.smartadserver.com Thawte RSA CA 2018	`2018-09-07` - `2020-02-17`	a year	crt.sh
*.rubiconproject.com DigiCert SHA2 Secure Server CA	`2019-01-10` - `2021-01-14`	2 years	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2019-01-09` - `2020-03-09`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2019-02-01` - `2021-02-04`	2 years	crt.sh
*.gumgum.com Amazon	`2018-08-28` - `2019-09-28`	a year	crt.sh
dmx.districtm.io Let's Encrypt Authority X3	`2019-02-05` - `2019-05-06`	3 months	crt.sh
*.dotomi.com GlobalSign Organization Validation CA - SHA256 - G2	`2017-07-11` - `2019-08-01`	2 years	crt.sh
adventivecdn.com CloudFlare Inc ECC CA-2	`2018-11-12` - `2019-11-12`	a year	crt.sh
f2.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2019-02-08` - `2019-09-07`	7 months	crt.sh
www.google.com Google Internet Authority G3	`2019-01-23` - `2019-04-17`	3 months	crt.sh

This page contains 14 frames:

Primary Page: https://www.sonomanews.com/
Frame ID: 9096EEADA9CCE3C81AB989FCC1B9249C
Requests: 118 HTTP requests in this frame

Frame: https://i.liadm.com/s/c/a-017m?s=&cim=&ps=true&ls=false&duid=a-017m--c3e5c6c4-a283-4377-83d2-2878086b26b6&domainSessionId=&ppid=0&euns=0&ci=0&version=sc-2.2.0&nosync=true&
Frame ID: A990A47AC58941994E83152AF9195B6B
Requests: 1 HTTP requests in this frame

Frame: https://ads.adventive.com/ad?j&pid=78dbb069-7b4e-4adc-93d7-4aa58e1e01a3&type=4&cb=2128477329&click=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjssBm2uzdbOzJEy0KLwD1WZhx6tMnKeEjtt1C-dS0YQDsXMdEZmKIxkaPD5z1vTpFPUaSzugrQVb8bR6qiTC8bB34JUAapasQpDtm29Qs4URjScXHJTd9ZkiNtxoyG9y_C1TBVA_n8pkWWdrxhJfd1g9yNNU386N7Z-nQcCNqPxEseOG8FcU_19-uxH0Q9YxZDpY7jttBcpSwAN86XZ8Fzkbpm95MUMpDOtM8En9qBtFzHWlU-suI2M7vBs%2526sai%253DAMfl-YRROyK-c1910xjpXnm6EbzfzAqJZ-_QnGZQO4QZYtmaAi4yChbsUwrAgM3g-J3OVkyi7q_B7_C2rbYQPoq0BQInpRxG_bOiKxQz3E4q%2526sig%253DCg0ArKJSzJJ0CcYawgWAEAE%2526urlfix%253D1%2526adurl%253D&enc=1&fb_url=&ref=sonomanews.com&oop=
Frame ID: FDDD9C4040147BD78DEC6126A18E416E
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20190204/r20110914/client/ext/m_window_focus_non_hydra.js
Frame ID: 61C5E130E75CEFEDEE287957036F45E2
Requests: 6 HTTP requests in this frame

Frame: https://d2na2p72vtqyok.cloudfront.net/client-embed/04bb84fd-2de6-431d-bfc5-e32a5273fffa.js
Frame ID: 24D9A0CED19111512D9EF7BE2CB71192
Requests: 29 HTTP requests in this frame

Frame: https://assets.adventivecdn.com/ui/css/fallbackfonts-min.css
Frame ID: 4F1C7AD06E2794C29FB3E1CDC0DBF321
Requests: 2 HTTP requests in this frame

Frame: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/1585e5bf-f81a-40cf-aa86-cec8b8856b79.js
Frame ID: 3C9891DCCC94D0C9809F367A90677F4C
Requests: 32 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-31/html/container.html?n=1
Frame ID: E2776735820DED3FDA4B431BECEF7F1F
Requests: 1 HTTP requests in this frame

Frame: https://assets.adventivecdn.com/ui/css/fallbackfonts-min.css
Frame ID: 4855D7344756B038133C5BCCCBE42F7F
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-31/html/container.html?n=1
Frame ID: AB6B834143D2AB0A549E1262B0250B1C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20190204/r20110914/client/ext/m_window_focus_non_hydra.js
Frame ID: 3A858FFFFC645F1E07173CDB461E553D
Requests: 5 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/pagead/js/r20190204/r20110914/client/ext/m_window_focus_non_hydra.js
Frame ID: 3B4431D0610AFA3C9572F53E72E33FD6
Requests: 6 HTTP requests in this frame

Frame: https://d2na2p72vtqyok.cloudfront.net/client-embed/04bb84fd-2de6-431d-bfc5-e32a5273fffa.js
Frame ID: D75A4F0CAF29E965AB6D5E589E2072CA
Requests: 23 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/safeframe/1-0-31/html/container.html?n=1
Frame ID: 593C38A0709553BE4058981814F154C7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

http://sonomanews.com/ HTTP 301
https://www.sonomanews.com/ Page URL

Detected technologies

Red Hat (Operating Systems) Expand

Overall confidence: 100%
Detected patterns

headers server /Red Hat/i

Apache (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /(?:Apache(?:$|\/([\d.]+)|[^\/-])|(?:^|)HTTPD)/i

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /chartbeat\.js/i
env /^_sf_(?:endpt|async_config)$/i

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googletagservices\.com\/tag\/js\/gpt(?:_mobile)?\.js/i

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+font-awesome(?:\.min)?\.css/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

env /^__google_ad_/i
env /^Goog_AdSense_/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

env /^gaGlobal$/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

env /^googletag$/i

OWL Carousel (Widgets) Expand

Overall confidence: 100%
Detected patterns

html /<link [^>]*href="[^"]+owl.carousel(?:\.min)?\.css/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /\/([\d.]+)\/jquery(?:\.min)?\.js/i
script /jquery.*\.js/i
env /^jQuery$/i
html /<link [^>]*href="[^"]+owl.carousel(?:\.min)?\.css/i

Page Statistics

228
Requests

98 %
HTTPS

42 %
IPv6

34
Domains

55
Subdomains

50
IPs

8
Countries

5022 kB
Transfer

8779 kB
Size

11
Cookies

36 Outgoing links

These are links going to different origins than the main page.

URL: https://customercare.sonomanews.com/Login.aspx?SentFromUrl=https://www.sonomanews.com
Title: Sign In

Search URL Search Domain Scan URL

URL: https://customercare.sonomanews.com/Login.aspx?SentFromUrl=eEdition
Title: e-Edition

Search URL Search Domain Scan URL

URL: https://customercare.sonomanews.com/LandingPage.aspx
Title: Subscribe

Search URL Search Domain Scan URL

URL: http://sonomanews.com/entertainment
Title: Entertainment

Search URL Search Domain Scan URL

URL: http://sonomanews.com/opinion
Title: Opinion

Search URL Search Domain Scan URL

URL: https://pressdemocrat.jobboard.recruitology.com/
Title: Jobs

Search URL Search Domain Scan URL

URL: http://classifieds.pressdemocrat.com/
Title: Classified

Search URL Search Domain Scan URL

URL: https://adportal.pressdemocrat.com/adportal/classified/index.html
Title: Real Estate

Search URL Search Domain Scan URL

URL: http://valleytalking.blogs.sonomanews.com/
Title: Valley Talking

Search URL Search Domain Scan URL

URL: http://www.pressdemocrat.com/

Search URL Search Domain Scan URL

URL: http://www.petaluma360.com/

Search URL Search Domain Scan URL

URL: http://www.northbaybusinessjournal.com/

Search URL Search Domain Scan URL

URL: http://www.sonomamag.com/

Search URL Search Domain Scan URL

URL: http://www.emeraldreport.com/

Search URL Search Domain Scan URL

URL: http://www.laprensasonoma.com/

Search URL Search Domain Scan URL

URL: https://www.facebook.com/SonomaIndexTribune
Title:

Search URL Search Domain Scan URL

URL: https://twitter.com/sonomanews
Title:

Search URL Search Domain Scan URL

URL: https://www.instagram.com/indextribune/
Title:

Search URL Search Domain Scan URL

URL: https://www.pressdemocrat.com/news/
Title: News

Search URL Search Domain Scan URL

URL: https://www.pressdemocrat.com/opinion/
Title: Opinion

Search URL Search Domain Scan URL

URL: https://www.pressdemocrat.com/sports/
Title: Sports

Search URL Search Domain Scan URL

URL: https://www.pressdemocrat.com/entertainment/
Title: Entertainment

Search URL Search Domain Scan URL

URL: https://www.pressdemocrat.com/lifestyle/
Title: Wine Country Life

Search URL Search Domain Scan URL

URL: https://www.pressdemocrat.com/business/
Title: Business

Search URL Search Domain Scan URL

URL: http://events.pressdemocrat.com/
Title: Find Events

Search URL Search Domain Scan URL

URL: https://www.pressdemocrat.com/archives
Title: Archives

Search URL Search Domain Scan URL

URL: http://events.sonomanews.com/
Title: Calendar

Search URL Search Domain Scan URL

URL: http://www.northbayhousesforsale.com/
Title: Real Estate

Search URL Search Domain Scan URL

URL: http://santarosapressdemocrat.ca.newsmemory.com/ssindex.php
Title: Special Sections

Search URL Search Domain Scan URL

URL: http://www.capublicnotice.com/
Title: Public / Legal Notices

Search URL Search Domain Scan URL

URL: http://www.pdmediasource.com/print/sonoma-index-tribune/
Title: Advertising

Search URL Search Domain Scan URL

URL: http://www.sonomamediainvestments.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://customercare.sonomanews.com/Login.aspx
Title: Manage Home Delivery

Search URL Search Domain Scan URL

URL: https://customercare.sonomanews.com/login.aspx?SentFromUrl=eEdition
Title: e-Edition

Search URL Search Domain Scan URL

URL: http://nl.newsbank.com/sites/sitb/
Title: Archives

Search URL Search Domain Scan URL

URL: https://www.sonomamediainvestments.com/privacy
Title: Privacy Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://sonomanews.com/ HTTP 301
https://www.sonomanews.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 43

https://js.matheranalytics.com/s/ma16916/901956900/ml.js?cb=1495 HTTP 301
https://js.matheranalytics.com/static/ltm/ma16916/901956900/5/ml.br.js

Request Chain 57

https://lcidc.liadm.com/api/v1/dynamic-conversion?e=viewContent&aid=5398&pu=aHR0cHM6Ly93d3cuc29ub21hbmV3cy5jb20v HTTP 302
https://lcidc.liadm.com/api/v1/dynamic-conversion?e=viewContent&aid=5398&pu=aHR0cHM6Ly93d3cuc29ub21hbmV3cy5jb20v&n3pc=true

228 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request

Cookie set / Show response
www.sonomanews.com/
Redirect Chain

http://sonomanews.com/
https://www.sonomanews.com/

195 KB
23 KB

826ms
718ms

Document
text/html

107.154.114.50
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sonomanews.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.154.114.50 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.114.50.ip.incapdns.net
Software: Apache/2.2.15 (Red Hat) /
Resource Hash: a0d2663c17996dc0808dc5f1e15890ca2dc7c768b8949354ee88ec62e3a1c735

Request headers

Host: www.sonomanews.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
CACHE-CONTROL: no-cache
Content-Type: text/html; charset=utf-8
Date: Fri, 08 Feb 2019 17:13:41 GMT
EXPIRES: Thu, 29 Oct 1998 17:04:19 GMT
PRAGMA: no-cache
Server: Apache/2.2.15 (Red Hat)
SET-COOKIE: CSPSESSIONID-SP-80-UP-=006000000000Ry5FukgmC80000eRvVplx2U6kfLFCmjs5IAA--; path=/; httpOnly; TempID=Robot; expires=Sat, 08 Feb 2020 17:13:41; path=/; CSPWSERVERID=1e3c8663635f3213828a7ea10993280fbfcacfb1; path=/; httpOnly;
transfer-encoding: chunked
Connection: keep-alive
Set-Cookie: visid_incap_813078=efzotlIASyC3Vhh3zBXE07C4XVwAAAAAQUIPAAAAAADCglZ9J/RWfg2U3Fw3g3J3; expires=Sat, 08 Feb 2020 12:16:36 GMT; path=/; Domain=.sonomanews.com nlbi_813078=d2HpXpK2Lk9Ayb/7fN0T4gAAAAApXBlMKdTSxbyXOmoQVlNn; path=/; Domain=.sonomanews.com incap_ses_184_813078=VkiVPXW1rEXCjNBkaLSNArG4XVwAAAAA9UwrzD7iB11jgLV6zylF5Q==; path=/; Domain=.sonomanews.com ___utmvmXIuSLtz=VpkMOAFYyyG; path=/; Max-Age=900 ___utmvaXIuSLtz=JznEqCx; path=/; Max-Age=900 ___utmvbXIuSLtz=qZW XeaOqale: Btv; path=/; Max-Age=900
X-Iinfo: 9-208318951-208318963 NNNN CT(169 343 0) RT(1549646000310 44) q(0 0 5 0) r(7 7) U2
X-CDN: Incapsula
Content-Encoding: gzip

Redirect headers

Location: https://www.sonomanews.com/
Content-Length: 0
Connection: close

GET
H2 200 css
fonts.googleapis.com/ 10 KB
826 B 22ms
17ms Stylesheet
text/css 2a00:1450:4001:81b::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto+Condensed|Open+Sans:400,300,700

Requested by

Host: www.sonomanews.com
URL: https://www.sonomanews.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81b::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

1a570d62a933bcc259609bb72fc98c05805380360460ac6ae60b7f4fcae3e251

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Fri, 08 Feb 2019 17:13:21 GMT
server: ESF
access-control-allow-origin: *
date: Fri, 08 Feb 2019 17:13:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 1; mode=block
expires: Fri, 08 Feb 2019 17:13:21 GMT

GET
H2 200 font-awesome.min.css
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/ 26 KB
6 KB 68ms
22ms Stylesheet
text/css 209.197.3.15
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css
Requested by: Host: www.sonomanews.com
URL: https://www.sonomanews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: vip0x00f.map2.ssl.hwcdn.net
Software: /
Resource Hash: 936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 17:13:21 GMT
content-encoding: gzip
last-modified: Wed, 12 Dec 2018 18:35:19 GMT
access-control-allow-origin: *
etag: "1544639719"
vary: Accept-Encoding
x-cache: HIT
content-type: text/css; charset=utf-8
status: 200
cache-control: public, max-age=31536000
x-hello-human: Say hello back! @getBootstrapCDN on Twitter
accept-ranges: bytes
timing-allow-origin: *
content-length: 6079

GET
H/1.1 200
OK wx.css
code.sonomanews.com/css/ 2 KB
834 B 365ms
109ms Stylesheet
text/css 192.237.253.150
Rackspace Hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://code.sonomanews.com/css/wx.css
Requested by: Host: www.sonomanews.com
URL: https://www.sonomanews.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.237.253.150 San Antonio, United States, ASN19994 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: c24bfa19a69ab2adf5d2a889e3da088cdc0c16f4e3ccf43805c157bb5014aa96

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: code.sonomanews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: https://www.sonomanews.com/
Cookie: visid_incap_813078=efzotlIASyC3Vhh3zBXE07C4XVwAAAAAQUIPAAAAAADCglZ9J/RWfg2U3Fw3g3J3; nlbi_813078=d2HpXpK2Lk9Ayb/7fN0T4gAAAAApXBlMKdTSxbyXOmoQVlNn; incap_ses_184_813078=VkiVPXW1rEXCjNBkaLSNArG4XVwAAAAA9UwrzD7iB11jgLV6zylF5Q==
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 08 Feb 2019 17:13:22 GMT
Content-Encoding: gzip
Last-Modified: Wed, 16 Mar 2016 20:14:19 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "60c-52e3028a89cc0-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=604801
Connection: close
Accept-Ranges: bytes
Content-Length: 472

GET
H/1.1 200
OK owl.carousel.css
code.sonomanews.com/css/ 5 KB
2 KB 367ms
110ms Stylesheet
text/css 192.237.253.150
Rackspace Hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://code.sonomanews.com/css/owl.carousel.css
Requested by: Host: www.sonomanews.com
URL: https://www.sonomanews.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.237.253.150 San Antonio, United States, ASN19994 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 888d267b255b55a63dcc49b3a2086ea1be225a8578bbcaec677f0fb3803f09c5

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: code.sonomanews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: https://www.sonomanews.com/
Cookie: visid_incap_813078=efzotlIASyC3Vhh3zBXE07C4XVwAAAAAQUIPAAAAAADCglZ9J/RWfg2U3Fw3g3J3; nlbi_813078=d2HpXpK2Lk9Ayb/7fN0T4gAAAAApXBlMKdTSxbyXOmoQVlNn; incap_ses_184_813078=VkiVPXW1rEXCjNBkaLSNArG4XVwAAAAA9UwrzD7iB11jgLV6zylF5Q==
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 08 Feb 2019 17:13:22 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Dec 2015 21:44:31 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "145a-5282471754dc0-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=604801
Connection: close
Accept-Ranges: bytes
Content-Length: 1255

GET
H/1.1 200
OK normalize.css
code.sonomanews.com/css/ 8 KB
3 KB 369ms
111ms Stylesheet
text/css 192.237.253.150
Rackspace Hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://code.sonomanews.com/css/normalize.css
Requested by: Host: www.sonomanews.com
URL: https://www.sonomanews.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.237.253.150 San Antonio, United States, ASN19994 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: c83db211d3d9d1b0eb9af0fecb698f58b538d5c44b769d5e8b9158c36679cfc5

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: code.sonomanews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: https://www.sonomanews.com/
Cookie: visid_incap_813078=efzotlIASyC3Vhh3zBXE07C4XVwAAAAAQUIPAAAAAADCglZ9J/RWfg2U3Fw3g3J3; nlbi_813078=d2HpXpK2Lk9Ayb/7fN0T4gAAAAApXBlMKdTSxbyXOmoQVlNn; incap_ses_184_813078=VkiVPXW1rEXCjNBkaLSNArG4XVwAAAAA9UwrzD7iB11jgLV6zylF5Q==
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 08 Feb 2019 17:13:22 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Dec 2015 21:44:31 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "20c8-5282471754dc0-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=604801
Connection: close
Accept-Ranges: bytes
Content-Length: 2637

GET
H/1.1 200
OK georgeb.css
code.sonomanews.com/css/ 840 B
734 B 380ms
122ms Stylesheet
text/css 192.237.253.150
Rackspace Hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://code.sonomanews.com/css/georgeb.css
Requested by: Host: www.sonomanews.com
URL: https://www.sonomanews.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.237.253.150 San Antonio, United States, ASN19994 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: ef0a47a6d4e63133a082e161e26dbd1531030117ca4531a508f704ed68320fc8

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: code.sonomanews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: https://www.sonomanews.com/
Cookie: visid_incap_813078=efzotlIASyC3Vhh3zBXE07C4XVwAAAAAQUIPAAAAAADCglZ9J/RWfg2U3Fw3g3J3; nlbi_813078=d2HpXpK2Lk9Ayb/7fN0T4gAAAAApXBlMKdTSxbyXOmoQVlNn; incap_ses_184_813078=VkiVPXW1rEXCjNBkaLSNArG4XVwAAAAA9UwrzD7iB11jgLV6zylF5Q==
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 08 Feb 2019 17:13:22 GMT
Content-Encoding: gzip
Last-Modified: Tue, 21 Aug 2018 17:44:48 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "348-573f595070400-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=604801
Connection: close
Accept-Ranges: bytes
Content-Length: 372

GET
H/1.1 200
OK animate.css
code.sonomanews.com/css/ 72 KB
5 KB 380ms
121ms Stylesheet
text/css 192.237.253.150
Rackspace Hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://code.sonomanews.com/css/animate.css
Requested by: Host: www.sonomanews.com
URL: https://www.sonomanews.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.237.253.150 San Antonio, United States, ASN19994 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: fe347496cacc05a84656a99c3667917a13e8b7a56c1b41331448d1e257db4a6b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: code.sonomanews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: https://www.sonomanews.com/
Cookie: visid_incap_813078=efzotlIASyC3Vhh3zBXE07C4XVwAAAAAQUIPAAAAAADCglZ9J/RWfg2U3Fw3g3J3; nlbi_813078=d2HpXpK2Lk9Ayb/7fN0T4gAAAAApXBlMKdTSxbyXOmoQVlNn; incap_ses_184_813078=VkiVPXW1rEXCjNBkaLSNArG4XVwAAAAA9UwrzD7iB11jgLV6zylF5Q==
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 08 Feb 2019 17:13:22 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Dec 2015 21:44:30 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "1215f-5282471660b80-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=604801
Connection: close
Accept-Ranges: bytes
Content-Length: 4333

GET
H/1.1 200
OK section.css
code.sonomanews.com/css/ 57 KB
7 KB 390ms
118ms Stylesheet
text/css 192.237.253.150
Rackspace Hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://code.sonomanews.com/css/section.css
Requested by: Host: www.sonomanews.com
URL: https://www.sonomanews.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.237.253.150 San Antonio, United States, ASN19994 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 8f56a5a8fdc2494a7e9159be9b03646f69d5bebb81ac949ff269f43af36c763d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: code.sonomanews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: https://www.sonomanews.com/
Cookie: visid_incap_813078=efzotlIASyC3Vhh3zBXE07C4XVwAAAAAQUIPAAAAAADCglZ9J/RWfg2U3Fw3g3J3; nlbi_813078=d2HpXpK2Lk9Ayb/7fN0T4gAAAAApXBlMKdTSxbyXOmoQVlNn; incap_ses_184_813078=VkiVPXW1rEXCjNBkaLSNArG4XVwAAAAA9UwrzD7iB11jgLV6zylF5Q==
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 08 Feb 2019 17:13:22 GMT
Content-Encoding: gzip
Last-Modified: Fri, 03 Aug 2018 22:14:23 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "e27c-5728f3ffd2dc0-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=604801
Connection: close
Accept-Ranges: bytes
Content-Length: 6620

GET
H/1.1 200
OK unified.css
code.sonomanews.com/css/ 57 KB
7 KB 732ms
112ms Stylesheet
text/css 192.237.253.150
Rackspace Hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://code.sonomanews.com/css/unified.css
Requested by: Host: www.sonomanews.com
URL: https://www.sonomanews.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.237.253.150 San Antonio, United States, ASN19994 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: f56290b6eade2694d045f761b1004af210472981b932b4b977983575dd4ab0be

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: code.sonomanews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: https://www.sonomanews.com/
Cookie: visid_incap_813078=efzotlIASyC3Vhh3zBXE07C4XVwAAAAAQUIPAAAAAADCglZ9J/RWfg2U3Fw3g3J3; nlbi_813078=d2HpXpK2Lk9Ayb/7fN0T4gAAAAApXBlMKdTSxbyXOmoQVlNn; incap_ses_184_813078=VkiVPXW1rEXCjNBkaLSNArG4XVwAAAAA9UwrzD7iB11jgLV6zylF5Q==
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 08 Feb 2019 17:13:22 GMT
Content-Encoding: gzip
Last-Modified: Fri, 03 Aug 2018 19:21:16 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "e4f5-5728cd4e02300-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=604801
Connection: close
Accept-Ranges: bytes
Content-Length: 6774

GET
H/1.1 200
OK cph.unified.css
code.sonomanews.com/shared/css/ 0
306 B 731ms
111ms Stylesheet
text/css 192.237.253.150
Rackspace Hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://code.sonomanews.com/shared/css/cph.unified.css?v=20171031
Requested by: Host: www.sonomanews.com
URL: https://www.sonomanews.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.237.253.150 San Antonio, United States, ASN19994 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: code.sonomanews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: https://www.sonomanews.com/
Cookie: visid_incap_813078=efzotlIASyC3Vhh3zBXE07C4XVwAAAAAQUIPAAAAAADCglZ9J/RWfg2U3Fw3g3J3; nlbi_813078=d2HpXpK2Lk9Ayb/7fN0T4gAAAAApXBlMKdTSxbyXOmoQVlNn; incap_ses_184_813078=VkiVPXW1rEXCjNBkaLSNArG4XVwAAAAA9UwrzD7iB11jgLV6zylF5Q==
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 08 Feb 2019 17:13:22 GMT
Last-Modified: Wed, 15 Nov 2017 19:40:48 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "0-55e0aae269000"
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=604801
Connection: close
Accept-Ranges: bytes
Content-Length: 0

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/2.1.4/ 82 KB
29 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:818::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js

Requested by

Host: www.sonomanews.com
URL: https://www.sonomanews.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:818::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 25 Jan 2019 06:51:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1246929
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 29725
x-xss-protection: 1; mode=block
last-modified: Tue, 20 Dec 2016 18:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 25 Jan 2020 06:51:12 GMT

GET
H/1.1 200
OK jquery.onAppear.js Show response
code.sonomanews.com/js/ 4 KB
2 KB 1725ms
108ms Script
application/javascript 192.237.253.150
Rackspace Hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://code.sonomanews.com/js/jquery.onAppear.js
Requested by: Host: www.sonomanews.com
URL: https://www.sonomanews.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.237.253.150 San Antonio, United States, ASN19994 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 2d8a8b0ed3add2bc5565f52397b6d6905c0582a14596a450f88465762ccabdfa

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: code.sonomanews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://www.sonomanews.com/
Cookie: visid_incap_813078=efzotlIASyC3Vhh3zBXE07C4XVwAAAAAQUIPAAAAAADCglZ9J/RWfg2U3Fw3g3J3; nlbi_813078=d2HpXpK2Lk9Ayb/7fN0T4gAAAAApXBlMKdTSxbyXOmoQVlNn; incap_ses_184_813078=VkiVPXW1rEXCjNBkaLSNArG4XVwAAAAA9UwrzD7iB11jgLV6zylF5Q==
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 08 Feb 2019 17:13:23 GMT
Content-Encoding: gzip
Last-Modified: Wed, 30 Dec 2015 21:44:33 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "ed7-528247193d240-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=604801
Connection: close
Accept-Ranges: bytes
Content-Length: 1224

GET
H/1.1 200
OK section.may.js Show response
code.sonomanews.com/js/ 20 KB
5 KB 1733ms
117ms Script
application/javascript 192.237.253.150
Rackspace Hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://code.sonomanews.com/js/section.may.js
Requested by: Host: www.sonomanews.com
URL: https://www.sonomanews.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.237.253.150 San Antonio, United States, ASN19994 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: f8c87e17e32f7cdcbe006b82199c2ef56ff4357816887b5fd59423bce620a153

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: code.sonomanews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://www.sonomanews.com/
Cookie: visid_incap_813078=efzotlIASyC3Vhh3zBXE07C4XVwAAAAAQUIPAAAAAADCglZ9J/RWfg2U3Fw3g3J3; nlbi_813078=d2HpXpK2Lk9Ayb/7fN0T4gAAAAApXBlMKdTSxbyXOmoQVlNn; incap_ses_184_813078=VkiVPXW1rEXCjNBkaLSNArG4XVwAAAAA9UwrzD7iB11jgLV6zylF5Q==
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 08 Feb 2019 17:13:23 GMT
Content-Encoding: gzip
Last-Modified: Mon, 08 Oct 2018 23:23:36 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "4fde-577bfe9167f94-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=604801
Connection: close
Accept-Ranges: bytes
Content-Length: 4265

GET
H/1.1 200
OK cph.unified.js Show response
code.sonomanews.com/shared/js/ 19 KB
6 KB 1733ms
118ms Script
application/javascript 192.237.253.150
Rackspace Hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://code.sonomanews.com/shared/js/cph.unified.js?v=20171031
Requested by: Host: www.sonomanews.com
URL: https://www.sonomanews.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.237.253.150 San Antonio, United States, ASN19994 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 42282d80bb1bdb79c8e0d8cfd03cfcb82da20997af94f351dbcf9e43274466b6

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: code.sonomanews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://www.sonomanews.com/
Cookie: visid_incap_813078=efzotlIASyC3Vhh3zBXE07C4XVwAAAAAQUIPAAAAAADCglZ9J/RWfg2U3Fw3g3J3; nlbi_813078=d2HpXpK2Lk9Ayb/7fN0T4gAAAAApXBlMKdTSxbyXOmoQVlNn; incap_ses_184_813078=VkiVPXW1rEXCjNBkaLSNArG4XVwAAAAA9UwrzD7iB11jgLV6zylF5Q==
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 08 Feb 2019 17:13:23 GMT
Content-Encoding: gzip
Last-Modified: Fri, 14 Dec 2018 18:05:06 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "4af8-57cff45605880-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=604801
Connection: close
Accept-Ranges: bytes
Content-Length: 6047

GET
H/1.1 200
OK print.css
code.sonomanews.com/css/ 537 B
658 B 1338ms
113ms Stylesheet
text/css 192.237.253.150
Rackspace Hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://code.sonomanews.com/css/print.css
Requested by: Host: www.sonomanews.com
URL: https://www.sonomanews.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.237.253.150 San Antonio, United States, ASN19994 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 4794ef319ebf20a4e7f6db6d8e02ff7f608c594a96050ebeab38ab8248b3b65f

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: code.sonomanews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/css,*/*;q=0.1
Referer: https://www.sonomanews.com/
Cookie: visid_incap_813078=efzotlIASyC3Vhh3zBXE07C4XVwAAAAAQUIPAAAAAADCglZ9J/RWfg2U3Fw3g3J3; nlbi_813078=d2HpXpK2Lk9Ayb/7fN0T4gAAAAApXBlMKdTSxbyXOmoQVlNn; incap_ses_184_813078=VkiVPXW1rEXCjNBkaLSNArG4XVwAAAAA9UwrzD7iB11jgLV6zylF5Q==
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 08 Feb 2019 17:13:23 GMT
Content-Encoding: gzip
Last-Modified: Tue, 19 Jan 2016 00:08:57 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "219-529a4acfa1840-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=604801
Connection: close
Accept-Ranges: bytes
Content-Length: 296

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 18 KB
8 KB 62ms
8ms Script
application/x-javascript 2600:9000:200c:3400:18:1fcd:348:2461
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: www.sonomanews.com
URL: https://www.sonomanews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:3400:18:1fcd:348:2461 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: b48ef5a7bc3d64c9e962bd440b6071266a0b7fa786f5c9556e283d025ead506b

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 13:14:51 GMT
content-encoding: gzip
last-modified: Thu, 25 Oct 2018 02:07:51 GMT
server: nginx
age: 14311
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=86400
x-amz-cf-id: Zl_8-rApHXX5Q0mLZhJshq_HxqlAViQLI3HBwSC53lTEwimyeBakhw==
via: 1.1 ddd91cf4cd1b9310c0aee8953bc042e2.cloudfront.net (CloudFront)
expires: Sat, 09 Feb 2019 13:14:51 GMT

GET
H2 200 smi.js Show response
cdn.blueconic.net/ 122 KB
37 KB 149ms
22ms Script
text/javascript 52.222.150.238
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.blueconic.net/smi.js

Requested by

Host: www.sonomanews.com
URL: https://www.sonomanews.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.222.150.238 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),

Reverse DNS

server-52-222-150-238.fra53.r.cloudfront.net

Software

Apache /

Resource Hash

1e343402ab7720a15c8dd1ffa040cbee5cab4d20da85770a2b62bd8523ee619d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 00:05:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
x-cache: Hit from cloudfront
status: 200
content-length: 37671
x-xss-protection: 1; mode=block
last-modified: Wed, 30 Jan 2019 10:00:37 GMT
server: Apache
etag: "1e733-580a9fb523f48-gzip"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
via: 1.1 65715c6e447bfc4ebcfb81f088c7e3f3.cloudfront.net (CloudFront)
cache-control: public, max-age=600, s-maxage=500
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-amz-cf-id: EAdL9O8oqHWdcsJ9mP5cDEJH0UqFJK5lgorndJEpvf75qbnD6DmGLQ==

GET
H2 200 a-017m.min.js Show response
b-code.liadm.com/ 99 KB
33 KB 94ms
12ms Script
application/javascript 2a02:26f0:6c00:296::63cc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://b-code.liadm.com/a-017m.min.js
Requested by: Host: www.sonomanews.com
URL: https://www.sonomanews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:6c00:296::63cc , European Union, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: 2b5b3651f3da482748bdb8405100f9375cb40ce633c6462dc87dc76b21081ffe

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 17:13:22 GMT
content-encoding: gzip
last-modified: Thu, 07 Feb 2019 14:14:57 GMT
etag: "5df3d93577e4feeeb640d337dd4c0aed"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=3402
accept-ranges: bytes
content-length: 33622

GET
H/1.1 200
OK load.js Show response
s.ntv.io/serve/ 262 KB
76 KB 114ms
33ms Script
application/x-javascript 2.18.234.163
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/serve/load.js
Requested by: Host: www.sonomanews.com
URL: https://www.sonomanews.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.163 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-234-163.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 8e10c842130ae9f6a6ce47b042e7f0de5127880079d7633ba3caf01407cb5f1b

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 08 Feb 2019 17:13:22 GMT
Content-Encoding: gzip
x-amz-request-id: B2F878CDFFAADCE3
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: 5+J+TY4F5CQcBd2vRLDWcxcaIVabsgS4nXyCcMIAjn8l/1xLY0faFK4AmzCi/FNCjxDmOyURWZM=
Last-Modified: Thu, 17 Jan 2019 22:03:39 GMT
Server: AmazonS3
ETag: "7b2c7a24ec4ffe6b63633da95161141c"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H/1.1 200
OK logo.sm.png
img.sonomanews.com/logo/ 15 KB
15 KB 389ms
116ms Image
image/png 192.237.253.150
Rackspace Hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sonomanews.com/logo/logo.sm.png
Requested by: Host: www.sonomanews.com
URL: https://www.sonomanews.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.237.253.150 San Antonio, United States, ASN19994 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: eb012d35873cf2682901744c3e07e98ad0aa6f3e5f24abf362c98bae3ebe48c4

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: img.sonomanews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.sonomanews.com/
Cookie: visid_incap_813078=efzotlIASyC3Vhh3zBXE07C4XVwAAAAAQUIPAAAAAADCglZ9J/RWfg2U3Fw3g3J3; nlbi_813078=d2HpXpK2Lk9Ayb/7fN0T4gAAAAApXBlMKdTSxbyXOmoQVlNn; incap_ses_184_813078=VkiVPXW1rEXCjNBkaLSNArG4XVwAAAAA9UwrzD7iB11jgLV6zylF5Q==
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 08 Feb 2019 17:13:22 GMT
Last-Modified: Wed, 03 May 2017 18:11:51 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "3a80-54ea29724e7c0"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 14976

GET
H/1.1 200
OK 07.png
www.pressdemocrat.com/csp/mediapool/sites/pressdemocrat/assets/img/wex/ 9 KB
10 KB 98ms
22ms Image
image/png 149.126.77.33
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressdemocrat.com/csp/mediapool/sites/pressdemocrat/assets/img/wex/07.png
Requested by: Host: www.sonomanews.com
URL: https://www.sonomanews.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.126.77.33 Frankfurt, Germany, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 149.126.77.33.ip.incapdns.net
Software: /
Resource Hash: 5e1e7058a02b15ef356e1f0160fc654c7d618ea9e0f117a0be4a184faf5bfd85

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 08 Feb 2019 17:13:22 GMT
Last-Modified: Mon, 28 Jul 2014 20:26:35 GMT
X-CDN: Incapsula
Etag: "94ff48ee"
Content-Type: image/png
X-Iinfo: 5-203374868-0 0CNN RT(1549646002258 43) q(0 -1 -1 1) r(0 -1)
Cache-Control: max-age=1339, public
Content-Length: 9721
Expires: Fri, 08 Feb 2019 17:35:41 GMT

GET
H/1.1 200
OK 12.png
www.pressdemocrat.com/csp/mediapool/sites/pressdemocrat/assets/img/wex/ 10 KB
10 KB 11ms
11ms Image
image/png 149.126.77.33
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressdemocrat.com/csp/mediapool/sites/pressdemocrat/assets/img/wex/12.png
Requested by: Host: www.sonomanews.com
URL: https://www.sonomanews.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.126.77.33 Frankfurt, Germany, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 149.126.77.33.ip.incapdns.net
Software: /
Resource Hash: 3569a4c0a46dcc1a495c5b11dbc61e521d33a1d6d863278a57eff633c2037251

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 08 Feb 2019 17:13:22 GMT
Last-Modified: Mon, 28 Jul 2014 20:26:38 GMT
X-CDN: Incapsula
Etag: "97b07c01"
Content-Type: image/png
X-Iinfo: 5-203374868-0 0CNN RT(1549646002258 65) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=1344, public
Content-Length: 9791
Expires: Fri, 08 Feb 2019 17:35:46 GMT

GET
H/1.1 200
OK 18.png
www.pressdemocrat.com/csp/mediapool/sites/pressdemocrat/assets/img/wex/ 10 KB
10 KB 9ms
8ms Image
image/png 149.126.77.33
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressdemocrat.com/csp/mediapool/sites/pressdemocrat/assets/img/wex/18.png
Requested by: Host: www.sonomanews.com
URL: https://www.sonomanews.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.126.77.33 Frankfurt, Germany, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 149.126.77.33.ip.incapdns.net
Software: /
Resource Hash: 3569a4c0a46dcc1a495c5b11dbc61e521d33a1d6d863278a57eff633c2037251

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 08 Feb 2019 17:13:22 GMT
Last-Modified: Mon, 28 Jul 2014 20:26:43 GMT
X-CDN: Incapsula
Etag: "2d75bac8"
Content-Type: image/png
X-Iinfo: 5-203374868-0 0CNN RT(1549646002258 75) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=1327, public
Content-Length: 9791
Expires: Fri, 08 Feb 2019 17:35:29 GMT

GET
H/1.1 200
OK 06.png
www.pressdemocrat.com/csp/mediapool/sites/pressdemocrat/assets/img/wex/ 13 KB
13 KB 15ms
15ms Image
image/png 149.126.77.33
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.pressdemocrat.com/csp/mediapool/sites/pressdemocrat/assets/img/wex/06.png
Requested by: Host: www.sonomanews.com
URL: https://www.sonomanews.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 149.126.77.33 Frankfurt, Germany, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 149.126.77.33.ip.incapdns.net
Software: /
Resource Hash: 6b99dd48dbba5c6a8be99cbb486b5ea62ba8a0da9354258a46b857585b8138bd

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 08 Feb 2019 17:13:22 GMT
Last-Modified: Mon, 28 Jul 2014 20:26:35 GMT
X-CDN: Incapsula
Etag: "34e9d9a4"
Content-Type: image/png
X-Iinfo: 5-203374868-0 0CNN RT(1549646002258 86) q(0 -1 -1 -1) r(0 -1)
Cache-Control: max-age=1663, public
Content-Length: 13273
Expires: Fri, 08 Feb 2019 17:41:05 GMT

GET
H/1.1 200
OK SIT-A1.png
img.sonomanews.com/logo/ 24 KB
24 KB 348ms
105ms Image
image/png 192.237.253.150
Rackspace Hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sonomanews.com/logo/SIT-A1.png
Requested by: Host: www.sonomanews.com
URL: https://www.sonomanews.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.237.253.150 San Antonio, United States, ASN19994 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: ee3ffcfa107457a460ba4bd55fc01f685fcc467d10b8a8885e4e74638e9ca256

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: img.sonomanews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.sonomanews.com/
Cookie: visid_incap_813078=efzotlIASyC3Vhh3zBXE07C4XVwAAAAAQUIPAAAAAADCglZ9J/RWfg2U3Fw3g3J3; nlbi_813078=d2HpXpK2Lk9Ayb/7fN0T4gAAAAApXBlMKdTSxbyXOmoQVlNn; incap_ses_184_813078=VkiVPXW1rEXCjNBkaLSNArG4XVwAAAAA9UwrzD7iB11jgLV6zylF5Q==
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 08 Feb 2019 17:13:23 GMT
Last-Modified: Wed, 16 Mar 2016 20:36:06 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "6071-52e30768fd980"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 24689

GET
H/1.1 200
OK dt.common.streams.StreamServer.cls
www.sonomanews.com/csp/mediapool/sites/ 20 KB
21 KB 185ms
184ms Image
image/jpeg 107.154.114.50
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sonomanews.com/csp/mediapool/sites/dt.common.streams.StreamServer.cls?STREAMOID=KnVvilXoDfJJWO8xnR3McM$daE2N3K4ZzOUsqbU5sYs27tqzgMr_5zK8RdTZBmEbWCsjLu883Ygn4B49Lvm9bPe2QeMKQdVeZmXF$9l$4uCZ8QDXhaHEp3rvzXRJFdy0KqPHLoMevcTLo3h8xh70Y6N_U_CryOsw6FTOdKL_jpQ-&CONTENTTYPE=image/jpeg
Requested by: Host: www.sonomanews.com
URL: https://www.sonomanews.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.154.114.50 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.114.50.ip.incapdns.net
Software: Apache/2.2.15 (Red Hat) /
Resource Hash: d57654e917b9de51246c991eccd70cf0c8a906370f39e497c115350b085eae81

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.sonomanews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.sonomanews.com/
Cookie: CSPSESSIONID-SP-80-UP-=006000000000Ry5FukgmC80000eRvVplx2U6kfLFCmjs5IAA--; TempID=Robot; CSPWSERVERID=1e3c8663635f3213828a7ea10993280fbfcacfb1; visid_incap_813078=efzotlIASyC3Vhh3zBXE07C4XVwAAAAAQUIPAAAAAADCglZ9J/RWfg2U3Fw3g3J3; nlbi_813078=d2HpXpK2Lk9Ayb/7fN0T4gAAAAApXBlMKdTSxbyXOmoQVlNn; incap_ses_184_813078=VkiVPXW1rEXCjNBkaLSNArG4XVwAAAAA9UwrzD7iB11jgLV6zylF5Q==; ___utmvmXIuSLtz=VpkMOAFYyyG; ___utmvbXIuSLtz=qZW XeaOqale: Btv
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 08 Feb 2019 17:13:47 GMT
LAST-MODIFIED: Thu, 07 Feb 2019 21:39:43 GMT
Server: Apache/2.2.15 (Red Hat)
SET-COOKIE: CSPWSERVERID=25611a226daace489340db9b04a74f5ddeeca2f3; path=/; httpOnly; visid_incap_813078=efzotlIASyC3Vhh3zBXE07C4XVwAAAAAQUIPAAAAAADCglZ9J/RWfg2U3Fw3g3J3; expires=Sat, 08 Feb 2020 12:16:36 GMT; path=/; Domain=.sonomanews.com incap_ses_184_813078=VkiVPXW1rEXCjNBkaLSNArG4XVwAAAAA9UwrzD7iB11jgLV6zylF5Q==; path=/; Domain=.sonomanews.com ___utmvbXIuSLtz=a; Max-Age=0; path=/; expires=Mon, 28 Jan 2019 12:14:04 GMT ___utmvmXIuSLtz=a; Max-Age=0; path=/; expires=Mon, 28 Jan 2019 12:14:04 GMT
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
X-Iinfo: 9-208318951-208318963 SNNN RT(1549646000310 2505) q(0 0 0 -1) r(1 1) U18
CACHE-CONTROL: public, max-age=3600
Connection: keep-alive
Content-Length: 20208
X-CDN: Incapsula
EXPIRES: Fri, 08 Feb 2019 18:13:47 GMT

GET
H/1.1 200
OK sonomasurvey.gif
img.sonomanews.com/site/ 1 KB
1 KB 377ms
114ms Image
image/gif 192.237.253.150
Rackspace Hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sonomanews.com/site/sonomasurvey.gif
Requested by: Host: www.sonomanews.com
URL: https://www.sonomanews.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.237.253.150 San Antonio, United States, ASN19994 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 5dff3eb59c2ff0caa506d84d53c2bd53f05b22213a3fcd6e9cce8c92b21563ce

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: img.sonomanews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.sonomanews.com/
Cookie: visid_incap_813078=efzotlIASyC3Vhh3zBXE07C4XVwAAAAAQUIPAAAAAADCglZ9J/RWfg2U3Fw3g3J3; nlbi_813078=d2HpXpK2Lk9Ayb/7fN0T4gAAAAApXBlMKdTSxbyXOmoQVlNn; incap_ses_184_813078=VkiVPXW1rEXCjNBkaLSNArG4XVwAAAAA9UwrzD7iB11jgLV6zylF5Q==
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 08 Feb 2019 17:13:23 GMT
Last-Modified: Fri, 03 Aug 2018 22:03:39 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "446-5728f199a84c0"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 1094

GET
H/1.1 200
OK thisweekpoll.gif
www.sonomanews.com/csp/mediapool/sites/petaluma/assets/img/misc/ 2 KB
2 KB 773ms
711ms Image
image/gif 107.154.114.50
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sonomanews.com/csp/mediapool/sites/petaluma/assets/img/misc/thisweekpoll.gif
Requested by: Host: www.sonomanews.com
URL: https://www.sonomanews.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.154.114.50 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.114.50.ip.incapdns.net
Software: /
Resource Hash: 0857478dc2c8678b6d03ef925400a7c15109fc851eeb2c6e8d32b2f780c2b22b

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.sonomanews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.sonomanews.com/
Cookie: CSPSESSIONID-SP-80-UP-=006000000000Ry5FukgmC80000eRvVplx2U6kfLFCmjs5IAA--; TempID=Robot; CSPWSERVERID=1e3c8663635f3213828a7ea10993280fbfcacfb1; visid_incap_813078=efzotlIASyC3Vhh3zBXE07C4XVwAAAAAQUIPAAAAAADCglZ9J/RWfg2U3Fw3g3J3; nlbi_813078=d2HpXpK2Lk9Ayb/7fN0T4gAAAAApXBlMKdTSxbyXOmoQVlNn; incap_ses_184_813078=VkiVPXW1rEXCjNBkaLSNArG4XVwAAAAA9UwrzD7iB11jgLV6zylF5Q==; ___utmvmXIuSLtz=VpkMOAFYyyG; ___utmvbXIuSLtz=qZW XeaOqale: Btv
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 08 Feb 2019 17:13:24 GMT
Last-Modified: Wed, 18 Jun 2014 00:04:37 GMT
X-CDN: Incapsula
Etag: "8c086f7a"
Content-Type: image/gif
X-Iinfo: 7-109065655-109048121 2VNN RT(1549646002869 21) q(0 0 0 -1) r(7 7) U18
Cache-Control: max-age=3606, public
SET-COOKIE: CSPWSERVERID=c5cc4a41a1dd13189fbaa5c5423e19a907732f41; path=/; httpOnly; visid_incap_813078=efzotlIASyC3Vhh3zBXE07C4XVwAAAAAQUIPAAAAAADCglZ9J/RWfg2U3Fw3g3J3; expires=Sat, 08 Feb 2020 12:16:36 GMT; path=/; Domain=.sonomanews.com incap_ses_184_813078=VkiVPXW1rEXCjNBkaLSNArG4XVwAAAAA9UwrzD7iB11jgLV6zylF5Q==; path=/; Domain=.sonomanews.com ___utmvbXIuSLtz=a; Max-Age=0; path=/; expires=Mon, 28 Jan 2019 12:14:04 GMT ___utmvmXIuSLtz=a; Max-Age=0; path=/; expires=Mon, 28 Jan 2019 12:14:04 GMT
Content-Length: 1606
Expires: Fri, 08 Feb 2019 18:13:30 GMT

GET
H/1.1 200
OK dt.common.streams.StreamServer.cls
www.sonomanews.com/csp/mediapool/sites/ 26 KB
27 KB 731ms
669ms Image
image/jpeg 107.154.114.50
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sonomanews.com/csp/mediapool/sites/dt.common.streams.StreamServer.cls?STREAMOID=YgLfaEVLW3fSUKWgSLu068$daE2N3K4ZzOUsqbU5sYvXbmZPAXj9ZdKCpKccTSDfWCsjLu883Ygn4B49Lvm9bPe2QeMKQdVeZmXF$9l$4uCZ8QDXhaHEp3rvzXRJFdy0KqPHLoMevcTLo3h8xh70Y6N_U_CryOsw6FTOdKL_jpQ-&CONTENTTYPE=image/jpeg
Requested by: Host: www.sonomanews.com
URL: https://www.sonomanews.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.154.114.50 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.114.50.ip.incapdns.net
Software: /
Resource Hash: edb20d03f2038d60ddb990c628dddcd1d37eb55657911f553c6c7df871ab3ed7

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.sonomanews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.sonomanews.com/
Cookie: CSPSESSIONID-SP-80-UP-=006000000000Ry5FukgmC80000eRvVplx2U6kfLFCmjs5IAA--; TempID=Robot; CSPWSERVERID=1e3c8663635f3213828a7ea10993280fbfcacfb1; visid_incap_813078=efzotlIASyC3Vhh3zBXE07C4XVwAAAAAQUIPAAAAAADCglZ9J/RWfg2U3Fw3g3J3; nlbi_813078=d2HpXpK2Lk9Ayb/7fN0T4gAAAAApXBlMKdTSxbyXOmoQVlNn; incap_ses_184_813078=VkiVPXW1rEXCjNBkaLSNArG4XVwAAAAA9UwrzD7iB11jgLV6zylF5Q==; ___utmvmXIuSLtz=VpkMOAFYyyG; ___utmvbXIuSLtz=qZW XeaOqale: Btv
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 08 Feb 2019 17:13:23 GMT
Last-Modified: Mon, 04 Feb 2019 23:18:03 GMT
X-CDN: Incapsula
Content-Type: image/jpeg
X-Iinfo: 3-125373874-125367560 2VNN RT(1549646002869 20) q(0 0 0 -1) r(7 7)
Cache-Control: max-age=3672, public
SET-COOKIE: CSPWSERVERID=75fe17d741b7dfd10dce6bd2e2e6471c0dfe85b9; path=/; httpOnly; visid_incap_813078=efzotlIASyC3Vhh3zBXE07C4XVwAAAAAQUIPAAAAAADCglZ9J/RWfg2U3Fw3g3J3; expires=Sat, 08 Feb 2020 12:16:36 GMT; path=/; Domain=.sonomanews.com incap_ses_184_813078=VkiVPXW1rEXCjNBkaLSNArG4XVwAAAAA9UwrzD7iB11jgLV6zylF5Q==; path=/; Domain=.sonomanews.com ___utmvbXIuSLtz=a; Max-Age=0; path=/; expires=Mon, 28 Jan 2019 12:14:04 GMT ___utmvmXIuSLtz=a; Max-Age=0; path=/; expires=Mon, 28 Jan 2019 12:14:04 GMT
Content-Length: 26538
Expires: Fri, 08 Feb 2019 18:14:35 GMT

GET
H/1.1 200
OK dt.common.streams.StreamServer.cls
www.sonomanews.com/csp/mediapool/sites/ 21 KB
22 KB 607ms
545ms Image
image/jpeg 107.154.114.50
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sonomanews.com/csp/mediapool/sites/dt.common.streams.StreamServer.cls?STREAMOID=GzenR$l8_fM4l9V4BNNjSM$daE2N3K4ZzOUsqbU5sYuD11xvyr0Vg5nU8PWi$gg2WCsjLu883Ygn4B49Lvm9bPe2QeMKQdVeZmXF$9l$4uCZ8QDXhaHEp3rvzXRJFdy0KqPHLoMevcTLo3h8xh70Y6N_U_CryOsw6FTOdKL_jpQ-&CONTENTTYPE=image/jpeg
Requested by: Host: www.sonomanews.com
URL: https://www.sonomanews.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.154.114.50 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.114.50.ip.incapdns.net
Software: Apache/2.2.15 (Red Hat) /
Resource Hash: 7bf78e8e3b9acaeef8c0cbf3dd65781531c6b9a284789807e0786c32e118b616

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.sonomanews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.sonomanews.com/
Cookie: CSPSESSIONID-SP-80-UP-=006000000000Ry5FukgmC80000eRvVplx2U6kfLFCmjs5IAA--; TempID=Robot; CSPWSERVERID=1e3c8663635f3213828a7ea10993280fbfcacfb1; visid_incap_813078=efzotlIASyC3Vhh3zBXE07C4XVwAAAAAQUIPAAAAAADCglZ9J/RWfg2U3Fw3g3J3; nlbi_813078=d2HpXpK2Lk9Ayb/7fN0T4gAAAAApXBlMKdTSxbyXOmoQVlNn; incap_ses_184_813078=VkiVPXW1rEXCjNBkaLSNArG4XVwAAAAA9UwrzD7iB11jgLV6zylF5Q==; ___utmvmXIuSLtz=VpkMOAFYyyG; ___utmvbXIuSLtz=qZW XeaOqale: Btv
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 08 Feb 2019 17:13:43 GMT
LAST-MODIFIED: Tue, 05 Feb 2019 23:24:02 GMT
Server: Apache/2.2.15 (Red Hat)
SET-COOKIE: CSPWSERVERID=1e3c8663635f3213828a7ea10993280fbfcacfb1; path=/; httpOnly; visid_incap_813078=efzotlIASyC3Vhh3zBXE07C4XVwAAAAAQUIPAAAAAADCglZ9J/RWfg2U3Fw3g3J3; expires=Sat, 08 Feb 2020 12:16:36 GMT; path=/; Domain=.sonomanews.com incap_ses_184_813078=VkiVPXW1rEXCjNBkaLSNArG4XVwAAAAA9UwrzD7iB11jgLV6zylF5Q==; path=/; Domain=.sonomanews.com ___utmvbXIuSLtz=a; Max-Age=0; path=/; expires=Mon, 28 Jan 2019 12:14:04 GMT ___utmvmXIuSLtz=a; Max-Age=0; path=/; expires=Mon, 28 Jan 2019 12:14:04 GMT
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
X-Iinfo: 10-257442471-257442474 NNNN CT(174 177 0) RT(1549646002868 25) q(0 0 4 -1) r(6 6) U18
CACHE-CONTROL: public, max-age=3600
Connection: keep-alive
Content-Length: 21129
X-CDN: Incapsula
EXPIRES: Fri, 08 Feb 2019 18:13:43 GMT

GET
H/1.1 200
OK dt.common.streams.StreamServer.cls
www.sonomanews.com/csp/mediapool/sites/ 19 KB
20 KB 561ms
499ms Image
image/jpeg 107.154.114.50
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sonomanews.com/csp/mediapool/sites/dt.common.streams.StreamServer.cls?STREAMOID=HGLPlnX_0SwFQVlFFwzMDM$daE2N3K4ZzOUsqbU5sYvX8h_jfjiHYZt0PljvzKvaWCsjLu883Ygn4B49Lvm9bPe2QeMKQdVeZmXF$9l$4uCZ8QDXhaHEp3rvzXRJFdy0KqPHLoMevcTLo3h8xh70Y6N_U_CryOsw6FTOdKL_jpQ-&CONTENTTYPE=image/jpeg
Requested by: Host: www.sonomanews.com
URL: https://www.sonomanews.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.154.114.50 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.114.50.ip.incapdns.net
Software: Apache/2.2.15 (Red Hat) /
Resource Hash: 4d739fccf35c175c52970094c4969221042d4837691fd81756e8693be1da678c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.sonomanews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.sonomanews.com/
Cookie: CSPSESSIONID-SP-80-UP-=006000000000Ry5FukgmC80000eRvVplx2U6kfLFCmjs5IAA--; TempID=Robot; CSPWSERVERID=1e3c8663635f3213828a7ea10993280fbfcacfb1; visid_incap_813078=efzotlIASyC3Vhh3zBXE07C4XVwAAAAAQUIPAAAAAADCglZ9J/RWfg2U3Fw3g3J3; nlbi_813078=d2HpXpK2Lk9Ayb/7fN0T4gAAAAApXBlMKdTSxbyXOmoQVlNn; incap_ses_184_813078=VkiVPXW1rEXCjNBkaLSNArG4XVwAAAAA9UwrzD7iB11jgLV6zylF5Q==; ___utmvmXIuSLtz=VpkMOAFYyyG; ___utmvbXIuSLtz=qZW XeaOqale: Btv
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 08 Feb 2019 17:14:36 GMT
LAST-MODIFIED: Tue, 05 Feb 2019 13:16:57 GMT
Server: Apache/2.2.15 (Red Hat)
SET-COOKIE: CSPWSERVERID=75fe17d741b7dfd10dce6bd2e2e6471c0dfe85b9; path=/; httpOnly; visid_incap_813078=efzotlIASyC3Vhh3zBXE07C4XVwAAAAAQUIPAAAAAADCglZ9J/RWfg2U3Fw3g3J3; expires=Sat, 08 Feb 2020 12:16:36 GMT; path=/; Domain=.sonomanews.com incap_ses_184_813078=VkiVPXW1rEXCjNBkaLSNArG4XVwAAAAA9UwrzD7iB11jgLV6zylF5Q==; path=/; Domain=.sonomanews.com ___utmvbXIuSLtz=a; Max-Age=0; path=/; expires=Mon, 28 Jan 2019 12:14:04 GMT ___utmvmXIuSLtz=a; Max-Age=0; path=/; expires=Mon, 28 Jan 2019 12:14:04 GMT
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
X-Iinfo: 1-49703149-49703151 NNNN CT(160 161 0) RT(1549646002869 18) q(0 0 4 -1) r(5 5) U18
CACHE-CONTROL: public, max-age=3600
Connection: keep-alive
Content-Length: 19803
X-CDN: Incapsula
EXPIRES: Fri, 08 Feb 2019 18:14:36 GMT

GET
H/1.1 200
OK dt.common.streams.StreamServer.cls
www.sonomanews.com/csp/mediapool/sites/ 53 KB
54 KB 565ms
503ms Image
image/jpeg 107.154.114.50
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sonomanews.com/csp/mediapool/sites/dt.common.streams.StreamServer.cls?STREAMOID=0ykzZgUpjHFbgeZ2cU3whM$daE2N3K4ZzOUsqbU5sYuBk70yHTre7uTrNueLmj21WCsjLu883Ygn4B49Lvm9bPe2QeMKQdVeZmXF$9l$4uCZ8QDXhaHEp3rvzXRJFdy0KqPHLoMevcTLo3h8xh70Y6N_U_CryOsw6FTOdKL_jpQ-&CONTENTTYPE=image/jpeg
Requested by: Host: www.sonomanews.com
URL: https://www.sonomanews.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.154.114.50 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.114.50.ip.incapdns.net
Software: Apache/2.2.15 (Red Hat) /
Resource Hash: cebbe38926f6068ea280df892757cc980a5b399bc5d758ba1eda245d81ed8c09

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.sonomanews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.sonomanews.com/
Cookie: CSPSESSIONID-SP-80-UP-=006000000000Ry5FukgmC80000eRvVplx2U6kfLFCmjs5IAA--; TempID=Robot; CSPWSERVERID=1e3c8663635f3213828a7ea10993280fbfcacfb1; visid_incap_813078=efzotlIASyC3Vhh3zBXE07C4XVwAAAAAQUIPAAAAAADCglZ9J/RWfg2U3Fw3g3J3; nlbi_813078=d2HpXpK2Lk9Ayb/7fN0T4gAAAAApXBlMKdTSxbyXOmoQVlNn; incap_ses_184_813078=VkiVPXW1rEXCjNBkaLSNArG4XVwAAAAA9UwrzD7iB11jgLV6zylF5Q==; ___utmvmXIuSLtz=VpkMOAFYyyG; ___utmvbXIuSLtz=qZW XeaOqale: Btv
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 08 Feb 2019 17:13:30 GMT
LAST-MODIFIED: Thu, 07 Feb 2019 20:34:21 GMT
Server: Apache/2.2.15 (Red Hat)
SET-COOKIE: CSPWSERVERID=c5cc4a41a1dd13189fbaa5c5423e19a907732f41; path=/; httpOnly; visid_incap_813078=efzotlIASyC3Vhh3zBXE07C4XVwAAAAAQUIPAAAAAADCglZ9J/RWfg2U3Fw3g3J3; expires=Sat, 08 Feb 2020 12:16:36 GMT; path=/; Domain=.sonomanews.com incap_ses_184_813078=VkiVPXW1rEXCjNBkaLSNArG4XVwAAAAA9UwrzD7iB11jgLV6zylF5Q==; path=/; Domain=.sonomanews.com ___utmvbXIuSLtz=a; Max-Age=0; path=/; expires=Mon, 28 Jan 2019 12:14:04 GMT ___utmvmXIuSLtz=a; Max-Age=0; path=/; expires=Mon, 28 Jan 2019 12:14:04 GMT
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
X-Iinfo: 0-26039015-26039016 NNNN CT(161 162 0) RT(1549646002869 17) q(0 0 4 -1) r(5 5) U18
CACHE-CONTROL: public, max-age=3600
Connection: keep-alive
Content-Length: 54104
X-CDN: Incapsula
EXPIRES: Fri, 08 Feb 2019 18:13:30 GMT

GET
H/1.1 200
OK dt.common.streams.StreamServer.cls
www.sonomanews.com/csp/mediapool/sites/ 5 KB
5 KB 178ms
177ms Image
image/jpeg 107.154.114.50
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sonomanews.com/csp/mediapool/sites/dt.common.streams.StreamServer.cls?STREAMOID=tMlFPbC5PAATTcjxWmpXC8$daE2N3K4ZzOUsqbU5sYsUhuxVcrfAlydw78Xp1kn9WCsjLu883Ygn4B49Lvm9bPe2QeMKQdVeZmXF$9l$4uCZ8QDXhaHEp3rvzXRJFdy0KqPHLoMevcTLo3h8xh70Y6N_U_CryOsw6FTOdKL_jpQ-&CONTENTTYPE=image/jpeg
Requested by: Host: www.sonomanews.com
URL: https://www.sonomanews.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.154.114.50 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.114.50.ip.incapdns.net
Software: Apache/2.2.15 (Red Hat) /
Resource Hash: 521ecbe53b9efe14b273113bddf545a8d2f1883128096e85d73e420cda4b29df

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.sonomanews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.sonomanews.com/
Cookie: CSPSESSIONID-SP-80-UP-=006000000000Ry5FukgmC80000eRvVplx2U6kfLFCmjs5IAA--; TempID=Robot; visid_incap_813078=efzotlIASyC3Vhh3zBXE07C4XVwAAAAAQUIPAAAAAADCglZ9J/RWfg2U3Fw3g3J3; nlbi_813078=d2HpXpK2Lk9Ayb/7fN0T4gAAAAApXBlMKdTSxbyXOmoQVlNn; incap_ses_184_813078=VkiVPXW1rEXCjNBkaLSNArG4XVwAAAAA9UwrzD7iB11jgLV6zylF5Q==; _cb_ls=1; last_visit_bc=1549646003570; BCRevision_1549646003575=%7B%22method%22%3A%22setProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22language%22%3A%5B%22en%22%5D%2C%22currentresolution%22%3A%5B%221600x1200%22%5D%2C%22currentscreenwidth%22%3A%5B1600%5D%2C%22currentscreenheight%22%3A%5B1200%5D%2C%22new_visit_bc%22%3A%5B%22true%22%5D%2C%22session_referrer%22%3A%5B%22%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22language%22%2C%22currentresolution%22%2C%22currentscreenwidth%22%2C%22currentscreenheight%22%5D%2C%22newvisitlistener%22%3A%5B%22new_visit_bc%22%5D%2C%22referrer_session_cph%22%3A%5B%22session_referrer%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1549646003575%22%7D; BCRevision_1549646003576=%7B%22method%22%3A%22addProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22resolution%22%3A%5B%221600x1200%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22resolution%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1549646003576%22%7D; _litra_ses.0bb6=*; _litra_id.0bb6=a-017m--c3e5c6c4-a283-4377-83d2-2878086b26b6.1549646004.1.1549646004.1549646004.7376000f-a917-49da-aabf-3b50e671f130; _liChk=0.6295980584334051; ntvSession={}; CSPWSERVERID=25611a226daace489340db9b04a74f5ddeeca2f3
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 08 Feb 2019 17:13:43 GMT
LAST-MODIFIED: Wed, 06 Feb 2019 00:00:34 GMT
Server: Apache/2.2.15 (Red Hat)
SET-COOKIE: CSPWSERVERID=1e3c8663635f3213828a7ea10993280fbfcacfb1; path=/; httpOnly;
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
X-Iinfo: 9-208318951-208318963 SNNN RT(1549646000310 2701) q(0 0 0 -1) r(1 1) U18
CACHE-CONTROL: public, max-age=3600
Connection: keep-alive
Content-Length: 4685
X-CDN: Incapsula
EXPIRES: Fri, 08 Feb 2019 18:13:43 GMT

GET
H/1.1 200
OK dt.common.streams.StreamServer.cls
www.sonomanews.com/csp/mediapool/sites/ 4 KB
4 KB 713ms
712ms Image
image/jpeg 107.154.114.50
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sonomanews.com/csp/mediapool/sites/dt.common.streams.StreamServer.cls?STREAMOID=Y$xOw2FoyY31te4cGzMKvs$daE2N3K4ZzOUsqbU5sYtH3j8OGReNoznj_mVRbNGlWCsjLu883Ygn4B49Lvm9bPe2QeMKQdVeZmXF$9l$4uCZ8QDXhaHEp3rvzXRJFdy0KqPHLoMevcTLo3h8xh70Y6N_U_CryOsw6FTOdKL_jpQ-&CONTENTTYPE=image/jpeg
Requested by: Host: www.sonomanews.com
URL: https://www.sonomanews.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.154.114.50 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.114.50.ip.incapdns.net
Software: /
Resource Hash: c8b25acf5d07e0bce03e34e51ae7ea40c40c8a454b7b135794fd41975fdd7866

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.sonomanews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.sonomanews.com/
Cookie: CSPSESSIONID-SP-80-UP-=006000000000Ry5FukgmC80000eRvVplx2U6kfLFCmjs5IAA--; TempID=Robot; visid_incap_813078=efzotlIASyC3Vhh3zBXE07C4XVwAAAAAQUIPAAAAAADCglZ9J/RWfg2U3Fw3g3J3; nlbi_813078=d2HpXpK2Lk9Ayb/7fN0T4gAAAAApXBlMKdTSxbyXOmoQVlNn; incap_ses_184_813078=VkiVPXW1rEXCjNBkaLSNArG4XVwAAAAA9UwrzD7iB11jgLV6zylF5Q==; _cb_ls=1; last_visit_bc=1549646003570; BCRevision_1549646003575=%7B%22method%22%3A%22setProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22language%22%3A%5B%22en%22%5D%2C%22currentresolution%22%3A%5B%221600x1200%22%5D%2C%22currentscreenwidth%22%3A%5B1600%5D%2C%22currentscreenheight%22%3A%5B1200%5D%2C%22new_visit_bc%22%3A%5B%22true%22%5D%2C%22session_referrer%22%3A%5B%22%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22language%22%2C%22currentresolution%22%2C%22currentscreenwidth%22%2C%22currentscreenheight%22%5D%2C%22newvisitlistener%22%3A%5B%22new_visit_bc%22%5D%2C%22referrer_session_cph%22%3A%5B%22session_referrer%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1549646003575%22%7D; BCRevision_1549646003576=%7B%22method%22%3A%22addProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22resolution%22%3A%5B%221600x1200%22%5D%7D%2C%22sources%22%3A%7B%22listenerinteractiontype%22%3A%5B%22resolution%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1549646003576%22%7D; _litra_ses.0bb6=*; _litra_id.0bb6=a-017m--c3e5c6c4-a283-4377-83d2-2878086b26b6.1549646004.1.1549646004.1549646004.7376000f-a917-49da-aabf-3b50e671f130; _liChk=0.6295980584334051; ntvSession={}; __utma=132988428.382320259.1549646004.1549646004.1549646004.1; __utmc=132988428; __utmz=132988428.1549646004.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=132988428.3.10.1549646004; CSPWSERVERID=1e3c8663635f3213828a7ea10993280fbfcacfb1
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 08 Feb 2019 17:13:23 GMT
Last-Modified: Thu, 07 Feb 2019 21:39:43 GMT
X-CDN: Incapsula
Content-Type: image/jpeg
X-Iinfo: 9-208318951-208297523 2VNN RT(1549646000310 2884) q(0 0 0 -1) r(7 7)
Cache-Control: max-age=3624, public
SET-COOKIE: CSPWSERVERID=25611a226daace489340db9b04a74f5ddeeca2f3; path=/; httpOnly;
Content-Length: 3613
Expires: Fri, 08 Feb 2019 18:13:47 GMT

GET
H/1.1 200
OK dt.common.streams.StreamServer.cls
www.sonomanews.com/csp/mediapool/sites/ 4 KB
5 KB 183ms
183ms Image
image/jpeg 107.154.114.50
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sonomanews.com/csp/mediapool/sites/dt.common.streams.StreamServer.cls?STREAMOID=G3sRucES8iMWgdIFgZSlk8$daE2N3K4ZzOUsqbU5sYvsTw24YJu58LzlIdi4UurRWCsjLu883Ygn4B49Lvm9bPe2QeMKQdVeZmXF$9l$4uCZ8QDXhaHEp3rvzXRJFdy0KqPHLoMevcTLo3h8xh70Y6N_U_CryOsw6FTOdKL_jpQ-&CONTENTTYPE=image/jpeg
Requested by: Host: www.sonomanews.com
URL: https://www.sonomanews.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.154.114.50 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.114.50.ip.incapdns.net
Software: Apache/2.2.15 (Red Hat) /
Resource Hash: a2056d2f06d3eab2126dcedc91fc5a46b3536495918e0ff04f84fb2387f67423

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.sonomanews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.sonomanews.com/
Cookie: CSPSESSIONID-SP-80-UP-=006000000000Ry5FukgmC80000eRvVplx2U6kfLFCmjs5IAA--; TempID=Robot; visid_incap_813078=efzotlIASyC3Vhh3zBXE07C4XVwAAAAAQUIPAAAAAADCglZ9J/RWfg2U3Fw3g3J3; nlbi_813078=d2HpXpK2Lk9Ayb/7fN0T4gAAAAApXBlMKdTSxbyXOmoQVlNn; incap_ses_184_813078=VkiVPXW1rEXCjNBkaLSNArG4XVwAAAAA9UwrzD7iB11jgLV6zylF5Q==; _cb_ls=1; last_visit_bc=1549646003570; _litra_ses.0bb6=*; _litra_id.0bb6=a-017m--c3e5c6c4-a283-4377-83d2-2878086b26b6.1549646004.1.1549646004.1549646004.7376000f-a917-49da-aabf-3b50e671f130; _liChk=0.6295980584334051; ntvSession={}; __utma=132988428.382320259.1549646004.1549646004.1549646004.1; __utmc=132988428; __utmz=132988428.1549646004.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=132988428.3.10.1549646004; BCTempID=ee3bea9e-0d85-475a-a02d-30cfc97fb688; BCZoneID=LB-Zone-2; CSPWSERVERID=1e3c8663635f3213828a7ea10993280fbfcacfb1
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 08 Feb 2019 17:13:48 GMT
LAST-MODIFIED: Tue, 05 Feb 2019 20:24:39 GMT
Server: Apache/2.2.15 (Red Hat)
SET-COOKIE: CSPWSERVERID=25611a226daace489340db9b04a74f5ddeeca2f3; path=/; httpOnly;
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
X-Iinfo: 1-49703149-49703151 SNNN RT(1549646002869 679) q(0 0 0 -1) r(2 2) U18
CACHE-CONTROL: public, max-age=3600
Connection: keep-alive
Content-Length: 4207
X-CDN: Incapsula
EXPIRES: Fri, 08 Feb 2019 18:13:48 GMT

GET
H/1.1 200
OK dt.common.streams.StreamServer.cls
www.sonomanews.com/csp/mediapool/sites/ 4 KB
4 KB 524ms
524ms Image
image/jpeg 107.154.114.50
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sonomanews.com/csp/mediapool/sites/dt.common.streams.StreamServer.cls?STREAMOID=B$7JlR7OGjyOWBiDm4kiws$daE2N3K4ZzOUsqbU5sYuL39HHg_sg$iebSuX8Ckh_WCsjLu883Ygn4B49Lvm9bPe2QeMKQdVeZmXF$9l$4uCZ8QDXhaHEp3rvzXRJFdy0KqPHLoMevcTLo3h8xh70Y6N_U_CryOsw6FTOdKL_jpQ-&CONTENTTYPE=image/jpeg
Requested by: Host: www.sonomanews.com
URL: https://www.sonomanews.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.154.114.50 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.114.50.ip.incapdns.net
Software: Apache/2.2.15 (Red Hat) /
Resource Hash: a8a454177ff90e6796ffd3fefd743d3b56871cf239e6a512bbb4dd12c3e6cc35

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.sonomanews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.sonomanews.com/
Cookie: CSPSESSIONID-SP-80-UP-=006000000000Ry5FukgmC80000eRvVplx2U6kfLFCmjs5IAA--; TempID=Robot; visid_incap_813078=efzotlIASyC3Vhh3zBXE07C4XVwAAAAAQUIPAAAAAADCglZ9J/RWfg2U3Fw3g3J3; nlbi_813078=d2HpXpK2Lk9Ayb/7fN0T4gAAAAApXBlMKdTSxbyXOmoQVlNn; incap_ses_184_813078=VkiVPXW1rEXCjNBkaLSNArG4XVwAAAAA9UwrzD7iB11jgLV6zylF5Q==; _cb_ls=1; last_visit_bc=1549646003570; _litra_ses.0bb6=*; _litra_id.0bb6=a-017m--c3e5c6c4-a283-4377-83d2-2878086b26b6.1549646004.1.1549646004.1549646004.7376000f-a917-49da-aabf-3b50e671f130; _liChk=0.6295980584334051; ntvSession={}; __utma=132988428.382320259.1549646004.1549646004.1549646004.1; __utmc=132988428; __utmz=132988428.1549646004.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=132988428.3.10.1549646004; BCTempID=ee3bea9e-0d85-475a-a02d-30cfc97fb688; BCZoneID=LB-Zone-2; CSPWSERVERID=75fe17d741b7dfd10dce6bd2e2e6471c0dfe85b9
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 08 Feb 2019 17:13:30 GMT
LAST-MODIFIED: Thu, 07 Feb 2019 20:34:20 GMT
Server: Apache/2.2.15 (Red Hat)
SET-COOKIE: CSPWSERVERID=c5cc4a41a1dd13189fbaa5c5423e19a907732f41; path=/; httpOnly;
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
X-Iinfo: 3-125373874-125373966 NNNN CT(167 169 0) RT(1549646002869 699) q(0 0 4 -1) r(5 5) U18
CACHE-CONTROL: public, max-age=3600
Connection: keep-alive
Content-Length: 4037
X-CDN: Incapsula
EXPIRES: Fri, 08 Feb 2019 18:13:30 GMT

GET
H/1.1 200
OK dt.common.streams.StreamServer.cls
www.sonomanews.com/csp/mediapool/sites/ 4 KB
4 KB 183ms
182ms Image
image/jpeg 107.154.114.50
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sonomanews.com/csp/mediapool/sites/dt.common.streams.StreamServer.cls?STREAMOID=X$zJfVzioH151ShX1qUiyc$daE2N3K4ZzOUsqbU5sYv09l1XscjpChllB9TpGrwJWCsjLu883Ygn4B49Lvm9bPe2QeMKQdVeZmXF$9l$4uCZ8QDXhaHEp3rvzXRJFdy0KqPHLoMevcTLo3h8xh70Y6N_U_CryOsw6FTOdKL_jpQ-&CONTENTTYPE=image/jpeg
Requested by: Host: www.sonomanews.com
URL: https://www.sonomanews.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.154.114.50 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.114.50.ip.incapdns.net
Software: /
Resource Hash: a4a56f502c39a5d36ade27414c1c81de328d0591baef8dac36d371fbee06c027

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.sonomanews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.sonomanews.com/
Cookie: CSPSESSIONID-SP-80-UP-=006000000000Ry5FukgmC80000eRvVplx2U6kfLFCmjs5IAA--; TempID=Robot; visid_incap_813078=efzotlIASyC3Vhh3zBXE07C4XVwAAAAAQUIPAAAAAADCglZ9J/RWfg2U3Fw3g3J3; nlbi_813078=d2HpXpK2Lk9Ayb/7fN0T4gAAAAApXBlMKdTSxbyXOmoQVlNn; incap_ses_184_813078=VkiVPXW1rEXCjNBkaLSNArG4XVwAAAAA9UwrzD7iB11jgLV6zylF5Q==; _cb_ls=1; last_visit_bc=1549646003570; _litra_ses.0bb6=*; _litra_id.0bb6=a-017m--c3e5c6c4-a283-4377-83d2-2878086b26b6.1549646004.1.1549646004.1549646004.7376000f-a917-49da-aabf-3b50e671f130; _liChk=0.6295980584334051; ntvSession={}; __utma=132988428.382320259.1549646004.1549646004.1549646004.1; __utmc=132988428; __utmz=132988428.1549646004.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=132988428.3.10.1549646004; BCTempID=ee3bea9e-0d85-475a-a02d-30cfc97fb688; BCZoneID=LB-Zone-2; CSPWSERVERID=c5cc4a41a1dd13189fbaa5c5423e19a907732f41
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 08 Feb 2019 17:13:23 GMT
Last-Modified: Wed, 06 Feb 2019 06:46:17 GMT
X-CDN: Incapsula
Content-Type: image/jpeg
X-Iinfo: 7-109065655-109048121 2VNN RT(1549646002869 730) q(0 1 1 -1) r(2 2)
Cache-Control: max-age=3620, public
SET-COOKIE: CSPWSERVERID=1e3c8663635f3213828a7ea10993280fbfcacfb1; path=/; httpOnly;
Content-Length: 4021
Expires: Fri, 08 Feb 2019 18:13:43 GMT

GET
H/1.1 200
OK dt.common.streams.StreamServer.cls
www.sonomanews.com/csp/mediapool/sites/ 4 KB
5 KB 201ms
201ms Image
image/jpeg 107.154.114.50
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sonomanews.com/csp/mediapool/sites/dt.common.streams.StreamServer.cls?STREAMOID=ZuSB3iqJPc3sZljTAX_UA8$daE2N3K4ZzOUsqbU5sYtOcKxoUczIcgMqd156pEljWCsjLu883Ygn4B49Lvm9bPe2QeMKQdVeZmXF$9l$4uCZ8QDXhaHEp3rvzXRJFdy0KqPHLoMevcTLo3h8xh70Y6N_U_CryOsw6FTOdKL_jpQ-&CONTENTTYPE=image/jpeg
Requested by: Host: www.sonomanews.com
URL: https://www.sonomanews.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.154.114.50 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.114.50.ip.incapdns.net
Software: Apache/2.2.15 (Red Hat) /
Resource Hash: 8a86e134dc4d68761095fa932ac2a98411a0a46d2f06afced8974469e14d522c

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.sonomanews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.sonomanews.com/
Cookie: CSPSESSIONID-SP-80-UP-=006000000000Ry5FukgmC80000eRvVplx2U6kfLFCmjs5IAA--; TempID=Robot; visid_incap_813078=efzotlIASyC3Vhh3zBXE07C4XVwAAAAAQUIPAAAAAADCglZ9J/RWfg2U3Fw3g3J3; nlbi_813078=d2HpXpK2Lk9Ayb/7fN0T4gAAAAApXBlMKdTSxbyXOmoQVlNn; incap_ses_184_813078=VkiVPXW1rEXCjNBkaLSNArG4XVwAAAAA9UwrzD7iB11jgLV6zylF5Q==; _cb_ls=1; last_visit_bc=1549646003570; _litra_ses.0bb6=*; _litra_id.0bb6=a-017m--c3e5c6c4-a283-4377-83d2-2878086b26b6.1549646004.1.1549646004.1549646004.7376000f-a917-49da-aabf-3b50e671f130; _liChk=0.6295980584334051; ntvSession={}; __utma=132988428.382320259.1549646004.1549646004.1549646004.1; __utmc=132988428; __utmz=132988428.1549646004.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); __utmt=1; __utmb=132988428.3.10.1549646004; BCTempID=ee3bea9e-0d85-475a-a02d-30cfc97fb688; BCZoneID=LB-Zone-2; CSPWSERVERID=c5cc4a41a1dd13189fbaa5c5423e19a907732f41
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 08 Feb 2019 17:19:06 GMT
LAST-MODIFIED: Wed, 06 Feb 2019 19:15:39 GMT
Server: Apache/2.2.15 (Red Hat)
SET-COOKIE: CSPWSERVERID=25664c3bb6383c34d3256171a08b5a85dd994bb1; path=/; httpOnly;
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
X-Iinfo: 10-257442471-257442474 SNNN RT(1549646002868 742) q(0 0 0 -1) r(2 2) U18
CACHE-CONTROL: public, max-age=3600
Connection: keep-alive
Content-Length: 4496
X-CDN: Incapsula
EXPIRES: Fri, 08 Feb 2019 18:19:06 GMT

GET
H/1.1 200
OK submit.png
img.sonomanews.com/site/ 26 KB
26 KB 260ms
121ms Image
image/png 192.237.253.150
Rackspace Hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://img.sonomanews.com/site/submit.png
Requested by: Host: www.sonomanews.com
URL: https://www.sonomanews.com/
Protocol: HTTP/1.1
Server: 192.237.253.150 San Antonio, United States, ASN19994 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: d2a95cdce3af423a47b06f627aff456218dc0db4d5ac31be09942d7b8031480a

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 08 Feb 2019 17:13:23 GMT
Last-Modified: Mon, 08 Oct 2018 19:28:06 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "66f3-577bc9ed82bad"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 26355

GET
H/1.1 200
OK fbook_icon.png
img.sonomanews.com/logo/ 3 KB
4 KB 442ms
114ms Image
image/png 192.237.253.150
Rackspace Hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sonomanews.com/logo/fbook_icon.png
Requested by: Host: www.sonomanews.com
URL: https://www.sonomanews.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.237.253.150 San Antonio, United States, ASN19994 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: ca4b0bf25bd7fb614b2af3b20f139441834e9a74dce5a87c6c0e0a53ae633f81

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: img.sonomanews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.sonomanews.com/
Cookie: visid_incap_813078=efzotlIASyC3Vhh3zBXE07C4XVwAAAAAQUIPAAAAAADCglZ9J/RWfg2U3Fw3g3J3; nlbi_813078=d2HpXpK2Lk9Ayb/7fN0T4gAAAAApXBlMKdTSxbyXOmoQVlNn; incap_ses_184_813078=VkiVPXW1rEXCjNBkaLSNArG4XVwAAAAA9UwrzD7iB11jgLV6zylF5Q==
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 08 Feb 2019 17:13:23 GMT
Last-Modified: Thu, 17 Mar 2016 17:06:13 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "dcc-52e41a5cd4b40"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 3532

GET
H/1.1 200
OK twitter_icon.png
img.sonomanews.com/logo/ 4 KB
4 KB 427ms
111ms Image
image/png 192.237.253.150
Rackspace Hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sonomanews.com/logo/twitter_icon.png
Requested by: Host: www.sonomanews.com
URL: https://www.sonomanews.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.237.253.150 San Antonio, United States, ASN19994 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: daaa0fb1ee23c8aa178ce3c4d0be46e4b650e5b851e212a7433b72328376ea4e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: img.sonomanews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.sonomanews.com/
Cookie: visid_incap_813078=efzotlIASyC3Vhh3zBXE07C4XVwAAAAAQUIPAAAAAADCglZ9J/RWfg2U3Fw3g3J3; nlbi_813078=d2HpXpK2Lk9Ayb/7fN0T4gAAAAApXBlMKdTSxbyXOmoQVlNn; incap_ses_184_813078=VkiVPXW1rEXCjNBkaLSNArG4XVwAAAAA9UwrzD7iB11jgLV6zylF5Q==
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 08 Feb 2019 17:13:24 GMT
Last-Modified: Thu, 17 Mar 2016 17:06:14 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "e17-52e41a5dc8d80"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 3607

GET
H/1.1 200
OK insta_icon.png
img.sonomanews.com/logo/ 9 KB
9 KB 1296ms
113ms Image
image/png 192.237.253.150
Rackspace Hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sonomanews.com/logo/insta_icon.png
Requested by: Host: www.sonomanews.com
URL: https://www.sonomanews.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.237.253.150 San Antonio, United States, ASN19994 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: f178aa8e42761a3acd34cda81c54c208bb695aa9cce3da99124605c595c70d4d

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: img.sonomanews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.sonomanews.com/
Cookie: visid_incap_813078=efzotlIASyC3Vhh3zBXE07C4XVwAAAAAQUIPAAAAAADCglZ9J/RWfg2U3Fw3g3J3; nlbi_813078=d2HpXpK2Lk9Ayb/7fN0T4gAAAAApXBlMKdTSxbyXOmoQVlNn; incap_ses_184_813078=VkiVPXW1rEXCjNBkaLSNArG4XVwAAAAA9UwrzD7iB11jgLV6zylF5Q==
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 08 Feb 2019 17:13:24 GMT
Last-Modified: Thu, 17 Mar 2016 17:06:13 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "23d6-52e41a5cd4b40"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 9174

GET
H2 200 sonomamedia.js Show response
tru.am/scripts/custom/ 1 KB
782 B 64ms
13ms Script
text/javascript 2606:4700:20::6819:a322
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://tru.am/scripts/custom/sonomamedia.js
Requested by: Host: www.sonomanews.com
URL: https://www.sonomanews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::6819:a322 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37ee98671009c261224c5a63a377a0b325be15fe80d6d3ad35e631a09c94b660

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 17:13:23 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 28 Sep 2015 15:29:39 GMT
server: cloudflare
etag: W/"6b7bbf96f05776f43641a6d665a24108"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=14400
cf-ray: 4a5fb9feff4cc2ab-FRA
expires: Fri, 08 Feb 2019 21:13:23 GMT

GET
H2

200

ml.br.js Show response
js.matheranalytics.com/static/ltm/ma16916/901956900/5/
Redirect Chain

https://js.matheranalytics.com/s/ma16916/901956900/ml.js?cb=1495
https://js.matheranalytics.com/static/ltm/ma16916/901956900/5/ml.br.js

124 KB
37 KB

10ms
9ms

Script
application/x-javascript

107.178.250.234
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://js.matheranalytics.com/static/ltm/ma16916/901956900/5/ml.br.js
Requested by: Host: www.sonomanews.com
URL: https://www.sonomanews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.178.250.234 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS: 234.250.178.107.bc.googleusercontent.com
Software: nginx /
Resource Hash: ba6a5fc02fea1b67f8d03ccea434934d04af873eaffaeba628d5a79936e01b7b

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Wed, 06 Feb 2019 21:25:26 GMT
content-encoding: br
last-modified: Wed, 06 Feb 2019 21:09:56 GMT
server: nginx
age: 157678
etag: "a4b6a6d8be81b5dd26751751ff629b56"
vary: Accept-Encoding
x-cache: HIT Wed, 06 Feb 2019 21:19:47 GMT
content-type: application/x-javascript
status: 200
cache-control: public, max-age=269200
alt-svc: clear
content-length: 37198
via: 1.1 google

Redirect headers

date: Fri, 08 Feb 2019 17:13:24 GMT
via: 1.1 google
server: nginx
location: https://js.matheranalytics.com/static/ltm/ma16916/901956900/5/ml.br.js
vary: Accept-Encoding
status: 301
cache-control: public, max-age=269200
alt-svc: clear
x-served-by: 4-gc-euw1-10900

GET
H2 200 dc.js Show response
stats.g.doubleclick.net/ 45 KB
17 KB 15ms
14ms Script
text/javascript 2a00:1450:400c:c08::9a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/dc.js

Requested by

Host: www.sonomanews.com
URL: https://www.sonomanews.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:400c:c08::9a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 16 Jan 2019 20:01:45 GMT
server: Golfe2
age: 1228
date: Fri, 08 Feb 2019 16:52:55 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 17093
expires: Fri, 08 Feb 2019 18:52:55 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 29 KB
10 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.sonomanews.com
URL: https://www.sonomanews.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:806::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

982b6b3d6b506d25fee1ecf502660033628f50a7472287dcdc9d9eb2021bb89a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 17:13:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "76 / 10 of 1000 / last-modified: 1549580748"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length: 10058
x-xss-protection: 1; mode=block
expires: Fri, 08 Feb 2019 17:13:23 GMT

POST
H2 200 json Show response
smi.blueconic.net/DG/DEFAULT/rest/rpc/ 38 KB
8 KB 318ms
100ms XHR
application/json 100.25.49.178
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://smi.blueconic.net/DG/DEFAULT/rest/rpc/json?referer=https%3A%2F%2Fwww.sonomanews.com%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2019-02-08T17%3A13%3A23%2B00%3A00&ts=1549646003575

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/smi.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

100.25.49.178 , United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-100-25-49-178.compute-1.amazonaws.com

Software

- /

Resource Hash

52677e0a9fb5bf1cbc6e5a9c358a1cdb1116986393c915619808c8a016cfeb14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sonomanews.com/
Origin: https://www.sonomanews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 08 Feb 2019 17:13:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
p3p: policyref="", CP="DSP"
status: 200
content-length: 7474
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.sonomanews.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQk6YvM.woff2
fonts.gstatic.com/s/robotocondensed/v16/ 10 KB
11 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:818::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/robotocondensed/v16/ieVl2ZhZI2eCN5jzbjEETS9weq8-19K7DQk6YvM.woff2

Requested by

Host: b-code.liadm.com
URL: https://b-code.liadm.com/a-017m.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:818::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

9f55b181378c94e197cc7465d07ce2fcfc75b8430a3c2d97c9604c43b31518af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Roboto+Condensed|Open+Sans:400,300,700
Origin: https://www.sonomanews.com

Response headers

date: Tue, 05 Feb 2019 06:44:16 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Oct 2017 18:25:04 GMT
server: sffe
age: 296947
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 10740
x-xss-protection: 1; mode=block
expires: Wed, 05 Feb 2020 06:44:16 GMT

GET
H2 200 fontawesome-webfont.woff2
maxcdn.bootstrapcdn.com/font-awesome/4.4.0/fonts/ 63 KB
63 KB 72ms
18ms Font
font/woff2 209.197.3.15
Highwinds Network...

General

Check archive.org

Show headers Download Go to

Full URL: https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/fonts/fontawesome-webfont.woff2?v=4.4.0
Requested by: Host: b-code.liadm.com
URL: https://b-code.liadm.com/a-017m.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 209.197.3.15 Phoenix, United States, ASN20446 (HIGHWINDS3 - Highwinds Network Group, Inc., US),
Reverse DNS: vip0x00f.map2.ssl.hwcdn.net
Software: /
Resource Hash: 3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://maxcdn.bootstrapcdn.com/font-awesome/4.4.0/css/font-awesome.min.css
Origin: https://www.sonomanews.com

Response headers

date: Fri, 08 Feb 2019 17:13:23 GMT
content-encoding: gzip
last-modified: Wed, 12 Dec 2018 18:36:18 GMT
access-control-allow-origin: *
etag: "1544639778"
vary: Accept-Encoding
x-cache: HIT
content-type: font/woff2
status: 200
cache-control: public, max-age=31536000
x-hello-human: Say hello back! @getBootstrapCDN on Twitter
accept-ranges: bytes
timing-allow-origin: *
content-length: 64470

GET
H2 200 t Show response
jadserve.postrelease.com/ 2 KB
1 KB 310ms
216ms Script
text/javascript 52.19.153.98
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fwww.sonomanews.com%2F
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.19.153.98 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-19-153-98.eu-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: 850164320a03cdeefe0b394cb82c378bb204d34d152874bf66963d752959c441

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Feb 2019 17:13:24 GMT
content-encoding: gzip
server: nginx/1.12.1
access-control-allow-origin: *
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: text/javascript;charset=UTF-8
content-length: 649
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 159 B
473 B 145ms
110ms XHR
application/json 2a04:4e42::714
Fastly

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=sonomanews.com&domain=sonomanews.com&path=%2F
Requested by: Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42::714 , European Union, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: 2293d2f32f2d45cd9da459038f562c5c169510e3968c88aff836969b15026bf5

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.sonomanews.com/
Origin: https://www.sonomanews.com

Response headers

date: Fri, 08 Feb 2019 17:13:23 GMT
content-encoding: gzip
x-cacheable: YES
x-backend: default
age: 0
x-cache: MISS, MISS
status: 200
x-cache-hits: 0
x-restarts: 0
content-length: 126
x-served-by: cache-fra19128-FRA
access-control-allow-origin: *
x-timer: S1549646004.696229,VS0,VE104
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/json
via: 1.1 varnish, 1.1 varnish
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges: bytes
expires: Wed, 06 Feb 2019 17:13:23 GMT

GET
H/1.1 200
OK sit_logo.gif
img.sonomanews.com/logo/ 20 KB
21 KB 252ms
116ms Image
image/gif 192.237.253.150
Rackspace Hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sonomanews.com/logo/sit_logo.gif
Requested by: Host: www.sonomanews.com
URL: https://www.sonomanews.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.237.253.150 San Antonio, United States, ASN19994 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: f8ecaa017452cf9e25d37472a194d4676fc01125d206a85b2282cbb63cc8f5ef

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: img.sonomanews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.sonomanews.com/
Cookie: visid_incap_813078=efzotlIASyC3Vhh3zBXE07C4XVwAAAAAQUIPAAAAAADCglZ9J/RWfg2U3Fw3g3J3; nlbi_813078=d2HpXpK2Lk9Ayb/7fN0T4gAAAAApXBlMKdTSxbyXOmoQVlNn; incap_ses_184_813078=VkiVPXW1rEXCjNBkaLSNArG4XVwAAAAA9UwrzD7iB11jgLV6zylF5Q==
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 08 Feb 2019 17:13:23 GMT
Last-Modified: Wed, 16 Mar 2016 20:56:47 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "51fb-52e30c08801c0"
Content-Type: image/gif
Connection: close
Accept-Ranges: bytes
Content-Length: 20987

GET
H/1.1 200
OK a-017m
i.liadm.com/s/c/ Frame A990 0
0 636ms
96ms Document
text/html 52.44.230.13
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://i.liadm.com/s/c/a-017m?s=&cim=&ps=true&ls=false&duid=a-017m--c3e5c6c4-a283-4377-83d2-2878086b26b6&domainSessionId=&ppid=0&euns=0&ci=0&version=sc-2.2.0&nosync=true&
Requested by: Host: b-code.liadm.com
URL: https://b-code.liadm.com/a-017m.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.44.230.13 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-44-230-13.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Host: i.liadm.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
Referer: https://www.sonomanews.com/
Accept-Encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.sonomanews.com/

Response headers

Cache-Control: private, no-cache, max-age=0
Content-Encoding: gzip
Content-Type: text/html; charset=UTF-8
Date: Fri, 08 Feb 2019 17:13:24 GMT
ETag: 1.61803398874
Vary: Accept-Encoding
Content-Length: 50
Connection: keep-alive

GET
H/1.1 200
OK embed.js Show response
pressdemocrat.wufoo.com/scripts/widget/ 2 KB
2 KB 1187ms
378ms Script
text/javascript 64.191.16.85
SurveyMonkey Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://pressdemocrat.wufoo.com/scripts/widget/embed.js?w=KtvaXxwuBedVXwNbyyaqhUNCJQtxZTOw3BIW0wuslashBav5E3hM=

Requested by

Host: www.sonomanews.com
URL: https://www.sonomanews.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.191.16.85 Palo Alto, United States, ASN18915 (MONKEY-US-01 - SurveyMonkey Inc., US),

Reverse DNS

Software

/ Bananas and Rum

Resource Hash

2ddfdeb1fcce0ca47085fdca9063d9cdc485d8ac7bdd0e3317971abda27ff9f8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Pragma: no-cache
Date: Fri, 08 Feb 2019 17:13:24 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-Powered-By: Bananas and Rum
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Access-Control-Allow-Headers: origin, x-requested-with, content-type
Content-Length: 1104
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 __utm.gif
stats.g.doubleclick.net/r/ 35 B
102 B 16ms
14ms Image
image/gif 2a00:1450:400c:c08::9a
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/r/__utm.gif?utmwv=5.7.2dc&utms=1&utmn=1953479511&utmhn=www.sonomanews.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Home%20%7C%20Sonoma%20Index-Tribune%20%7C%20Sonoma%20News%2C%20Entertainment%2C%20Sports%2C%20Real%20Estate%2C%20Events%2C%20Photos%2C%20Sonoma%2C%20CA&utmhid=381178205&utmr=-&utmp=%2F&utmht=1549646003760&utmac=UA-39519010-1&utmcc=__utma%3D132988428.382320259.1549646004.1549646004.1549646004.1%3B%2B__utmz%3D132988428.1549646004.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1323177613&utmredir=3&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: www.sonomanews.com
URL: https://www.sonomanews.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:400c:c08::9a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
date: Fri, 08 Feb 2019 17:13:24 GMT
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 __utm.gif
stats.g.doubleclick.net/ 35 B
122 B 15ms
14ms Image
image/gif 2a00:1450:400c:c08::9a
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/__utm.gif?utmwv=5.7.2dc&utms=2&utmn=1935522195&utmhn=www.sonomanews.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Home%20%7C%20Sonoma%20Index-Tribune%20%7C%20Sonoma%20News%2C%20Entertainment%2C%20Sports%2C%20Real%20Estate%2C%20Events%2C%20Photos%2C%20Sonoma%2C%20CA&utmhid=381178205&utmr=-&utmp=%2F&utmht=1549646003763&utmac=UA-55293627-1&utmcc=__utma%3D132988428.382320259.1549646004.1549646004.1549646004.1%3B%2B__utmz%3D132988428.1549646004.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: www.sonomanews.com
URL: https://www.sonomanews.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:400c:c08::9a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Feb 2019 11:02:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 367828
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 __utm.gif
stats.g.doubleclick.net/ 35 B
93 B 14ms
14ms Image
image/gif 2a00:1450:400c:c08::9a
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://stats.g.doubleclick.net/__utm.gif?utmwv=5.7.2dc&utms=3&utmn=789871696&utmhn=www.sonomanews.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Home%20%7C%20Sonoma%20Index-Tribune%20%7C%20Sonoma%20News%2C%20Entertainment%2C%20Sports%2C%20Real%20Estate%2C%20Events%2C%20Photos%2C%20Sonoma%2C%20CA&utmhid=381178205&utmr=-&utmp=%2F&utmht=1549646003765&utmac=UA-44780506-1&utmcc=__utma%3D132988428.382320259.1549646004.1549646004.1549646004.1%3B%2B__utmz%3D132988428.1549646004.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=&utmmt=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~

Requested by

Host: www.sonomanews.com
URL: https://www.sonomanews.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:400c:c08::9a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 04 Feb 2019 11:02:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 367828
content-type: image/gif
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
cache-control: no-cache, no-store, must-revalidate
access-control-allow-origin: *
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

302
Found

dynamic-conversion Show response
lcidc.liadm.com/api/v1/
Redirect Chain

https://lcidc.liadm.com/api/v1/dynamic-conversion?e=viewContent&aid=5398&pu=aHR0cHM6Ly93d3cuc29ub21hbmV3cy5jb20v
https://lcidc.liadm.com/api/v1/dynamic-conversion?e=viewContent&aid=5398&pu=aHR0cHM6Ly93d3cuc29ub21hbmV3cy5jb20v&n3pc=true

0
-1 B

452ms
101ms

XHR

34.235.251.19
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://lcidc.liadm.com/api/v1/dynamic-conversion?e=viewContent&aid=5398&pu=aHR0cHM6Ly93d3cuc29ub21hbmV3cy5jb20v&n3pc=true

Requested by

Host: www.sonomanews.com
URL: https://www.sonomanews.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.235.251.19 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-34-235-251-19.compute-1.amazonaws.com

Software

nginx/1.12.1 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Location: /api/v1/dynamic-conversion?e=viewContent&aid=5398&pu=aHR0cHM6Ly93d3cuc29ub21hbmV3cy5jb20v&n3pc=true
Content-Security-Policy: default-src 'self'
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx/1.12.1
X-Frame-Options: DENY
Date: Fri, 08 Feb 2019 17:13:24 GMT
Vary: Origin
Access-Control-Allow-Origin: https://www.sonomanews.com
X-XSS-Protection: 1; mode=block
X-Permitted-Cross-Domain-Policies: master-only
Access-Control-Allow-Credentials: true
Connection: keep-alive
Request-Time: 0
Content-Length: 0
X-Content-Type-Options: nosniff

Redirect headers

Vary: Origin
Content-Security-Policy: default-src 'self'
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx/1.12.1
Access-Control-Allow-Origin: https://www.sonomanews.com
Date: Fri, 08 Feb 2019 17:13:24 GMT
X-Frame-Options: DENY
Location: /api/v1/dynamic-conversion?e=viewContent&aid=5398&pu=aHR0cHM6Ly93d3cuc29ub21hbmV3cy5jb20v&n3pc=true
X-Permitted-Cross-Domain-Policies: master-only
Access-Control-Allow-Credentials: true
X-Content-Type-Options: nosniff
Connection: keep-alive
Request-Time: 0
Content-Length: 0
X-XSS-Protection: 1; mode=block

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 109 B
171 B 26ms
17ms Script
application/javascript 2a00:1450:4001:816::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.sonomanews.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 17:13:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length: 104
x-xss-protection: 1; mode=block

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 109 B
171 B 24ms
15ms Script
application/javascript 2a00:1450:4001:819::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sonomanews.com

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 17:13:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length: 104
x-xss-protection: 1; mode=block

GET
H2 200 pubads_impl_301.js Show response
securepubads.g.doubleclick.net/gpt/ 181 KB
62 KB 43ms
42ms Script
text/javascript 216.58.208.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_301.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s12-in-f2.1e100.net

Software

sffe /

Resource Hash

cf7372c066c21a04cdf010795703ebfe788cff3d65f07a018e27e676944558fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 17:13:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 31 Jan 2019 17:47:20 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 63397
x-xss-protection: 1; mode=block
expires: Fri, 08 Feb 2019 17:13:24 GMT

GET
H2 200 91b96c0101e3d55cb18375d8bd28d277 Show response
smi.blueconic.net/plugin/plugin/ 128 KB
32 KB 96ms
96ms Script
text/javascript 100.25.49.178
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://smi.blueconic.net/plugin/plugin/91b96c0101e3d55cb18375d8bd28d277

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/smi.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

100.25.49.178 , United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-100-25-49-178.compute-1.amazonaws.com

Software

- /

Resource Hash

83204358b35fa24d05891d4732c80c2c73819bbd7876f7e7beeeeb90f4cf3d1a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 17:13:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
server: -
etag: 91b96c0101e3d55cb18375d8bd28d277
p3p: policyref="", CP="DSP"
status: 200
x-permitted-cross-domain-policies: master-only
cache-control: private, max-age=31536000
x-robots-tag: noindex, nofollow
content-length: 32129
x-xss-protection: 1; mode=block
expires: Sat, 08 Feb 2020 17:13:24 GMT

GET
H2 200 1d38f2d8bb291e1101e13c8433a60583 Show response
smi.blueconic.net/plugin/library/ 262 KB
80 KB 99ms
99ms Script
text/javascript 100.25.49.178
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://smi.blueconic.net/plugin/library/1d38f2d8bb291e1101e13c8433a60583

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/smi.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

100.25.49.178 , United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-100-25-49-178.compute-1.amazonaws.com

Software

- /

Resource Hash

bd0d0fe9923099c8643a650f644ff6adb873c275d0e8d6752daa235ba3fb8593

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 17:13:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: text/javascript; charset=utf-8
server: -
etag: 1d38f2d8bb291e1101e13c8433a60583
p3p: policyref="", CP="DSP"
status: 200
x-permitted-cross-domain-policies: master-only
cache-control: private, max-age=31536000
x-robots-tag: noindex, nofollow
content-length: 80913
x-xss-protection: 1; mode=block
expires: Sat, 08 Feb 2020 17:13:24 GMT

POST
H2 200 LB-Zone-2 Show response
smi.blueconic.net/DG/DEFAULT/rest/rpc/json/ 912 B
1014 B 193ms
192ms XHR
application/json 100.25.49.178
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://smi.blueconic.net/DG/DEFAULT/rest/rpc/json/LB-Zone-2?referer=https%3A%2F%2Fwww.sonomanews.com%2F&bcsessionid=&bctempid=ee3bea9e-0d85-475a-a02d-30cfc97fb688&overruleReferrer=&time=2019-02-08T17%3A13%3A24%2B00%3A00&ts=1549646004207

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/smi.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

100.25.49.178 , United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-100-25-49-178.compute-1.amazonaws.com

Software

- /

Resource Hash

6f2be7f2d89e8f362b69fc1f8d441427684869c8c5ff2f4bd2a20aa650a56a57

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sonomanews.com/
Origin: https://www.sonomanews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 08 Feb 2019 17:13:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
p3p: policyref="", CP="DSP"
status: 200
content-length: 443
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.sonomanews.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK dynamic-conversion Show response
lcidc.liadm.com/api/v1/ 15 B
795 B 116ms
114ms XHR
application/json 34.235.251.19
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://lcidc.liadm.com/api/v1/dynamic-conversion?e=viewContent&aid=5398&pu=aHR0cHM6Ly93d3cuc29ub21hbmV3cy5jb20v&n3pc=true

Requested by

Host: www.sonomanews.com
URL: https://www.sonomanews.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.235.251.19 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-34-235-251-19.compute-1.amazonaws.com

Software

nginx/1.12.1 /

Resource Hash

d65b1b198cc3ab2f68200d058319f8da590b4d525397ca3d0c2fde40c12b0747

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.sonomanews.com/
Origin: https://www.sonomanews.com

Response headers

Content-Security-Policy: default-src 'self'
Referrer-Policy: origin-when-cross-origin, strict-origin-when-cross-origin
Server: nginx/1.12.1
Vary: Origin
Date: Fri, 08 Feb 2019 17:13:24 GMT
X-Frame-Options: DENY
Content-Type: application/json
Access-Control-Allow-Origin: https://www.sonomanews.com
X-Permitted-Cross-Domain-Policies: master-only
Access-Control-Allow-Credentials: true
X-Content-Type-Options: nosniff
Connection: keep-alive
Request-Time: 6
Content-Length: 15
X-XSS-Protection: 1; mode=block

GET
H2 200 i
c.liadm.com/ 43 B
334 B 318ms
97ms Image
image/gif 52.22.2.8
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.liadm.com/i?stm=1549646004347&e=pv&url=https%3A%2F%2Fwww.sonomanews.com%2F&page=Home%20%7C%20Sonoma%20Index-Tribune%20%7C%20Sonoma%20News%2C%20Entertainment%2C%20Sports%2C%20Real%20Estate%2C%20Events%2C%20Photos%2C%20Sonoma%2C%20CA&tv=js-adv-4.6.0-sp-2.9.2&tna=litra&aid=a-017m&p=web&tz=UTC&lang=en-US&cs=UTF-8&res=1600x1200&cd=24&cookie=1&eid=ebafc869-1a45-4cb2-af98-b4d9f198e644&dtm=1549646004344&vp=1600x1200&ds=1600x1200&vid=1&sid=7376000f-a917-49da-aabf-3b50e671f130&duid=a-017m--c3e5c6c4-a283-4377-83d2-2878086b26b6&fp=3998842399&cx=eyJzY2hlbWEiOiJpZ2x1OmNvbS5zbm93cGxvd2FuYWx5dGljcy5zbm93cGxvdy9jb250ZXh0cy9qc29uc2NoZW1hLzEtMC0wIiwiZGF0YSI6W3sic2NoZW1hIjoiaWdsdTpjb20uZ29vZ2xlLmFuYWx5dGljcy9jb29raWVzL2pzb25zY2hlbWEvMS0wLTAiLCJkYXRhIjp7fX0seyJzY2hlbWEiOiJpZ2x1OmNvbS5saXZlaW50ZW50L3NvdXJjZV9saXZlX2V2ZW50L2pzb25zY2hlbWEvMi0wLTAiLCJkYXRhIjp7InB1c2hlZERhdGEiOiJ7XCJldmVudFwiOlwicGFnZVZpZXdcIn0ifX0seyJzY2hlbWEiOiJpZ2x1OmNvbS5saXZlaW50ZW50L2xpdmVfZXZlbnQvanNvbnNjaGVtYS8yLTAtMCIsImRhdGEiOnsiZXZlbnROYW1lIjoidmlld0NvbnRlbnQiLCJzZWdtZW50SWQiOiJBQlVXQk5vNW8tNCJ9fV19
Requested by: Host: www.sonomanews.com
URL: https://www.sonomanews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.22.2.8 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-52-22-2-8.compute-1.amazonaws.com
Software: akka-http/10.0.9 /
Resource Hash: caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 17:13:24 GMT
server: akka-http/10.0.9
access-control-allow-origin: *
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
status: 200
access-control-allow-credentials: true
content-type: image/gif
content-length: 43

GET
H/1.1 200
OK index.0503.css
pressdemocrat.wufoo.com//stylesheets/public/widgets/css/ 8 KB
3 KB 198ms
198ms Stylesheet
text/css 64.191.16.85
SurveyMonkey Inc.

General

Check archive.org

Show headers Download Go to

Full URL

https://pressdemocrat.wufoo.com//stylesheets/public/widgets/css/index.0503.css

Requested by

Host: pressdemocrat.wufoo.com
URL: https://pressdemocrat.wufoo.com/scripts/widget/embed.js?w=KtvaXxwuBedVXwNbyyaqhUNCJQtxZTOw3BIW0wuslashBav5E3hM=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

64.191.16.85 Palo Alto, United States, ASN18915 (MONKEY-US-01 - SurveyMonkey Inc., US),

Reverse DNS

Software

/ Bananas and Rum

Resource Hash

4166f98ff175b23f81f1000305262c3c8b3b86381a5f9ebec73de6c0bd912096

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 08 Feb 2019 17:13:24 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
X-Powered-By: Bananas and Rum
X-Frame-Options: SAMEORIGIN
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Content-Type: text/css;charset=UTF-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: origin, x-requested-with, content-type
Content-Length: 2930

GET
H/1.1 200
OK default.png
img.sonomanews.com/ 45 KB
46 KB 399ms
111ms Image
image/png 192.237.253.150
Rackspace Hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.sonomanews.com/default.png
Requested by: Host: www.sonomanews.com
URL: https://www.sonomanews.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.237.253.150 San Antonio, United States, ASN19994 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 130a764fa83f87b35a9941452c1209de093cb19df7d2653866b9f768b87f736e

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: img.sonomanews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.sonomanews.com/
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 08 Feb 2019 17:13:25 GMT
Last-Modified: Wed, 30 Dec 2015 22:01:43 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "b578-52824aef85fc0"
Content-Type: image/png
Connection: close
Accept-Ranges: bytes
Content-Length: 46456

GET
H/1.1 200
OK network-logos7.jpg
img.pressdemocrat.com/logo/ 92 KB
92 KB 513ms
112ms Image
image/jpeg 192.237.253.150
Rackspace Hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.pressdemocrat.com/logo/network-logos7.jpg
Requested by: Host: www.sonomanews.com
URL: https://www.sonomanews.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.237.253.150 San Antonio, United States, ASN19994 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: b1f857efcd5f99133ae3d73bdda38398737d1d4230f624b2af7673b879e25d7b

Request headers

Referer: https://code.sonomanews.com/css/unified.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 08 Feb 2019 17:13:25 GMT
Last-Modified: Thu, 01 Dec 2016 00:35:55 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "16f92-5428e011cb0c0"
Content-Type: image/jpeg
Cache-Control: max-age=604801, public
Connection: close
Accept-Ranges: bytes
Content-Length: 94098

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 35 KB
14 KB 9ms
9ms Script
application/x-javascript 2600:9000:200c:3400:18:1fcd:348:2461
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.sonomanews.com
URL: https://www.sonomanews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:3400:18:1fcd:348:2461 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: ca5327697815bc7ac6c0073c5b4fbf2f260954bd1a9d5d48d13d5839e918c4bb

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 13:05:31 GMT
content-encoding: gzip
last-modified: Fri, 11 Jan 2019 03:58:12 GMT
server: nginx
age: 14873
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
status: 200
cache-control: max-age=86400
x-amz-cf-id: Mx5RMpjd4KJFztlYq-da3KEVddCzwa3CjRx5RXpFwVUqJS-_ncFwKw==
via: 1.1 ddd91cf4cd1b9310c0aee8953bc042e2.cloudfront.net (CloudFront)
expires: Sat, 09 Feb 2019 13:05:31 GMT

GET
H2 200 ta-pagesocial-sdk.js Show response
tru.am/scripts/ 34 KB
12 KB 24ms
24ms Script
application/javascript 2606:4700:20::6819:a322
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://tru.am/scripts/ta-pagesocial-sdk.js
Requested by: Host: tru.am
URL: https://tru.am/scripts/custom/sonomamedia.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::6819:a322 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb9007c254c493be4a067de535b19a30f5e5aef3d5b19f58b1c72d2c65a04f79

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 17:13:24 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 21 May 2018 10:49:23 GMT
server: cloudflare
etag: W/"8761e04182a1c11ff30f706f8052c8d6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
status: 200
cache-control: public, max-age=86400
cf-ray: 4a5fba0abef8c2ab-FRA
expires: Sat, 09 Feb 2019 17:13:24 GMT

GET
H/1.1 200
OK Cookie set _Incapsula_Resource Show response
www.sonomanews.com/ 110 KB
16 KB 15ms
14ms Script
application/javascript 107.154.114.50
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sonomanews.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=106892109
Requested by: Host: www.sonomanews.com
URL: https://www.sonomanews.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.154.114.50 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.114.50.ip.incapdns.net
Software: /
Resource Hash: e5ef3d938679eabdfd6c0fc5c0b681a6ac177d84826989d06f658737fb0ca526

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.sonomanews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: */*
Referer: https://www.sonomanews.com/
Cookie: CSPWSERVERID=c5cc4a41a1dd13189fbaa5c5423e19a907732f41
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Content-Encoding: gzip
Set-Cookie: visid_incap_813078=9d5llUNiRjunNCl0k8uFi7S4XVwAAAAAQUIPAAAAAABO4PEZ4UHS50eO1/hCIZo4; expires=Sat, 08 Feb 2020 12:16:36 GMT; path=/; Domain=.sonomanews.com incap_ses_184_813078=cshXPlRWkkgRkdBkaLSNArS4XVwAAAAAthtWzW3gcDMat+BOss4FxQ==; path=/; Domain=.sonomanews.com ___utmvmXIuSLtz=LPqrnLPBPCj; path=/; Max-Age=900 ___utmvaXIuSLtz=ujiHkvb; path=/; Max-Age=900 ___utmvbXIuSLtz=YZi XHtOkalX: nts; path=/; Max-Age=900
Content-Length: 16116
Cache-Control: no-cache
Content-Type: application/javascript

POST
H2 200 json Show response
smi.blueconic.net/DG/DEFAULT/rest/rpc/ 1 KB
1 KB 115ms
107ms XHR
application/json 100.25.49.178
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://smi.blueconic.net/DG/DEFAULT/rest/rpc/json?referer=https%3A%2F%2Fwww.sonomanews.com%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2019-02-08T17%3A13%3A24%2B00%3A00&ts=1549646004926

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/smi.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

100.25.49.178 , United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-100-25-49-178.compute-1.amazonaws.com

Software

- /

Resource Hash

bb779e056d8c07db01c82b75d9b1c48e8da199b12634d7b3dcaf164a0d05b2a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sonomanews.com/
Origin: https://www.sonomanews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 08 Feb 2019 17:13:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
p3p: policyref="", CP="DSP"
status: 200
content-length: 759
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.sonomanews.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 default.uni-form.css
plugins.blueconic.net/forms/1.1.13/css/ 11 KB
3 KB 64ms
12ms Stylesheet
text/css 52.222.150.253
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://plugins.blueconic.net/forms/1.1.13/css/default.uni-form.css
Requested by: Host: smi.blueconic.net
URL: https://smi.blueconic.net/plugin/library/1d38f2d8bb291e1101e13c8433a60583
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.150.253 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-222-150-253.fra53.r.cloudfront.net
Software: - /
Resource Hash: ab8e2118a5105ac008d67876f76aba37112ae12eb72cc2c9a4ed97044b429bf0

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 16:23:52 GMT
content-encoding: gzip
age: 3003
x-cache: Hit from cloudfront
status: 200
content-length: 2270
via: 1.1 bc9bd2c59aa48e2932432099ba36a25b.cloudfront.net (CloudFront)
last-modified: Tue, 29 Jan 2019 20:08:09 GMT
server: -
etag: "2a00-5809e5a2c7b70-gzip"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: w30Obl30bh54zOhE0CD4JS8GCM_fSuTGJAIiHAROQrM8GGPHwWByGA==
expires: Fri, 08 Feb 2019 17:23:21 GMT

POST
H2 200 json Show response
smi.blueconic.net/DG/DEFAULT/rest/rpc/ 231 B
778 B 108ms
107ms XHR
application/json 100.25.49.178
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://smi.blueconic.net/DG/DEFAULT/rest/rpc/json?referer=https%3A%2F%2Fwww.sonomanews.com%2F&bcsessionid=&bctempid=&overruleReferrer=&time=2019-02-08T17%3A13%3A24%2B00%3A00&ts=1549646004972

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/smi.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

100.25.49.178 , United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-100-25-49-178.compute-1.amazonaws.com

Software

- /

Resource Hash

723f5d8c1868f8b3a58a1c45729b610279ad346554380ff0d41cac6cd1f84658

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sonomanews.com/
Origin: https://www.sonomanews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 08 Feb 2019 17:13:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
p3p: policyref="", CP="DSP"
status: 200
content-length: 133
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.sonomanews.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 lazysizes.min.js Show response
cdnjs.cloudflare.com/ajax/libs/lazysizes/4.0.1/ 7 KB
3 KB 32ms
30ms Script
application/javascript 2606:4700::6813:c797
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/lazysizes/4.0.1/lazysizes.min.js?_=1549646002558

Requested by

Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/2.1.4/jquery.min.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6813:c797 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

98fd6d37a4d49e1651aedf49857bb021f6c61058c262aa01ed2444d3f81c5f39

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 17:13:25 GMT
content-encoding: br
cf-cache-status: HIT
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
last-modified: Thu, 17 May 2018 09:20:20 GMT
server: cloudflare
etag: W/"5afd4954-1a02"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
expires: Wed, 29 Jan 2020 17:13:25 GMT
cache-control: public, max-age=30672000
cf-ray: 4a5fba0b580e9786-FRA
served-in-seconds: 0.001

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 333ms
105ms Image
image/gif 34.196.223.248
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=sonomanews.com&p=%2F&u=CfU92UC_ZYMMCLrA5E&d=sonomanews.com&g=60036&g0=home&g1=sectionfront&n=1&f=00001&c=0&x=0&m=0&y=5633&o=1585&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=4328&t=CGWRS9BVglXaDhIx16DDdj85CrXhHW&V=111&i=Home%20%7C%20Sonoma%20Index-Tribune%20%7C%20Sonoma%20News%2C%20Entertainment%2C%20Sports%2C%20Real%20Estate%2C%20Events%2C%20Photos%2C%20Sonom&tz=0&_acct=anon&sn=1&sv=Bi3R3V7DoilDxRscADxma9Cr7ZU0&sd=1&im=067b0fff&_
Requested by: Host: www.sonomanews.com
URL: https://www.sonomanews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.196.223.248 Ashburn, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-34-196-223-248.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

status: 200
pragma: no-cache
date: Fri, 08 Feb 2019 17:13:25 GMT
cache-control: no-cache, no-store, must-revalidate
expires: 0
content-length: 43
content-type: image/gif

GET
H/1.1 200
OK Cookie set _Incapsula_Resource
www.sonomanews.com/ 1 B
559 B 21ms
20ms Image
text/plain 107.154.114.50
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sonomanews.com/_Incapsula_Resource?SWKMTFSR=1&e=0.2629119247228864
Requested by: Host: www.sonomanews.com
URL: https://www.sonomanews.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.154.114.50 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.114.50.ip.incapdns.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.sonomanews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.sonomanews.com/
Cookie: CSPWSERVERID=c5cc4a41a1dd13189fbaa5c5423e19a907732f41; BCRevision_1549646004921=%7B%22method%22%3A%22createEvent%22%2C%22param%22%3A%7B%22type%22%3A%5B%22new_visit%22%5D%2C%22referrer%22%3A%5B%22%22%5D%2C%22profile%22%3A%5B%22ee3bea9e-0d85-475a-a02d-30cfc97fb688%22%5D%7D%2C%22requestId%22%3A%22rev_1549646004921%22%7D; visid_incap_813078=9d5llUNiRjunNCl0k8uFi7S4XVwAAAAAQUIPAAAAAABO4PEZ4UHS50eO1/hCIZo4; incap_ses_184_813078=cshXPlRWkkgRkdBkaLSNArS4XVwAAAAAthtWzW3gcDMat+BOss4FxQ==; ___utmvmXIuSLtz=LPqrnLPBPCj; ___utmvbXIuSLtz=YZi XHtOkalX: nts; BCRevision_1549646004978=%7B%22method%22%3A%22setProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22last_visited_site%22%3A%5B%22www.sonomanews.com%22%5D%2C%22_engagement%22%3A%5B%22%7B%5C%22v214%5C%22%3A0%2C%5C%22c214%5C%22%3A0%7D%22%5D%2C%22engagement_score%22%3A%5B0%5D%2C%22engagement%22%3A%5B%22low%22%5D%2C%22sit_category_interest_7_days_index%22%3A%5B%220%22%5D%2C%22sit_category_interest_30_days_index%22%3A%5B%220%22%5D%2C%22sit_category_interest_90_days_index%22%3A%5B%220%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1549646004978%22%7D; BCRevision_1549646004979=%7B%22method%22%3A%22addProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22_sit_num_articles_read_last_30%22%3A%5B%22%7B%5C%22TIME%5C%22%3A1549646004951%2C%5C%22K%5C%22%3A%7B%5C%22p2595%5C%22%3A1%7D%7D%22%5D%2C%22_hl_visit_time%22%3A%5B%22%7B%5C%22TIME%5C%22%3A1549646004960%2C%5C%22data%5C%22%3A%5B%7B%5C%22n%5C%22%3A%5C%225%20PM%20-%206%20PM%5C%22%2C%5C%22p%5C%22%3A1%2C%5C%22d%5C%22%3A525%7D%5D%7D%22%5D%2C%22sit_article_titles_viewed%22%3A%5B%22Home%2C%20Sonoma%20Index-Tribune%2C%20Sonoma%20County%20Newspaper%2C%20CA%20news%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1549646004979%22%7D; _cb_ls=1; _cb=CfU92UC_ZYMMCLrA5E; _chartbeat2=.1549646005065.1549646005065.1.Bi3R3V7DoilDxRscADxma9Cr7ZU0.1; _cb_svref=null; ___utmvc=Ep4uYT2YmYpkItqw5x0b68GB0T/3PABacQJccU3mtT2ltEZ8cOJGAzSZidp0dhJgEe7bg3yY5PCaKzWjPlCT0U48Tp7SSDUn2Z/ZEeJut3yg69Pm5v8bAb30PBaC3TGbfGnSRlYYMeEXTP98nxXcT4AVJnG6qJFcmC0UJ7ZAiHq2gUn+x8JOlHMWvr9bht5n/pFYz7P+TlKOU5bIlnlF6lfg71PRR7vv9IxcbKNFitwTemp1Qd6ujY7X59SqNC5S0OBxZxyBKUOV7yMOPDxgdJX56s0gw4qqGUdT6T4RRtGfx7lA2Gc6dr+xB1BVg6UOgsioYVLFSE/woy2AmlK2nxu68r8fJ++AS8ovPLrsd5ofRv3vqw4vELAcBbSDOhtabFGrVT1caQTC3zgUoUOIxQUsR9wizEeVkm6IU1sP2+JUmUQBkAM1tBLLY22bsnMatBq23coFOxybLeX7/UmN0WLLq7sA5hNZpCpI3DFBdfnEV7yIasDhRivxpYBTzyZC2nblCTLkYwR+Hlbr52LUUCmnQ4bWVTObG5D9r+6WuZ3DOoiDaWLe0A9/Gk2KLA0gg7WZ6O8cIT52uR+viC9GjS97s0g2YGQUd1s8oBoBhevB0hlST1f8zNm6vjSeNp5ateW2JQi/nXGpcbUmP/rlVQQq54Q24GKt1db2IC/oVegKkXIv/gV1QRDIiKifLqXpjDTW5l3nh7InOvkrauloOFI8D7QH//32Vcx3pFbJ78JD0x/cS+ZPSz6efKKR+P6dZcSfyfy4wjT3JFi7jDt/rXGW76g3DeIgPx683TdbF4jQxGtrrkmd6+FiRM31EIpEuZXClmU3D7iK2IJvha8Nbkrydzz8p/nXZUB+N9Mkm1xwRX6Zl1UtZRk7c8lUGBi/lPeKRx2YheQvPDFXX/lpFBLLw9pSaBoYmkxQq7dCafB01k0WWW8/FvduRdO+ilrvpwZ+GiGFw1gJoG+WhoE6JY7hraHrF0h06r7H6akdvhqKCEqTSifoGl06AmmzEXwdX4fk83MXEDjOpgC7iPN8rlP9WM1uL9N9jUu/I8vNciZH03aDhwCkXqk1lYW4sOpvvNmtlFnpy9UE2XHfM9r4lsl1cgj1hjFAWUNCpTiuvFcdsmfSKUFXsUq+50xA6xzAHs+RrEHR0X/ZpZXaYIavjViK1kJPZn+4LGRpZ2VzdD04NzI5MixzPTcwYWI2ODdiOTQ2ZjhiYTdiMDliN2NhZTc3ODY3ZDgyOGI2N2EwOWZhMzgwODZiMmE4YTQ5YzVkODk2NThlOTE4YTZiNzY2ZThhNzM3NjZm
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Cache-Control: no-cache
Set-Cookie: visid_incap_813078=9d5llUNiRjunNCl0k8uFi7S4XVwAAAAAQUIPAAAAAABO4PEZ4UHS50eO1/hCIZo4; expires=Sat, 08 Feb 2020 12:16:36 GMT; path=/; Domain=.sonomanews.com incap_ses_184_813078=cshXPlRWkkgRkdBkaLSNArS4XVwAAAAAthtWzW3gcDMat+BOss4FxQ==; path=/; Domain=.sonomanews.com ___utmvbXIuSLtz=a; Max-Age=0; path=/; expires=Mon, 28 Jan 2019 12:14:04 GMT ___utmvmXIuSLtz=a; Max-Age=0; path=/; expires=Mon, 28 Jan 2019 12:14:04 GMT
Content-Length: 1
Content-Type: text/plain

GET
H/1.1 200
OK dt.common.streams.StreamServer.cls
www.sonomanews.com/csp/mediapool/sites/ 21 KB
22 KB 188ms
187ms Image
image/jpeg 107.154.114.50
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sonomanews.com/csp/mediapool/sites/dt.common.streams.StreamServer.cls?STREAMOID=jhVaDrb_W07MmOAwLuOdzM$daE2N3K4ZzOUsqbU5sYsJ3Z_rMOey6t1ySQb4nAWwWCsjLu883Ygn4B49Lvm9bPe2QeMKQdVeZmXF$9l$4uCZ8QDXhaHEp3rvzXRJFdy0KqPHLoMevcTLo3h8xh70Y6N_U_CryOsw6FTOdKL_jpQ-&CONTENTTYPE=image/jpeg
Requested by: Host: www.sonomanews.com
URL: https://www.sonomanews.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.154.114.50 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.114.50.ip.incapdns.net
Software: Apache/2.2.15 (Red Hat) /
Resource Hash: 97605008c6b9b05bc12ca2cd5e101f83f6bab81d9cc4fa5a9a227c56e9bae2d3

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.sonomanews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.sonomanews.com/
Cookie: CSPWSERVERID=c5cc4a41a1dd13189fbaa5c5423e19a907732f41; visid_incap_813078=9d5llUNiRjunNCl0k8uFi7S4XVwAAAAAQUIPAAAAAABO4PEZ4UHS50eO1/hCIZo4; incap_ses_184_813078=cshXPlRWkkgRkdBkaLSNArS4XVwAAAAAthtWzW3gcDMat+BOss4FxQ==; _cb_ls=1; _cb=CfU92UC_ZYMMCLrA5E; _chartbeat2=.1549646005065.1549646005065.1.Bi3R3V7DoilDxRscADxma9Cr7ZU0.1; _cb_svref=null; ___utmvc=Ep4uYT2YmYpkItqw5x0b68GB0T/3PABacQJccU3mtT2ltEZ8cOJGAzSZidp0dhJgEe7bg3yY5PCaKzWjPlCT0U48Tp7SSDUn2Z/ZEeJut3yg69Pm5v8bAb30PBaC3TGbfGnSRlYYMeEXTP98nxXcT4AVJnG6qJFcmC0UJ7ZAiHq2gUn+x8JOlHMWvr9bht5n/pFYz7P+TlKOU5bIlnlF6lfg71PRR7vv9IxcbKNFitwTemp1Qd6ujY7X59SqNC5S0OBxZxyBKUOV7yMOPDxgdJX56s0gw4qqGUdT6T4RRtGfx7lA2Gc6dr+xB1BVg6UOgsioYVLFSE/woy2AmlK2nxu68r8fJ++AS8ovPLrsd5ofRv3vqw4vELAcBbSDOhtabFGrVT1caQTC3zgUoUOIxQUsR9wizEeVkm6IU1sP2+JUmUQBkAM1tBLLY22bsnMatBq23coFOxybLeX7/UmN0WLLq7sA5hNZpCpI3DFBdfnEV7yIasDhRivxpYBTzyZC2nblCTLkYwR+Hlbr52LUUCmnQ4bWVTObG5D9r+6WuZ3DOoiDaWLe0A9/Gk2KLA0gg7WZ6O8cIT52uR+viC9GjS97s0g2YGQUd1s8oBoBhevB0hlST1f8zNm6vjSeNp5ateW2JQi/nXGpcbUmP/rlVQQq54Q24GKt1db2IC/oVegKkXIv/gV1QRDIiKifLqXpjDTW5l3nh7InOvkrauloOFI8D7QH//32Vcx3pFbJ78JD0x/cS+ZPSz6efKKR+P6dZcSfyfy4wjT3JFi7jDt/rXGW76g3DeIgPx683TdbF4jQxGtrrkmd6+FiRM31EIpEuZXClmU3D7iK2IJvha8Nbkrydzz8p/nXZUB+N9Mkm1xwRX6Zl1UtZRk7c8lUGBi/lPeKRx2YheQvPDFXX/lpFBLLw9pSaBoYmkxQq7dCafB01k0WWW8/FvduRdO+ilrvpwZ+GiGFw1gJoG+WhoE6JY7hraHrF0h06r7H6akdvhqKCEqTSifoGl06AmmzEXwdX4fk83MXEDjOpgC7iPN8rlP9WM1uL9N9jUu/I8vNciZH03aDhwCkXqk1lYW4sOpvvNmtlFnpy9UE2XHfM9r4lsl1cgj1hjFAWUNCpTiuvFcdsmfSKUFXsUq+50xA6xzAHs+RrEHR0X/ZpZXaYIavjViK1kJPZn+4LGRpZ2VzdD04NzI5MixzPTcwYWI2ODdiOTQ2ZjhiYTdiMDliN2NhZTc3ODY3ZDgyOGI2N2EwOWZhMzgwODZiMmE4YTQ5YzVkODk2NThlOTE4YTZiNzY2ZThhNzM3NjZm; BCZoneID=LB-Zone-2; BCTempID=cfba39d8-c9b6-4dd4-bfdd-eda28c38cb8a
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 08 Feb 2019 17:19:07 GMT
LAST-MODIFIED: Wed, 06 Feb 2019 21:57:37 GMT
Server: Apache/2.2.15 (Red Hat)
SET-COOKIE: CSPWSERVERID=25664c3bb6383c34d3256171a08b5a85dd994bb1; path=/; httpOnly; ___utmvc=a; Max-Age=0; path=/; expires=Mon, 28 Jan 2019 12:14:04 GMT
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
X-Iinfo: 3-125373874-125373966 SNNN RT(1549646002869 1610) q(0 0 0 -1) r(2 2) U18
CACHE-CONTROL: public, max-age=3600
Connection: keep-alive
Content-Length: 21599
X-CDN: Incapsula
EXPIRES: Fri, 08 Feb 2019 18:19:07 GMT

GET
H/1.1 200
OK dt.common.streams.StreamServer.cls
www.sonomanews.com/csp/mediapool/sites/ 31 KB
31 KB 188ms
187ms Image
image/jpeg 107.154.114.50
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sonomanews.com/csp/mediapool/sites/dt.common.streams.StreamServer.cls?STREAMOID=Vrl5$6XAZDfiFjBsrEOiic$daE2N3K4ZzOUsqbU5sYtRI2xXQOjs3sV4SU6iOS3$WCsjLu883Ygn4B49Lvm9bPe2QeMKQdVeZmXF$9l$4uCZ8QDXhaHEp3rvzXRJFdy0KqPHLoMevcTLo3h8xh70Y6N_U_CryOsw6FTOdKL_jpQ-&CONTENTTYPE=image/jpeg
Requested by: Host: www.sonomanews.com
URL: https://www.sonomanews.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.154.114.50 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.114.50.ip.incapdns.net
Software: Apache/2.2.15 (Red Hat) /
Resource Hash: 4c6f5236bd85e29231d809ed5137681860b8e8079642bcedf3997a22836f4dc9

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.sonomanews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.sonomanews.com/
Cookie: CSPWSERVERID=c5cc4a41a1dd13189fbaa5c5423e19a907732f41; visid_incap_813078=9d5llUNiRjunNCl0k8uFi7S4XVwAAAAAQUIPAAAAAABO4PEZ4UHS50eO1/hCIZo4; incap_ses_184_813078=cshXPlRWkkgRkdBkaLSNArS4XVwAAAAAthtWzW3gcDMat+BOss4FxQ==; _cb_ls=1; _cb=CfU92UC_ZYMMCLrA5E; _chartbeat2=.1549646005065.1549646005065.1.Bi3R3V7DoilDxRscADxma9Cr7ZU0.1; _cb_svref=null; ___utmvc=Ep4uYT2YmYpkItqw5x0b68GB0T/3PABacQJccU3mtT2ltEZ8cOJGAzSZidp0dhJgEe7bg3yY5PCaKzWjPlCT0U48Tp7SSDUn2Z/ZEeJut3yg69Pm5v8bAb30PBaC3TGbfGnSRlYYMeEXTP98nxXcT4AVJnG6qJFcmC0UJ7ZAiHq2gUn+x8JOlHMWvr9bht5n/pFYz7P+TlKOU5bIlnlF6lfg71PRR7vv9IxcbKNFitwTemp1Qd6ujY7X59SqNC5S0OBxZxyBKUOV7yMOPDxgdJX56s0gw4qqGUdT6T4RRtGfx7lA2Gc6dr+xB1BVg6UOgsioYVLFSE/woy2AmlK2nxu68r8fJ++AS8ovPLrsd5ofRv3vqw4vELAcBbSDOhtabFGrVT1caQTC3zgUoUOIxQUsR9wizEeVkm6IU1sP2+JUmUQBkAM1tBLLY22bsnMatBq23coFOxybLeX7/UmN0WLLq7sA5hNZpCpI3DFBdfnEV7yIasDhRivxpYBTzyZC2nblCTLkYwR+Hlbr52LUUCmnQ4bWVTObG5D9r+6WuZ3DOoiDaWLe0A9/Gk2KLA0gg7WZ6O8cIT52uR+viC9GjS97s0g2YGQUd1s8oBoBhevB0hlST1f8zNm6vjSeNp5ateW2JQi/nXGpcbUmP/rlVQQq54Q24GKt1db2IC/oVegKkXIv/gV1QRDIiKifLqXpjDTW5l3nh7InOvkrauloOFI8D7QH//32Vcx3pFbJ78JD0x/cS+ZPSz6efKKR+P6dZcSfyfy4wjT3JFi7jDt/rXGW76g3DeIgPx683TdbF4jQxGtrrkmd6+FiRM31EIpEuZXClmU3D7iK2IJvha8Nbkrydzz8p/nXZUB+N9Mkm1xwRX6Zl1UtZRk7c8lUGBi/lPeKRx2YheQvPDFXX/lpFBLLw9pSaBoYmkxQq7dCafB01k0WWW8/FvduRdO+ilrvpwZ+GiGFw1gJoG+WhoE6JY7hraHrF0h06r7H6akdvhqKCEqTSifoGl06AmmzEXwdX4fk83MXEDjOpgC7iPN8rlP9WM1uL9N9jUu/I8vNciZH03aDhwCkXqk1lYW4sOpvvNmtlFnpy9UE2XHfM9r4lsl1cgj1hjFAWUNCpTiuvFcdsmfSKUFXsUq+50xA6xzAHs+RrEHR0X/ZpZXaYIavjViK1kJPZn+4LGRpZ2VzdD04NzI5MixzPTcwYWI2ODdiOTQ2ZjhiYTdiMDliN2NhZTc3ODY3ZDgyOGI2N2EwOWZhMzgwODZiMmE4YTQ5YzVkODk2NThlOTE4YTZiNzY2ZThhNzM3NjZm; BCZoneID=LB-Zone-2; BCTempID=cfba39d8-c9b6-4dd4-bfdd-eda28c38cb8a
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 08 Feb 2019 17:13:45 GMT
LAST-MODIFIED: Thu, 07 Feb 2019 18:39:40 GMT
Server: Apache/2.2.15 (Red Hat)
SET-COOKIE: CSPWSERVERID=1e3c8663635f3213828a7ea10993280fbfcacfb1; path=/; httpOnly; ___utmvc=a; Max-Age=0; path=/; expires=Mon, 28 Jan 2019 12:14:04 GMT
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
X-Iinfo: 9-208318951-208318963 SNNN RT(1549646000310 4172) q(0 0 0 -1) r(2 2) U18
CACHE-CONTROL: public, max-age=3600
Connection: keep-alive
Content-Length: 31541
X-CDN: Incapsula
EXPIRES: Fri, 08 Feb 2019 18:13:45 GMT

GET
H/1.1 200
OK dt.common.streams.StreamServer.cls
www.sonomanews.com/csp/mediapool/sites/ 20 KB
21 KB 195ms
194ms Image
image/jpeg 107.154.114.50
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sonomanews.com/csp/mediapool/sites/dt.common.streams.StreamServer.cls?STREAMOID=prlxFKh1kvOeTY_LI9xJms$daE2N3K4ZzOUsqbU5sYs0SNl1l7$8tVo$yAiZFxXUWCsjLu883Ygn4B49Lvm9bPe2QeMKQdVeZmXF$9l$4uCZ8QDXhaHEp3rvzXRJFdy0KqPHLoMevcTLo3h8xh70Y6N_U_CryOsw6FTOdKL_jpQ-&CONTENTTYPE=image/jpeg
Requested by: Host: www.sonomanews.com
URL: https://www.sonomanews.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.154.114.50 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.114.50.ip.incapdns.net
Software: Apache/2.2.15 (Red Hat) /
Resource Hash: 76a21d8d56d4f6dcbbb2f129aadbeedda40a61e319d16fa8c4b7193537caafe8

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.sonomanews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.sonomanews.com/
Cookie: CSPWSERVERID=c5cc4a41a1dd13189fbaa5c5423e19a907732f41; visid_incap_813078=9d5llUNiRjunNCl0k8uFi7S4XVwAAAAAQUIPAAAAAABO4PEZ4UHS50eO1/hCIZo4; incap_ses_184_813078=cshXPlRWkkgRkdBkaLSNArS4XVwAAAAAthtWzW3gcDMat+BOss4FxQ==; _cb_ls=1; _cb=CfU92UC_ZYMMCLrA5E; _chartbeat2=.1549646005065.1549646005065.1.Bi3R3V7DoilDxRscADxma9Cr7ZU0.1; _cb_svref=null; ___utmvc=Ep4uYT2YmYpkItqw5x0b68GB0T/3PABacQJccU3mtT2ltEZ8cOJGAzSZidp0dhJgEe7bg3yY5PCaKzWjPlCT0U48Tp7SSDUn2Z/ZEeJut3yg69Pm5v8bAb30PBaC3TGbfGnSRlYYMeEXTP98nxXcT4AVJnG6qJFcmC0UJ7ZAiHq2gUn+x8JOlHMWvr9bht5n/pFYz7P+TlKOU5bIlnlF6lfg71PRR7vv9IxcbKNFitwTemp1Qd6ujY7X59SqNC5S0OBxZxyBKUOV7yMOPDxgdJX56s0gw4qqGUdT6T4RRtGfx7lA2Gc6dr+xB1BVg6UOgsioYVLFSE/woy2AmlK2nxu68r8fJ++AS8ovPLrsd5ofRv3vqw4vELAcBbSDOhtabFGrVT1caQTC3zgUoUOIxQUsR9wizEeVkm6IU1sP2+JUmUQBkAM1tBLLY22bsnMatBq23coFOxybLeX7/UmN0WLLq7sA5hNZpCpI3DFBdfnEV7yIasDhRivxpYBTzyZC2nblCTLkYwR+Hlbr52LUUCmnQ4bWVTObG5D9r+6WuZ3DOoiDaWLe0A9/Gk2KLA0gg7WZ6O8cIT52uR+viC9GjS97s0g2YGQUd1s8oBoBhevB0hlST1f8zNm6vjSeNp5ateW2JQi/nXGpcbUmP/rlVQQq54Q24GKt1db2IC/oVegKkXIv/gV1QRDIiKifLqXpjDTW5l3nh7InOvkrauloOFI8D7QH//32Vcx3pFbJ78JD0x/cS+ZPSz6efKKR+P6dZcSfyfy4wjT3JFi7jDt/rXGW76g3DeIgPx683TdbF4jQxGtrrkmd6+FiRM31EIpEuZXClmU3D7iK2IJvha8Nbkrydzz8p/nXZUB+N9Mkm1xwRX6Zl1UtZRk7c8lUGBi/lPeKRx2YheQvPDFXX/lpFBLLw9pSaBoYmkxQq7dCafB01k0WWW8/FvduRdO+ilrvpwZ+GiGFw1gJoG+WhoE6JY7hraHrF0h06r7H6akdvhqKCEqTSifoGl06AmmzEXwdX4fk83MXEDjOpgC7iPN8rlP9WM1uL9N9jUu/I8vNciZH03aDhwCkXqk1lYW4sOpvvNmtlFnpy9UE2XHfM9r4lsl1cgj1hjFAWUNCpTiuvFcdsmfSKUFXsUq+50xA6xzAHs+RrEHR0X/ZpZXaYIavjViK1kJPZn+4LGRpZ2VzdD04NzI5MixzPTcwYWI2ODdiOTQ2ZjhiYTdiMDliN2NhZTc3ODY3ZDgyOGI2N2EwOWZhMzgwODZiMmE4YTQ5YzVkODk2NThlOTE4YTZiNzY2ZThhNzM3NjZm; BCZoneID=LB-Zone-2; BCTempID=cfba39d8-c9b6-4dd4-bfdd-eda28c38cb8a
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 08 Feb 2019 17:13:49 GMT
LAST-MODIFIED: Wed, 06 Feb 2019 21:36:38 GMT
Server: Apache/2.2.15 (Red Hat)
SET-COOKIE: CSPWSERVERID=25611a226daace489340db9b04a74f5ddeeca2f3; path=/; httpOnly; ___utmvc=a; Max-Age=0; path=/; expires=Mon, 28 Jan 2019 12:14:04 GMT
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
X-Iinfo: 10-257442471-257442474 SNNN RT(1549646002868 1611) q(0 0 0 -1) r(2 2) U18
CACHE-CONTROL: public, max-age=3600
Connection: keep-alive
Content-Length: 20663
X-CDN: Incapsula
EXPIRES: Fri, 08 Feb 2019 18:13:49 GMT

GET
H2 200 notificationBar.css
plugins.blueconic.net/dialogue_notification_bar/1.2.18/css/ 2 KB
940 B 17ms
16ms Stylesheet
text/css 52.222.150.253
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://plugins.blueconic.net/dialogue_notification_bar/1.2.18/css/notificationBar.css
Requested by: Host: smi.blueconic.net
URL: https://smi.blueconic.net/plugin/plugin/91b96c0101e3d55cb18375d8bd28d277
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.150.253 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-222-150-253.fra53.r.cloudfront.net
Software: - /
Resource Hash: 413e57b5e660a56a3f36a3df9a90460028f6219a1881c6bbb7012cd54e80e01f

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 17:07:04 GMT
content-encoding: gzip
age: 420
x-cache: Hit from cloudfront
status: 200
content-length: 539
via: 1.1 bc9bd2c59aa48e2932432099ba36a25b.cloudfront.net (CloudFront)
last-modified: Tue, 04 Dec 2018 13:54:06 GMT
server: -
etag: "647-57c329959d2b8-gzip"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: 4OJMHjoG0HBIfgEshL7Mis0tzSjr7dqiIEDWsHpjh-uFYNUqTAXsuA==
expires: Fri, 08 Feb 2019 18:06:25 GMT

GET
H/1.1 200
OK blueconic-reset.css
code.pressdemocrat.com/shared/blueconic/css/ 5 KB
1 KB 483ms
113ms Stylesheet
text/css 192.237.253.150
Rackspace Hosting

General

Check archive.org

Show headers Download Go to

Full URL: https://code.pressdemocrat.com/shared/blueconic/css/blueconic-reset.css
Requested by: Host: smi.blueconic.net
URL: https://smi.blueconic.net/plugin/plugin/91b96c0101e3d55cb18375d8bd28d277
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 192.237.253.150 San Antonio, United States, ASN19994 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: d03a5011dd75634ad9fab4695807aea8cddd7f1c8fcb0499582c505bbf4b86e7

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 08 Feb 2019 17:13:25 GMT
Content-Encoding: gzip
Last-Modified: Thu, 03 May 2018 19:04:28 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "149b-56b51df64c700-gzip"
Vary: Accept-Encoding
Content-Type: text/css
Access-Control-Allow-Origin: *
Cache-Control: max-age=604801
Connection: close
Accept-Ranges: bytes
Content-Length: 868

POST
H2 200 LB-Zone-2 Show response
smi.blueconic.net/DG/DEFAULT/rest/rpc/json/ 98 B
682 B 103ms
102ms XHR
application/json 100.25.49.178
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://smi.blueconic.net/DG/DEFAULT/rest/rpc/json/LB-Zone-2?referer=https%3A%2F%2Fwww.sonomanews.com%2F&bcsessionid=&bctempid=cfba39d8-c9b6-4dd4-bfdd-eda28c38cb8a&overruleReferrer=&time=2019-02-08T17%3A13%3A25%2B00%3A00&ts=1549646005263

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/smi.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

100.25.49.178 , United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-100-25-49-178.compute-1.amazonaws.com

Software

- /

Resource Hash

988e09d51188e93225f8c2f96f71cd953ef05da949978c4eda2309fe10c07d1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sonomanews.com/
Origin: https://www.sonomanews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 08 Feb 2019 17:13:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
p3p: policyref="", CP="DSP"
status: 200
content-length: 110
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.sonomanews.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK dt.common.streams.StreamServer.cls
www.sonomanews.com/csp/mediapool/sites/ 20 KB
21 KB 554ms
553ms Image
image/jpeg 107.154.114.50
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sonomanews.com/csp/mediapool/sites/dt.common.streams.StreamServer.cls?STREAMOID=LwfLoJY_6CbZOKcyp8Gshc$daE2N3K4ZzOUsqbU5sYsphkQfdzBf5senv88E2CiWWCsjLu883Ygn4B49Lvm9bPe2QeMKQdVeZmXF$9l$4uCZ8QDXhaHEp3rvzXRJFdy0KqPHLoMevcTLo3h8xh70Y6N_U_CryOsw6FTOdKL_jpQ-&CONTENTTYPE=image/jpeg
Requested by: Host: www.sonomanews.com
URL: https://www.sonomanews.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.154.114.50 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.114.50.ip.incapdns.net
Software: Apache/2.2.15 (Red Hat) /
Resource Hash: a435b2bee680b81072ec36db53f505ef7934f1f356ef7f0bf159be5a5780cff0

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.sonomanews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.sonomanews.com/
Cookie: CSPWSERVERID=c5cc4a41a1dd13189fbaa5c5423e19a907732f41; visid_incap_813078=9d5llUNiRjunNCl0k8uFi7S4XVwAAAAAQUIPAAAAAABO4PEZ4UHS50eO1/hCIZo4; incap_ses_184_813078=cshXPlRWkkgRkdBkaLSNArS4XVwAAAAAthtWzW3gcDMat+BOss4FxQ==; _cb_ls=1; _cb=CfU92UC_ZYMMCLrA5E; _chartbeat2=.1549646005065.1549646005065.1.Bi3R3V7DoilDxRscADxma9Cr7ZU0.1; _cb_svref=null; ___utmvc=Ep4uYT2YmYpkItqw5x0b68GB0T/3PABacQJccU3mtT2ltEZ8cOJGAzSZidp0dhJgEe7bg3yY5PCaKzWjPlCT0U48Tp7SSDUn2Z/ZEeJut3yg69Pm5v8bAb30PBaC3TGbfGnSRlYYMeEXTP98nxXcT4AVJnG6qJFcmC0UJ7ZAiHq2gUn+x8JOlHMWvr9bht5n/pFYz7P+TlKOU5bIlnlF6lfg71PRR7vv9IxcbKNFitwTemp1Qd6ujY7X59SqNC5S0OBxZxyBKUOV7yMOPDxgdJX56s0gw4qqGUdT6T4RRtGfx7lA2Gc6dr+xB1BVg6UOgsioYVLFSE/woy2AmlK2nxu68r8fJ++AS8ovPLrsd5ofRv3vqw4vELAcBbSDOhtabFGrVT1caQTC3zgUoUOIxQUsR9wizEeVkm6IU1sP2+JUmUQBkAM1tBLLY22bsnMatBq23coFOxybLeX7/UmN0WLLq7sA5hNZpCpI3DFBdfnEV7yIasDhRivxpYBTzyZC2nblCTLkYwR+Hlbr52LUUCmnQ4bWVTObG5D9r+6WuZ3DOoiDaWLe0A9/Gk2KLA0gg7WZ6O8cIT52uR+viC9GjS97s0g2YGQUd1s8oBoBhevB0hlST1f8zNm6vjSeNp5ateW2JQi/nXGpcbUmP/rlVQQq54Q24GKt1db2IC/oVegKkXIv/gV1QRDIiKifLqXpjDTW5l3nh7InOvkrauloOFI8D7QH//32Vcx3pFbJ78JD0x/cS+ZPSz6efKKR+P6dZcSfyfy4wjT3JFi7jDt/rXGW76g3DeIgPx683TdbF4jQxGtrrkmd6+FiRM31EIpEuZXClmU3D7iK2IJvha8Nbkrydzz8p/nXZUB+N9Mkm1xwRX6Zl1UtZRk7c8lUGBi/lPeKRx2YheQvPDFXX/lpFBLLw9pSaBoYmkxQq7dCafB01k0WWW8/FvduRdO+ilrvpwZ+GiGFw1gJoG+WhoE6JY7hraHrF0h06r7H6akdvhqKCEqTSifoGl06AmmzEXwdX4fk83MXEDjOpgC7iPN8rlP9WM1uL9N9jUu/I8vNciZH03aDhwCkXqk1lYW4sOpvvNmtlFnpy9UE2XHfM9r4lsl1cgj1hjFAWUNCpTiuvFcdsmfSKUFXsUq+50xA6xzAHs+RrEHR0X/ZpZXaYIavjViK1kJPZn+4LGRpZ2VzdD04NzI5MixzPTcwYWI2ODdiOTQ2ZjhiYTdiMDliN2NhZTc3ODY3ZDgyOGI2N2EwOWZhMzgwODZiMmE4YTQ5YzVkODk2NThlOTE4YTZiNzY2ZThhNzM3NjZm; BCZoneID=LB-Zone-2; BCTempID=cfba39d8-c9b6-4dd4-bfdd-eda28c38cb8a; BCRevision_1549646005271=%7B%22method%22%3A%22setProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22adblock_detected%22%3A%5B%22no%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1549646005271%22%7D
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 08 Feb 2019 17:14:37 GMT
LAST-MODIFIED: Wed, 06 Feb 2019 00:02:04 GMT
Server: Apache/2.2.15 (Red Hat)
SET-COOKIE: CSPWSERVERID=75fe17d741b7dfd10dce6bd2e2e6471c0dfe85b9; path=/; httpOnly; ___utmvc=a; Max-Age=0; path=/; expires=Mon, 28 Jan 2019 12:14:04 GMT nlbi_813078=ktKTQUP8Ox+co+lffN0T4gAAAADrslF3LsUn51UZCvArM4E7; path=/; Domain=.sonomanews.com
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
X-Iinfo: 7-109065655-109066060 NNNN CT(180 179 0) RT(1549646002869 1742) q(0 0 3 -1) r(5 5) U18
CACHE-CONTROL: public, max-age=3600
Connection: keep-alive
Content-Length: 20297
X-CDN: Incapsula
EXPIRES: Fri, 08 Feb 2019 18:14:38 GMT

GET
H/1.1 200
OK dt.common.streams.StreamServer.cls
www.sonomanews.com/csp/mediapool/sites/ 29 KB
29 KB 180ms
180ms Image
image/jpeg 107.154.114.50
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sonomanews.com/csp/mediapool/sites/dt.common.streams.StreamServer.cls?STREAMOID=j0mOlZ99Vi$W74Rb5ZB8rc$daE2N3K4ZzOUsqbU5sYtrx4zVaxLbSLeYccvP1JY3WCsjLu883Ygn4B49Lvm9bPe2QeMKQdVeZmXF$9l$4uCZ8QDXhaHEp3rvzXRJFdy0KqPHLoMevcTLo3h8xh70Y6N_U_CryOsw6FTOdKL_jpQ-&CONTENTTYPE=image/jpeg
Requested by: Host: www.sonomanews.com
URL: https://www.sonomanews.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.154.114.50 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.114.50.ip.incapdns.net
Software: Apache/2.2.15 (Red Hat) /
Resource Hash: 13959bb79304640e68d66ee91ba44061162030ce916bc4fed5fa2160e144b479

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.sonomanews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.sonomanews.com/
Cookie: CSPWSERVERID=c5cc4a41a1dd13189fbaa5c5423e19a907732f41; visid_incap_813078=9d5llUNiRjunNCl0k8uFi7S4XVwAAAAAQUIPAAAAAABO4PEZ4UHS50eO1/hCIZo4; incap_ses_184_813078=cshXPlRWkkgRkdBkaLSNArS4XVwAAAAAthtWzW3gcDMat+BOss4FxQ==; _cb_ls=1; _cb=CfU92UC_ZYMMCLrA5E; _chartbeat2=.1549646005065.1549646005065.1.Bi3R3V7DoilDxRscADxma9Cr7ZU0.1; _cb_svref=null; ___utmvc=Ep4uYT2YmYpkItqw5x0b68GB0T/3PABacQJccU3mtT2ltEZ8cOJGAzSZidp0dhJgEe7bg3yY5PCaKzWjPlCT0U48Tp7SSDUn2Z/ZEeJut3yg69Pm5v8bAb30PBaC3TGbfGnSRlYYMeEXTP98nxXcT4AVJnG6qJFcmC0UJ7ZAiHq2gUn+x8JOlHMWvr9bht5n/pFYz7P+TlKOU5bIlnlF6lfg71PRR7vv9IxcbKNFitwTemp1Qd6ujY7X59SqNC5S0OBxZxyBKUOV7yMOPDxgdJX56s0gw4qqGUdT6T4RRtGfx7lA2Gc6dr+xB1BVg6UOgsioYVLFSE/woy2AmlK2nxu68r8fJ++AS8ovPLrsd5ofRv3vqw4vELAcBbSDOhtabFGrVT1caQTC3zgUoUOIxQUsR9wizEeVkm6IU1sP2+JUmUQBkAM1tBLLY22bsnMatBq23coFOxybLeX7/UmN0WLLq7sA5hNZpCpI3DFBdfnEV7yIasDhRivxpYBTzyZC2nblCTLkYwR+Hlbr52LUUCmnQ4bWVTObG5D9r+6WuZ3DOoiDaWLe0A9/Gk2KLA0gg7WZ6O8cIT52uR+viC9GjS97s0g2YGQUd1s8oBoBhevB0hlST1f8zNm6vjSeNp5ateW2JQi/nXGpcbUmP/rlVQQq54Q24GKt1db2IC/oVegKkXIv/gV1QRDIiKifLqXpjDTW5l3nh7InOvkrauloOFI8D7QH//32Vcx3pFbJ78JD0x/cS+ZPSz6efKKR+P6dZcSfyfy4wjT3JFi7jDt/rXGW76g3DeIgPx683TdbF4jQxGtrrkmd6+FiRM31EIpEuZXClmU3D7iK2IJvha8Nbkrydzz8p/nXZUB+N9Mkm1xwRX6Zl1UtZRk7c8lUGBi/lPeKRx2YheQvPDFXX/lpFBLLw9pSaBoYmkxQq7dCafB01k0WWW8/FvduRdO+ilrvpwZ+GiGFw1gJoG+WhoE6JY7hraHrF0h06r7H6akdvhqKCEqTSifoGl06AmmzEXwdX4fk83MXEDjOpgC7iPN8rlP9WM1uL9N9jUu/I8vNciZH03aDhwCkXqk1lYW4sOpvvNmtlFnpy9UE2XHfM9r4lsl1cgj1hjFAWUNCpTiuvFcdsmfSKUFXsUq+50xA6xzAHs+RrEHR0X/ZpZXaYIavjViK1kJPZn+4LGRpZ2VzdD04NzI5MixzPTcwYWI2ODdiOTQ2ZjhiYTdiMDliN2NhZTc3ODY3ZDgyOGI2N2EwOWZhMzgwODZiMmE4YTQ5YzVkODk2NThlOTE4YTZiNzY2ZThhNzM3NjZm; BCZoneID=LB-Zone-2; BCTempID=cfba39d8-c9b6-4dd4-bfdd-eda28c38cb8a; BCRevision_1549646005271=%7B%22method%22%3A%22setProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22adblock_detected%22%3A%5B%22no%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1549646005271%22%7D
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 08 Feb 2019 17:14:37 GMT
LAST-MODIFIED: Wed, 06 Feb 2019 00:00:34 GMT
Server: Apache/2.2.15 (Red Hat)
SET-COOKIE: CSPWSERVERID=75fe17d741b7dfd10dce6bd2e2e6471c0dfe85b9; path=/; httpOnly; ___utmvc=a; Max-Age=0; path=/; expires=Mon, 28 Jan 2019 12:14:04 GMT
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
X-Iinfo: 1-49703149-49703151 SNNN RT(1549646002869 1743) q(0 0 0 -1) r(1 1) U18
CACHE-CONTROL: public, max-age=3600
Connection: keep-alive
Content-Length: 29486
X-CDN: Incapsula
EXPIRES: Fri, 08 Feb 2019 18:14:37 GMT

GET
H/1.1 200
OK dt.common.streams.StreamServer.cls
www.sonomanews.com/csp/mediapool/sites/ 12 KB
13 KB 183ms
183ms Image
image/jpeg 107.154.114.50
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sonomanews.com/csp/mediapool/sites/dt.common.streams.StreamServer.cls?STREAMOID=2gEfqkEAaQUqV51lChHQEs$daE2N3K4ZzOUsqbU5sYtE9RZqj7SI_ilU01rSNRYAWCsjLu883Ygn4B49Lvm9bPe2QeMKQdVeZmXF$9l$4uCZ8QDXhaHEp3rvzXRJFdy0KqPHLoMevcTLo3h8xh70Y6N_U_CryOsw6FTOdKL_jpQ-&CONTENTTYPE=image/jpeg
Requested by: Host: www.sonomanews.com
URL: https://www.sonomanews.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.154.114.50 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.114.50.ip.incapdns.net
Software: Apache/2.2.15 (Red Hat) /
Resource Hash: 096074b0c492a499abbc7334fbe82b0f53defc48c3744cdbb3d38110e282d15a

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.sonomanews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.sonomanews.com/
Cookie: CSPWSERVERID=c5cc4a41a1dd13189fbaa5c5423e19a907732f41; visid_incap_813078=9d5llUNiRjunNCl0k8uFi7S4XVwAAAAAQUIPAAAAAABO4PEZ4UHS50eO1/hCIZo4; incap_ses_184_813078=cshXPlRWkkgRkdBkaLSNArS4XVwAAAAAthtWzW3gcDMat+BOss4FxQ==; _cb_ls=1; _cb=CfU92UC_ZYMMCLrA5E; _chartbeat2=.1549646005065.1549646005065.1.Bi3R3V7DoilDxRscADxma9Cr7ZU0.1; _cb_svref=null; ___utmvc=Ep4uYT2YmYpkItqw5x0b68GB0T/3PABacQJccU3mtT2ltEZ8cOJGAzSZidp0dhJgEe7bg3yY5PCaKzWjPlCT0U48Tp7SSDUn2Z/ZEeJut3yg69Pm5v8bAb30PBaC3TGbfGnSRlYYMeEXTP98nxXcT4AVJnG6qJFcmC0UJ7ZAiHq2gUn+x8JOlHMWvr9bht5n/pFYz7P+TlKOU5bIlnlF6lfg71PRR7vv9IxcbKNFitwTemp1Qd6ujY7X59SqNC5S0OBxZxyBKUOV7yMOPDxgdJX56s0gw4qqGUdT6T4RRtGfx7lA2Gc6dr+xB1BVg6UOgsioYVLFSE/woy2AmlK2nxu68r8fJ++AS8ovPLrsd5ofRv3vqw4vELAcBbSDOhtabFGrVT1caQTC3zgUoUOIxQUsR9wizEeVkm6IU1sP2+JUmUQBkAM1tBLLY22bsnMatBq23coFOxybLeX7/UmN0WLLq7sA5hNZpCpI3DFBdfnEV7yIasDhRivxpYBTzyZC2nblCTLkYwR+Hlbr52LUUCmnQ4bWVTObG5D9r+6WuZ3DOoiDaWLe0A9/Gk2KLA0gg7WZ6O8cIT52uR+viC9GjS97s0g2YGQUd1s8oBoBhevB0hlST1f8zNm6vjSeNp5ateW2JQi/nXGpcbUmP/rlVQQq54Q24GKt1db2IC/oVegKkXIv/gV1QRDIiKifLqXpjDTW5l3nh7InOvkrauloOFI8D7QH//32Vcx3pFbJ78JD0x/cS+ZPSz6efKKR+P6dZcSfyfy4wjT3JFi7jDt/rXGW76g3DeIgPx683TdbF4jQxGtrrkmd6+FiRM31EIpEuZXClmU3D7iK2IJvha8Nbkrydzz8p/nXZUB+N9Mkm1xwRX6Zl1UtZRk7c8lUGBi/lPeKRx2YheQvPDFXX/lpFBLLw9pSaBoYmkxQq7dCafB01k0WWW8/FvduRdO+ilrvpwZ+GiGFw1gJoG+WhoE6JY7hraHrF0h06r7H6akdvhqKCEqTSifoGl06AmmzEXwdX4fk83MXEDjOpgC7iPN8rlP9WM1uL9N9jUu/I8vNciZH03aDhwCkXqk1lYW4sOpvvNmtlFnpy9UE2XHfM9r4lsl1cgj1hjFAWUNCpTiuvFcdsmfSKUFXsUq+50xA6xzAHs+RrEHR0X/ZpZXaYIavjViK1kJPZn+4LGRpZ2VzdD04NzI5MixzPTcwYWI2ODdiOTQ2ZjhiYTdiMDliN2NhZTc3ODY3ZDgyOGI2N2EwOWZhMzgwODZiMmE4YTQ5YzVkODk2NThlOTE4YTZiNzY2ZThhNzM3NjZm; BCZoneID=LB-Zone-2; BCTempID=cfba39d8-c9b6-4dd4-bfdd-eda28c38cb8a; BCRevision_1549646005271=%7B%22method%22%3A%22setProperties%22%2C%22param%22%3A%7B%22properties%22%3A%7B%22adblock_detected%22%3A%5B%22no%22%5D%7D%7D%2C%22requestId%22%3A%22rev_1549646005271%22%7D
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 08 Feb 2019 17:13:31 GMT
LAST-MODIFIED: Wed, 30 Jan 2019 23:50:20 GMT
Server: Apache/2.2.15 (Red Hat)
SET-COOKIE: CSPWSERVERID=c5cc4a41a1dd13189fbaa5c5423e19a907732f41; path=/; httpOnly; ___utmvc=a; Max-Age=0; path=/; expires=Mon, 28 Jan 2019 12:14:04 GMT
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
X-Iinfo: 0-26039015-26039016 SNNN RT(1549646002869 1743) q(0 0 0 -1) r(1 1) U18
CACHE-CONTROL: public, max-age=3600
Connection: keep-alive
Content-Length: 12622
X-CDN: Incapsula
EXPIRES: Fri, 08 Feb 2019 18:13:31 GMT

GET
H2 200 CloseIconNotificationBar.png
plugins.blueconic.net/dialogue_notification_bar/1.2.18/css/images/ 2 KB
2 KB 9ms
9ms Image
image/png 52.222.150.253
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://plugins.blueconic.net/dialogue_notification_bar/1.2.18/css/images/CloseIconNotificationBar.png
Requested by: Host: smi.blueconic.net
URL: https://smi.blueconic.net/plugin/library/1d38f2d8bb291e1101e13c8433a60583
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.150.253 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-222-150-253.fra53.r.cloudfront.net
Software: - /
Resource Hash: c6a33d7e98f7ac4c2bb7c71f0c1f7e2a3b6c3282dc99ccfe5b46e8a717fb87fe

Request headers

Referer: https://plugins.blueconic.net/dialogue_notification_bar/1.2.18/css/notificationBar.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 17:08:32 GMT
via: 1.1 bc9bd2c59aa48e2932432099ba36a25b.cloudfront.net (CloudFront)
last-modified: Tue, 04 Dec 2018 13:54:06 GMT
server: -
age: 342
etag: "6ed-57c329958adc0"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
cache-control: max-age=3600
accept-ranges: bytes
access-control-allow-origin: *
content-length: 1773
x-amz-cf-id: v3Ddyplx3xS_JoR0eQw7OSs97VQ5QNYYwutgrCLUSZqe6aKBQKbvQg==
expires: Fri, 08 Feb 2019 18:07:43 GMT

POST
H2 200 json Show response
smi.blueconic.net/DG/DEFAULT/rest/rpc/ 148 B
751 B 98ms
97ms XHR
application/json 100.25.49.178
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL

https://smi.blueconic.net/DG/DEFAULT/rest/rpc/json?referer=https%3A%2F%2Fwww.sonomanews.com%2F&bcsessionid=cfba39d8-c9b6-4dd4-bfdd-eda28c38cb8a&bctempid=&overruleReferrer=&time=2019-02-08T17%3A13%3A25%2B00%3A00&ts=1549646005983

Requested by

Host: cdn.blueconic.net
URL: https://cdn.blueconic.net/smi.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

100.25.49.178 , United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),

Reverse DNS

ec2-100-25-49-178.compute-1.amazonaws.com

Software

- /

Resource Hash

3ebc76d4dd569066c3399446a1f52a07ff90ba4e763056b3bf27a4b7e6d926b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sonomanews.com/
Origin: https://www.sonomanews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 08 Feb 2019 17:13:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-permitted-cross-domain-policies: master-only
p3p: policyref="", CP="DSP"
status: 200
content-length: 117
x-xss-protection: 1; mode=block
pragma: no-cache
server: -
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.sonomanews.com
cache-control: no-cache, no-store, no-transform, must-revalidate, private
access-control-allow-credentials: true
x-robots-tag: noindex, nofollow
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 678 B
489 B 52ms
52ms XHR
text/plain 216.58.208.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3132106768213164&correlator=65373611712626&output=ldjh&callback=googletag.impl.pubads.callbackProxy1&impl=fifs&adsid=NT&json_a=1&eid=21062150%2C21062724%2C21062818&vrg=301&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776&sc=1&sfv=1-0-31&iu_parts=94238257%2Csit%2Chome&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F2&prev_iu_szs=1x1%2C1x1&prev_scp=type%3Dsectionfront%7Ctype%3Dsectionfront&cookie_enabled=1&bc=15&abxe=1&lmt=1549646006&dt=1549646006520&dlt=1549646001805&idt=2305&frm=20&biw=1585&bih=1200&oid=3&adxs=-9%2C0&adys=-9%2C0&adks=1092747037%2C2292925173&ucis=1%7C2&color_bg=FFFFFF&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.sonomanews.com%2F&dssz=38&icsg=833223656096&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x-1%7C1190x0&msz=0x-1%7C1x1&blev=1&bisch=1&ga_vid=665040439.1549646007&ga_sid=1549646007&ga_hid=381178205&fws=2%2C128

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_301.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s12-in-f2.1e100.net

Software

cafe /

Resource Hash

9bad0014611f0bbf4154bb62797e02748649d2b1c9c5aba1fcf7f053710fe0d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.sonomanews.com/
Origin: https://www.sonomanews.com

Response headers

date: Fri, 08 Feb 2019 17:13:26 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 289
x-xss-protection: 1; mode=block
google-lineitem-id: -2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sonomanews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_301.js Show response
securepubads.g.doubleclick.net/gpt/ 63 KB
23 KB 42ms
42ms Script
text/javascript 216.58.208.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_301.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_301.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s12-in-f2.1e100.net

Software

sffe /

Resource Hash

74aaec3179743f8515f3c4446412e31358ac0141eced480cf737bdca94447908

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 17:13:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 31 Jan 2019 17:47:20 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 23922
x-xss-protection: 1; mode=block
expires: Fri, 08 Feb 2019 17:13:26 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-31/html/ 0
0 6ms
6ms Other
text/html 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-31/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_301.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:1450:4001:819::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Purpose: prefetch
Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 5 KB
3 KB 110ms
109ms XHR
text/plain 216.58.208.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3132106768213164&correlator=65373611712626&output=ldjh&callback=googletag.impl.pubads.callbackProxy2&impl=fifs&adsid=NT&json_a=1&eid=21062150%2C21062724%2C21062818&vrg=301&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776&sc=1&sfv=1-0-31&iu_parts=94238257%2Csit%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90&prev_scp=type%3Dsectionfront%26position%3DATF%26loc%3D1&cookie_enabled=1&bc=15&abxe=1&lmt=1549646006&dt=1549646006544&dlt=1549646001805&idt=2305&frm=20&biw=1585&bih=1200&oid=3&adxs=0&adys=0&adks=4238923946&ucis=5&color_bg=FFFFFF&ifi=4&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.sonomanews.com%2F&dssz=40&icsg=3032246911648&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x0&msz=728x90&blev=1&bisch=1&ga_vid=665040439.1549646007&ga_sid=1549646007&ga_hid=381178205&fws=128

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_301.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s12-in-f2.1e100.net

Software

cafe /

Resource Hash

7ff59d159254e1a7c8382ef5d007b172b75957992919464e1b7c02c2dde3a08b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.sonomanews.com/
Origin: https://www.sonomanews.com

Response headers

date: Fri, 08 Feb 2019 17:13:26 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 2845
x-xss-protection: 1; mode=block
google-lineitem-id: 4946501246
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138259214575
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sonomanews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 10 KB
5 KB 217ms
217ms XHR
text/plain 216.58.208.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3132106768213164&correlator=65373611712626&output=ldjh&callback=googletag.impl.pubads.callbackProxy3&impl=fifs&adsid=NT&json_a=1&eid=21062150%2C21062724%2C21062818&vrg=301&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776&sc=1&sfv=1-0-31&iu_parts=94238257%2Csit%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&prev_scp=type%3Dsectionfront%26position%3DATF%26loc%3D1&cookie_enabled=1&bc=15&abxe=1&lmt=1549646006&dt=1549646006555&dlt=1549646001805&idt=2305&frm=20&biw=1585&bih=1200&oid=3&adxs=0&adys=0&adks=4155754637&ucis=7&color_bg=FFFFFF&ifi=6&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.sonomanews.com%2F&dssz=41&icsg=3032246911648&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x250&blev=1&bisch=1&ga_vid=665040439.1549646007&ga_sid=1549646007&ga_hid=381178205&fws=128

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_301.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s12-in-f2.1e100.net

Software

cafe /

Resource Hash

8a37e43c0d32d452af5229476573c39e7dd9dc1886a20bba09591d6b45904148

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.sonomanews.com/
Origin: https://www.sonomanews.com

Response headers

date: Fri, 08 Feb 2019 17:13:26 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 5030
x-xss-protection: 1; mode=block
google-lineitem-id: 4942377089
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138258918670
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sonomanews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 5 KB
3 KB 456ms
456ms XHR
text/plain 216.58.208.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3132106768213164&correlator=65373611712626&output=ldjh&callback=googletag.impl.pubads.callbackProxy4&impl=fifs&adsid=NT&json_a=1&eid=21062150%2C21062724%2C21062818&vrg=301&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776&sc=1&sfv=1-0-31&iu_parts=94238257%2Csit%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x600&prev_scp=type%3Dsectionfront%26loc%3D1&cookie_enabled=1&bc=15&abxe=1&lmt=1549646006&dt=1549646006565&dlt=1549646001805&idt=2305&frm=20&biw=1585&bih=1200&oid=3&adxs=0&adys=0&adks=3427410634&ucis=9&color_bg=FFFFFF&ifi=8&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.sonomanews.com%2F&dssz=42&icsg=3032246911648&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x600&msz=300x600&blev=1&bisch=1&ga_vid=665040439.1549646007&ga_sid=1549646007&ga_hid=381178205&fws=128

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_301.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s12-in-f2.1e100.net

Software

cafe /

Resource Hash

b0f7e24ccb0eeb72637c63692968c1d63fbac7c36fa775f83038d1e43b233b00

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.sonomanews.com/
Origin: https://www.sonomanews.com

Response headers

date: Fri, 08 Feb 2019 17:13:27 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 2764
x-xss-protection: 1; mode=block
google-lineitem-id: 4763542052
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138240999239
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sonomanews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK ad Show response
ads.adventive.com/ Frame FDDD 149 KB
29 KB 537ms
156ms Script
text/javascript 50.57.214.178
Rackspace Hosting

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adventive.com/ad?j&pid=78dbb069-7b4e-4adc-93d7-4aa58e1e01a3&type=4&cb=2128477329&click=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjssBm2uzdbOzJEy0KLwD1WZhx6tMnKeEjtt1C-dS0YQDsXMdEZmKIxkaPD5z1vTpFPUaSzugrQVb8bR6qiTC8bB34JUAapasQpDtm29Qs4URjScXHJTd9ZkiNtxoyG9y_C1TBVA_n8pkWWdrxhJfd1g9yNNU386N7Z-nQcCNqPxEseOG8FcU_19-uxH0Q9YxZDpY7jttBcpSwAN86XZ8Fzkbpm95MUMpDOtM8En9qBtFzHWlU-suI2M7vBs%2526sai%253DAMfl-YRROyK-c1910xjpXnm6EbzfzAqJZ-_QnGZQO4QZYtmaAi4yChbsUwrAgM3g-J3OVkyi7q_B7_C2rbYQPoq0BQInpRxG_bOiKxQz3E4q%2526sig%253DCg0ArKJSzJJ0CcYawgWAEAE%2526urlfix%253D1%2526adurl%253D&enc=1&fb_url=&ref=sonomanews.com&oop=

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_301.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

50.57.214.178 San Antonio, United States, ASN19994 (RACKSPACE - Rackspace Hosting, US),

Reverse DNS

ads.adventive.com

Software

Apache/2.4.29 (Ubuntu) /

Resource Hash

f68ee3dfe7a5b995773defdfa0c862db9b51ef2963401b7e79d6506ff03a8c1e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 Feb 2019 17:13:27 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Fri, 08 Feb 2019 17:13:27 GMT
Server: Apache/2.4.29 (Ubuntu)
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=91
Content-Length: 29176
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame FDDD 77 KB
28 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_301.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:806::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

7a9c057de0f641b2b9a094f9f198598b1130ae5e4c92a2fe7bc6a9df1fe5ec3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 17:13:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1549455546502977"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length: 28846
x-xss-protection: 1; mode=block
expires: Fri, 08 Feb 2019 17:13:26 GMT

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 76 KB
28 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_301.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:806::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a9161d73cd6490abd72bc80bb1812c24ff04501c0cc458fa72a1df2cb96efa5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 17:13:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1549455546502977"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length: 28297
x-xss-protection: 1; mode=block
expires: Fri, 08 Feb 2019 17:13:26 GMT

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame FDDD 0
259 B 20ms
19ms Image
image/gif 216.58.208.34
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstKaqr37w-_-JGBDDik45M_oC2nUzIEd0R4JzEE1fMe6EOSuS3sHygb2tq5EUC3ofPQ3BsG6DFXm1sfX_fBMblClI-I7DevOCCCfk43537lGZNGuKmi09k7wpSKfZ3oGqGBMg-PoU8sjvySoRjR-yCg5Nn1fH60jrw5_9WEDp94wNp8PuL3Sye-hlyiFUfLUDloST4Aib0nESRHfEpE4POdLSKCIxpUIgK7au093f7d7dCr_n0RgZ3AxdsMYlozz7kM1cCOwcbfhPTFDxs&sai=AMfl-YTIbBH782gPCDpiKpFH1HwhzdnkG0ddZsJ8PrMl4xDk3MT_m5_FiogmZCfKXknIKqEfe9lqDDOAk0ojYGVt5xVwu3SHrDSMugHxF2Xr&sig=Cg0ArKJSzAsuoNXZK9fZEAE&urlfix=1&adurl=

Requested by

Host: www.sonomanews.com
URL: https://www.sonomanews.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 17:13:26 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 08 Feb 2019 17:13:26 GMT

GET
H2 200 m_window_focus_non_hydra.js Show response
tpc.googlesyndication.com/pagead/js/r20190204/r20110914/client/ext/ Frame 61C5 2 KB
1 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20190204/r20110914/client/ext/m_window_focus_non_hydra.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_301.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:819::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

4dd51e6b250e15946ca0af835e0511093c82c5678115aac3055645d889a1681a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 04 Feb 2019 14:23:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 355816
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 1049
x-xss-protection: 1; mode=block
server: cafe
etag: 9573447915536422037
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Feb 2019 14:23:10 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 61C5 77 KB
0 40ms
39ms Script
text/javascript 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_301.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:806::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

7a9c057de0f641b2b9a094f9f198598b1130ae5e4c92a2fe7bc6a9df1fe5ec3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Fri, 08 Feb 2019 17:13:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1549455546502977"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length: 28846
x-xss-protection: 1; mode=block
expires: Fri, 08 Feb 2019 17:13:26 GMT

GET
DATA 200
OK truncated
/ Frame 61C5 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7bc61dce2d21eae49317504e50e254e1e193fc88ba26c1238ed3e8481f8cb65f

Request headers

Response headers

Content-Type: image/png

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 61C5 0
133 B 24ms
24ms Image
image/gif 216.58.208.34
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstWSbxFDlABunmKo9AJOKtpHp--NWZL4Wk4kgboVkN726VqIS1oXg-tjE_mJ1AHMew5M6etcOaSErVrNA5kD5PN8Ruz-7sy5S1g6triaqWhgfw6eAlkhLPwSS3sZNVKkjqCQ9uOcv8A2-vyjdcgKGRpeEWrZIv29d9cMSdTnhFlGM_pTTS20DghIHEEjPzwfUK9UiBWpf9-K5VWWXY3tq_Mrg32KNLpJXuz5fBYezpPRUf9Ncvp0SfHBVZoRwiyIDc&sai=AMfl-YRfSp5MgNCXBB0C6uDQPacy23DSLgN_VJ-yi4yF8g8ZBCNO5j7bSjaIkw2VB-P0NRvQ-D30HUJ1h3EQPXqF0ctlikXEhZFMx-9tqbbk&sig=Cg0ArKJSzLCHPKUq7EEdEAE&adurl=

Requested by

Host: www.sonomanews.com
URL: https://www.sonomanews.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 17:13:26 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 08 Feb 2019 17:13:26 GMT

GET
H2 200 4234262410531471644
tpc.googlesyndication.com/simgad/ Frame 61C5 48 KB
48 KB 8ms
7ms Image
image/jpeg 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/4234262410531471644

Requested by

Host: www.sonomanews.com
URL: https://www.sonomanews.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:819::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

d5c004551c0499335da18089269f593ebdec13df732fcf611a3649a23b602a6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Sat, 02 Feb 2019 15:47:45 GMT
x-content-type-options: nosniff
age: 523541
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 48775
x-xss-protection: 1; mode=block
last-modified: Thu, 31 Jan 2019 19:00:53 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 02 Feb 2020 15:47:45 GMT

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
338 B 459ms
103ms Image
image/gif 35.170.181.65
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjoiNDk0MjM3NzA4OSIsImVidXkiOiIyNDgwMzM2MTEzIiwiZWFkdiI6Ijc5MDE3Mjk3IiwiZWNpZCI6IjEzODI1ODkxODY3MCIsImVlbnYiOiJqIiwiZXBpZCI6Ijk0MTI1Mjk3IiwiZXNpZCI6IjkzMjM4Mzc3In0&tv=js-3.0.64&tna=Mather&aid=v1&p=web&tz=UTC&lang=en-US&cs=UTF-8&navt=link&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&tvltm=5&tid=489f73e2-8577-4be2-8c3f-9248d16323ef&pid=3690c72b-1405-43ac-9bff-f4a0b7abe059&dtm=1549646006806&qnm=_matherq&visible=1&tabid=b751cdc1-9188-4a77-b1dd-05b221a2fa1e&vp=1600x1200&ds=1585x4112&tofa=1549646007&vid=1&duid=272f403bb52eeba4&fp=3998842399&cid=ma16916&mrk=901956900&url=https%3A%2F%2Fwww.sonomanews.com%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.170.181.65 Seattle, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-35-170-181-65.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 08 Feb 2019 17:13:27 GMT
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

GET
H/1.1 200
OK 04bb84fd-2de6-431d-bfc5-e32a5273fffa.js Show response
d2na2p72vtqyok.cloudfront.net/client-embed/ Frame 24D9 59 KB
14 KB 454ms
405ms Script
application/javascript 52.222.150.61
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/04bb84fd-2de6-431d-bfc5-e32a5273fffa.js
Requested by: Host: www.sonomanews.com
URL: https://www.sonomanews.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.150.61 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-222-150-61.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 21aa587aeab2054dabbb410d460a05f662db35e763e629f11ece72c6739e8c51

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 08 Feb 2019 17:13:28 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Feb 2019 22:36:25 GMT
Server: AmazonS3
Vary: Accept-Encoding
X-Cache: Miss from cloudfront
x-amz-version-id: abu7aVzzNO0vPTFSrQrJ9YwfFxca55U8
Via: 1.1 ae3e6ab763f755c867a3b493d306312c.cloudfront.net (CloudFront)
Cache-Control: max-age=31536000,public
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript
X-Amz-Cf-Id: b3w1ejb8gP1Q-KHphWafKq6-WzSV_yeXxhv-G1FytFecM3g0iTsOIA==

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 24D9 77 KB
0 40ms
39ms Script
text/javascript 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_301.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:806::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

7a9c057de0f641b2b9a094f9f198598b1130ae5e4c92a2fe7bc6a9df1fe5ec3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Fri, 08 Feb 2019 17:13:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1549455546502977"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length: 28846
x-xss-protection: 1; mode=block
expires: Fri, 08 Feb 2019 17:13:26 GMT

GET
DATA 200
OK truncated
/ Frame 24D9 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d3e4901d0a6cdec0a2b84e52d82ec468c5caf9fa769ab35c3f023884d602990d

Request headers

Response headers

Content-Type: image/png

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 24D9 0
147 B 23ms
22ms Image
image/gif 216.58.208.34
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvpbdeK2gyon4xLnkQaIZ5EcStP9-NpdmwoYl0rj8HkZRUErMFaC8aDBKaK79jm8YJD3z0Y55EK6ZOa1wuVp41H1Ypy66qJr1RfZuuSClglPEauTJKkhira_vJYi9fwqjLTHOJ31Jm2R6bRditRTsQgsP5vK7aZlkzgJtpyIqKPtBsAPvVvFQ5o6U5OHm7b0vWsKyN0-XRvNRpQZALY-F_m2-W8kAMrGTifAK8ZxddLawP99eQf-CNmlM7ZFOKNYj4&sai=AMfl-YQXRCAPz3qlGsIDzP2E4R1c9v3AWyT3-TUiPv_Q8oS8OobV1K1QfaV5jicxttGx8xijt_wRRB52akH9P-wEtjEbC4UTjZ6KVfftC6PbAw&sig=Cg0ArKJSzKI8bfHw7naCEAE&urlfix=1&adurl=

Requested by

Host: www.sonomanews.com
URL: https://www.sonomanews.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 17:13:27 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 0
x-xss-protection: 1; mode=block
expires: Fri, 08 Feb 2019 17:13:27 GMT

GET
H/1.1 200
OK dt.common.streams.StreamServer.cls
www.sonomanews.com/csp/mediapool/sites/ 23 KB
23 KB 196ms
195ms Image
image/jpeg 107.154.114.50
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sonomanews.com/csp/mediapool/sites/dt.common.streams.StreamServer.cls?STREAMOID=nqwNXbQLNgYSZ1deYoKGQs$daE2N3K4ZzOUsqbU5sYtSlMa0SBj31CG8U0MsoGnPWCsjLu883Ygn4B49Lvm9bPe2QeMKQdVeZmXF$9l$4uCZ8QDXhaHEp3rvzXRJFdy0KqPHLoMevcTLo3h8xh70Y6N_U_CryOsw6FTOdKL_jpQ-&CONTENTTYPE=image/jpeg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.154.114.50 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.114.50.ip.incapdns.net
Software: Apache/2.2.15 (Red Hat) /
Resource Hash: 4c7a78c5817e5c5cf099e413d364af9b84be5692bcfe0303f7e79286392a3280

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.sonomanews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.sonomanews.com/
Cookie: visid_incap_813078=9d5llUNiRjunNCl0k8uFi7S4XVwAAAAAQUIPAAAAAABO4PEZ4UHS50eO1/hCIZo4; incap_ses_184_813078=cshXPlRWkkgRkdBkaLSNArS4XVwAAAAAthtWzW3gcDMat+BOss4FxQ==; _cb_ls=1; _cb=CfU92UC_ZYMMCLrA5E; _chartbeat2=.1549646005065.1549646005065.1.Bi3R3V7DoilDxRscADxma9Cr7ZU0.1; _cb_svref=null; BCSessionID=cfba39d8-c9b6-4dd4-bfdd-eda28c38cb8a; CSPWSERVERID=75fe17d741b7dfd10dce6bd2e2e6471c0dfe85b9; nlbi_813078=ktKTQUP8Ox+co+lffN0T4gAAAADrslF3LsUn51UZCvArM4E7; _sp_id.35b1=272f403bb52eeba4.1549646007.1.1549646007.1549646007; _sp_ses.35b1=*; __gads=ID=bb950615623a4648:T=1549646006:S=ALNI_MYDSk11mG8-_Sb36-q1FF_750Uf6A
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 08 Feb 2019 17:19:09 GMT
LAST-MODIFIED: Tue, 05 Feb 2019 01:45:40 GMT
Server: Apache/2.2.15 (Red Hat)
SET-COOKIE: CSPWSERVERID=25664c3bb6383c34d3256171a08b5a85dd994bb1; path=/; httpOnly;
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
X-Iinfo: 7-109065655-109066060 SNNN RT(1549646002869 3474) q(0 0 0 -1) r(2 2) U18
CACHE-CONTROL: public, max-age=3600
Connection: keep-alive
Content-Length: 23554
X-CDN: Incapsula
EXPIRES: Fri, 08 Feb 2019 18:19:09 GMT

GET
H/1.1 200
OK waltwilliams.png
valleytalking.blogs.sonomanews.com/files/2016/05/ 449 KB
450 KB 322ms
112ms Image
image/png 23.253.160.145
Rackspace Hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://valleytalking.blogs.sonomanews.com/files/2016/05/waltwilliams.png

Protocol

HTTP/1.1

Server

23.253.160.145 San Antonio, United States, ASN19994 (RACKSPACE - Rackspace Hosting, US),

Reverse DNS

Software

Apache/2.4.7 (Ubuntu) / PHP/5.5.9-1ubuntu4.26

Resource Hash

08451ea2f03449735f321ba1aedcb3ee9b1aa24c753a26027c8a7ada040df50c

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 08 Feb 2019 17:13:27 GMT
Last-Modified: Tue, 31 May 2016 22:21:45 GMT
Server: Apache/2.4.7 (Ubuntu)
X-Powered-By: PHP/5.5.9-1ubuntu4.26
ETag: "350274b889b7baa894386b2a1d7e1455"
Vary: User-Agent
Content-Type: image/png
Connection: Keep-Alive
Keep-Alive: timeout=5, max=100
Content-Length: 460113
X-XSS-Protection: 1; mode=block
Expires: Mon, 11 Apr 2022 03:00:07 GMT

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
338 B 102ms
102ms Image
image/gif 35.170.181.65
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjoiNDc2MzU0MjA1MiIsImVidXkiOiIyMzY4MTYxNzYwIiwiZWFkdiI6IjQ2MDc2MjM2NjEiLCJlY2lkIjoiMTM4MjQwOTk5MjM5IiwiZWVudiI6ImoiLCJlcGlkIjoiOTQxMjUyOTciLCJlc2lkIjoiOTMyMzgzNzcifQ&tv=js-3.0.64&tna=Mather&aid=v1&p=web&tz=UTC&lang=en-US&cs=UTF-8&navt=link&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&tvltm=5&tid=dc96e1d9-f77e-4b2f-a873-f81fdc95e50f&pid=3690c72b-1405-43ac-9bff-f4a0b7abe059&dtm=1549646007055&qnm=_matherq&visible=1&tabid=b751cdc1-9188-4a77-b1dd-05b221a2fa1e&vp=1600x1200&ds=1585x4112&tofa=1549646007&vid=1&duid=272f403bb52eeba4&fp=3998842399&cid=ma16916&mrk=901956900&url=https%3A%2F%2Fwww.sonomanews.com%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.170.181.65 Seattle, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-35-170-181-65.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 08 Feb 2019 17:13:27 GMT
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
338 B 104ms
103ms Image
image/gif 35.170.181.65
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=pv&url=https%3A%2F%2Fwww.sonomanews.com%2F&page=Home%20%7C%20Sonoma%20Index-Tribune%20%7C%20Sonoma%20News%2C%20Entertainment%2C%20Sports%2C%20Real%20Estate%2C%20Events%2C%20Photos%2C%20Sonoma%2C%20CA&sec=home&tv=js-3.0.64&tna=Mather&aid=v1&p=web&tz=UTC&lang=en-US&cs=UTF-8&navt=link&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&tvltm=5&tid=ade882d6-6fcf-496e-93a6-96f47836b8ab&pid=3690c72b-1405-43ac-9bff-f4a0b7abe059&dtm=1549646007320&qnm=_matherq&visible=1&tabid=b751cdc1-9188-4a77-b1dd-05b221a2fa1e&vp=1600x1200&ds=1585x4112&tofa=1549646007&vid=1&duid=272f403bb52eeba4&fp=3998842399&cid=ma16916&mrk=901956900&cx=eyJhY3Rpb24iOnsiY2F0ZWdvcnkiOiJ2aWV3IiwidmVuZG9yIjoiYmx1ZWNvbmljIiwiYWN0aW9uIjoiW0xJVkVdIFNJVCBDb29raWUgQ29uc2VudCIsImRhdGEiOnsiZGlhbG9ndWVJZCI6ImZjMDY3ZWZkLTgzNmUtNGE0NS05YmQ2LTcxYzI0ZDRjZWJmZSIsIm5hbWUiOiJbTElWRV0gU0lUIENvb2tpZSBDb25zZW50IiwiaWQiOiI3OTRlZDRkNi05YzUxLTQxNDQtODBlYS03ZmY2YjZkNTgxNjMiLCJ2YXJpYW50TmFtZSI6IlZhcmlhbnQgQSJ9LCJ0eXBlIjoidW5rbm93biJ9LCJwZXJmIjp7InN0YXJ0IjoiMTU0OTY0NjAwMDc0OSIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIxNC40MjE1NDRtYiIsImhlYXBUIjoiMjMuMDUzNjU2bWIiLCJmc3RQYWludCI6IjI5MjkiLCJmZXRjaFMiOiIyMTUiLCJkb21haW5TIjoiMjI5IiwiZG9tYWluRSI6IjI4MiIsImNvbm5TIjoiMjgyIiwiY29ubkUiOiIzMzQiLCJzc2xTIjoiMjg5IiwicmVxdVMiOiIzMzQiLCJyZXNwUyI6IjEwNTIiLCJyZXNwRSI6IjE4OTQiLCJkb21Mb2FkIjoiMTA1NiIsImRvbUludGVyIjoiNDE2NCIsImRvbUxvYWRTIjoiNDIyMyIsImRvbUxvYWRFIjoiNDI1MCIsImRvbUNtcGx0IjoiNTMyMCIsImxvYWRTIjoiNTMyMCIsImxvYWRFIjoiNTMyMSJ9fQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.170.181.65 Seattle, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-35-170-181-65.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 08 Feb 2019 17:13:27 GMT
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

GET
H/1.1 200
OK ad Show response
ads.adventive.com/ 148 KB
29 KB 295ms
155ms Script
text/javascript 50.57.214.178
Rackspace Hosting

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: ads.adventive.com
URL: https://ads.adventive.com/ad?j&pid=78dbb069-7b4e-4adc-93d7-4aa58e1e01a3&type=4&cb=2128477329&click=https://adclick.g.doubleclick.net/pcs/click%253Fxai%253DAKAOjssBm2uzdbOzJEy0KLwD1WZhx6tMnKeEjtt1C-dS0YQDsXMdEZmKIxkaPD5z1vTpFPUaSzugrQVb8bR6qiTC8bB34JUAapasQpDtm29Qs4URjScXHJTd9ZkiNtxoyG9y_C1TBVA_n8pkWWdrxhJfd1g9yNNU386N7Z-nQcCNqPxEseOG8FcU_19-uxH0Q9YxZDpY7jttBcpSwAN86XZ8Fzkbpm95MUMpDOtM8En9qBtFzHWlU-suI2M7vBs%2526sai%253DAMfl-YRROyK-c1910xjpXnm6EbzfzAqJZ-_QnGZQO4QZYtmaAi4yChbsUwrAgM3g-J3OVkyi7q_B7_C2rbYQPoq0BQInpRxG_bOiKxQz3E4q%2526sig%253DCg0ArKJSzJJ0CcYawgWAEAE%2526urlfix%253D1%2526adurl%253D&enc=1&fb_url=&ref=sonomanews.com&oop=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

50.57.214.178 San Antonio, United States, ASN19994 (RACKSPACE - Rackspace Hosting, US),

Reverse DNS

ads.adventive.com

Software

Apache/2.4.29 (Ubuntu) /

Resource Hash

594aec25b1f9e7d216976a9eebce68563358a8b31ecb754b2fd6e8d1ff3bccbf

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 Feb 2019 17:13:27 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Fri, 08 Feb 2019 17:13:27 GMT
Server: Apache/2.4.29 (Ubuntu)
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=75
Content-Length: 28935
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK stats
ads.adventive.com/api/ Frame FDDD 43 B
514 B 139ms
138ms Image
image/gif 50.57.214.178
Rackspace Hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.adventive.com/api/stats?acc=164&adv=3795&atid=4&auid=93606&cache=1&cid=41787&gid=0&pcid=53857&pid=98546&sid=565&tag=78dbb069-7b4e-4adc-93d7-4aa58e1e01a3&tz=America%2FLos_Angeles&up=0.00000&ut=RM&vid=4&ckid=afdf393d-3bcd-401a-9ba1-3bcbb214a244&ip=185.220.70.202&clk=0&dat=%7B%7D&dh=1200&dw=1600&eng=0&grp=0&hc=kuscosyw&iid=4d4016c39769488e8ad844bcd2a14243&ref=https%3A%2F%2Fwww.sonomanews.com%2F&type=serve_impression&hov=0
Requested by: Host: www.sonomanews.com
URL: https://www.sonomanews.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 50.57.214.178 San Antonio, United States, ASN19994 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS: ads.adventive.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: cache
Date: Fri, 08 Feb 2019 17:13:27 GMT
Content-encoding: none
Server: Apache/2.4.29 (Ubuntu)
P3P: CP="CAO PSA OUR"
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=86400, must-revalidate
Connection: Keep-Alive
Content-Type: image/gif
Keep-Alive: timeout=5, max=76
Content-length: 43
Expires: Sat, 09 Feb 2019 17:13:27 GMT

GET
DATA 200
OK truncated
/ Frame FDDD 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 849068b5e8761dd6d1d5b38196637ee312f8b7b2f9ecae64db056265512b177c

Request headers

Response headers

Content-Type: image/png

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
338 B 105ms
104ms Image
image/gif 35.170.181.65
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=pv&url=https%3A%2F%2Fwww.sonomanews.com%2F&page=Home%20%7C%20Sonoma%20Index-Tribune%20%7C%20Sonoma%20News%2C%20Entertainment%2C%20Sports%2C%20Real%20Estate%2C%20Events%2C%20Photos%2C%20Sonoma%2C%20CA&tv=js-3.0.64&tna=Mather&aid=v1&p=web&tz=UTC&lang=en-US&cs=UTF-8&navt=link&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&tvltm=5&tid=b947fa8a-ebf8-44fc-88bc-35218a7bf3bc&pid=3690c72b-1405-43ac-9bff-f4a0b7abe059&dtm=1549646007322&qnm=_matherq&visible=1&tabid=b751cdc1-9188-4a77-b1dd-05b221a2fa1e&vp=1600x1200&ds=1585x4112&tofa=1549646007&vid=1&duid=272f403bb52eeba4&fp=3998842399&cid=ma16916&mrk=901956900
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.170.181.65 Seattle, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-35-170-181-65.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 08 Feb 2019 17:13:27 GMT
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
338 B 102ms
102ms Image
image/gif 35.170.181.65
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjoiNDk0NjUwMTI0NiIsImVidXkiOiIyNDgyNzE3ODgzIiwiZWFkdiI6IjU3NjQ2OTc3IiwiZWNpZCI6IjEzODI1OTIxNDU3NSIsImVlbnYiOiJqIiwiZXBpZCI6Ijk0MTI1Mjk3IiwiZXNpZCI6IjkzMjM4Mzc3In0&tv=js-3.0.64&tna=Mather&aid=v1&p=web&tz=UTC&lang=en-US&cs=UTF-8&navt=link&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&tvltm=5&tid=f6610872-50b9-4276-8d6e-1a0c68032f5d&pid=3690c72b-1405-43ac-9bff-f4a0b7abe059&dtm=1549646007431&qnm=_matherq&visible=1&tabid=b751cdc1-9188-4a77-b1dd-05b221a2fa1e&vp=1600x1200&ds=1585x4112&tofa=1549646007&vid=1&duid=272f403bb52eeba4&fp=3998842399&cid=ma16916&mrk=901956900&url=https%3A%2F%2Fwww.sonomanews.com%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.170.181.65 Seattle, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-35-170-181-65.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 08 Feb 2019 17:13:27 GMT
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

GET
H2 200 / Show response
geoip.insticator.com/json/ Frame 24D9 251 B
284 B 500ms
460ms XHR
application/json 2606:4700:10::6814:180b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://geoip.insticator.com/json/
Requested by: Host: d2na2p72vtqyok.cloudfront.net
URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/04bb84fd-2de6-431d-bfc5-e32a5273fffa.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:180b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76d6b98ff3f8a11906046fc0dbbb0580bcadaa65035f203bfad47e8465a3b821

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.sonomanews.com/
Origin: https://www.sonomanews.com

Response headers

cf-ray: 4a5fba1c490797aa-FRA
date: Fri, 08 Feb 2019 17:13:28 GMT
via: 1.1 vegur
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.sonomanews.com
x-ratelimit-remaining: 9999
access-control-allow-credentials: true
x-ratelimit-reset: 3600
x-ratelimit-limit: 10000
x-database-date: Thu, 07 Feb 2019 18:45:50 GMT
content-encoding: gzip

GET
H2 200 / Show response
geoip.insticator.com/json/ Frame 24D9 251 B
634 B 481ms
441ms XHR
application/json 2606:4700:10::6814:180b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://geoip.insticator.com/json/
Requested by: Host: d2na2p72vtqyok.cloudfront.net
URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/04bb84fd-2de6-431d-bfc5-e32a5273fffa.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:180b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76d6b98ff3f8a11906046fc0dbbb0580bcadaa65035f203bfad47e8465a3b821

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.sonomanews.com/
Origin: https://www.sonomanews.com

Response headers

cf-ray: 4a5fba1c490997aa-FRA
date: Fri, 08 Feb 2019 17:13:28 GMT
via: 1.1 vegur
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.sonomanews.com
x-ratelimit-remaining: 9999
access-control-allow-credentials: true
x-ratelimit-reset: 3600
x-ratelimit-limit: 10000
x-database-date: Fri, 08 Feb 2019 14:57:07 GMT
content-encoding: gzip

GET
H2 200 instbid_1_34.js Show response
df80k0z3fi8zg.cloudfront.net/files/ Frame 24D9 186 KB
58 KB 53ms
11ms Script
application/javascript 2600:9000:200c:aa00:10:3422:3f00:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_1_34.js
Requested by: Host: d2na2p72vtqyok.cloudfront.net
URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/04bb84fd-2de6-431d-bfc5-e32a5273fffa.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:aa00:10:3422:3f00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0f6ee20b21d01524e91fcffa710cd8072d4e028c06919733d5bf8e3ef598df6e

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: PGrzj8yxW7gO0A.yjpfuyrFCQHWW4tOL
content-encoding: gzip
last-modified: Tue, 04 Dec 2018 20:19:45 GMT
server: AmazonS3
age: 4915
date: Fri, 08 Feb 2019 15:52:34 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-id: b8Dk5Rqb5v_FG8whw8Ixi6XJELaoIdagJCryec1pa-8jy0dWGFEK1w==
via: 1.1 a5dd7270846a000392d2981b8c28634f.cloudfront.net (CloudFront)

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 24D9 258 B
1 KB 80ms
24ms XHR
application/json 185.33.223.208
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_1_34.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.208 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

Software

nginx/1.13.4 /

Resource Hash

e1c4c765f1d9688ccf3ab61fd60eca2753f38c5cfa89ac6da86e2a5cbcf55d8e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.sonomanews.com/
Origin: https://www.sonomanews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 08 Feb 2019 17:13:29 GMT
X-Proxy-Origin: 185.220.70.202; 185.220.70.202; 311.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.24:80
AN-X-Request-Uuid: 743744cc-2726-486f-a3e5-741e03d61739
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.sonomanews.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 258
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 24D9 0
1 KB 94ms
24ms XHR
application/json 185.86.138.79
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_1_34.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.86.138.79 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sonomanews.com/
Origin: https://www.sonomanews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 08 Feb 2019 17:13:26 GMT
X-SMRT-D: 4%3b26%3b98
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Access-Control-Allow-Origin: https://www.sonomanews.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Content-Type: application/json
Content-Length: 0
Expires: -1

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame 24D9 0
1 KB 149ms
52ms XHR
application/json 185.86.138.79
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_1_34.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.86.138.79 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sonomanews.com/
Origin: https://www.sonomanews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 08 Feb 2019 17:13:27 GMT
X-SMRT-D: 4%3b22%3b88
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Access-Control-Allow-Origin: https://www.sonomanews.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Content-Type: application/json
Content-Length: 0
Expires: -1

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 24D9 260 B
1 KB 93ms
41ms XHR
application/json 185.33.223.208
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_1_34.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.208 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

Software

nginx/1.13.4 /

Resource Hash

333c6c65171eb2e354125bff0b08e12b8726e79f6799775318302ac561142b01

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.sonomanews.com/
Origin: https://www.sonomanews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 08 Feb 2019 17:13:29 GMT
X-Proxy-Origin: 185.220.70.202; 185.220.70.202; 311.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.165:80
AN-X-Request-Uuid: 822731c1-4ad1-45cd-96e5-4a0ba7201f44
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.sonomanews.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 260
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 24D9 240 B
2 KB 135ms
22ms XHR
application/json 213.19.162.71
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17062&site_id=156666&zone_id=747210&size_id=15&p_pos=unknown&rf=https%3A%2F%2Fwww.sonomanews.com%2F&tk_flint=pbjs_lite_v1.34.0&x_source.tid=1681aad8-e560-4b98-977a-473e876ec1e6&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.34483304883466626
Requested by: Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_1_34.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 213.19.162.71 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 8808b99d3de370724545adaa57997e581ae71e1ad462e155dff80bf10ffc502d

Request headers

Referer: https://www.sonomanews.com/
Origin: https://www.sonomanews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 08 Feb 2019 17:13:27 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.sonomanews.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=0, max=9
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame 24D9 240 B
2 KB 138ms
26ms XHR
application/json 213.19.162.71
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17062&site_id=156666&zone_id=747216&size_id=15&p_pos=unknown&rf=https%3A%2F%2Fwww.sonomanews.com%2F&tk_flint=pbjs_lite_v1.34.0&x_source.tid=3b1268cb-b8dd-42dd-8562-f28232cd17af&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.11993328237585699
Requested by: Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_1_34.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 213.19.162.71 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 28326cc16a493dfa4cade187d82275b4f9f286e5282131923a71099ae6f38a74

Request headers

Referer: https://www.sonomanews.com/
Origin: https://www.sonomanews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 08 Feb 2019 17:13:27 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.sonomanews.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 240
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ Frame 24D9 2 KB
2 KB 315ms
239ms XHR
application/json 2.18.234.21
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=332887&v=7.2&r=%7B%22id%22%3A%2213958331f6ab5d4%22%2C%22imp%22%3A%5B%7B%22id%22%3A%2214a792d3afbc79b%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22332887%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22id%22%3A%22158a4c6d70bb2c1%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A0%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22332889%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.sonomanews.com%2F%22%2C%22ref%22%3A%22%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&
Requested by: Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_1_34.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 3ab9a20c1cadaf1c9eaba9acd206c93bc10780e859b0ddef50589815c18202fe

Request headers

Referer: https://www.sonomanews.com/
Origin: https://www.sonomanews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 08 Feb 2019 17:13:28 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://www.sonomanews.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 1521
Expires: Fri, 08 Feb 2019 17:13:28 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame 24D9 71 B
692 B 125ms
49ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2217b7c5e3fba840d%22%3A%224c4c920a6cf262ee66db%7C300x250%22%2C%221856d89c42819f%22%3A%224c4c920a6cf262ee66db%7C300x250%22%7D&ref=https%3A%2F%2Fwww.sonomanews.com%2F&s=e89ce039-68f3-4cd5-aeeb-c290d53348c9&pv=d7e3baae-4dae-4c09-8590-74361b9a137a&vp=mobile&lib_name=prebid&lib_v=1.34.0&us=5&

Requested by

Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_1_34.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

e28475748d0ff1d6c6143451a1ce50893a47236b41d9dd145cdc72613b0df4d6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.sonomanews.com/
Origin: https://www.sonomanews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 08 Feb 2019 17:13:27 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-128
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.sonomanews.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 99
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ Frame 24D9 55 B
494 B 127ms
35ms XHR
application/json 54.229.133.169
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=23965&pi=3&gdprApplies=true&gdprConsent=null&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.sonomanews.com%2F&ce=true&dpr=1&jcsi=%5Bobject%20Object%5D&
Requested by: Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_1_34.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.133.169 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-229-133-169.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: fb5b2be42780f1c650a0a82391afd6fe8b488a8a313091697edd780822d32060

Request headers

Referer: https://www.sonomanews.com/
Origin: https://www.sonomanews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Feb 2019 17:13:27 GMT
content-encoding: gzip
content-type: application/json;charset=UTF-8
server: nginx
status: 200
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.sonomanews.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ Frame 24D9 55 B
494 B 126ms
35ms XHR
application/json 54.229.133.169
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=23966&pi=3&gdprApplies=true&gdprConsent=null&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.sonomanews.com%2F&ce=true&dpr=1&jcsi=%5Bobject%20Object%5D&
Requested by: Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_1_34.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.133.169 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-229-133-169.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: fb5b2be42780f1c650a0a82391afd6fe8b488a8a313091697edd780822d32060

Request headers

Referer: https://www.sonomanews.com/
Origin: https://www.sonomanews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Feb 2019 17:13:27 GMT
content-encoding: gzip
content-type: application/json;charset=UTF-8
server: nginx
status: 200
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.sonomanews.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

OPTIONS
H2 204 v1 Show response
dmx.districtm.io/b/ Frame 24D9 0
275 B 302ms
96ms XHR
text/plain 35.203.66.107
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/b/v1

Requested by

Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_1_34.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

35.203.66.107 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

107.66.203.35.bc.googleusercontent.com

Software

nginx/1.13.12 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Access-Control-Request-Method: POST
Origin: https://www.sonomanews.com
Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

date: Fri, 08 Feb 2019 17:13:28 GMT
server: nginx/1.13.12
access-control-allow-origin: https://www.sonomanews.com
vary: origin
access-control-allow-methods: OPTIONS, POST
status: 204
access-control-max-age: 14400
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: origin, content-type

POST
H/1.1 404
Not Found 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame 24D9 678 B
878 B 128ms
22ms XHR
text/plain 2a02:fa8:8806:12::1430
Conversant

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_1_34.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1430 , Sweden, ASN25751 (VALUECLICK - Conversant, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: d3a970101d5c1c13fe97539903a8285d524c87295f551421ab9e40d9c1324e4a

Request headers

Referer: https://www.sonomanews.com/
Origin: https://www.sonomanews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 08 Feb 2019 17:13:27 GMT
Cache-Control: max-age=0, no-store
Server: nginx
Connection: keep-alive
Content-Length: 678
Content-Type: text/plain; charset=UTF-8

GET
H2 200 vissense.min.js Show response
cdnjs.cloudflare.com/ajax/libs/vissense/0.10.0/ 11 KB
3 KB 14ms
13ms Script
application/javascript 2606:4700::6813:c797
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/vissense/0.10.0/vissense.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6813:c797 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c34e28196cd412790c548696f1447aff0116ee662fead57bf578021e8cc01ba5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 17:13:27 GMT
content-encoding: br
cf-cache-status: HIT
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
last-modified: Thu, 17 May 2018 09:26:40 GMT
server: cloudflare
etag: W/"5afd4ad0-2af5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
expires: Wed, 29 Jan 2020 17:13:27 GMT
cache-control: public, max-age=30672000
cf-ray: 4a5fba1d1a0c9786-FRA
served-in-seconds: 0.000

GET
H2 200 fallbackfonts-min.css
assets.adventivecdn.com/ui/css/ Frame 4F1C 3 KB
837 B 63ms
14ms Stylesheet
text/css 2606:4700:20::681a:2cf
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adventivecdn.com/ui/css/fallbackfonts-min.css
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:2cf , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1f7333213535bddec5215df60374875673ec7aa64d23d25c21c58044d399dc7

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 17:13:27 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 04 Nov 2015 18:37:31 GMT
server: cloudflare
x-amz-request-id: 36FFD86DCBA3572F
etag: W/"ea798c544c715ea33b7e8a05f49ea409"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: private, max-age=14400
cf-ray: 4a5fba1d998dbeb7-FRA
x-amz-id-2: rY/zCa/bmZ3be4JMrb3tuOTTlgYSGNLfHiR7j3X/Ecl5mZ1pAl063CpRPasGtNaeSKeIWOEFbYI=

GET
H2 200 58056fdc-7b19-416d-beaa-40cc89315f07
assets.adventivecdn.com/164/ Frame 4F1C 105 KB
106 KB 355ms
306ms Image
image/jpeg 2606:4700:20::681a:2cf
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.adventivecdn.com/164/58056fdc-7b19-416d-beaa-40cc89315f07
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:2cf , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b75b82838ef35035aef9dd8cb43a9236ec4ec3586dac5a4d794f82a08afc949a

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 17:13:28 GMT
cf-cache-status: REVALIDATED
x-amz-request-id: D6E96C38A9D495A4
cf-polished: origSize=115865, status=webp_bigger
status: 200
content-length: 107827
x-amz-id-2: 9j4rPPKEhbx0aIAt5XnxI2BV4g9vchBLB0y0XnecMFppsns3rQJ8DZM9xd+riwlJiILVvFGIEjM=
last-modified: Mon, 04 Feb 2019 18:23:29 GMT
server: cloudflare
etag: "0d3128e6da19601ffb1e4966be590bf6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: private, max-age=14400
accept-ranges: bytes
cf-ray: 4a5fba1d998fbeb7-FRA
cf-bgj: imgq:100

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 61C5 42 B
122 B 26ms
26ms Image
image/gif 2a00:1450:4001:809::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuTPgcnpP9-SV-2nKT0B5HIwcLRzA2IbFwqoFSznDqsL_4jIxMHrfEY9uLoAxV0SDqrsMUOgA5DvPZgtxWyKO2jDPfKmN1BZMvZJSc&sig=Cg0ArKJSzFOiM7X1dzv2EAE&adk=4155754637&tt=1157&bs=1585%2C1200&mtos=1055,1055,1055,1055,1055&tos=1055,0,0,0,0&p=340,1088,590,1388&mcvt=1055&rs=3&ht=0&tfs=120&tls=1175&mc=1&lte=1&bas=0&bac=0&avms=geo&rst=1549646006809&rpt=1&isd=0&msd=0&lm=2&me=1&oseid=3&ps=1585%2C4112&ss=1600%2C1200&pt=21&deb=1-1-3-10-12-21-35-11&tvt=1159&r=v&id=osdim&uc=11&upc=11&tgt=DIV&cl=1&cec=5&clc=1&cac=0&cd=300x250&v=20190206

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:809::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Feb 2019 17:13:27 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 v1 Show response
dmx.districtm.io/b/ Frame 24D9 0
253 B 295ms
97ms XHR
text/plain 35.203.66.107
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/b/v1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

35.203.66.107 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

107.66.203.35.bc.googleusercontent.com

Software

nginx/1.13.12 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.sonomanews.com/
Origin: https://www.sonomanews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 08 Feb 2019 17:13:28 GMT
server: nginx/1.13.12
status: 204
vary: origin
access-control-allow-methods: OPTIONS, POST
access-control-allow-origin: https://www.sonomanews.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: origin, content-type

GET
H2 200 1585e5bf-f81a-40cf-aa86-cec8b8856b79.js Show response
d3lcz8vpax4lo2.cloudfront.net/embed-code/ Frame 3C98 504 KB
110 KB 59ms
18ms Script
application/javascript 2600:9000:200c:b600:1c:386f:ec80:21
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/1585e5bf-f81a-40cf-aa86-cec8b8856b79.js
Requested by: Host: d2na2p72vtqyok.cloudfront.net
URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/04bb84fd-2de6-431d-bfc5-e32a5273fffa.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:b600:1c:386f:ec80:21 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 20f060a1d07ac1c46b06a66bbcd7b7d6fca7c4457e339b90b5c169a60eddb8eb

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 01:08:35 GMT
content-encoding: gzip
last-modified: Thu, 07 Feb 2019 22:35:38 GMT
server: AmazonS3
age: 57893
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: DrAWXWKFkQ8w081Yo5yarrBGPVq.KPIe
status: 200
cache-control: max-age=31536000,public
content-type: application/javascript
x-amz-cf-id: mlR-QX9xBFF1iNE3sFrCdpVNkEhniowwax-p1vAg6iQjuMab-_er9A==
via: 1.1 d2625240b33e8b85b3cbea9bb40abb10.cloudfront.net (CloudFront)

GET
H2 200 css
fonts.googleapis.com/ Frame 3C98 798 B
465 B 18ms
17ms Stylesheet
text/css 2a00:1450:4001:81b::200a
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Work+Sans

Requested by

Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/1585e5bf-f81a-40cf-aa86-cec8b8856b79.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:81b::200a , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

ESF /

Resource Hash

eec9fdfab80c515f4cc96b6bf5c21db32d15d48570c36be21900674ea8b37c09

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: br
last-modified: Fri, 08 Feb 2019 17:13:28 GMT
server: ESF
access-control-allow-origin: *
date: Fri, 08 Feb 2019 17:13:28 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
x-xss-protection: 1; mode=block
expires: Fri, 08 Feb 2019 17:13:28 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame 3C98 43 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:821::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.sonomanews.com
URL: https://www.sonomanews.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 16 Jan 2019 20:01:45 GMT
server: Golfe2
age: 5061
date: Fri, 08 Feb 2019 15:49:07 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 17543
expires: Fri, 08 Feb 2019 17:49:07 GMT

GET
H2 200 / Show response
geoip.insticator.com/json/ Frame 3C98 251 B
380 B 112ms
112ms XHR
application/json 2606:4700:10::6814:180b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://geoip.insticator.com/json/
Requested by: Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/1585e5bf-f81a-40cf-aa86-cec8b8856b79.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:180b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 76d6b98ff3f8a11906046fc0dbbb0580bcadaa65035f203bfad47e8465a3b821

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Origin: https://www.sonomanews.com

Response headers

cf-ray: 4a5fba20cf3e97aa-FRA
date: Fri, 08 Feb 2019 17:13:28 GMT
via: 1.1 vegur
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.sonomanews.com
x-ratelimit-remaining: 9999
access-control-allow-credentials: true
x-ratelimit-reset: 3600
x-ratelimit-limit: 10000
x-database-date: Fri, 08 Feb 2019 09:54:59 GMT
content-encoding: gzip

OPTIONS
H2 204 processembedserved Show response
dashboard.insticator.com/embeds/ Frame 3C98 0
221 B 440ms
424ms XHR
text/plain 2606:4700:10::6814:180b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://dashboard.insticator.com/embeds/processembedserved
Requested by: Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/1585e5bf-f81a-40cf-aa86-cec8b8856b79.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:180b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Access-Control-Request-Method: POST
Origin: https://www.sonomanews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

date: Fri, 08 Feb 2019 17:13:28 GMT
server: cloudflare
access-control-allow-origin: *
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 1728000
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
status: 204
cf-ray: 4a5fba210f8597aa-FRA
access-control-allow-headers: content-type,x-requested-with,x-api-key,X-ACCOUNT-API-KEY,X-USER-API-KEY,account_api_key,user_api_key

GET
H2 200 logo-insticator-light.png
df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/ Frame 3C98 21 KB
21 KB 17ms
11ms Image
image/png 2600:9000:200c:aa00:10:3422:3f00:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/logo-insticator-light.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:aa00:10:3422:3f00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6413b7dec6a597c00831914e8e4391b59538c6104cea547e13350840cc7c616b

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: CTBFOiOZF9Pc8nkBYDMEiY0Rbq5FsRhl
via: 1.1 a5dd7270846a000392d2981b8c28634f.cloudfront.net (CloudFront)
last-modified: Fri, 04 May 2018 18:57:58 GMT
server: AmazonS3
age: 4916
etag: "31605596be6a56e2ccc39b5ddc16be95"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
date: Fri, 08 Feb 2019 15:53:34 GMT
accept-ranges: bytes
content-length: 21163
x-amz-cf-id: cYYvNwkYOQgDEXIPVDw0gOTuhdAPriSWK7uxrl5GQM85z1eW8jXYgg==

GET
H2 200 logo-giphy.gif
df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/ Frame 3C98 5 KB
5 KB 17ms
11ms Image
image/gif 2600:9000:200c:aa00:10:3422:3f00:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/logo-giphy.gif
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:aa00:10:3422:3f00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2ad4ec405159beb9e962e752ab2696369ee2436ac7b4e7e34c99f9ba22aa1fe4

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: 6s1xHKpyJMfBO7E3xKrrzQcN3hUsgxCx
via: 1.1 a5dd7270846a000392d2981b8c28634f.cloudfront.net (CloudFront)
last-modified: Tue, 21 Aug 2018 23:56:52 GMT
server: AmazonS3
age: 4916
etag: "9be4d53630dea437d62f2a2441634674"
x-cache: Hit from cloudfront
content-type: image/gif
status: 200
date: Fri, 08 Feb 2019 15:53:34 GMT
accept-ranges: bytes
content-length: 4769
x-amz-cf-id: E3Hn5jSQu6_DdyRecakwKb4GotzSw3_H2_EFnEkxueTtjEAznZT20w==

GET
H2 200 logo-facebook.png
df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/ Frame 3C98 20 KB
21 KB 17ms
12ms Image
image/png 2600:9000:200c:aa00:10:3422:3f00:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/logo-facebook.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:aa00:10:3422:3f00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1defd5791b61d4a0aa9417ca6fcae832f6ce0172e61ce0290ad567e7cd511973

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: ULtGRAG0cozVmrk8QTxkU4CRg4lLUOvG
via: 1.1 a5dd7270846a000392d2981b8c28634f.cloudfront.net (CloudFront)
last-modified: Fri, 04 May 2018 18:57:58 GMT
server: AmazonS3
age: 4916
etag: "60b5cab66c2ac82262a0da5346037875"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
date: Fri, 08 Feb 2019 15:56:42 GMT
accept-ranges: bytes
content-length: 20991
x-amz-cf-id: -5eiN4X0kcmizca6F4LJBjdibZux4SiefRSRnpjd6ca6WsGsSqDmag==

GET
H2 200 logo-facebook-light.png
df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/ Frame 3C98 21 KB
21 KB 18ms
12ms Image
image/png 2600:9000:200c:aa00:10:3422:3f00:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/logo-facebook-light.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:aa00:10:3422:3f00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 41f31dd2e2557de961bcc07f0e0f320a637632c9ae48416c0d9ee25294ed0ffe

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: iVGTFYl9UoOIsb_VjgmcCUFWcozgxrNA
via: 1.1 a5dd7270846a000392d2981b8c28634f.cloudfront.net (CloudFront)
last-modified: Fri, 04 May 2018 18:57:58 GMT
server: AmazonS3
age: 4916
etag: "1aa9c1ee9848a890aac9ed2e662345b8"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
date: Fri, 08 Feb 2019 15:56:42 GMT
accept-ranges: bytes
content-length: 21054
x-amz-cf-id: ZfajXNJmNEpaDpIJvWBm-pikeyabmvjS5dWIlDZAk4B_g4oCBotH8A==

GET
H2 200 logo-twitter.png
df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/ Frame 3C98 21 KB
22 KB 18ms
13ms Image
image/png 2600:9000:200c:aa00:10:3422:3f00:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/logo-twitter.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:aa00:10:3422:3f00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aeb5540c19002caf52af3502b43ff4d503ec33ace0119153b8ea525cf1e1d580

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: PabYyULYcagrrnl5_VBagXR6.2QcHh82
via: 1.1 a5dd7270846a000392d2981b8c28634f.cloudfront.net (CloudFront)
last-modified: Fri, 04 May 2018 18:57:58 GMT
server: AmazonS3
age: 4916
etag: "8e6f619e7da6deedeb066c522967841e"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
date: Fri, 08 Feb 2019 15:56:42 GMT
accept-ranges: bytes
content-length: 21925
x-amz-cf-id: R0r3P7-3I8QRifxTDWISFAPVcd9cciemF96_t_M85SjrUOmMoeyytQ==

GET
H2 200 logo-twitter-light.png
df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/ Frame 3C98 21 KB
22 KB 21ms
16ms Image
image/png 2600:9000:200c:aa00:10:3422:3f00:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/logo-twitter-light.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:aa00:10:3422:3f00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 74a587c5c9706f95046b2dcf80f6bb90cd488ae4edb45e9bcd4507d3787a88d7

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: qL1Phj4H.8a2GAJwlw0J623oQlDV0Krh
via: 1.1 a5dd7270846a000392d2981b8c28634f.cloudfront.net (CloudFront)
last-modified: Fri, 04 May 2018 18:57:58 GMT
server: AmazonS3
age: 4916
etag: "27f2f41e838101e82a68c5d8a255f0f8"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
date: Fri, 08 Feb 2019 15:56:42 GMT
accept-ranges: bytes
content-length: 21920
x-amz-cf-id: KiBYdP0CTL4tuUagoGoH0HZLWXRxRl387P0m3HrfneMd3CMeFInXfQ==

GET
H2 200 icon-check.png
df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/ Frame 3C98 649 B
997 B 17ms
13ms Image
image/png 2600:9000:200c:aa00:10:3422:3f00:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/icon-check.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:aa00:10:3422:3f00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 151c4c52c25dd28c33321aaaeabe879c4814087d4eaf7545d93f5d81d4d1c4f3

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: hmsI6iaZVJVbWmWfdDEj8IUq8AjvoEjw
via: 1.1 a5dd7270846a000392d2981b8c28634f.cloudfront.net (CloudFront)
last-modified: Fri, 04 May 2018 18:57:56 GMT
server: AmazonS3
age: 4916
etag: "b673377b664a0b33454c267d911fcfc1"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
date: Fri, 08 Feb 2019 15:56:42 GMT
accept-ranges: bytes
content-length: 649
x-amz-cf-id: ZT7DmYhhUr24UGMGg4f8XBL1-pud2l7z7AgVPJg0ZrSx83O3oD_q-g==

GET
H2 200 icon-confetti.png
df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/ Frame 3C98 37 KB
37 KB 21ms
17ms Image
image/png 2600:9000:200c:aa00:10:3422:3f00:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/icon-confetti.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:aa00:10:3422:3f00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6d8c979acef2559ddab48d2d97e4862ac33693db8061aa5454c6324203078823

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: lQUmTFPzVK08tDuCP1AuUjP3wjX7hxOF
via: 1.1 a5dd7270846a000392d2981b8c28634f.cloudfront.net (CloudFront)
last-modified: Fri, 04 May 2018 18:57:56 GMT
server: AmazonS3
age: 4915
etag: "83e3a5c138883f3ae3f245f3ddf0e2da"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
date: Fri, 08 Feb 2019 15:56:42 GMT
accept-ranges: bytes
content-length: 37512
x-amz-cf-id: yOgsmwukAQkw2ZqySqBkz3oXL5fFSBuI4e8qXcaXOGe1WJYex6VYWA==

GET
H2 200 icon-balloon.png
df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/ Frame 3C98 27 KB
27 KB 23ms
19ms Image
image/png 2600:9000:200c:aa00:10:3422:3f00:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/icon-balloon.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:aa00:10:3422:3f00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c41d9088e3dd65fa28577065b03a681bfffc650a2b1ee06058f3ac726677c8c2

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: HctxmPv8kN.rB3mTJfqx7wXZSay_M3C0
via: 1.1 a5dd7270846a000392d2981b8c28634f.cloudfront.net (CloudFront)
last-modified: Fri, 04 May 2018 18:57:56 GMT
server: AmazonS3
age: 4913
etag: "94a9a43ea233fdf4e31dcd63d259793c"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
date: Fri, 08 Feb 2019 15:56:42 GMT
accept-ranges: bytes
content-length: 27482
x-amz-cf-id: FpJfuNDUtcOtDCQOxc6Z4CV0RYa4o3qhh0KL-1_njgsZEHSq6ig5Qg==

GET
H2 200 icon-horn.png
df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/ Frame 3C98 40 KB
40 KB 21ms
18ms Image
image/png 2600:9000:200c:aa00:10:3422:3f00:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/icon-horn.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:aa00:10:3422:3f00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b2c25c9dd9bc21118a8c03c2ffe8eb92d11e8e930b7b7d4204d80f7f221f7652

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: BHXReZ_Cv1bJF7_AAuCuCahuwFcfUC91
via: 1.1 a5dd7270846a000392d2981b8c28634f.cloudfront.net (CloudFront)
last-modified: Fri, 04 May 2018 18:57:56 GMT
server: AmazonS3
age: 4915
etag: "cb89333ec2a1d8c79b37274ef357ee68"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
date: Fri, 08 Feb 2019 15:56:42 GMT
accept-ranges: bytes
content-length: 41050
x-amz-cf-id: ttEtBmy_rsqM32BlgtVaittQaDs4wi_dR0PFZR8iu84MjKOOdgUkag==

GET
H2 200 icon-ew.png
df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/ Frame 3C98 36 KB
37 KB 22ms
19ms Image
image/png 2600:9000:200c:aa00:10:3422:3f00:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/icon-ew.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:aa00:10:3422:3f00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e56b1323bac2b8943870486ee05dd237cfe4a0818f1d1ea4901e65517372c5a9

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: 0skJ05B9mdvQEGx_R9mie0Pu9.ElCiwC
via: 1.1 a5dd7270846a000392d2981b8c28634f.cloudfront.net (CloudFront)
last-modified: Fri, 04 May 2018 18:57:56 GMT
server: AmazonS3
age: 4915
etag: "82851ce3bc3f8a3c449e47df5696d680"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
date: Fri, 08 Feb 2019 15:56:42 GMT
accept-ranges: bytes
content-length: 37269
x-amz-cf-id: Xf7H-1-iXhsdfcGLcICQzUkwkhW9JVYL_2bP--t8Mjb5zaBN9JiI1g==

GET
H2 200 icon-poop.png
df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/ Frame 3C98 30 KB
30 KB 24ms
21ms Image
image/png 2600:9000:200c:aa00:10:3422:3f00:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/icon-poop.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:aa00:10:3422:3f00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 12078a237096f9e885c53ce85a32c654252840e8a2de250f1b8e6e7ff039d4f4

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: Ob3MdZu9vnyCPUvQDmj9pmWYY6gz_mHT
via: 1.1 a5dd7270846a000392d2981b8c28634f.cloudfront.net (CloudFront)
last-modified: Fri, 04 May 2018 18:57:56 GMT
server: AmazonS3
age: 4914
etag: "8e7f71fe1321f6e23fcb68b9b6db98d6"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
date: Fri, 08 Feb 2019 15:56:42 GMT
accept-ranges: bytes
content-length: 30566
x-amz-cf-id: hMc8fcblG_G7yetjNP9BoEtb_aV1gJHwex6RHmM1aYZ9Rqldzis8ng==

GET
H2 200 icon-frown.png
df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/ Frame 3C98 30 KB
31 KB 26ms
23ms Image
image/png 2600:9000:200c:aa00:10:3422:3f00:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/icon-frown.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:aa00:10:3422:3f00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5f0fb16ad7ad022b50a8468d622f694f5988fae8cef095fca640d01509fddd0

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: H7F1UymgWQm8LIiVTqEEsPavUL3r9hNT
via: 1.1 a5dd7270846a000392d2981b8c28634f.cloudfront.net (CloudFront)
last-modified: Fri, 04 May 2018 18:57:56 GMT
server: AmazonS3
age: 4913
etag: "03d9c3674cf3136c9a746c93070acf29"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
date: Fri, 08 Feb 2019 15:56:42 GMT
accept-ranges: bytes
content-length: 30946
x-amz-cf-id: JTZKNh4mJsHgK0L5g-NcWvkR4NflGfc_sBbBPRMoxPdsjLW9X3c9VA==

GET
H2 200 icon-stars.png
df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/ Frame 3C98 2 KB
2 KB 25ms
22ms Image
image/png 2600:9000:200c:aa00:10:3422:3f00:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/icon-stars.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:aa00:10:3422:3f00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 10aa734d14c0c8b63f50d90c2e18c337cd12079b523c71b89e91599ec78f7b02

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: A05mRKCYkASKPdab10xIunHDx6Bkvlky
via: 1.1 a5dd7270846a000392d2981b8c28634f.cloudfront.net (CloudFront)
last-modified: Tue, 12 Jun 2018 20:41:46 GMT
server: AmazonS3
age: 4916
etag: "60f3f9eebba38ca0bdb5427fbe24f6ee"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
date: Fri, 08 Feb 2019 15:56:42 GMT
accept-ranges: bytes
content-length: 1639
x-amz-cf-id: LpnywXgmuYW2h4zZrl3VnjBoCnJ9f_In8O3KrnIN9gI6HzFL69dIfQ==

GET
H2 200 icon-bubble.png
df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/ Frame 3C98 376 B
722 B 23ms
21ms Image
image/png 2600:9000:200c:aa00:10:3422:3f00:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/icon-bubble.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:aa00:10:3422:3f00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 979681d64b587bd2745310231549085885f3c0f3c884c88f59b365b7b671f8d2

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: ctWPhzS6CapVP0QHxfXALhe6sSB7YIEJ
via: 1.1 a5dd7270846a000392d2981b8c28634f.cloudfront.net (CloudFront)
last-modified: Wed, 19 Sep 2018 22:57:20 GMT
server: AmazonS3
age: 4916
etag: "b658d1ba1163351ae9cc39c2f76826bd"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
date: Fri, 08 Feb 2019 15:56:42 GMT
accept-ranges: bytes
content-length: 376
x-amz-cf-id: Vg7Oo5W1c60Xzf9CH3tnvcWnzavgBuGvOOzFAOp9jH2vhY_wB7TVyw==

GET
H2 200 icon-chart.png
df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/ Frame 3C98 145 B
492 B 25ms
23ms Image
image/png 2600:9000:200c:aa00:10:3422:3f00:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/icon-chart.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:aa00:10:3422:3f00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 64f85424d3455add40b6a61868f6451ea8d2190912ac31a018b64f02584dc9d9

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: q0wI6CpVwbh_Bzw7O0qMF5GNyjy8KyT3
via: 1.1 a5dd7270846a000392d2981b8c28634f.cloudfront.net (CloudFront)
last-modified: Wed, 19 Sep 2018 22:55:57 GMT
server: AmazonS3
age: 4916
etag: "cf870c11381c4875d6d2d3bc323f1dde"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
date: Fri, 08 Feb 2019 15:56:42 GMT
accept-ranges: bytes
content-length: 145
x-amz-cf-id: uVuijDJHk8-v6IarXzDRlUXLReVh3uQiCVBYyd3JKzX_5sfx5-_02A==

GET
H2 200 icon-money.png
df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/ Frame 3C98 633 B
980 B 25ms
23ms Image
image/png 2600:9000:200c:aa00:10:3422:3f00:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/icon-money.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:aa00:10:3422:3f00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 099b1b76a36e3e721b5972b677815c47f7c84e72bab1589da66ce2c4f366e683

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: _Li66y.8XQl7t.02qwNLsT_aSOX6zuq0
via: 1.1 a5dd7270846a000392d2981b8c28634f.cloudfront.net (CloudFront)
last-modified: Wed, 19 Sep 2018 22:55:57 GMT
server: AmazonS3
age: 4916
etag: "c955bf42d492b72cb1f0c10a02de8c26"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
date: Fri, 08 Feb 2019 15:56:42 GMT
accept-ranges: bytes
content-length: 633
x-amz-cf-id: wpg3bWCk7Ojf9oBwQV8OvKEg7cCgohFT-mKvUkmMLqbMRgyL_dI5eQ==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 24D9 29 KB
10 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: d2na2p72vtqyok.cloudfront.net
URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/04bb84fd-2de6-431d-bfc5-e32a5273fffa.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:806::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

139f0678adf52bffa2e72566204cb52fea2ce3ee3f2c6da00beb57a21e347719

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 17:13:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "76 / 681 of 1000 / last-modified: 1549580748"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length: 10063
x-xss-protection: 1; mode=block
expires: Fri, 08 Feb 2019 17:13:28 GMT

GET
H2 200 contents Show response
cms.insticator.com/v1/ Frame 3C98 8 KB
2 KB 484ms
468ms XHR
application/json 2606:4700:10::6814:180b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://cms.insticator.com/v1/contents?embed_uuid=1585e5bf-f81a-40cf-aa86-cec8b8856b79&cookie_id=null&content_order=RANDOM&for_embed=true&content_count=10
Requested by: Host: d3lcz8vpax4lo2.cloudfront.net
URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/1585e5bf-f81a-40cf-aa86-cec8b8856b79.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:180b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2ec530718816848d3fb1fd157f8c80845d37cd7f1d26eef64640245301978609

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Origin: https://www.sonomanews.com

Response headers

date: Fri, 08 Feb 2019 17:13:28 GMT
content-encoding: gzip
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.sonomanews.com
access-control-allow-credentials: true
cf-ray: 4a5fba212fa997aa-FRA

GET
H2 200 collect
www.google-analytics.com/r/ Frame 3C98 35 B
111 B 14ms
14ms Image
image/gif 2a00:1450:4001:821::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/r/collect?v=1&_v=j73&a=1939370992&t=pageview&_s=1&dl=about%3A%2F%2F%2Fblank&dr=https%3A%2F%2Fwww.sonomanews.com%2F&dp=%2F04bb84fd-2de6-431d-bfc5-e32a5273fffa&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=300x350&je=0&_u=YEBAAGAB~&jid=559049238&gjid=174695345&cid=1558647528.1549646008&tid=UA-123718506-3&_gid=1461994804.1549646008&_r=1&z=334789483

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:821::200e , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Feb 2019 17:13:28 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
access-control-allow-origin: *
content-type: image/gif
status: 200
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 24D9 109 B
171 B 16ms
15ms Script
application/javascript 2a00:1450:4001:816::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.sonomanews.com

Requested by

Host: d2na2p72vtqyok.cloudfront.net
URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/04bb84fd-2de6-431d-bfc5-e32a5273fffa.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 17:13:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length: 104
x-xss-protection: 1; mode=block

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 24D9 109 B
171 B 16ms
15ms Script
application/javascript 2a00:1450:4001:819::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sonomanews.com

Requested by

Host: d2na2p72vtqyok.cloudfront.net
URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/04bb84fd-2de6-431d-bfc5-e32a5273fffa.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 17:13:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length: 104
x-xss-protection: 1; mode=block

GET
H2 200 pubads_impl_301.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 24D9 181 KB
62 KB 41ms
41ms Script
text/javascript 216.58.208.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_301.js

Requested by

Host: d2na2p72vtqyok.cloudfront.net
URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/04bb84fd-2de6-431d-bfc5-e32a5273fffa.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s12-in-f2.1e100.net

Software

sffe /

Resource Hash

cf7372c066c21a04cdf010795703ebfe788cff3d65f07a018e27e676944558fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 17:13:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 31 Jan 2019 17:47:20 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 63397
x-xss-protection: 1; mode=block
expires: Fri, 08 Feb 2019 17:13:28 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame FDDD 42 B
122 B 25ms
25ms Image
image/gif 2a00:1450:4001:809::2002
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuDxaoUQo3zyw9jTYUDkeQYhRA6MazuqU_bwOZRT0xjkzRQAdanQUykRVVoOauYOi-AwOd8Fyblc09KQhz6COFmCVF7Sq58XXR65z4&sig=Cg0ArKJSzKKbJUnEhFOTEAE&adk=4238923946&tt=1836&bs=1585%2C1200&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&p=230,0,320,970&mcvt=1005&rs=3&ht=0&tfs=852&tls=1857&mc=1&lte=1&bas=0&bac=0&avms=geo&rst=1549646006666&rpt=864&isd=0&msd=0&lm=2&me=1&oseid=3&ps=1585%2C4112&ss=1600%2C1200&pt=21&deb=1-1-3-14-17-21-50-16&tvt=1838&r=v&id=osdim&uc=10&upc=10&tgt=DIV&cl=1&cec=8&clc=1&cac=0&cd=728x90&v=20190206

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:809::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 08 Feb 2019 17:13:28 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, must-revalidate
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length: 42
x-xss-protection: 1; mode=block
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 24D9 10 KB
5 KB 1034ms
1033ms XHR
text/plain 216.58.208.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2354641514668471&correlator=3300917975831822&output=ldjh&callback=googletag.impl.pubads.callbackProxy1&impl=fif&adsid=NT&eid=21062748%2C21063016&vrg=301&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776&sc=1&sfv=1-0-31&iu=%2F27794161%2Fsonomanews.com_Web_300x250_1&sz=300x250&scp=refurl%3Dsonomanews.com%26floor_group%3Dctrl_group%26hour%3D17%26tier%3D1%26instBid_size%3D300x250%26instBid_pb%3D1%26instBid_adid%3D14a792d3afbc79b%26instBid_bidder%3DindexExchange%26adx_floor%3D1%26impression_type%3Dinitial_load&cookie=ID%3Dbb950615623a4648%3AT%3D1549646006%3AS%3DALNI_MYDSk11mG8-_Sb36-q1FF_750Uf6A&cdm=www.sonomanews.com&bc=15&lmt=1549646008&dt=1549646008600&dlt=1549646007041&idt=1549&ea=0&frm=23&biw=1585&bih=1200&isw=300&ish=600&oid=3&adx=1088&ady=1246&adk=21933704&uci=3mjdnr4zhs7b&ifi=1&ifk=3378004658&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fwww.sonomanews.com%2F&top=https%3A%2F%2Fwww.sonomanews.com%2F&dssz=15&icsg=8362&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x600&msz=300x-1&blev=1&bisch=1&ga_vid=1558647528.1549646008&ga_sid=1549646009&ga_hid=989971176&fws=256

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_301.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s12-in-f2.1e100.net

Software

cafe /

Resource Hash

06c41bb58d8317e393a497946e58cfbc18ade68597cbb387c44bc2321c030f30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.sonomanews.com/
Origin: https://www.sonomanews.com

Response headers

date: Fri, 08 Feb 2019 17:13:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: 107093
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 5284
x-xss-protection: 1; mode=block
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 148361
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sonomanews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_301.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 24D9 63 KB
23 KB 41ms
41ms Script
text/javascript 216.58.208.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_301.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_301.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s12-in-f2.1e100.net

Software

sffe /

Resource Hash

74aaec3179743f8515f3c4446412e31358ac0141eced480cf737bdca94447908

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 17:13:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 31 Jan 2019 17:47:20 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 23922
x-xss-protection: 1; mode=block
expires: Fri, 08 Feb 2019 17:13:28 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-31/html/ Frame 24D9 0
0 6ms
5ms Other
text/html 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-31/html/container.html?n=1
Requested by: Host: d2na2p72vtqyok.cloudfront.net
URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/04bb84fd-2de6-431d-bfc5-e32a5273fffa.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:1450:4001:819::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Purpose: prefetch
Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 24D9 8 KB
4 KB 619ms
618ms XHR
text/plain 216.58.208.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2354641514668471&correlator=3300917975831822&output=ldjh&callback=googletag.impl.pubads.callbackProxy2&impl=fif&adsid=NT&eid=21062748%2C21063016&vrg=301&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A32776&sc=1&sfv=1-0-31&iu=%2F27794161%2Fsonomanews.com_Web_300x250_2&sz=300x250&scp=refurl%3Dsonomanews.com%26floor_group%3Dctrl_group%26hour%3D17%26tier%3D1%26instBid_size%3D300x250%26instBid_pb%3D1%26instBid_adid%3D158a4c6d70bb2c1%26instBid_bidder%3DindexExchange%26adx_floor%3D1%26impression_type%3Dinitial_load&cookie=ID%3Dbb950615623a4648%3AT%3D1549646006%3AS%3DALNI_MYDSk11mG8-_Sb36-q1FF_750Uf6A&cdm=www.sonomanews.com&bc=15&lmt=1549646008&dt=1549646008608&dlt=1549646007041&idt=1549&ea=0&frm=23&biw=1585&bih=1200&isw=300&ish=600&oid=3&adx=1088&ady=1546&adk=3671505123&uci=c6xx64c2br9o&ifi=2&ifk=3378004658&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fwww.sonomanews.com%2F&top=https%3A%2F%2Fwww.sonomanews.com%2F&dssz=16&icsg=41130&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x600&msz=300x-1&blev=1&bisch=1&ga_vid=1558647528.1549646008&ga_sid=1549646009&ga_hid=989971176&fws=256

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_301.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s12-in-f2.1e100.net

Software

cafe /

Resource Hash

3a2cfee5dd83fba108b0bc5e4299621e635c378e86c93a3c649e394512d2a28d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.sonomanews.com/
Origin: https://www.sonomanews.com

Response headers

date: Fri, 08 Feb 2019 17:13:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: 107093
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 4454
x-xss-protection: 1; mode=block
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 148650
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sonomanews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 processembedserved Show response
dashboard.insticator.com/embeds/ Frame 3C98 0
213 B 127ms
126ms XHR
text/plain 2606:4700:10::6814:180b
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://dashboard.insticator.com/embeds/processembedserved
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2606:4700:10::6814:180b , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/json
Origin: https://www.sonomanews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 08 Feb 2019 17:13:29 GMT
content-encoding: gzip
server: cloudflare
status: 200
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: POST, GET, PUT, OPTIONS, DELETE
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
cf-ray: 4a5fba23aab597aa-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, X-AUTH-TOKEN
content-length: 20

GET
H/1.1 200
OK ad Show response
ads.adventive.com/ 159 KB
31 KB 260ms
259ms Script
text/javascript 50.57.214.178
Rackspace Hosting

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adventive.com/ad?j&spLoad=1&iid=41124022ddd94319b0936f579993af5f&click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjssBm2uzdbOzJEy0KLwD1WZhx6tMnKeEjtt1C-dS0YQDsXMdEZmKIxkaPD5z1vTpFPUaSzugrQVb8bR6qiTC8bB34JUAapasQpDtm29Qs4URjScXHJTd9ZkiNtxoyG9y_C1TBVA_n8pkWWdrxhJfd1g9yNNU386N7Z-nQcCNqPxEseOG8FcU_19-uxH0Q9YxZDpY7jttBcpSwAN86XZ8Fzkbpm95MUMpDOtM8En9qBtFzHWlU-suI2M7vBs%2526sai%253DAMfl-YRROyK-c1910xjpXnm6EbzfzAqJZ-_QnGZQO4QZYtmaAi4yChbsUwrAgM3g-J3OVkyi7q_B7_C2rbYQPoq0BQInpRxG_bOiKxQz3E4q%2526sig%253DCg0ArKJSzJJ0CcYawgWAEAE%2526urlfix%253D1%2526adurl%253D&enc=1&ptag=78dbb069-7b4e-4adc-93d7-4aa58e1e01a3&spLoadP=98546&spLoadC=41787&spLoadU=&type=4&fb=adventive_4_93606_nD977161_int&forceFallback=1&iAmInt=1&initScreen=1&intSettings=%7B%22actionOnce%22%3Afalse%2C%22actionOpenURLIn%22%3A%22New+Tab%22%2C%22bgTransparency%22%3A%220%25%22%2C%22closeOnTime%22%3A%228%22%2C%22closeOnTimer%22%3Atrue%2C%22customCloseName%22%3A%22Default%22%2C%22customCloseSrc%22%3A%22%22%2C%22delay%22%3A%221%22%2C%22fixedPosition%22%3Afalse%2C%22frequency%22%3A%22Once+Per+Day%22%2C%22hasAction%22%3Atrue%2C%22intBgTransparency%22%3A%2225%25%22%2C%22logLabel%22%3A%22%22%2C%22screen%22%3A%22Screen+2%22%2C%22screenId%22%3A1%2C%22showTimer%22%3Atrue%2C%22transition%22%3A%22Slide%22%2C%22transitionTime%22%3A%22300ms%22%2C%22trigger%22%3A%22Timed%22%2C%22type%22%3A%22Open+as+Interstitial%22%7D

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

50.57.214.178 San Antonio, United States, ASN19994 (RACKSPACE - Rackspace Hosting, US),

Reverse DNS

ads.adventive.com

Software

Apache/2.4.29 (Ubuntu) /

Resource Hash

d23391fb02d4db672cef5f065a665a26a720e1931ed488d91485ec5746f32a1e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 Feb 2019 17:13:29 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Fri, 08 Feb 2019 17:13:29 GMT
Server: Apache/2.4.29 (Ubuntu)
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript;charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection: Keep-Alive
Keep-Alive: timeout=5, max=49
Content-Length: 31594
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H/1.1 200
OK stats
ads.adventive.com/api/ 43 B
466 B 134ms
134ms Image
image/gif 50.57.214.178
Rackspace Hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.adventive.com/api/stats?acc=164&adv=3795&atid=4&auid=93606&cache=1&cid=41787&gid=0&pcid=53857&pid=98546&sid=565&tag=78dbb069-7b4e-4adc-93d7-4aa58e1e01a3&tz=America%2FLos_Angeles&up=0.00000&ut=RM&vid=4&ckid=3aef4a76-9f22-43b3-a012-d4a3e8c5e975&ip=185.220.70.202&clk=0&dat=%7B%22screenIndex%22%3A1%7D&dh=1200&dw=1600&eng=0&grp=0&hc=qmumuagu&iid=41124022ddd94319b0936f579993af5f&ref=https%3A%2F%2Fwww.sonomanews.com%2F&type=nav_expand_auto&hov=0&cb=1549646008946
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 50.57.214.178 San Antonio, United States, ASN19994 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS: ads.adventive.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 Feb 2019 17:13:29 GMT
Content-encoding: none
Last-Modified: Wed, 11 Jan 2006 12:59:00 GMT
Server: Apache/2.4.29 (Ubuntu)
P3P: CP="CAO PSA OUR"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Content-Type: image/gif
Keep-Alive: timeout=5, max=82
Content-length: 43
Expires: Wed, 11 Jan 2000 12:59:00 GMT

GET
H/1.1 200
OK stats
ads.adventive.com/api/ 43 B
466 B 246ms
129ms Image
image/gif 50.57.214.178
Rackspace Hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.adventive.com/api/stats?acc=164&adv=3795&atid=4&auid=93606&cache=1&cid=41787&gid=0&pcid=53857&pid=98546&sid=565&tag=78dbb069-7b4e-4adc-93d7-4aa58e1e01a3&tz=America%2FLos_Angeles&up=0.00000&ut=RM&vid=4&ckid=3aef4a76-9f22-43b3-a012-d4a3e8c5e975&ip=185.220.70.202&clk=0&dat=%7B%22viewTime%22%3A1%2C%22screenIndex%22%3A1%7D&dh=1200&dw=1600&eng=0&grp=0&hc=qmumuagu&iid=41124022ddd94319b0936f579993af5f&ref=https%3A%2F%2Fwww.sonomanews.com%2F&type=ad_view_view_auto&hov=0&cb=1549646008966
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 50.57.214.178 San Antonio, United States, ASN19994 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS: ads.adventive.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 Feb 2019 17:13:29 GMT
Content-encoding: none
Last-Modified: Wed, 11 Jan 2006 12:59:00 GMT
Server: Apache/2.4.29 (Ubuntu)
P3P: CP="CAO PSA OUR"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Content-Type: image/gif
Keep-Alive: timeout=5, max=82
Content-length: 43
Expires: Wed, 11 Jan 2000 12:59:00 GMT

GET
H/1.1 404
Not Found null
www.sonomanews.com/ Frame 3C98 506 B
506 B 200ms
198ms Image
text/html 107.154.114.50
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.sonomanews.com/null
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 107.154.114.50 Redwood City, United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.114.50.ip.incapdns.net
Software: Apache/2.2.15 (Red Hat) /
Resource Hash: 31c139cdb8611ebe068f9c12494cd50aadaa9b8775592c66cfbe495aa75de217

Request headers

Pragma: no-cache
Accept-Encoding: gzip, deflate, br
Host: www.sonomanews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Accept: image/webp,image/apng,image/*,*/*;q=0.8
Referer: https://www.sonomanews.com/
Cookie: visid_incap_813078=9d5llUNiRjunNCl0k8uFi7S4XVwAAAAAQUIPAAAAAABO4PEZ4UHS50eO1/hCIZo4; incap_ses_184_813078=cshXPlRWkkgRkdBkaLSNArS4XVwAAAAAthtWzW3gcDMat+BOss4FxQ==; _cb_ls=1; _cb=CfU92UC_ZYMMCLrA5E; _chartbeat2=.1549646005065.1549646005065.1.Bi3R3V7DoilDxRscADxma9Cr7ZU0.1; _cb_svref=null; BCSessionID=cfba39d8-c9b6-4dd4-bfdd-eda28c38cb8a; nlbi_813078=ktKTQUP8Ox+co+lffN0T4gAAAADrslF3LsUn51UZCvArM4E7; _sp_id.35b1=272f403bb52eeba4.1549646007.1.1549646007.1549646007; _sp_ses.35b1=*; __gads=ID=bb950615623a4648:T=1549646006:S=ALNI_MYDSk11mG8-_Sb36-q1FF_750Uf6A; CSPWSERVERID=25664c3bb6383c34d3256171a08b5a85dd994bb1; a_h_93606_4=1; visitorGeo=DE; Insticator.geoBlockAds-04bb84fd-2de6-431d-bfc5-e32a5273fffa=false; Insticator.geoBlockedEmbeds-04bb84fd-2de6-431d-bfc5-e32a5273fffa=[]; visitorFloorTier=1; jsSessionCookie=e07e4bbd-6678-4740-a95b-e45b3f0ca849; jsPermanentCookie=6f738709-0c69-483a-8d3d-a2b11d0b8962; _ga=GA1.1.1558647528.1549646008; _gid=GA1.1.1461994804.1549646008; _gat=1
Connection: keep-alive
Cache-Control: no-cache
Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

PRAGMA: no-cache
Date: Fri, 08 Feb 2019 17:19:11 GMT
Content-Encoding: gzip
Server: Apache/2.2.15 (Red Hat)
SET-COOKIE: CSPSESSIONID-SP-80-UP-=001000000000W296czAQDv0000YScbJb9z1KjhwQauDc4k4A--; path=/; httpOnly; CSPWSERVERID=25664c3bb6383c34d3256171a08b5a85dd994bb1; path=/; httpOnly;
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
X-Iinfo: 7-109065655-109066060 SNNN RT(1549646002869 5395) q(0 0 0 -1) r(2 2) U11
CACHE-CONTROL: no-cache
Connection: keep-alive
X-CDN: Incapsula
EXPIRES: Thu, 29 Oct 1998 17:04:19 GMT

GET
H2 200 logo-facebook.png
df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/ Frame 3C98 20 KB
21 KB 10ms
8ms Image
image/png 2600:9000:200c:aa00:10:3422:3f00:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/logo-facebook.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:aa00:10:3422:3f00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1defd5791b61d4a0aa9417ca6fcae832f6ce0172e61ce0290ad567e7cd511973

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: ULtGRAG0cozVmrk8QTxkU4CRg4lLUOvG
via: 1.1 a5dd7270846a000392d2981b8c28634f.cloudfront.net (CloudFront)
last-modified: Fri, 04 May 2018 18:57:58 GMT
server: AmazonS3
age: 4916
etag: "60b5cab66c2ac82262a0da5346037875"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
date: Fri, 08 Feb 2019 15:56:42 GMT
accept-ranges: bytes
content-length: 20991
x-amz-cf-id: U7vH-yejUKMd8qugedOuUGBfSRHZy9RgZWiO-dRPj3qId1q5MwSWvQ==

GET
H2 200 logo-twitter.png
df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/ Frame 3C98 21 KB
22 KB 11ms
9ms Image
image/png 2600:9000:200c:aa00:10:3422:3f00:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/logo-twitter.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:aa00:10:3422:3f00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: aeb5540c19002caf52af3502b43ff4d503ec33ace0119153b8ea525cf1e1d580

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: PabYyULYcagrrnl5_VBagXR6.2QcHh82
via: 1.1 a5dd7270846a000392d2981b8c28634f.cloudfront.net (CloudFront)
last-modified: Fri, 04 May 2018 18:57:58 GMT
server: AmazonS3
age: 4916
etag: "8e6f619e7da6deedeb066c522967841e"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
date: Fri, 08 Feb 2019 15:56:42 GMT
accept-ranges: bytes
content-length: 21925
x-amz-cf-id: cbI7ilQps_VtRnfUVfNWjxskLndhD-7IsGefL_JMR2jpSp2BHvjj-Q==

GET
H2 200 logo-insticator-light.png
df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/ Frame 3C98 21 KB
21 KB 12ms
10ms Image
image/png 2600:9000:200c:aa00:10:3422:3f00:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/logo-insticator-light.png
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:aa00:10:3422:3f00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6413b7dec6a597c00831914e8e4391b59538c6104cea547e13350840cc7c616b

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: CTBFOiOZF9Pc8nkBYDMEiY0Rbq5FsRhl
via: 1.1 a5dd7270846a000392d2981b8c28634f.cloudfront.net (CloudFront)
last-modified: Fri, 04 May 2018 18:57:58 GMT
server: AmazonS3
age: 4916
etag: "31605596be6a56e2ccc39b5ddc16be95"
x-cache: Hit from cloudfront
content-type: image/png
status: 200
date: Fri, 08 Feb 2019 15:53:34 GMT
accept-ranges: bytes
content-length: 21163
x-amz-cf-id: DOBSV6jd6St3kpI-v24zFUcZ8ic8MUrR595KjtALLLnL8eDhKxphFw==

GET
H2 200 logo-giphy.gif
df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/ Frame 3C98 5 KB
5 KB 11ms
10ms Image
image/gif 2600:9000:200c:aa00:10:3422:3f00:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://df80k0z3fi8zg.cloudfront.net/files/images/embed4.0/app/logo-giphy.gif
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:aa00:10:3422:3f00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2ad4ec405159beb9e962e752ab2696369ee2436ac7b4e7e34c99f9ba22aa1fe4

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: 6s1xHKpyJMfBO7E3xKrrzQcN3hUsgxCx
via: 1.1 a5dd7270846a000392d2981b8c28634f.cloudfront.net (CloudFront)
last-modified: Tue, 21 Aug 2018 23:56:52 GMT
server: AmazonS3
age: 4916
etag: "9be4d53630dea437d62f2a2441634674"
x-cache: Hit from cloudfront
content-type: image/gif
status: 200
date: Fri, 08 Feb 2019 15:53:34 GMT
accept-ranges: bytes
content-length: 4769
x-amz-cf-id: 0P0Um_V1nC_Q145894rkdMtOcO-PW0oZRsiTngl04yhzsO61EFm3xQ==

GET
H2 200 200.gif
media0.giphy.com/media/JOZc3vuiL4kh2/ Frame 3C98 2 MB
2 MB 315ms
186ms Image
image/gif 151.101.122.2
Fastly

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media0.giphy.com/media/JOZc3vuiL4kh2/200.gif
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.122.2 San Francisco, United States, ASN54113 (FASTLY - Fastly, US),
Reverse DNS
Software: /
Resource Hash: 57f48464d208b9ed8afc96df49a8b86798a48d8ed641178746e8a82daaffc05d

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 17:13:29 GMT
via: 1.1 varnish, 1.1 varnish, 1.1 varnish
last-modified: Fri, 10 Jul 2015 15:34:19 GMT
age: 1611086
etag: "df36b051069d91616c7526a63a31307c"
x-cache: HIT, HIT, MISS
content-type: image/gif
status: 200
cache-control: max-age=86400
x-cache-hits: 1, 1, 0
accept-ranges: bytes
x-timer: S1549646009.126211,VS0,VE159
access-control-allow-origin: *
content-length: 1959511
x-served-by: cache-iad2140-IAD, cache-bwi5147-BWI, cache-cdg20750-CDG

GET
H2 200 QGYsz_wNahGAdqQ43Rh_fKDptfpA4Q.woff2
fonts.gstatic.com/s/worksans/v3/ Frame 3C98 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:818::2003
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/worksans/v3/QGYsz_wNahGAdqQ43Rh_fKDptfpA4Q.woff2

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:818::2003 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

33b82cd35b607b426430d1af7037e294f48a93dce9b80a4660da62cf166620ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://fonts.googleapis.com/css?family=Work+Sans
Origin: https://www.sonomanews.com

Response headers

date: Wed, 09 Jan 2019 14:02:21 GMT
x-content-type-options: nosniff
last-modified: Tue, 10 Oct 2017 23:09:38 GMT
server: sffe
age: 2603467
content-type: font/woff2
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-length: 14932
x-xss-protection: 1; mode=block
expires: Thu, 09 Jan 2020 14:02:21 GMT

GET
H2 200 vissense.min.js Show response
cdnjs.cloudflare.com/ajax/libs/vissense/0.10.0/ 11 KB
3 KB 10ms
10ms Script
application/javascript 2606:4700::6813:c797
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/vissense/0.10.0/vissense.min.js

Requested by

Host: ads.adventive.com
URL: https://ads.adventive.com/ad?j&spLoad=1&iid=41124022ddd94319b0936f579993af5f&click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%253Fxai%253DAKAOjssBm2uzdbOzJEy0KLwD1WZhx6tMnKeEjtt1C-dS0YQDsXMdEZmKIxkaPD5z1vTpFPUaSzugrQVb8bR6qiTC8bB34JUAapasQpDtm29Qs4URjScXHJTd9ZkiNtxoyG9y_C1TBVA_n8pkWWdrxhJfd1g9yNNU386N7Z-nQcCNqPxEseOG8FcU_19-uxH0Q9YxZDpY7jttBcpSwAN86XZ8Fzkbpm95MUMpDOtM8En9qBtFzHWlU-suI2M7vBs%2526sai%253DAMfl-YRROyK-c1910xjpXnm6EbzfzAqJZ-_QnGZQO4QZYtmaAi4yChbsUwrAgM3g-J3OVkyi7q_B7_C2rbYQPoq0BQInpRxG_bOiKxQz3E4q%2526sig%253DCg0ArKJSzJJ0CcYawgWAEAE%2526urlfix%253D1%2526adurl%253D&enc=1&ptag=78dbb069-7b4e-4adc-93d7-4aa58e1e01a3&spLoadP=98546&spLoadC=41787&spLoadU=&type=4&fb=adventive_4_93606_nD977161_int&forceFallback=1&iAmInt=1&initScreen=1&intSettings=%7B%22actionOnce%22%3Afalse%2C%22actionOpenURLIn%22%3A%22New+Tab%22%2C%22bgTransparency%22%3A%220%25%22%2C%22closeOnTime%22%3A%228%22%2C%22closeOnTimer%22%3Atrue%2C%22customCloseName%22%3A%22Default%22%2C%22customCloseSrc%22%3A%22%22%2C%22delay%22%3A%221%22%2C%22fixedPosition%22%3Afalse%2C%22frequency%22%3A%22Once+Per+Day%22%2C%22hasAction%22%3Atrue%2C%22intBgTransparency%22%3A%2225%25%22%2C%22logLabel%22%3A%22%22%2C%22screen%22%3A%22Screen+2%22%2C%22screenId%22%3A1%2C%22showTimer%22%3Atrue%2C%22transition%22%3A%22Slide%22%2C%22transitionTime%22%3A%22300ms%22%2C%22trigger%22%3A%22Timed%22%2C%22type%22%3A%22Open+as+Interstitial%22%7D

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2606:4700::6813:c797 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

c34e28196cd412790c548696f1447aff0116ee662fead57bf578021e8cc01ba5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 17:13:29 GMT
content-encoding: br
cf-cache-status: HIT
status: 200
strict-transport-security: max-age=15780000; includeSubDomains
last-modified: Thu, 17 May 2018 09:26:40 GMT
server: cloudflare
etag: W/"5afd4ad0-2af5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
expires: Wed, 29 Jan 2020 17:13:29 GMT
cache-control: public, max-age=30672000
cf-ray: 4a5fba25ad9b9786-FRA
served-in-seconds: 0.000

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-31/html/ Frame E277 0
0 8ms
8ms Document
text/html 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-31/html/container.html?n=1

Requested by

Host: d2na2p72vtqyok.cloudfront.net
URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/04bb84fd-2de6-431d-bfc5-e32a5273fffa.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:819::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-31/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.sonomanews.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.sonomanews.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 1737
date: Tue, 05 Feb 2019 06:44:53 GMT
expires: Wed, 05 Feb 2020 06:44:53 GMT
last-modified: Thu, 01 Nov 2018 14:23:58 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 1; mode=block
cache-control: public, immutable, max-age=31536000
age: 296916
alt-svc: quic=":443"; ma=2592000; v="44,43,39"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 24D9 76 KB
28 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_301.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:806::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a9161d73cd6490abd72bc80bb1812c24ff04501c0cc458fa72a1df2cb96efa5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 17:13:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1549455546502977"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length: 28297
x-xss-protection: 1; mode=block
expires: Fri, 08 Feb 2019 17:13:29 GMT

GET
H2 200 fallbackfonts-min.css
assets.adventivecdn.com/ui/css/ Frame 4855 3 KB
448 B 15ms
8ms Stylesheet
text/css 2606:4700:20::681a:2cf
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adventivecdn.com/ui/css/fallbackfonts-min.css
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:2cf , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1f7333213535bddec5215df60374875673ec7aa64d23d25c21c58044d399dc7

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 17:13:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 04 Nov 2015 18:37:31 GMT
server: cloudflare
x-amz-request-id: 36FFD86DCBA3572F
etag: W/"ea798c544c715ea33b7e8a05f49ea409"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: private, max-age=14400
cf-ray: 4a5fba25fbfcbeb7-FRA
x-amz-id-2: rY/zCa/bmZ3be4JMrb3tuOTTlgYSGNLfHiR7j3X/Ecl5mZ1pAl063CpRPasGtNaeSKeIWOEFbYI=

GET
H2 200 58056fdc-7b19-416d-beaa-40cc89315f07
assets.adventivecdn.com/164/ Frame 4855 105 KB
0 355ms
306ms Image
image/jpeg 2606:4700:20::681a:2cf
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.adventivecdn.com/164/58056fdc-7b19-416d-beaa-40cc89315f07
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:2cf , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: b75b82838ef35035aef9dd8cb43a9236ec4ec3586dac5a4d794f82a08afc949a

Request headers

Response headers

date: Fri, 08 Feb 2019 17:13:28 GMT
cf-cache-status: REVALIDATED
x-amz-request-id: D6E96C38A9D495A4
cf-polished: origSize=115865, status=webp_bigger
status: 200
content-length: 107827
x-amz-id-2: 9j4rPPKEhbx0aIAt5XnxI2BV4g9vchBLB0y0XnecMFppsns3rQJ8DZM9xd+riwlJiILVvFGIEjM=
last-modified: Mon, 04 Feb 2019 18:23:29 GMT
server: cloudflare
etag: "0d3128e6da19601ffb1e4966be590bf6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
cache-control: private, max-age=14400
accept-ranges: bytes
cf-ray: 4a5fba1d998fbeb7-FRA
cf-bgj: imgq:100

GET
H2 200 fallbackfonts-min.css
assets.adventivecdn.com/ui/css/ Frame 4855 3 KB
425 B 22ms
10ms Stylesheet
text/css 2606:4700:20::681a:2cf
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adventivecdn.com/ui/css/fallbackfonts-min.css
Requested by: Host: srcdoc
URL: about:srcdoc
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:2cf , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: e1f7333213535bddec5215df60374875673ec7aa64d23d25c21c58044d399dc7

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 17:13:29 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 04 Nov 2015 18:37:31 GMT
server: cloudflare
x-amz-request-id: 36FFD86DCBA3572F
etag: W/"ea798c544c715ea33b7e8a05f49ea409"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
status: 200
cache-control: private, max-age=14400
cf-ray: 4a5fba263c3bbeb7-FRA
x-amz-id-2: rY/zCa/bmZ3be4JMrb3tuOTTlgYSGNLfHiR7j3X/Ecl5mZ1pAl063CpRPasGtNaeSKeIWOEFbYI=

GET
H2 200 interstitial-close.png
assets.adventivecdn.com/ui/images/ 996 B
1 KB 10ms
10ms Image
image/webp 2606:4700:20::681a:2cf
Cloudflare

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.adventivecdn.com/ui/images/interstitial-close.png
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700:20::681a:2cf , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: a5bb99d2afae545fc8d4efffd762a2bc11ceb59044e3f9fe577e0e0ad83fa877

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 17:13:29 GMT
cf-cache-status: HIT
x-amz-request-id: BA9B32EFB46F88FC
cf-polished: origFmt=png, origSize=1910
status: 200
content-disposition: inline; filename="interstitial-close.webp"
content-length: 996
x-amz-id-2: j9qXGqrvZOzXy9PypHaQI+jpxegv+1WJ4TxkUaV/Lwg1KqEE8hOQFQ1sx4ym17w0IL7UR2RXuEI=
last-modified: Fri, 13 Nov 2015 17:59:12 GMT
server: cloudflare
etag: "f2aace763cfcc4d6f3427a8a0842e55c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
cache-control: private, max-age=14400
accept-ranges: bytes
cf-ray: 4a5fba27ae3fbeb7-FRA
cf-bgj: imgq:100

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-31/html/ Frame AB6B 0
0 11ms
10ms Document
text/html 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-31/html/container.html?n=1

Requested by

Host: d2na2p72vtqyok.cloudfront.net
URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/04bb84fd-2de6-431d-bfc5-e32a5273fffa.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:819::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-31/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.sonomanews.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.sonomanews.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 1737
date: Tue, 05 Feb 2019 06:44:53 GMT
expires: Wed, 05 Feb 2020 06:44:53 GMT
last-modified: Thu, 01 Nov 2018 14:23:58 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 1; mode=block
cache-control: public, immutable, max-age=31536000
age: 296916
alt-svc: quic=":443"; ma=2592000; v="44,43,39"

GET
H/1.1 200
OK stats
ads.adventive.com/api/ 43 B
466 B 142ms
141ms Image
image/gif 50.57.214.178
Rackspace Hosting

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.adventive.com/api/stats?acc=164&adv=3795&atid=4&auid=93606&cache=1&cid=41787&gid=0&pcid=53857&pid=98546&sid=565&tag=78dbb069-7b4e-4adc-93d7-4aa58e1e01a3&tz=America%2FLos_Angeles&up=0.00000&ut=RM&vid=4&ckid=73ad4fde-e08f-4ace-9905-6e052ef34ca7&ip=185.220.70.202&clk=0&dat=%7B%22viewTime%22%3A1%2C%22screenIndex%22%3A2%7D&dh=1200&dw=1600&eng=0&grp=0&hc=qmumuagu&iid=41124022ddd94319b0936f579993af5f&ref=https%3A%2F%2Fwww.sonomanews.com%2F&type=ad_view_view_auto&hov=0&cb=1549646010352
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 50.57.214.178 San Antonio, United States, ASN19994 (RACKSPACE - Rackspace Hosting, US),
Reverse DNS: ads.adventive.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 08 Feb 2019 17:13:30 GMT
Content-encoding: none
Last-Modified: Wed, 11 Jan 2006 12:59:00 GMT
Server: Apache/2.4.29 (Ubuntu)
P3P: CP="CAO PSA OUR"
Access-Control-Allow-Origin: *
Cache-Control: no-cache, no-store, must-revalidate
Connection: Keep-Alive
Content-Type: image/gif
Keep-Alive: timeout=5, max=90
Content-length: 43
Expires: Wed, 11 Jan 2000 12:59:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 283 B
278 B 163ms
163ms XHR
text/plain 216.58.208.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3132106768213164&correlator=65373611712626&output=ldjh&callback=googletag.impl.pubads.callbackProxy5&impl=fifs&adsid=NT&json_a=1&eid=21062150%2C21062724%2C21062818&vrg=301&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A16809992&sc=1&sfv=1-0-31&iu_parts=94238257%2Csit%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x100&prev_scp=type%3Dsectionfront%26loc%3D1&cookie=ID%3Dbb950615623a4648%3AT%3D1549646006%3AS%3DALNI_MYDSk11mG8-_Sb36-q1FF_750Uf6A&cookie_enabled=1&bc=15&abxe=1&lmt=1549646010&dt=1549646010592&dlt=1549646001805&idt=2305&frm=20&biw=1585&bih=1200&oid=3&adxs=0&adys=0&adks=3228150903&ucis=b&color_bg=FFFFFF&ifi=10&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.sonomanews.com%2F&dssz=45&icsg=3028055023069184&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x100&msz=300x100&blev=1&bisch=1&psts=CiYI_rzWthLoAe_hkIeDBIAC8ee6LIAC6ei6LIACocDvLIAC8fnwLA%2CCisIgeHatBJYwZvGP-gBjtr-hoMEgALx57osgALp6LosgAKhwO8sgALx-fAs%2CCiYIpMS33xHoAcf-uP6CBIAC8ee6LIAC6ei6LIACocDvLIAC8fnwLA&ga_vid=665040439.1549646007&ga_sid=1549646007&ga_hid=381178205&ga_cid=1558647528.1549646008&fws=128

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_301.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s12-in-f2.1e100.net

Software

cafe /

Resource Hash

d24ef0f27eff9a8995ecb1feba25edafe3ae2780f071b90cb31a7a092966a38d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.sonomanews.com/
Origin: https://www.sonomanews.com

Response headers

date: Fri, 08 Feb 2019 17:13:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 187
x-xss-protection: 1; mode=block
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sonomanews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 10 KB
5 KB 299ms
299ms XHR
text/plain 216.58.208.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3132106768213164&correlator=65373611712626&output=ldjh&callback=googletag.impl.pubads.callbackProxy6&impl=fifs&adsid=NT&json_a=1&eid=21062150%2C21062724%2C21062818&vrg=301&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A16809992&sc=1&sfv=1-0-31&iu_parts=94238257%2Csit%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&prev_scp=type%3Dsectionfront%26position%3DATF%26loc%3D2&cookie=ID%3Dbb950615623a4648%3AT%3D1549646006%3AS%3DALNI_MYDSk11mG8-_Sb36-q1FF_750Uf6A&cookie_enabled=1&bc=15&abxe=1&lmt=1549646010&dt=1549646010632&dlt=1549646001805&idt=2305&frm=20&biw=1585&bih=1200&oid=3&adxs=0&adys=0&adks=4155754638&ucis=d&color_bg=FFFFFF&ifi=12&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.sonomanews.com%2F&dssz=46&icsg=3028055023069184&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x250&blev=1&bisch=1&psts=CiYI_rzWthLoAe_hkIeDBIAC8ee6LIAC6ei6LIACocDvLIAC8fnwLA%2CCisIgeHatBJYwZvGP-gBjtr-hoMEgALx57osgALp6LosgAKhwO8sgALx-fAs%2CCiYIpMS33xHoAcf-uP6CBIAC8ee6LIAC6ei6LIACocDvLIAC8fnwLA&ga_vid=665040439.1549646007&ga_sid=1549646007&ga_hid=381178205&ga_cid=1558647528.1549646008&fws=128

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_301.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s12-in-f2.1e100.net

Software

cafe /

Resource Hash

57362f647f2ac7de26e832beb8c877872bcd5b891d8067ce5fac7ea173b0282e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.sonomanews.com/
Origin: https://www.sonomanews.com

Response headers

date: Fri, 08 Feb 2019 17:13:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 4950
x-xss-protection: 1; mode=block
google-lineitem-id: 4946116761
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138258983895
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sonomanews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 10 KB
5 KB 404ms
403ms XHR
text/plain 216.58.208.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3132106768213164&correlator=65373611712626&output=ldjh&callback=googletag.impl.pubads.callbackProxy7&impl=fifs&adsid=NT&json_a=1&eid=21062150%2C21062724%2C21062818&vrg=301&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A16809992&sc=1&sfv=1-0-31&iu_parts=94238257%2Csit%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=300x250&prev_scp=type%3Dsectionfront%26position%3DBTF%26loc%3D3&cookie=ID%3Dbb950615623a4648%3AT%3D1549646006%3AS%3DALNI_MYDSk11mG8-_Sb36-q1FF_750Uf6A&cookie_enabled=1&bc=15&abxe=1&lmt=1549646010&dt=1549646010666&dlt=1549646001805&idt=2305&frm=20&biw=1585&bih=1200&oid=3&adxs=0&adys=0&adks=4155754639&ucis=f&color_bg=FFFFFF&ifi=14&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.sonomanews.com%2F&dssz=47&icsg=3028055023069184&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x250&msz=300x250&blev=1&bisch=1&psts=CiYI_rzWthLoAe_hkIeDBIAC8ee6LIAC6ei6LIACocDvLIAC8fnwLA%2CCisIgeHatBJYwZvGP-gBjtr-hoMEgALx57osgALp6LosgAKhwO8sgALx-fAs%2CCiYIpMS33xHoAcf-uP6CBIAC8ee6LIAC6ei6LIACocDvLIAC8fnwLA&ga_vid=665040439.1549646007&ga_sid=1549646007&ga_hid=381178205&ga_cid=1558647528.1549646008&fws=128

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_301.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s12-in-f2.1e100.net

Software

cafe /

Resource Hash

89bc8ce77e1020edde1441607b86ff303331607daafa0a0ffea98ec3e4bf560d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.sonomanews.com/
Origin: https://www.sonomanews.com

Response headers

date: Fri, 08 Feb 2019 17:13:31 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 5057
x-xss-protection: 1; mode=block
google-lineitem-id: 4947475837
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138259092612
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sonomanews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 5 KB
3 KB 679ms
679ms XHR
text/plain 216.58.208.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3132106768213164&correlator=65373611712626&output=ldjh&callback=googletag.impl.pubads.callbackProxy8&impl=fifs&adsid=NT&json_a=1&eid=21062150%2C21062724%2C21062818&vrg=301&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A16809992&sc=1&sfv=1-0-31&iu_parts=94238257%2Csit%2Chome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=728x90%7C970x90&prev_scp=type%3Dsectionfront%26position%3DBTF%26loc%3D2&cookie=ID%3Dbb950615623a4648%3AT%3D1549646006%3AS%3DALNI_MYDSk11mG8-_Sb36-q1FF_750Uf6A&cookie_enabled=1&bc=15&abxe=1&lmt=1549646010&dt=1549646010680&dlt=1549646001805&idt=2305&frm=20&biw=1585&bih=1200&oid=3&adxs=0&adys=0&adks=4238923947&ucis=h&color_bg=FFFFFF&ifi=16&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.sonomanews.com%2F&dssz=48&icsg=3028055023069184&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&psz=0x21&msz=728x90&blev=1&bisch=1&psts=CiYI_rzWthLoAe_hkIeDBIAC8ee6LIAC6ei6LIACocDvLIAC8fnwLA%2CCisIgeHatBJYwZvGP-gBjtr-hoMEgALx57osgALp6LosgAKhwO8sgALx-fAs%2CCiYIpMS33xHoAcf-uP6CBIAC8ee6LIAC6ei6LIACocDvLIAC8fnwLA&ga_vid=665040439.1549646007&ga_sid=1549646007&ga_hid=381178205&ga_cid=1558647528.1549646008&fws=128

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_301.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s12-in-f2.1e100.net

Software

cafe /

Resource Hash

b02572f68e901cf66e9535cd5d91a4b0c6ae7c9340c3d025668006cffb8737fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.sonomanews.com/
Origin: https://www.sonomanews.com

Response headers

date: Fri, 08 Feb 2019 17:13:31 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 2601
x-xss-protection: 1; mode=block
google-lineitem-id: 4794768450
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138243791028
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sonomanews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 m_window_focus_non_hydra.js Show response
tpc.googlesyndication.com/pagead/js/r20190204/r20110914/client/ext/ Frame 3A85 2 KB
1 KB 40ms
13ms Script
text/javascript 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20190204/r20110914/client/ext/m_window_focus_non_hydra.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_301.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:819::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

4dd51e6b250e15946ca0af835e0511093c82c5678115aac3055645d889a1681a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Mon, 04 Feb 2019 14:23:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 355821
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 1049
x-xss-protection: 1; mode=block
server: cafe
etag: 9573447915536422037
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Feb 2019 14:23:10 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3A85 77 KB
0 40ms
39ms Script
text/javascript 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_301.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:806::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

7a9c057de0f641b2b9a094f9f198598b1130ae5e4c92a2fe7bc6a9df1fe5ec3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Fri, 08 Feb 2019 17:13:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1549455546502977"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length: 28846
x-xss-protection: 1; mode=block
expires: Fri, 08 Feb 2019 17:13:26 GMT

GET
DATA 200
OK truncated
/ Frame 3A85 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d684d924cc0efa1c3e966e687cdee99d341b2584194b01c27e8664819a0b3433

Request headers

Response headers

Content-Type: image/png

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3A85 0
56 B 36ms
28ms Image
image/gif 216.58.208.34
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstDSb9CDTzkDO1kN68ExaVkZsRXIt8JuXOwxbovKYJ4HnWl2dgCZaja4QeoWftNbKVgWw89RD2oK6WbnnPZj1rJ3aGq81gG-P1F6bvkaEeE5_O1MnLrkfd_Jsabh1-k9K27B-As6XUHNEuWU0bZAvlRTlSWE21G2yuff7Bb8VZYeKXLlTilmvSJtBphfXLvrQyOqVdtfg_GYc60ErPmArej9gDp5qmDzAYfvGaA9QBabTrXL7zNI7_YbE1S8xlnrq0&sai=AMfl-YRUEllY-3s8oZFFjgj1IW2g6lDPMSHxSvoQ8Z02wDiSkv3BsnZYa-txO9WzPNtP9_jmb27X1GSgACZfM3Zw-qpk3UG8KSJx1wArzVpmRn4wvUkQgMRiyZjyja_v&sig=Cg0ArKJSzP266kgceSmwEAE&adurl=

Requested by

Host: www.sonomanews.com
URL: https://www.sonomanews.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 17:13:31 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 9846539244412059700
tpc.googlesyndication.com/simgad/ Frame 3A85 38 KB
38 KB 13ms
7ms Image
image/jpeg 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9846539244412059700

Requested by

Host: www.sonomanews.com
URL: https://www.sonomanews.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:819::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

574d1ffbb4fe10ec17b62b0386d93ca65992753d51e8aad8140cff297132c61e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Tue, 05 Feb 2019 11:31:26 GMT
x-content-type-options: nosniff
age: 279725
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 38623
x-xss-protection: 1; mode=block
last-modified: Mon, 04 Feb 2019 23:04:06 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 05 Feb 2020 11:31:26 GMT

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
338 B 114ms
111ms Image
image/gif 35.170.181.65
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjoiNDk0NjExNjc2MSIsImVidXkiOiIyNDgzNzMyNTU2IiwiZWFkdiI6IjYzNTU4NTM3IiwiZWNpZCI6IjEzODI1ODk4Mzg5NSIsImVlbnYiOiJqIiwiZXBpZCI6Ijk0MTI1Mjk3IiwiZXNpZCI6IjkzMjM4Mzc3In0&tv=js-3.0.64&tna=Mather&aid=v1&p=web&tz=UTC&lang=en-US&cs=UTF-8&navt=link&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&tvltm=5&tid=fce3e14d-a17e-4f52-bd6c-f9cdd1edd575&pid=3690c72b-1405-43ac-9bff-f4a0b7abe059&dtm=1549646010965&qnm=_matherq&visible=1&tabid=b751cdc1-9188-4a77-b1dd-05b221a2fa1e&vp=1600x1200&ds=1585x4112&tofa=1549646007&vid=1&duid=272f403bb52eeba4&fp=3998842399&cid=ma16916&mrk=901956900&url=https%3A%2F%2Fwww.sonomanews.com%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.170.181.65 Seattle, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-35-170-181-65.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 08 Feb 2019 17:13:31 GMT
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

GET
H2 200 m_window_focus_non_hydra.js Show response
tpc.googlesyndication.com/pagead/js/r20190204/r20110914/client/ext/ Frame 3B44 2 KB
0 40ms
13ms Script
text/javascript 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20190204/r20110914/client/ext/m_window_focus_non_hydra.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_301.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:819::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

4dd51e6b250e15946ca0af835e0511093c82c5678115aac3055645d889a1681a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Mon, 04 Feb 2019 14:23:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 355821
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 1049
x-xss-protection: 1; mode=block
server: cafe
etag: 9573447915536422037
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 18 Feb 2019 14:23:10 GMT

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3B44 77 KB
0 40ms
39ms Script
text/javascript 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_301.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:806::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

7a9c057de0f641b2b9a094f9f198598b1130ae5e4c92a2fe7bc6a9df1fe5ec3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Fri, 08 Feb 2019 17:13:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1549455546502977"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length: 28846
x-xss-protection: 1; mode=block
expires: Fri, 08 Feb 2019 17:13:26 GMT

GET
DATA 200
OK truncated
/ Frame 3B44 211 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: db9b603972016b0cb2e1b3cc1891c641cce5d78cc83cd24b8a59ef78de46e045

Request headers

Response headers

Content-Type: image/png

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3B44 0
65 B 35ms
22ms Image
image/gif 216.58.208.34
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuFZWVa6uQw7ECZkwTu0kRvo7Q5l-q4r1nQXOHRs8lkb_6jFgqyhdkccgE8P3WXyQeFYsUbNsLq8lxBvmK_MF3ABvRcpzMB7roWSyMXsVgGiBW4ClCEmjJ47VvrMeAFZ8Hq6-Ekk30MX3FdFSaqMM6PcuWJaWZs2b_m-NOsbNtcIRhnPuPGTAT5q6Yz9C1HIqBI2hF4aJcJSktL-fXruoLJLMRcGJ9Woy67SVLlwJNqLtnCegIhoLUvSpv5ik2Dz2Y&sai=AMfl-YQkOLKSq0Ath9kboixsGYkaF-moGZ8a-Rbd7R-t2t1gdSGbxeWv_U8h-V1gM8_gP69P7gIOiIY_m7u9qLpMrdXh2FieTah2g3MFAVBd7WkfC0OcQRhoFtl6SW17&sig=Cg0ArKJSzMBN26UrIfd0EAE&adurl=

Requested by

Host: www.sonomanews.com
URL: https://www.sonomanews.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 17:13:31 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 0
x-xss-protection: 1; mode=block

GET
H2 200 17087691558297195779
tpc.googlesyndication.com/simgad/ Frame 3B44 38 KB
38 KB 26ms
13ms Image
image/jpeg 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/17087691558297195779

Requested by

Host: www.sonomanews.com
URL: https://www.sonomanews.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:819::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

adb6a2a8976fc225f7ac080bd7242948bc044b013c40c865156bc208d2155e6f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 16:09:29 GMT
x-content-type-options: nosniff
age: 3842
x-dns-prefetch-control: off
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 39218
x-xss-protection: 1; mode=block
last-modified: Wed, 06 Feb 2019 00:47:29 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 08 Feb 2020 16:09:29 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 3B44 0
56 B 31ms
18ms Image
text/html 2a00:1450:4001:818::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRmf0Xd0mLaAjVk8f7AMfcSGYy0_l5qMG2fiBQbmTNQaAzdMVlNpY4oNP7tJYLFXpbJJeYj
Requested by: Host: www.sonomanews.com
URL: https://www.sonomanews.com/
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2a00:1450:4001:818::2004 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
338 B 131ms
103ms Image
image/gif 35.170.181.65
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjoiNDk0NzQ3NTgzNyIsImVidXkiOiIyNDg0NTY2NTY4IiwiZWFkdiI6IjQ1MDA3MDAyNzciLCJlY2lkIjoiMTM4MjU5MDkyNjEyIiwiZWVudiI6ImoiLCJlcGlkIjoiOTQxMjUyOTciLCJlc2lkIjoiOTMyMzgzNzcifQ&tv=js-3.0.64&tna=Mather&aid=v1&p=web&tz=UTC&lang=en-US&cs=UTF-8&navt=link&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&tvltm=5&tid=2c688e88-b541-4727-8e31-0973b7618bd6&pid=3690c72b-1405-43ac-9bff-f4a0b7abe059&dtm=1549646011123&qnm=_matherq&visible=1&tabid=b751cdc1-9188-4a77-b1dd-05b221a2fa1e&vp=1600x1200&ds=1585x4112&tofa=1549646007&vid=1&duid=272f403bb52eeba4&fp=3998842399&cid=ma16916&mrk=901956900&url=https%3A%2F%2Fwww.sonomanews.com%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.170.181.65 Seattle, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-35-170-181-65.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 08 Feb 2019 17:13:31 GMT
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

GET
H/1.1 200
OK 04bb84fd-2de6-431d-bfc5-e32a5273fffa.js Show response
d2na2p72vtqyok.cloudfront.net/client-embed/ Frame D75A 59 KB
14 KB 16ms
15ms Script
application/javascript 52.222.150.61
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/04bb84fd-2de6-431d-bfc5-e32a5273fffa.js
Requested by: Host: www.sonomanews.com
URL: https://www.sonomanews.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.222.150.61 Seattle, United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: server-52-222-150-61.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 21aa587aeab2054dabbb410d460a05f662db35e763e629f11ece72c6739e8c51

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 08 Feb 2019 17:13:28 GMT
Content-Encoding: gzip
Last-Modified: Thu, 07 Feb 2019 22:36:25 GMT
Server: AmazonS3
Age: 4
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
x-amz-version-id: abu7aVzzNO0vPTFSrQrJ9YwfFxca55U8
Via: 1.1 ae3e6ab763f755c867a3b493d306312c.cloudfront.net (CloudFront)
Cache-Control: max-age=31536000,public
Transfer-Encoding: chunked
Connection: keep-alive
Content-Type: application/javascript
X-Amz-Cf-Id: Ofs8K3r8-TyD4VQpxqP4CO88K2RazOwTuulHgciW9-o6xTEp0f0T4A==

GET
H2 200 osd_listener.js Show response
www.googletagservices.com/activeview/js/current/ Frame D75A 77 KB
0 40ms
39ms Script
text/javascript 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd_listener.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_301.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:806::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

7a9c057de0f641b2b9a094f9f198598b1130ae5e4c92a2fe7bc6a9df1fe5ec3a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Response headers

date: Fri, 08 Feb 2019 17:13:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1549455546502977"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length: 28846
x-xss-protection: 1; mode=block
expires: Fri, 08 Feb 2019 17:13:26 GMT

GET
DATA 200
OK truncated
/ Frame D75A 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e6671572e655274c397c9cafdfb541842ec8106d9156ee5022ce3dd399efaa8b

Request headers

Response headers

Content-Type: image/png

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame D75A 0
65 B 28ms
27ms Image
image/gif 216.58.208.34
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssefS-8j0Hd6Er9usbeVePxfSoNUKq6K81ULGTQRMl342CNln3ZVSiVR-0uH3AeenqfgfRWluwUCGTO2z4xGIiAuoOd3WosBRcGNAoqzkBnmo4uGeqsDY3NRmit-e2kml3BBuJBARy4tDHyTJisHVOap3AhsPETxkdHqDM_19tG00m1KVa8-oIVWi8zzC-JLiIE0Vi8vOig6vjRvhYyMnKTqgmwQH9tOFdz89VNePo9dHUw7s4QVQ78RnTuD_MO7rI&sai=AMfl-YRuKy5filyklCu-FhTJ8vfQK8Q3qUJ-OBX7vDXmsIGRmURhrQoIsh7GQ44-8gyTxVK49CtpHtov1yAsSdMvaqqEJD6Mybkr6sN9AZeGVmVt0J5zNpPzNGbS_SJG&sig=Cg0ArKJSzLLveZcGq-qfEAE&urlfix=1&adurl=

Requested by

Host: www.sonomanews.com
URL: https://www.sonomanews.com/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s12-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 17:13:31 GMT
x-content-type-options: nosniff
content-type: image/gif
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: private
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 0
x-xss-protection: 1; mode=block

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
338 B 103ms
103ms Image
image/gif 35.170.181.65
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=ue&ue_na=Ad%20Impression&ue_px=eyJlYWlkIjoiNDc5NDc2ODQ1MCIsImVidXkiOiIyMzY4MTYxNzYwIiwiZWFkdiI6IjQ2MDc2MjM2NjEiLCJlY2lkIjoiMTM4MjQzNzkxMDI4IiwiZWVudiI6ImoiLCJlcGlkIjoiOTQxMjUyOTciLCJlc2lkIjoiOTMyMzgzNzcifQ&tv=js-3.0.64&tna=Mather&aid=v1&p=web&tz=UTC&lang=en-US&cs=UTF-8&navt=link&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&tvltm=5&tid=72912330-9ed6-42b3-82c6-b6a078f03c3f&pid=3690c72b-1405-43ac-9bff-f4a0b7abe059&dtm=1549646011455&qnm=_matherq&visible=1&tabid=b751cdc1-9188-4a77-b1dd-05b221a2fa1e&vp=1600x1200&ds=1585x4137&tofa=1549646007&vid=1&duid=272f403bb52eeba4&fp=3998842399&cid=ma16916&mrk=901956900&url=https%3A%2F%2Fwww.sonomanews.com%2F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.170.181.65 Seattle, United States, ASN14618 (AMAZON-AES - Amazon.com, Inc., US),
Reverse DNS: ec2-35-170-181-65.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

Date: Fri, 08 Feb 2019 17:13:31 GMT
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"

GET
H2 200 instbid_1_34.js Show response
df80k0z3fi8zg.cloudfront.net/files/ Frame D75A 186 KB
58 KB 8ms
7ms Script
application/javascript 2600:9000:200c:aa00:10:3422:3f00:93a1
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_1_34.js
Requested by: Host: d2na2p72vtqyok.cloudfront.net
URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/04bb84fd-2de6-431d-bfc5-e32a5273fffa.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:9000:200c:aa00:10:3422:3f00:93a1 , United States, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0f6ee20b21d01524e91fcffa710cd8072d4e028c06919733d5bf8e3ef598df6e

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

x-amz-version-id: PGrzj8yxW7gO0A.yjpfuyrFCQHWW4tOL
content-encoding: gzip
last-modified: Tue, 04 Dec 2018 20:19:45 GMT
server: AmazonS3
age: 4919
date: Fri, 08 Feb 2019 15:52:34 GMT
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
status: 200
x-amz-cf-id: _1L3bXXeGybHN5b7TgChPCn6lMnWt8ZqMDBPvLzJ5XoJBfQwCfDDuQ==
via: 1.1 a5dd7270846a000392d2981b8c28634f.cloudfront.net (CloudFront)

POST
H/1.1 404
Not Found 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ Frame D75A 678 B
878 B 23ms
23ms XHR
text/plain 2a02:fa8:8806:12::1430
Conversant

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_1_34.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:12::1430 , Sweden, ASN25751 (VALUECLICK - Conversant, Inc., US),
Reverse DNS
Software: nginx /
Resource Hash: d3a970101d5c1c13fe97539903a8285d524c87295f551421ab9e40d9c1324e4a

Request headers

Referer: https://www.sonomanews.com/
Origin: https://www.sonomanews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 08 Feb 2019 17:13:31 GMT
Cache-Control: max-age=0, no-store
Server: nginx
Connection: keep-alive
Content-Length: 678
Content-Type: text/plain; charset=UTF-8

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame D75A 144 B
1 KB 28ms
27ms XHR
application/json 185.33.223.208
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_1_34.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.208 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

Software

nginx/1.13.4 /

Resource Hash

beeea8c373755bd37055795e03d451ee4a713add2317024e7ce2646abf8080b3

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.sonomanews.com/
Origin: https://www.sonomanews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 08 Feb 2019 17:13:33 GMT
X-Proxy-Origin: 185.220.70.202; 185.220.70.202; 311.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.134:80
AN-X-Request-Uuid: 9757a37a-1651-4b5b-afd4-1dc38d1da657
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.sonomanews.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 144
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ Frame D75A 0
1 KB 103ms
102ms XHR
application/json 185.86.138.79
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_1_34.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.86.138.79 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sonomanews.com/
Origin: https://www.sonomanews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 08 Feb 2019 17:13:31 GMT
X-SMRT-D: 4%3b11%3b64
P3P: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
Access-Control-Allow-Origin: https://www.sonomanews.com
Cache-Control: no-cache, no-store
Access-Control-Allow-Credentials: true
Content-Type: application/json
Content-Length: 0
Expires: -1

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ Frame D75A 24 B
999 B 186ms
130ms XHR
application/json 2.18.234.21
Akamai Technologies

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?s=332891&v=7.2&r=%7B%22id%22%3A%2272e82ff9c778ae%22%2C%22imp%22%3A%5B%7B%22id%22%3A%228e49d580414d7c%22%2C%22banner%22%3A%7B%22w%22%3A728%2C%22h%22%3A90%2C%22topframe%22%3A0%7D%2C%22ext%22%3A%7B%22siteID%22%3A%22332891%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.sonomanews.com%2F%22%2C%22ref%22%3A%22%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%7D%7D&ac=j&sd=1&
Requested by: Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_1_34.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 , European Union, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 4944313a80fbc125959c03e8cb8c395257bc26f4344ba76213ce8f8067bb6934

Request headers

Referer: https://www.sonomanews.com/
Origin: https://www.sonomanews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 08 Feb 2019 17:13:31 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Access-Control-Allow-Origin: https://www.sonomanews.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 44
Expires: Fri, 08 Feb 2019 17:13:31 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ Frame D75A 239 B
1 KB 27ms
26ms XHR
application/json 213.19.162.71
The Rubicon Project

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=17062&site_id=156666&zone_id=747210&size_id=2&p_pos=unknown&rf=https%3A%2F%2Fwww.sonomanews.com%2F&tk_flint=pbjs_lite_v1.34.0&x_source.tid=c60b32b3-2b14-4b4f-92c9-21bf8a1939b0&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&slots=1&rand=0.34798452909348776
Requested by: Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_1_34.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 213.19.162.71 , United Kingdom, ASN26667 (RUBICONPROJECT - The Rubicon Project, Inc., US),
Reverse DNS
Software: RAS 2.4 /
Resource Hash: 841e286ca98a7fc189ceec06ceabd37edc751102eca96f097ec542195a7f1835

Request headers

Referer: https://www.sonomanews.com/
Origin: https://www.sonomanews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 08 Feb 2019 17:13:31 GMT
Server: RAS 2.4
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.sonomanews.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Content-Type: application/json
Keep-Alive: timeout=0, max=10
Content-Length: 239
Expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ Frame D75A 51 B
672 B 1112ms
52ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%221285876a12c5781%22%3A%224c4c920a6cf262ee66db%7C728x90%22%7D&ref=https%3A%2F%2Fwww.sonomanews.com%2F&s=551c6ea8-3a2b-47e8-887a-62bd41a7d15a&pv=9f1c09c5-e5ad-4068-825c-e4a6a5f66cba&vp=mobile&lib_name=prebid&lib_v=1.34.0&us=5&

Requested by

Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_1_34.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

eda1c8023fc949f2a4be6fe8e103a9929212d137bd2ab67ecbb6106ac533c821

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.sonomanews.com/
Origin: https://www.sonomanews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 08 Feb 2019 17:13:32 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-128
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.sonomanews.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 79
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 imp Show response
g2.gumgum.com/hbid/ Frame D75A 55 B
354 B 34ms
34ms XHR
application/json 54.229.133.169
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://g2.gumgum.com/hbid/imp?si=23967&pi=3&gdprApplies=true&gdprConsent=null&vw=1600&vh=1200&sw=1600&sh=1200&pu=https%3A%2F%2Fwww.sonomanews.com%2F&ce=true&dpr=1&jcsi=%5Bobject%20Object%5D&
Requested by: Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_1_34.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.133.169 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-54-229-133-169.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: fb5b2be42780f1c650a0a82391afd6fe8b488a8a313091697edd780822d32060

Request headers

Referer: https://www.sonomanews.com/
Origin: https://www.sonomanews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 08 Feb 2019 17:13:31 GMT
content-encoding: gzip
content-type: application/json;charset=UTF-8
server: nginx
status: 200
p3p: CP="This is not a P3P policy"
access-control-allow-origin: https://www.sonomanews.com
cache-control: private, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
expires: 0

OPTIONS
H2 204 v1 Show response
dmx.districtm.io/b/ Frame D75A 0
274 B 101ms
100ms XHR
text/plain 35.203.66.107
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/b/v1

Requested by

Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_1_34.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

35.203.66.107 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

107.66.203.35.bc.googleusercontent.com

Software

nginx/1.13.12 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Access-Control-Request-Method: POST
Origin: https://www.sonomanews.com
Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Access-Control-Request-Headers: content-type

Response headers

date: Fri, 08 Feb 2019 17:13:31 GMT
server: nginx/1.13.12
access-control-allow-origin: https://www.sonomanews.com
vary: origin
access-control-allow-methods: OPTIONS, POST
status: 204
access-control-max-age: 14400
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: origin, content-type

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame D75A 142 B
1 KB 34ms
34ms XHR
application/json 185.33.223.208
AppNexus

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: df80k0z3fi8zg.cloudfront.net
URL: https://df80k0z3fi8zg.cloudfront.net/files/instbid_1_34.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.208 , European Union, ASN29990 (ASN-APPNEXUS - AppNexus, Inc, US),

Reverse DNS

Software

nginx/1.13.4 /

Resource Hash

0ca9f3bb91ddac3d1fcbf531db0eb31da63c94c97e24a5b7ef463c71b939be22

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.sonomanews.com/
Origin: https://www.sonomanews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 08 Feb 2019 17:13:33 GMT
X-Proxy-Origin: 185.220.70.202; 185.220.70.202; 311.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.69:80
AN-X-Request-Uuid: 07931741-fc0e-4d2c-b579-a4a755200cd4
Server: nginx/1.13.4
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.sonomanews.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 142
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 v1 Show response
dmx.districtm.io/b/ Frame D75A 0
252 B 96ms
96ms XHR
text/plain 35.203.66.107
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://dmx.districtm.io/b/v1

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

35.203.66.107 Ann Arbor, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

107.66.203.35.bc.googleusercontent.com

Software

nginx/1.13.12 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.sonomanews.com/
Origin: https://www.sonomanews.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 08 Feb 2019 17:13:31 GMT
server: nginx/1.13.12
status: 204
vary: origin
access-control-allow-methods: OPTIONS, POST
access-control-allow-origin: https://www.sonomanews.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-headers: origin, content-type

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame D75A 29 KB
10 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: d2na2p72vtqyok.cloudfront.net
URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/04bb84fd-2de6-431d-bfc5-e32a5273fffa.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:806::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

139f0678adf52bffa2e72566204cb52fea2ce3ee3f2c6da00beb57a21e347719

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 17:13:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "76 / 475 of 1000 / last-modified: 1549580748"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length: 10063
x-xss-protection: 1; mode=block
expires: Fri, 08 Feb 2019 17:13:32 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame D75A 109 B
171 B 16ms
16ms Script
application/javascript 2a00:1450:4001:816::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.sonomanews.com

Requested by

Host: d2na2p72vtqyok.cloudfront.net
URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/04bb84fd-2de6-431d-bfc5-e32a5273fffa.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:816::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 17:13:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length: 104
x-xss-protection: 1; mode=block

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame D75A 109 B
171 B 16ms
16ms Script
application/javascript 2a00:1450:4001:819::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.sonomanews.com

Requested by

Host: d2na2p72vtqyok.cloudfront.net
URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/04bb84fd-2de6-431d-bfc5-e32a5273fffa.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:819::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 17:13:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-type: application/javascript; charset=UTF-8
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
status: 200
cache-control: private, no-cache, no-store
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length: 104
x-xss-protection: 1; mode=block

GET
H2 200 pubads_impl_301.js Show response
securepubads.g.doubleclick.net/gpt/ Frame D75A 181 KB
62 KB 42ms
41ms Script
text/javascript 216.58.208.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_301.js

Requested by

Host: d2na2p72vtqyok.cloudfront.net
URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/04bb84fd-2de6-431d-bfc5-e32a5273fffa.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s12-in-f2.1e100.net

Software

sffe /

Resource Hash

cf7372c066c21a04cdf010795703ebfe788cff3d65f07a018e27e676944558fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 17:13:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 31 Jan 2019 17:47:20 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 63397
x-xss-protection: 1; mode=block
expires: Fri, 08 Feb 2019 17:13:32 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame D75A 9 KB
5 KB 446ms
445ms XHR
text/plain 216.58.208.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2734092923757537&correlator=4150898882601863&output=ldjh&callback=googletag.impl.pubads.callbackProxy1&impl=fif&adsid=NT&eid=21062832%2C21062886%2C21063066&vrg=301&guci=1.2.0.0.2.2.0.0&plat=1%3A32776%2C2%3A16809992&sc=1&sfv=1-0-31&iu=%2F27794161%2Fsonomanews.com_Web_728x90_1&sz=728x90&scp=refurl%3Dsonomanews.com%26floor_group%3Dctrl_group%26hour%3D17%26tier%3D1%26adx_floor%3D1%26instBid_bidder%3Dnofill%26instBid_pb%3D0%26instBid_adid%3Dnofill%26instBid_size%3D728x90%26impression_type%3Dinitial_load&cookie=ID%3Dbb950615623a4648%3AT%3D1549646006%3AS%3DALNI_MYDSk11mG8-_Sb36-q1FF_750Uf6A&cdm=www.sonomanews.com&bc=15&lmt=1549646012&dt=1549646012809&dlt=1549646011441&idt=1360&ea=0&frm=23&biw=1585&bih=1200&isw=728&ish=90&oid=3&adx=264&ady=3809&adk=2268476760&uci=an9nloy59ufc&ifi=1&ifk=637082211&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&iag=3&url=https%3A%2F%2Fwww.sonomanews.com%2F&top=https%3A%2F%2Fwww.sonomanews.com%2F&dssz=15&icsg=8362&std=0&vis=1&dmc=8&scr_x=0&scr_y=0&blev=1&bisch=1&ga_vid=1558647528.1549646008&ga_sid=1549646013&ga_hid=691903947&fws=256

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_301.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s12-in-f2.1e100.net

Software

cafe /

Resource Hash

00e56b63ceb65165395286e7b76a4e7dcc9ea4042e656f0f8c0f3107d89f8aa0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.sonomanews.com/
Origin: https://www.sonomanews.com

Response headers

date: Fri, 08 Feb 2019 17:13:33 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: 107093
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 4594
x-xss-protection: 1; mode=block
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-mediationtag-id: 148361
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.sonomanews.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_rendering_301.js Show response
securepubads.g.doubleclick.net/gpt/ Frame D75A 63 KB
23 KB 46ms
46ms Script
text/javascript 216.58.208.34
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_rendering_301.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_301.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

216.58.208.34 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s12-in-f2.1e100.net

Software

sffe /

Resource Hash

74aaec3179743f8515f3c4446412e31358ac0141eced480cf737bdca94447908

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 17:13:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 31 Jan 2019 17:47:20 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="44,43,39"
content-length: 23922
x-xss-protection: 1; mode=block
expires: Fri, 08 Feb 2019 17:13:32 GMT

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-31/html/ Frame D75A 0
0 6ms
5ms Other
text/html 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-31/html/container.html?n=1
Requested by: Host: d2na2p72vtqyok.cloudfront.net
URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/04bb84fd-2de6-431d-bfc5-e32a5273fffa.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a00:1450:4001:819::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Purpose: prefetch
Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-31/html/ Frame 593C 0
0 8ms
8ms Document
text/html 2a00:1450:4001:819::2001
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-31/html/container.html?n=1

Requested by

Host: d2na2p72vtqyok.cloudfront.net
URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/04bb84fd-2de6-431d-bfc5-e32a5273fffa.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1450:4001:819::2001 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-31/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8
referer: https://www.sonomanews.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36
Referer: https://www.sonomanews.com/

Response headers

status: 200
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
timing-allow-origin: *
content-length: 1737
date: Tue, 05 Feb 2019 06:44:53 GMT
expires: Wed, 05 Feb 2020 06:44:53 GMT
last-modified: Thu, 01 Nov 2018 14:23:58 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 1; mode=block
cache-control: public, immutable, max-age=31536000
age: 296920
alt-svc: quic=":443"; ma=2592000; v="44,43,39"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame D75A 76 KB
28 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:806::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_301.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a00:1450:4001:806::2002 , Ireland, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

a9161d73cd6490abd72bc80bb1812c24ff04501c0cc458fa72a1df2cb96efa5c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sonomanews.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.87 Safari/537.36

Response headers

date: Fri, 08 Feb 2019 17:13:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1549455546502977"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="44,43,39",quic=":443"; ma=2592000; v="44,43,39"
content-length: 28297
x-xss-protection: 1; mode=block
expires: Fri, 08 Feb 2019 17:13:33 GMT

Verdicts & Comments Add Verdict or Comment

142 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.liadm.com/	1970-01-19 15:58:38	Name: lidid Value: 0659f513-db7b-4166-8c5d-5a899d50db5a
www.sonomanews.com/	1969-12-31 23:59:59	Name: BCRevision_1549646005784 Value: %7B%22method%22%3A%22createEvent%22%2C%22param%22%3A%7B%22type%22%3A%5B%22VIEW%22%5D%2C%22referrer%22%3A%5B%22%22%5D%2C%22profile%22%3A%5B%22cfba39d8-c9b6-4dd4-bfdd-eda28c38cb8a%22%5D%2C%22interaction%22%3A%5B%22794ed4d6-9c51-4144-80ea-7ff6b6d58163%22%5D%7D%2C%22requestId%22%3A%22rev_1549646005784%22%7D
.sonomanews.com/	1969-12-31 23:59:59	Name: nlbi_813078 Value: ktKTQUP8Ox+co+lffN0T4gAAAADrslF3LsUn51UZCvArM4E7
www.sonomanews.com/	1970-01-18 22:27:27	Name: _cb_svref Value: null
www.sonomanews.com/	1969-12-31 23:59:59	Name: CSPWSERVERID Value: 75fe17d741b7dfd10dce6bd2e2e6471c0dfe85b9
www.sonomanews.com/	1970-01-19 07:56:14	Name: _chartbeat2 Value: .1549646005065.1549646005065.1.Bi3R3V7DoilDxRscADxma9Cr7ZU0.1
www.sonomanews.com/	1970-01-19 07:56:14	Name: _cb Value: CfU92UC_ZYMMCLrA5E
www.sonomanews.com/	1970-01-19 07:56:14	Name: _cb_ls Value: 1
www.sonomanews.com/	1970-01-19 07:13:02	Name: BCSessionID Value: cfba39d8-c9b6-4dd4-bfdd-eda28c38cb8a
.sonomanews.com/	1969-12-31 23:59:59	Name: incap_ses_184_813078 Value: cshXPlRWkkgRkdBkaLSNArS4XVwAAAAAthtWzW3gcDMat+BOss4FxQ==
.sonomanews.com/	1970-01-19 07:12:44	Name: visid_incap_813078 Value: 9d5llUNiRjunNCl0k8uFi7S4XVwAAAAAQUIPAAAAAABO4PEZ4UHS50eO1/hCIZo4

42 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://s.ntv.io/serve/load.js(Line 4) Message: TypeError: Cannot read property 'removeItem' of null
console-api	log	URL: https://code.sonomanews.com/js/section.may.js(Line 5) Message: lets go!
console-api	log	URL: https://code.sonomanews.com/js/section.may.js(Line 47) Message: made it to line 41!
console-api	log	URL: https://code.sonomanews.com/js/section.may.js(Line 394) Message: halfpage ad appeared
console-api	log	URL: https://code.sonomanews.com/js/section.may.js(Line 399) Message: Done Document.Ready
console-api	log	URL: https://code.sonomanews.com/shared/js/cph.unified.js?v=20171031(Line 247) Message: CPH - check logged in status
console-api	log	URL: https://code.sonomanews.com/js/section.may.js(Line 176) Message: loaded on desktop
console-api	log	URL: https://code.sonomanews.com/js/section.may.js(Line 523) Message: Preparing desktop ads
console-api	log	URL: https://code.sonomanews.com/shared/js/cph.unified.js?v=20171031(Line 109) Message: Lazy loading images
console-api	log	URL: https://code.sonomanews.com/js/section.may.js(Line 192) Message: 1 is taller than 2
console-api	log	URL: https://code.sonomanews.com/shared/js/cph.unified.js?v=20171031(Line 464) Message: lazySizes loaded
console-api	log	URL: https://cdn.blueconic.net/smi.js(Line 127) Message: [BC]DataLayer available
console-api	log	URL: https://cdn.blueconic.net/smi.js(Line 127) Message: [BC]Pushing event: BlueConic.VIEW
console-api	log	URL: https://cdn.blueconic.net/smi.js(Line 127) Message: [BC][ERROR] an error occured in callback function: [function(event, interactionId) {this.eventReact(interactionId, "VIEW");}], error: [TypeError: window.dataLayer.push is not a function]
console-api	log	URL: https://cdn.blueconic.net/smi.js(Line 127) Message: [BC][ERROR] --stacktrace--
console-api	log	URL: https://cdn.blueconic.net/smi.js(Line 127) Message: console.trace
console-api	log	URL: https://cdn.blueconic.net/smi.js(Line 127) Message: [BC][ERROR] --end stacktrace--
console-api	log	URL: https://code.sonomanews.com/js/section.may.js(Line 449) Message: adSection = home
console-api	log	URL: https://code.sonomanews.com/js/section.may.js(Line 470) Message: ad test: adwallpaper appeared!
console-api	log	URL: https://code.sonomanews.com/js/section.may.js(Line 449) Message: adSection = home
console-api	log	URL: https://code.sonomanews.com/js/section.may.js(Line 470) Message: ad test: ad1x1 appeared!
console-api	log	URL: https://code.sonomanews.com/js/section.may.js(Line 449) Message: adSection = home
console-api	log	URL: https://code.sonomanews.com/js/section.may.js(Line 470) Message: ad test: ad728x90pos1 appeared!
console-api	log	URL: https://code.sonomanews.com/js/section.may.js(Line 449) Message: adSection = home
console-api	log	URL: https://code.sonomanews.com/js/section.may.js(Line 470) Message: ad test: ad300x250pos1 appeared!
console-api	log	URL: https://code.sonomanews.com/js/section.may.js(Line 449) Message: adSection = home
console-api	log	URL: https://code.sonomanews.com/js/section.may.js(Line 470) Message: ad test: ad300x600pos1 appeared!
console-api	log	URL: https://code.sonomanews.com/js/section.may.js(Line 557) Message: Starting slide2Hash
console-api	log	URL: https://code.sonomanews.com/js/section.may.js(Line 559) Message: URL = https://www.sonomanews.com/
console-api	log	URL: https://code.sonomanews.com/js/section.may.js(Line 562) Message: There is no hash...
console-api	log	URL: https://code.sonomanews.com/js/section.may.js(Line 571) Message: -------- end scroller v1.45 -------------
console-api	log	URL: https://d2na2p72vtqyok.cloudfront.net/client-embed/04bb84fd-2de6-431d-bfc5-e32a5273fffa.js(Line 1) Message: Prepare to load embed:
console-api	log	URL: https://d3lcz8vpax4lo2.cloudfront.net/embed-code/1585e5bf-f81a-40cf-aa86-cec8b8856b79.js(Line 1) Message: TypeError: Cannot read property 'setItem' of null
console-api	log	URL: https://code.sonomanews.com/js/section.may.js(Line 544) Message: Lazy load desktop ads
console-api	log	URL: https://code.sonomanews.com/js/section.may.js(Line 449) Message: adSection = home
console-api	log	URL: https://code.sonomanews.com/js/section.may.js(Line 470) Message: ad test: ad300x100pos1 appeared!
console-api	log	URL: https://code.sonomanews.com/js/section.may.js(Line 449) Message: adSection = home
console-api	log	URL: https://code.sonomanews.com/js/section.may.js(Line 470) Message: ad test: ad300x250pos2 appeared!
console-api	log	URL: https://code.sonomanews.com/js/section.may.js(Line 449) Message: adSection = home
console-api	log	URL: https://code.sonomanews.com/js/section.may.js(Line 470) Message: ad test: ad300x250pos3 appeared!
console-api	log	URL: https://code.sonomanews.com/js/section.may.js(Line 449) Message: adSection = home
console-api	log	URL: https://code.sonomanews.com/js/section.may.js(Line 470) Message: ad test: ad728x90pos2 appeared!

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.adventive.com
adservice.google.com
adservice.google.de
ajax.googleapis.com
apex.go.sonobi.com
as-sec.casalemedia.com
assets.adventivecdn.com
b-code.liadm.com
c.liadm.com
cdn.blueconic.net
cdnjs.cloudflare.com
cms.insticator.com
code.pressdemocrat.com
code.sonomanews.com
d2na2p72vtqyok.cloudfront.net
d3lcz8vpax4lo2.cloudfront.net
dashboard.insticator.com
df80k0z3fi8zg.cloudfront.net
dmx.districtm.io
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
g2.gumgum.com
geoip.insticator.com
i.liadm.com
ib.adnxs.com
img.pressdemocrat.com
img.sonomanews.com
jadserve.postrelease.com
js.matheranalytics.com
lcidc.liadm.com
mab.chartbeat.com
maxcdn.bootstrapcdn.com
media0.giphy.com
pagead2.googlesyndication.com
ping.chartbeat.net
plugins.blueconic.net
pressdemocrat.wufoo.com
prg.smartadserver.com
s.ntv.io
securepubads.g.doubleclick.net
smi.blueconic.net
sonomanews.com
static.chartbeat.com
stats.g.doubleclick.net
tpc.googlesyndication.com
tru.am
valleytalking.blogs.sonomanews.com
web.hb.ad.cpe.dotomi.com
www.google-analytics.com
www.google.com
www.googletagservices.com
www.i.matheranalytics.com
www.pressdemocrat.com
www.sonomanews.com
100.25.49.178
107.154.105.50
107.154.114.50
107.178.250.234
149.126.77.33
151.101.122.2
178.162.133.150
185.33.223.208
185.86.138.79
192.237.253.150
2.18.234.163
2.18.234.21
209.197.3.15
213.19.162.71
216.58.208.34
23.253.160.145
2600:9000:200c:3400:18:1fcd:348:2461
2600:9000:200c:aa00:10:3422:3f00:93a1
2600:9000:200c:b600:1c:386f:ec80:21
2606:4700:10::6814:180b
2606:4700:20::6819:a322
2606:4700:20::681a:2cf
2606:4700::6813:c797
2a00:1450:4001:806::2002
2a00:1450:4001:809::2002
2a00:1450:4001:816::2002
2a00:1450:4001:818::2003
2a00:1450:4001:818::2004
2a00:1450:4001:818::200a
2a00:1450:4001:819::2001
2a00:1450:4001:819::2002
2a00:1450:4001:81b::200a
2a00:1450:4001:821::200e
2a00:1450:400c:c08::9a
2a02:26f0:6c00:296::63cc
2a02:fa8:8806:12::1430
2a04:4e42::714
34.196.223.248
34.235.251.19
35.170.181.65
35.203.66.107
50.57.214.178
52.19.153.98
52.22.2.8
52.222.150.238
52.222.150.253
52.222.150.61
52.44.230.13
54.229.133.169
64.191.16.85
00e56b63ceb65165395286e7b76a4e7dcc9ea4042e656f0f8c0f3107d89f8aa0
0482a98d09daebc18a0d2e1ed8f748da5b0179e61223ed541101df1f4699f073
06c41bb58d8317e393a497946e58cfbc18ade68597cbb387c44bc2321c030f30
08451ea2f03449735f321ba1aedcb3ee9b1aa24c753a26027c8a7ada040df50c
0857478dc2c8678b6d03ef925400a7c15109fc851eeb2c6e8d32b2f780c2b22b
096074b0c492a499abbc7334fbe82b0f53defc48c3744cdbb3d38110e282d15a
099b1b76a36e3e721b5972b677815c47f7c84e72bab1589da66ce2c4f366e683
0ca9f3bb91ddac3d1fcbf531db0eb31da63c94c97e24a5b7ef463c71b939be22
0f6ee20b21d01524e91fcffa710cd8072d4e028c06919733d5bf8e3ef598df6e
10aa734d14c0c8b63f50d90c2e18c337cd12079b523c71b89e91599ec78f7b02
12078a237096f9e885c53ce85a32c654252840e8a2de250f1b8e6e7ff039d4f4
130a764fa83f87b35a9941452c1209de093cb19df7d2653866b9f768b87f736e
13959bb79304640e68d66ee91ba44061162030ce916bc4fed5fa2160e144b479
139f0678adf52bffa2e72566204cb52fea2ce3ee3f2c6da00beb57a21e347719
151c4c52c25dd28c33321aaaeabe879c4814087d4eaf7545d93f5d81d4d1c4f3
1a570d62a933bcc259609bb72fc98c05805380360460ac6ae60b7f4fcae3e251
1defd5791b61d4a0aa9417ca6fcae832f6ce0172e61ce0290ad567e7cd511973
1e343402ab7720a15c8dd1ffa040cbee5cab4d20da85770a2b62bd8523ee619d
20f060a1d07ac1c46b06a66bbcd7b7d6fca7c4457e339b90b5c169a60eddb8eb
21aa587aeab2054dabbb410d460a05f662db35e763e629f11ece72c6739e8c51
22642f202577f0ba2f22cbe56b6cf291a09374487567cd3563e0d2a29f75c0c5
2293d2f32f2d45cd9da459038f562c5c169510e3968c88aff836969b15026bf5
28326cc16a493dfa4cade187d82275b4f9f286e5282131923a71099ae6f38a74
2ad4ec405159beb9e962e752ab2696369ee2436ac7b4e7e34c99f9ba22aa1fe4
2b5b3651f3da482748bdb8405100f9375cb40ce633c6462dc87dc76b21081ffe
2d8a8b0ed3add2bc5565f52397b6d6905c0582a14596a450f88465762ccabdfa
2ddfdeb1fcce0ca47085fdca9063d9cdc485d8ac7bdd0e3317971abda27ff9f8
2ec530718816848d3fb1fd157f8c80845d37cd7f1d26eef64640245301978609
31c139cdb8611ebe068f9c12494cd50aadaa9b8775592c66cfbe495aa75de217
333c6c65171eb2e354125bff0b08e12b8726e79f6799775318302ac561142b01
33b82cd35b607b426430d1af7037e294f48a93dce9b80a4660da62cf166620ea
3569a4c0a46dcc1a495c5b11dbc61e521d33a1d6d863278a57eff633c2037251
37ee98671009c261224c5a63a377a0b325be15fe80d6d3ad35e631a09c94b660
3a2cfee5dd83fba108b0bc5e4299621e635c378e86c93a3c649e394512d2a28d
3ab9a20c1cadaf1c9eaba9acd206c93bc10780e859b0ddef50589815c18202fe
3c4a1bb7ce3234407184f0d80cc4dec075e4ad616b44dcc5778e1cfb1bc24019
3e552578c7d450b023f2cd9d28f830be4335c3acc6c4ab6dadda0769f09e5f22
3ebc76d4dd569066c3399446a1f52a07ff90ba4e763056b3bf27a4b7e6d926b9
413e57b5e660a56a3f36a3df9a90460028f6219a1881c6bbb7012cd54e80e01f
4166f98ff175b23f81f1000305262c3c8b3b86381a5f9ebec73de6c0bd912096
41f31dd2e2557de961bcc07f0e0f320a637632c9ae48416c0d9ee25294ed0ffe
42282d80bb1bdb79c8e0d8cfd03cfcb82da20997af94f351dbcf9e43274466b6
4794ef319ebf20a4e7f6db6d8e02ff7f608c594a96050ebeab38ab8248b3b65f
4944313a80fbc125959c03e8cb8c395257bc26f4344ba76213ce8f8067bb6934
4c6f5236bd85e29231d809ed5137681860b8e8079642bcedf3997a22836f4dc9
4c7a78c5817e5c5cf099e413d364af9b84be5692bcfe0303f7e79286392a3280
4d739fccf35c175c52970094c4969221042d4837691fd81756e8693be1da678c
4dd51e6b250e15946ca0af835e0511093c82c5678115aac3055645d889a1681a
521ecbe53b9efe14b273113bddf545a8d2f1883128096e85d73e420cda4b29df
52677e0a9fb5bf1cbc6e5a9c358a1cdb1116986393c915619808c8a016cfeb14
57362f647f2ac7de26e832beb8c877872bcd5b891d8067ce5fac7ea173b0282e
574d1ffbb4fe10ec17b62b0386d93ca65992753d51e8aad8140cff297132c61e
57f48464d208b9ed8afc96df49a8b86798a48d8ed641178746e8a82daaffc05d
594aec25b1f9e7d216976a9eebce68563358a8b31ecb754b2fd6e8d1ff3bccbf
5dff3eb59c2ff0caa506d84d53c2bd53f05b22213a3fcd6e9cce8c92b21563ce
5e1e7058a02b15ef356e1f0160fc654c7d618ea9e0f117a0be4a184faf5bfd85
6181cd98fe270c2826d416574446841f86778bc45a0ab0bdd0c667b4e70fd6e8
6413b7dec6a597c00831914e8e4391b59538c6104cea547e13350840cc7c616b
64f85424d3455add40b6a61868f6451ea8d2190912ac31a018b64f02584dc9d9
6b99dd48dbba5c6a8be99cbb486b5ea62ba8a0da9354258a46b857585b8138bd
6d8c979acef2559ddab48d2d97e4862ac33693db8061aa5454c6324203078823
6f2be7f2d89e8f362b69fc1f8d441427684869c8c5ff2f4bd2a20aa650a56a57
723f5d8c1868f8b3a58a1c45729b610279ad346554380ff0d41cac6cd1f84658
74a587c5c9706f95046b2dcf80f6bb90cd488ae4edb45e9bcd4507d3787a88d7
74aaec3179743f8515f3c4446412e31358ac0141eced480cf737bdca94447908
76a21d8d56d4f6dcbbb2f129aadbeedda40a61e319d16fa8c4b7193537caafe8
76d6b98ff3f8a11906046fc0dbbb0580bcadaa65035f203bfad47e8465a3b821
7a9c057de0f641b2b9a094f9f198598b1130ae5e4c92a2fe7bc6a9df1fe5ec3a
7bc61dce2d21eae49317504e50e254e1e193fc88ba26c1238ed3e8481f8cb65f
7bf78e8e3b9acaeef8c0cbf3dd65781531c6b9a284789807e0786c32e118b616
7ff59d159254e1a7c8382ef5d007b172b75957992919464e1b7c02c2dde3a08b
83204358b35fa24d05891d4732c80c2c73819bbd7876f7e7beeeeb90f4cf3d1a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
841e286ca98a7fc189ceec06ceabd37edc751102eca96f097ec542195a7f1835
849068b5e8761dd6d1d5b38196637ee312f8b7b2f9ecae64db056265512b177c
850164320a03cdeefe0b394cb82c378bb204d34d152874bf66963d752959c441
8808b99d3de370724545adaa57997e581ae71e1ad462e155dff80bf10ffc502d
888d267b255b55a63dcc49b3a2086ea1be225a8578bbcaec677f0fb3803f09c5
89bc8ce77e1020edde1441607b86ff303331607daafa0a0ffea98ec3e4bf560d
8a37e43c0d32d452af5229476573c39e7dd9dc1886a20bba09591d6b45904148
8a86e134dc4d68761095fa932ac2a98411a0a46d2f06afced8974469e14d522c
8e10c842130ae9f6a6ce47b042e7f0de5127880079d7633ba3caf01407cb5f1b
8f56a5a8fdc2494a7e9159be9b03646f69d5bebb81ac949ff269f43af36c763d
936ffccdc35bc55221e669d0e76034af76ba8c080c1b1149144dbbd3b5311829
97605008c6b9b05bc12ca2cd5e101f83f6bab81d9cc4fa5a9a227c56e9bae2d3
979681d64b587bd2745310231549085885f3c0f3c884c88f59b365b7b671f8d2
982b6b3d6b506d25fee1ecf502660033628f50a7472287dcdc9d9eb2021bb89a
988e09d51188e93225f8c2f96f71cd953ef05da949978c4eda2309fe10c07d1e
98fd6d37a4d49e1651aedf49857bb021f6c61058c262aa01ed2444d3f81c5f39
9bad0014611f0bbf4154bb62797e02748649d2b1c9c5aba1fcf7f053710fe0d5
9f55b181378c94e197cc7465d07ce2fcfc75b8430a3c2d97c9604c43b31518af
a0d2663c17996dc0808dc5f1e15890ca2dc7c768b8949354ee88ec62e3a1c735
a2056d2f06d3eab2126dcedc91fc5a46b3536495918e0ff04f84fb2387f67423
a435b2bee680b81072ec36db53f505ef7934f1f356ef7f0bf159be5a5780cff0
a4a56f502c39a5d36ade27414c1c81de328d0591baef8dac36d371fbee06c027
a5bb99d2afae545fc8d4efffd762a2bc11ceb59044e3f9fe577e0e0ad83fa877
a8a454177ff90e6796ffd3fefd743d3b56871cf239e6a512bbb4dd12c3e6cc35
a9161d73cd6490abd72bc80bb1812c24ff04501c0cc458fa72a1df2cb96efa5c
ab8e2118a5105ac008d67876f76aba37112ae12eb72cc2c9a4ed97044b429bf0
adb6a2a8976fc225f7ac080bd7242948bc044b013c40c865156bc208d2155e6f
aeb5540c19002caf52af3502b43ff4d503ec33ace0119153b8ea525cf1e1d580
b02572f68e901cf66e9535cd5d91a4b0c6ae7c9340c3d025668006cffb8737fc
b0f7e24ccb0eeb72637c63692968c1d63fbac7c36fa775f83038d1e43b233b00
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1f857efcd5f99133ae3d73bdda38398737d1d4230f624b2af7673b879e25d7b
b2c25c9dd9bc21118a8c03c2ffe8eb92d11e8e930b7b7d4204d80f7f221f7652
b48ef5a7bc3d64c9e962bd440b6071266a0b7fa786f5c9556e283d025ead506b
b75b82838ef35035aef9dd8cb43a9236ec4ec3586dac5a4d794f82a08afc949a
ba6a5fc02fea1b67f8d03ccea434934d04af873eaffaeba628d5a79936e01b7b
bb779e056d8c07db01c82b75d9b1c48e8da199b12634d7b3dcaf164a0d05b2a0
bd0d0fe9923099c8643a650f644ff6adb873c275d0e8d6752daa235ba3fb8593
beeea8c373755bd37055795e03d451ee4a713add2317024e7ce2646abf8080b3
c24bfa19a69ab2adf5d2a889e3da088cdc0c16f4e3ccf43805c157bb5014aa96
c34e28196cd412790c548696f1447aff0116ee662fead57bf578021e8cc01ba5
c41d9088e3dd65fa28577065b03a681bfffc650a2b1ee06058f3ac726677c8c2
c6a33d7e98f7ac4c2bb7c71f0c1f7e2a3b6c3282dc99ccfe5b46e8a717fb87fe
c83db211d3d9d1b0eb9af0fecb698f58b538d5c44b769d5e8b9158c36679cfc5
c8b25acf5d07e0bce03e34e51ae7ea40c40c8a454b7b135794fd41975fdd7866
ca4b0bf25bd7fb614b2af3b20f139441834e9a74dce5a87c6c0e0a53ae633f81
ca5327697815bc7ac6c0073c5b4fbf2f260954bd1a9d5d48d13d5839e918c4bb
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cebbe38926f6068ea280df892757cc980a5b399bc5d758ba1eda245d81ed8c09
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7372c066c21a04cdf010795703ebfe788cff3d65f07a018e27e676944558fe
d03a5011dd75634ad9fab4695807aea8cddd7f1c8fcb0499582c505bbf4b86e7
d23391fb02d4db672cef5f065a665a26a720e1931ed488d91485ec5746f32a1e
d24ef0f27eff9a8995ecb1feba25edafe3ae2780f071b90cb31a7a092966a38d
d2a95cdce3af423a47b06f627aff456218dc0db4d5ac31be09942d7b8031480a
d3a970101d5c1c13fe97539903a8285d524c87295f551421ab9e40d9c1324e4a
d3e4901d0a6cdec0a2b84e52d82ec468c5caf9fa769ab35c3f023884d602990d
d57654e917b9de51246c991eccd70cf0c8a906370f39e497c115350b085eae81
d5c004551c0499335da18089269f593ebdec13df732fcf611a3649a23b602a6f
d5f0fb16ad7ad022b50a8468d622f694f5988fae8cef095fca640d01509fddd0
d65b1b198cc3ab2f68200d058319f8da590b4d525397ca3d0c2fde40c12b0747
d684d924cc0efa1c3e966e687cdee99d341b2584194b01c27e8664819a0b3433
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
daaa0fb1ee23c8aa178ce3c4d0be46e4b650e5b851e212a7433b72328376ea4e
db9b603972016b0cb2e1b3cc1891c641cce5d78cc83cd24b8a59ef78de46e045
e1c4c765f1d9688ccf3ab61fd60eca2753f38c5cfa89ac6da86e2a5cbcf55d8e
e1f7333213535bddec5215df60374875673ec7aa64d23d25c21c58044d399dc7
e28475748d0ff1d6c6143451a1ce50893a47236b41d9dd145cdc72613b0df4d6
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e56b1323bac2b8943870486ee05dd237cfe4a0818f1d1ea4901e65517372c5a9
e5ef3d938679eabdfd6c0fc5c0b681a6ac177d84826989d06f658737fb0ca526
e6671572e655274c397c9cafdfb541842ec8106d9156ee5022ce3dd399efaa8b
eb012d35873cf2682901744c3e07e98ad0aa6f3e5f24abf362c98bae3ebe48c4
eda1c8023fc949f2a4be6fe8e103a9929212d137bd2ab67ecbb6106ac533c821
edb20d03f2038d60ddb990c628dddcd1d37eb55657911f553c6c7df871ab3ed7
ee3ffcfa107457a460ba4bd55fc01f685fcc467d10b8a8885e4e74638e9ca256
eec9fdfab80c515f4cc96b6bf5c21db32d15d48570c36be21900674ea8b37c09
ef0a47a6d4e63133a082e161e26dbd1531030117ca4531a508f704ed68320fc8
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f178aa8e42761a3acd34cda81c54c208bb695aa9cce3da99124605c595c70d4d
f56290b6eade2694d045f761b1004af210472981b932b4b977983575dd4ab0be
f68ee3dfe7a5b995773defdfa0c862db9b51ef2963401b7e79d6506ff03a8c1e
f8c87e17e32f7cdcbe006b82199c2ef56ff4357816887b5fd59423bce620a153
f8ecaa017452cf9e25d37472a194d4676fc01125d206a85b2282cbb63cc8f5ef
fb5b2be42780f1c650a0a82391afd6fe8b488a8a313091697edd780822d32060
fb9007c254c493be4a067de535b19a30f5e5aef3d5b19f58b1c72d2c65a04f79
fe347496cacc05a84656a99c3667917a13e8b7a56c1b41331448d1e257db4a6b

www.sonomanews.com Open in urlscan Pro 107.154.114.50 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

228 Requests

98 %HTTPS

42 %IPv6

34 Domains

55 Subdomains

50 IPs

8 Countries

5022 kBTransfer

8779 kBSize

11 Cookies

36 Outgoing links

Page URL History

Redirected requests

228 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.sonomanews.com Open in urlscan Pro
107.154.114.50 Public Scan

Screenshot
Live screenshot

Full Image

228
Requests

98 %
HTTPS

42 %
IPv6

34
Domains

55
Subdomains

50
IPs

8
Countries

5022 kB
Transfer

8779 kB
Size

11
Cookies

228 HTTP transactions
6 data transactions