profile.providencejournal.com Open in urlscan Pro
151.101.66.62 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://cl.exct.net/?qs=307e3407c60d405ddf578bc35a6d47d7371cfbb3c99f4b0cddce9e86e34d91ede5a1ffb76a3ca57e7a227c1b2c97...
Effective URL:
https://profile.providencejournal.com/newsletters/preferences/?email=abennett@amica.com
Submission: On March 09 via manual (March 9th 2023, 4:23:02 pm UTC) from US — Scanned from US

Summary HTTP 98 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 32 IPs in 2 countries across 35 domains to perform 98 HTTP transactions. The main IP is 151.101.66.62, located in United States and belongs to FASTLY, US. The main domain is profile.providencejournal.com.
TLS certificate: Issued by R3 on January 14th 2023. Valid for: 3 months.

This is the only time profile.providencejournal.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	2600:141b:13:... 2600:141b:13:78b::416d	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 20	151.101.66.62 151.101.66.62	54113 (FASTLY) (FASTLY)
7	2607:f8b0:400... 2607:f8b0:4006:809::2004	15169 (GOOGLE) (GOOGLE)
2	2606:2800:220... 2606:2800:220:de:468:2285:c1:4a3	15133 (EDGECAST) (EDGECAST)
3	151.101.2.62 151.101.2.62	54113 (FASTLY) (FASTLY)
2	2a03:2880:f01... 2a03:2880:f012:10c:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2 5	13.225.195.115 13.225.195.115	16509 (AMAZON-02) (AMAZON-02)
2	2607:f8b0:400... 2607:f8b0:4006:821::200e	15169 (GOOGLE) (GOOGLE)
1	2607:f8b0:400... 2607:f8b0:4006:823::2008	15169 (GOOGLE) (GOOGLE)
1	52.85.107.60 52.85.107.60	16509 (AMAZON-02) (AMAZON-02)
8	151.101.66.133 151.101.66.133	54113 (FASTLY) (FASTLY)
1	35.186.249.72 35.186.249.72	15169 (GOOGLE) (GOOGLE)
9	2607:f8b0:400... 2607:f8b0:4006:81e::2003	15169 (GOOGLE) (GOOGLE)
1	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
1	35.227.211.136 35.227.211.136	15169 (GOOGLE) (GOOGLE)
1	54.144.144.142 54.144.144.142	14618 (AMAZON-AES) (AMAZON-AES)
1	2001:4860:480... 2001:4860:4802:34::181	15169 (GOOGLE) (GOOGLE)
2	2607:f8b0:400... 2607:f8b0:4004:c1b::9d	15169 (GOOGLE) (GOOGLE)
5	2607:f8b0:400... 2607:f8b0:4006:822::2003	15169 (GOOGLE) (GOOGLE)
2 2	142.251.40.226 142.251.40.226	15169 (GOOGLE) (GOOGLE)
10	52.7.47.181 52.7.47.181	14618 (AMAZON-AES) (AMAZON-AES)
1	35.190.60.146 35.190.60.146	15169 (GOOGLE) (GOOGLE)
1	173.223.57.84 173.223.57.84	16625 (AKAMAI-AS) (AKAMAI-AS)
2	52.0.156.250 52.0.156.250	14618 (AMAZON-AES) (AMAZON-AES)
1 2	52.3.138.212 52.3.138.212	14618 (AMAZON-AES) (AMAZON-AES)
3 4	68.67.160.76 68.67.160.76	29990 (ASN-APPNEX) (ASN-APPNEX)
5 5	52.20.166.182 52.20.166.182	14618 (AMAZON-AES) (AMAZON-AES)
1 1	216.200.232.253 216.200.232.253	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1	13.225.195.43 13.225.195.43	16509 (AMAZON-02) (AMAZON-02)
1 2	209.54.182.161 209.54.182.161	16509 (AMAZON-02) (AMAZON-02)
1	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	69.166.1.12 69.166.1.12	27630 (AS-XFERNET) (AS-XFERNET)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
1 1	76.13.32.147 76.13.32.147	26101 (YAHOO-BF1) (YAHOO-BF1)
2 2	192.40.39.223 192.40.39.223	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1 1	54.89.130.42 54.89.130.42	14618 (AMAZON-AES) (AMAZON-AES)
1 1	34.170.123.2 34.170.123.2	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	2a03:2880:f11... 2a03:2880:f112:182:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
6	151.101.130.137 151.101.130.137	54113 (FASTLY) (FASTLY)
1	34.95.127.121 34.95.127.121	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1	162.247.243.29 162.247.243.29	54113 (FASTLY) (FASTLY)
98	32

1 2600:141b:13:78b::416d (Secaucus, United States) 1 redirects

ASN20940 (AKAMAI-ASN1, NL)

cl.exct.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 151.101.66.62 (United States) 1 redirects

ASN54113 (FASTLY, US)

profile.providencejournal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
content-static.gannett.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.gannett-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
staticassets.gannettdigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
user.providencejournal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2607:f8b0:4006:809::2004 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:220:de:468:2285:c1:4a3 (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.2.62 (United States)

ASN54113 (FASTLY, US)

cpt-static.gannettdigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f012:10c:face:b00c:0:3 (Secaucus, United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.225.195.115 (United States) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-225-195-115.yul62.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4006:821::200e (Nutley, United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2607:f8b0:4006:823::2008 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.107.60 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-85-107-60.yul62.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.66.133 (United States)

ASN54113 (FASTLY, US)

cdn.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
consumer.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.249.72 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 72.249.186.35.bc.googleusercontent.com

d.impactradius-event.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2607:f8b0:4006:81e::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.72 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.227.211.136 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 136.211.227.35.bc.googleusercontent.com

gannett.sjv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.144.144.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-144-142.compute-1.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::181 (United States)

ASN15169 (GOOGLE, US)

analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2607:f8b0:4004:c1b::9d (Washington, United States)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4006:822::2003 (Nutley, United States)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.40.226 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: lga34s39-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 52.7.47.181 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-47-181.compute-1.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.223.57.84 (Secaucus, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a173-223-57-84.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.0.156.250 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-156-250.compute-1.amazonaws.com

loadm.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
loadus.exelator.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.3.138.212 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-138-212.compute-1.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 68.67.160.76 (New York, United States) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.20.166.182 (Ashburn, United States) 5 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-20-166-182.compute-1.amazonaws.com

usermatch.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.200.232.253 (Frederick, United States) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.195.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-195-43.yul62.r.cloudfront.net

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 209.54.182.161 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.151.100 (United States)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.166.1.12 (United States) 1 redirects

ASN27630 (AS-XFERNET, US)

sync.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 76.13.32.147 (Lockport, United States) 1 redirects

ASN26101 (YAHOO-BF1, US)
PTR: spcms.pbp.vip.bf1.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.40.39.223 (Canada) 2 redirects

ASN27381 (CASALE-MEDIA, CA)

ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.89.130.42 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-89-130-42.compute-1.amazonaws.com

px.surveywall-api.survata.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.170.123.2 (Council Bluffs, United States) 1 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 2.123.170.34.bc.googleusercontent.com

um.simpli.fi	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f112:182:face:b00c:0:25de (Secaucus, United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 151.101.130.137 (United States)

ASN54113 (FASTLY, US)

js-agent.newrelic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.95.127.121 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 121.127.95.34.bc.googleusercontent.com

www.ojrq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.247.243.29 (United States)

ASN54113 (FASTLY, US)

bam.nr-data.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
23	krxd.net 5 redirects cdn.krxd.net — Cisco Umbrella Rank: 2122 consumer.krxd.net — Cisco Umbrella Rank: 2918 beacon.krxd.net — Cisco Umbrella Rank: 570 usermatch.krxd.net — Cisco Umbrella Rank: 1391	195 KB
14	gstatic.com www.gstatic.com fonts.gstatic.com	609 KB
14	providencejournal.com 1 redirects profile.providencejournal.com user.providencejournal.com — Cisco Umbrella Rank: 379357	171 KB
8	google.com www.google.com — Cisco Umbrella Rank: 2 analytics.google.com — Cisco Umbrella Rank: 291	88 KB
6	newrelic.com js-agent.newrelic.com — Cisco Umbrella Rank: 340	11 KB
5	scorecardresearch.com 2 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 152	4 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 208	4 KB
4	doubleclick.net 2 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 73 cm.g.doubleclick.net — Cisco Umbrella Rank: 210	1 KB
4	gannettdigital.com staticassets.gannettdigital.com — Cisco Umbrella Rank: 85504 cpt-static.gannettdigital.com — Cisco Umbrella Rank: 25566	74 KB
4	twitter.com platform.twitter.com — Cisco Umbrella Rank: 773 syndication.twitter.com — Cisco Umbrella Rank: 1146 analytics.twitter.com — Cisco Umbrella Rank: 610	132 KB
4	gannett-cdn.com www.gannett-cdn.com — Cisco Umbrella Rank: 8047	48 KB
2	casalemedia.com 2 redirects ssum-sec.casalemedia.com — Cisco Umbrella Rank: 423	2 KB
2	amazon-adsystem.com 1 redirects s.amazon-adsystem.com — Cisco Umbrella Rank: 270	2 KB
2	eyeota.net 1 redirects ps.eyeota.net — Cisco Umbrella Rank: 1036	1 KB
2	exelator.com loadm.exelator.com — Cisco Umbrella Rank: 1419 loadus.exelator.com — Cisco Umbrella Rank: 1310	648 B
2	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 2669 p1.parsely.com — Cisco Umbrella Rank: 2110	26 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 24	20 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 145	89 KB
1	nr-data.net bam.nr-data.net — Cisco Umbrella Rank: 231	291 B
1	ojrq.net www.ojrq.net — Cisco Umbrella Rank: 5582	448 B
1	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	185 B
1	simpli.fi 1 redirects um.simpli.fi — Cisco Umbrella Rank: 708	623 B
1	survata.com 1 redirects px.surveywall-api.survata.com — Cisco Umbrella Rank: 5300	798 B
1	yahoo.com 1 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 870	839 B
1	sonobi.com 1 redirects sync.go.sonobi.com — Cisco Umbrella Rank: 818	765 B
1	rubiconproject.com token.rubiconproject.com — Cisco Umbrella Rank: 529	653 B
1	agkn.com aa.agkn.com — Cisco Umbrella Rank: 462	658 B
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 453	661 B
1	bluekai.com stags.bluekai.com — Cisco Umbrella Rank: 481	427 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 344	449 B
1	sjv.io gannett.sjv.io — Cisco Umbrella Rank: 15482	678 B
1	impactradius-event.com d.impactradius-event.com — Cisco Umbrella Rank: 3080	16 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 41	70 KB
1	gannett.com content-static.gannett.com	4 KB
1	exct.net 1 redirects cl.exct.net — Cisco Umbrella Rank: 47942	359 B
98	35

	Domain	Requested by
13	profile.providencejournal.com	1 redirects profile.providencejournal.com
10	beacon.krxd.net	profile.providencejournal.com cdn.krxd.net
9	www.gstatic.com	www.google.com www.gstatic.com
7	www.google.com	profile.providencejournal.com www.gstatic.com www.google.com
6	js-agent.newrelic.com	profile.providencejournal.com
6	cdn.krxd.net	www.gannett-cdn.com cdn.krxd.net
5	usermatch.krxd.net	5 redirects
5	fonts.gstatic.com	www.google.com profile.providencejournal.com
5	sb.scorecardresearch.com	2 redirects profile.providencejournal.com
4	ib.adnxs.com	3 redirects profile.providencejournal.com
4	www.gannett-cdn.com	profile.providencejournal.com www.gannett-cdn.com
3	cpt-static.gannettdigital.com	profile.providencejournal.com
2	ssum-sec.casalemedia.com	2 redirects
2	s.amazon-adsystem.com	1 redirects
2	ps.eyeota.net	1 redirects profile.providencejournal.com
2	cm.g.doubleclick.net	2 redirects
2	consumer.krxd.net	cdn.krxd.net
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.google-analytics.com	www.gannett-cdn.com www.google-analytics.com
2	connect.facebook.net	profile.providencejournal.com connect.facebook.net
2	platform.twitter.com	profile.providencejournal.com platform.twitter.com
1	bam.nr-data.net	js-agent.newrelic.com
1	www.ojrq.net
1	www.facebook.com	profile.providencejournal.com
1	um.simpli.fi	1 redirects
1	loadus.exelator.com	profile.providencejournal.com
1	px.surveywall-api.survata.com	1 redirects
1	cms.analytics.yahoo.com	1 redirects
1	analytics.twitter.com	profile.providencejournal.com
1	sync.go.sonobi.com	1 redirects
1	token.rubiconproject.com	profile.providencejournal.com
1	aa.agkn.com	profile.providencejournal.com
1	sync.mathtag.com	1 redirects
1	loadm.exelator.com	profile.providencejournal.com
1	stags.bluekai.com	profile.providencejournal.com
1	idsync.rlcdn.com	profile.providencejournal.com
1	analytics.google.com	www.googletagmanager.com
1	p1.parsely.com	profile.providencejournal.com
1	gannett.sjv.io	d.impactradius-event.com
1	syndication.twitter.com	platform.twitter.com
1	d.impactradius-event.com	www.gannett-cdn.com
1	cdn.parsely.com	www.gannett-cdn.com
1	www.googletagmanager.com	www.gannett-cdn.com
1	user.providencejournal.com	profile.providencejournal.com
1	staticassets.gannettdigital.com	profile.providencejournal.com
1	content-static.gannett.com	profile.providencejournal.com
1	cl.exct.net	1 redirects
98	47

This site contains links to these domains. Also see Links.

Domain
www.providencejournal.com
subscribe.providencejournal.com
login.providencejournal.com
cm.providencejournal.com

Subject Issuer	Validity	Valid
providencejournal.com R3	`2023-01-14` - `2023-04-14`	3 months	crt.sh
gannett.com R3	`2023-02-12` - `2023-05-13`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-06` - `2023-11-06`	a year	crt.sh
usatoday.com R3	`2023-02-03` - `2023-05-04`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-10` - `2023-03-16`	2 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.parsely.com Amazon RSA 2048 M01	`2023-02-24` - `2023-07-04`	4 months	crt.sh
cdn.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-09`	a year	crt.sh
*.impactradius-event.com Sectigo RSA Domain Validation Secure Server CA	`2022-12-07` - `2024-01-06`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
syndication.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-31` - `2024-01-30`	a year	crt.sh
*.sjv.io Sectigo RSA Domain Validation Secure Server CA	`2022-03-23` - `2023-04-21`	a year	crt.sh
*.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
consumer.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-10` - `2024-02-09`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2023-02-02` - `2024-03-03`	a year	crt.sh
odc-pixel-prod-01.oracle.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-07` - `2024-02-08`	a year	crt.sh
*.exelator.com DigiCert TLS RSA SHA256 2020 CA1	`2022-06-08` - `2023-06-10`	a year	crt.sh
*.scorecardresearch.com Amazon RSA 2048 M02	`2023-03-01` - `2024-01-28`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-31` - `2024-01-30`	a year	crt.sh
js-agent.newrelic.com GlobalSign Atlas R3 DV TLS CA 2022 Q2	`2022-07-10` - `2023-08-11`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2023-02-27` - `2024-02-26`	a year	crt.sh
*.ojrq.net Sectigo RSA Domain Validation Secure Server CA	`2022-12-09` - `2024-01-07`	a year	crt.sh
*.nr-data.net DigiCert TLS RSA SHA256 2020 CA1	`2022-11-18` - `2023-12-19`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://profile.providencejournal.com/newsletters/preferences/?email=abennett@amica.com
Frame ID: 1F91DEE28CE8933DD2C21F909350D166
Requests: 55 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fprofile.providencejournal.com
Frame ID: 7E8BBE94FD0D9141B3FDCF6F866211F4
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeEzzUUAAAAAJnyx5T-8YW6NVuQDHcLQECyoVZ2&co=aHR0cHM6Ly9wcm9maWxlLnByb3ZpZGVuY2Vqb3VybmFsLmNvbTo0NDM.&hl=en&v=MuIyr8Ej74CrXhJDQy37RPBe&size=invisible&badge=bottomleft&cb=xzfl6bjomqk7
Frame ID: 42DEA9F62E3CA684CD9589A7933A466B
Requests: 7 HTTP requests in this frame

Frame: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Frame ID: 30E906F7A51E1F5570546D1F0A447978
Requests: 23 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=en&v=MuIyr8Ej74CrXhJDQy37RPBe&k=6LeEzzUUAAAAAJnyx5T-8YW6NVuQDHcLQECyoVZ2
Frame ID: E587A4C8E804D42C8D1DBDCF398E9EF8
Requests: 11 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Newsletters | The Providence Journal

Page URL History Show full URLs

https://cl.exct.net/?qs=307e3407c60d405ddf578bc35a6d47d7371cfbb3c99f4b0cddce9e86e34d91ede5a1ffb7... HTTP 302
https://profile.providencejournal.com/newsletters/preferences/?email=abennett@amica.com Page URL

Detected technologies

RequireJS (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

require.*\.js

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Impact (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

d\.impactradius-event\.com

Lodash (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

lodash.*\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

98
Requests

85 %
HTTPS

27 %
IPv6

35
Domains

47
Subdomains

32
IPs

2
Countries

1561 kB
Transfer

4063 kB
Size

42
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: http://www.providencejournal.com/

Search URL Search Domain Scan URL

URL: https://subscribe.providencejournal.com/
Title: Subscribe

Search URL Search Domain Scan URL

URL: https://login.providencejournal.com/NPRJ-GUP/authenticate?success-url=https%3A%2F%2Fprofile.providencejournal.com%2Fnewsletters%2Fpreferences%2F&cancel-url=https%3A%2F%2Fprofile.providencejournal.com%2Fnewsletters%2Fpreferences%2F
Title: Sign In

Search URL Search Domain Scan URL

URL: https://cm.providencejournal.com/terms/
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://cm.providencejournal.com/privacy/
Title: Privacy Policy/Your California Privacy Rights

Search URL Search Domain Scan URL

URL: https://cm.providencejournal.com/privacy/#adchoices
Title: Ad Choices

Search URL Search Domain Scan URL

URL: https://cm.providencejournal.com/cookie-policy
Title: Do Not Sell My Info/Cookie Policy

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://cl.exct.net/?qs=307e3407c60d405ddf578bc35a6d47d7371cfbb3c99f4b0cddce9e86e34d91ede5a1ffb76a3ca57e7a227c1b2c975854afdffbe95cd79f9cc939d74ccaf17459 HTTP 302
https://profile.providencejournal.com/newsletters/preferences/?email=abennett@amica.com Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10

https://profile.providencejournal.com/newsletters/resources/global/newsletter-management/checkbox-sprite@2x.png HTTP 301
https://staticassets.gannettdigital.com/gci-static-assets/assets/global/newsletter-management/checkbox-sprite@2x.png

Request Chain 21

https://sb.scorecardresearch.com/cs/6035223/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

Request Chain 36

https://sb.scorecardresearch.com/b?c2=6035223&c1=2&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1678378976278&ns_c=UTF-8&c4=https%3A%2F%2Fprofile.providencejournal.com%2Fnewsletters%2Fpreferences%2F&c15=9a90fb10-9aeb-4163-9fed-2e754973144d&cs_ucfr=&c7=https%3A%2F%2Fprofile.providencejournal.com%2Fnewsletters%2Fpreferences%2F&c8=Newsletters%20%7C%20The%20Providence%20Journal&c9= HTTP 302
https://sb.scorecardresearch.com/b2?c2=6035223&c1=2&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1678378976278&ns_c=UTF-8&c4=https%3A%2F%2Fprofile.providencejournal.com%2Fnewsletters%2Fpreferences%2F&c15=9a90fb10-9aeb-4163-9fed-2e754973144d&cs_ucfr=&c7=https%3A%2F%2Fprofile.providencejournal.com%2Fnewsletters%2Fpreferences%2F&c8=Newsletters%20%7C%20The%20Providence%20Journal&c9=

Request Chain 56

https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm&google_hm=UGJLOXl3RlQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm=&google_hm=UGJLOXl3RlQ&google_tc= HTTP 302
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEJfjRxHMtHF5AoFCUfvoHdY&google_cver=1

Request Chain 61

https://ps.eyeota.net/match?bid=i0r4o4v&uid=PbK9ywFT HTTP 302
https://ps.eyeota.net/match/bounce/?bid=i0r4o4v&uid=PbK9ywFT

Request Chain 62

https://ib.adnxs.com/getuid?https://beacon.krxd.net/usermatch.gif?adnxs_uid=$UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fadnxs_uid%3D%24UID HTTP 302
https://beacon.krxd.net/usermatch.gif?adnxs_uid=3446566111205928299

Request Chain 63

https://ib.adnxs.com/mapuid?member=1780&user=PbK9ywFT HTTP 307
https://ib.adnxs.com/bounce?%2Fmapuid%3Fmember%3D1780%26user%3DPbK9ywFT

Request Chain 64

https://usermatch.krxd.net/um/v2?partner=mediamath HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=10031&mt_exuid=PbK9ywFT&redirect=https://beacon.krxd.net/usermatch.gif?partner%3Dmediamath%26partner_id%3D%5BMM_UUID%5D HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=mediamath&partner_id=1358640a-07e1-4700-9282-5e8d449b459b

Request Chain 65

https://usermatch.krxd.net/um/v2?partner=neustar HTTP 302
https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=PbK9ywFT

Request Chain 66

https://usermatch.krxd.net/um/v2?partner=amazon_na&gdpr=0 HTTP 302
https://s.amazon-adsystem.com/dcm?pid=869e3c8a-4465-4072-ac08-1ae27f62c9d4&id=PbK9ywFT&gdpr=0 HTTP 302
https://s.amazon-adsystem.com/dcm?pid=869e3c8a-4465-4072-ac08-1ae27f62c9d4&id=PbK9ywFT&gdpr=0&dcc=t

Request Chain 68

https://sync.go.sonobi.com/usc.gif?https://beacon.krxd.net/usermatch.gif?partner=sonobi&partner_uid=[UID] HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=sonobi&partner_uid=94265f64-bc44-4d7f-bc3f-e90280291377

Request Chain 70

https://usermatch.krxd.net/um/v2?partner=verizon HTTP 302
https://cms.analytics.yahoo.com/cms?partner_id=KRUX&_hosted_id=PbK9ywFT HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=yhoo&partner_uid=y-KYkopIpE2puzjdgY3F80rHOnslH7o4lCmg--~A

Request Chain 71

https://ssum-sec.casalemedia.com/usermatchredir?s=183716&cb=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcasale%26partner_uid%3D__UID__ HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcasale%26partner_uid%3D__UID__&s=183716&C=1 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=casale&partner_uid=ZAoH4U9g86YKsp2qNabYkwAA%261311

Request Chain 72

https://px.surveywall-api.survata.com/k HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=survata&partner_uid=42847131-6524-234a-9c1a-365b0374cc53

Request Chain 74

https://usermatch.krxd.net/um/v2?partner=simplifi&gdpr=0 HTTP 302
https://um.simpli.fi/krux?kuid=PbK9ywFT&gdpr=0 HTTP 302
https://beacon.krxd.net/usermatch.gif?partner=simplifi&partner_uid=33D45F425C17437CA2232DD9C351878C

98 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
profile.providencejournal.com/newsletters/preferences/
Redirect Chain

https://cl.exct.net/?qs=307e3407c60d405ddf578bc35a6d47d7371cfbb3c99f4b0cddce9e86e34d91ede5a1ffb76a3ca57e7a227c1b2c975854afdffbe95cd79f9cc939d74ccaf17459
https://profile.providencejournal.com/newsletters/preferences/?email=abennett@amica.com

79 KB
24 KB

1203ms
1108ms

Document
text/html

151.101.66.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://profile.providencejournal.com/newsletters/preferences/?email=abennett@amica.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

72244c731fdf963217a627f47c10551a9c3eb1be3a52793d5e848b532df4fe88

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	DENY

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
cache-control: private, no-store, no-cache, max-age=0
content-encoding: gzip
content-security-policy: frame-ancestors 'none'
content-type: text/html; charset=utf-8
date: Thu, 09 Mar 2023 16:22:55 GMT
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005"}
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
strict-transport-security: max-age=15724800; includeSubDomains
vary: Accept-Encoding
x-cache: MISS, MISS
x-frame-options: DENY
x-timer: S1678378975.528108,VS0,VE1082

Redirect headers

Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 204
Content-Type: text/html; charset=utf-8
Date: Thu, 09 Mar 2023 16:22:54 GMT
Expires: Thu, 09 Mar 2023 16:22:54 GMT
Location: https://profile.providencejournal.com/newsletters/preferences/?email=abennett@amica.com
Pragma: no-cache

GET
H2 200 core.import.css
profile.providencejournal.com/newsletters/resources/core/css/ 69 KB
15 KB 36ms
34ms Stylesheet
text/css 151.101.66.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://profile.providencejournal.com/newsletters/resources/core/css/core.import.css?digest=6dd226c2597867fc6cec5b1efe9713fb

Requested by

Host: profile.providencejournal.com
URL: https://profile.providencejournal.com/newsletters/preferences/?email=abennett@amica.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fa5c9d6357e466f05922e2666e99d56ba6f154e44b03371e42bf1c768fe8e4eb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://profile.providencejournal.com/newsletters/preferences/?email=abennett@amica.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Thu, 09 Mar 2023 16:22:55 GMT
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005"}
age: 782083
x-timer: S1678378976.697832,VS0,VE2
x-frame-options: DENY
x-cache: HIT, HIT
content-type: text/css
vary: Accept-Encoding
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
cache-control: max-age=86400, public
accept-ranges: bytes
content-length: 15020

GET
H2 200 requirejs_common.common.min.js Show response
profile.providencejournal.com/newsletters/resources/ui/js/ 26 KB
10 KB 31ms
31ms Script
text/javascript 151.101.66.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://profile.providencejournal.com/newsletters/resources/ui/js/requirejs_common.common.min.js?digest=6dd226c2597867fc6cec5b1efe9713fb

Requested by

Host: profile.providencejournal.com
URL: https://profile.providencejournal.com/newsletters/preferences/?email=abennett@amica.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e03144966e433c6432e5c6cc239099b7ec6ced4571c62270509bcf59592ae23d

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://profile.providencejournal.com/newsletters/preferences/?email=abennett@amica.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Thu, 09 Mar 2023 16:22:55 GMT
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005"}
age: 1932477
x-timer: S1678378976.698261,VS0,VE1
x-frame-options: DENY
x-cache: HIT, HIT
content-type: text/javascript
vary: Accept-Encoding
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
cache-control: max-age=86400, public
accept-ranges: bytes
content-length: 9806

GET
H2 200 ui_common.common.min.js Show response
profile.providencejournal.com/newsletters/resources/ui/js/ 151 KB
53 KB 61ms
59ms Script
text/javascript 151.101.66.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://profile.providencejournal.com/newsletters/resources/ui/js/ui_common.common.min.js?digest=6dd226c2597867fc6cec5b1efe9713fb

Requested by

Host: profile.providencejournal.com
URL: https://profile.providencejournal.com/newsletters/preferences/?email=abennett@amica.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4650e22dc343370eb53383e2ff0c9e59adfe0660fb1c9bcb55300280f2ebff31

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://profile.providencejournal.com/newsletters/preferences/?email=abennett@amica.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Thu, 09 Mar 2023 16:22:55 GMT
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005"}
age: 2020563
x-timer: S1678378976.701137,VS0,VE1
x-frame-options: DENY
x-cache: HIT, HIT
content-type: text/javascript
vary: Accept-Encoding
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
cache-control: max-age=86400, public
accept-ranges: bytes
content-length: 54172

GET
H2 200 newsletter_management_common.common.min.js Show response
profile.providencejournal.com/newsletters/resources/core/js/ 31 KB
11 KB 36ms
35ms Script
text/javascript 151.101.66.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://profile.providencejournal.com/newsletters/resources/core/js/newsletter_management_common.common.min.js?digest=6dd226c2597867fc6cec5b1efe9713fb

Requested by

Host: profile.providencejournal.com
URL: https://profile.providencejournal.com/newsletters/preferences/?email=abennett@amica.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9380763a1b297ba5b39bc676f23082610f810a11794ad2d40161fb5be6d9cb0f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://profile.providencejournal.com/newsletters/preferences/?email=abennett@amica.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Thu, 09 Mar 2023 16:22:55 GMT
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005"}
age: 1383175
x-timer: S1678378976.701232,VS0,VE1
x-frame-options: DENY
x-cache: HIT, HIT
content-type: text/javascript
vary: Accept-Encoding
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
cache-control: max-age=86400, public
accept-ranges: bytes
content-length: 11350

GET
H2 200 oo_style.js Show response
content-static.gannett.com/OpinionLab/ 24 KB
4 KB 123ms
28ms Script
application/javascript 151.101.66.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://content-static.gannett.com/OpinionLab/oo_style.js
Requested by: Host: profile.providencejournal.com
URL: https://profile.providencejournal.com/newsletters/preferences/?email=abennett@amica.com
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.101.66.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 36ab7524a07fcb1f5bcfde9f53464b2355bff5c5096575a5859c391fc3e2f0fd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://profile.providencejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

expires: Tue, 14 Feb 2023 13:34:10 GMT
date: Thu, 09 Mar 2023 16:22:55 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 1997326
x-amz-meta-goog-reserved-file-mtime: 1506107970
x-guploader-uploadid: ADPycdvtZjyGUcbxoF7rh1mFdkCgcFNrzZin0IHoBTSGHeaacnatWIpiThkVRpensnY_wW4giATdwgzq4Lx9WNFtACx6ju8WHEb6
x-cache: HIT, HIT
x-goog-storage-class: NEARLINE
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 3841
x-served-by: cache-iad-kcgs7200073-IAD, cache-chi-klot8100036-CHI
last-modified: Fri, 22 Sep 2017 19:25:37 GMT
server: UploadServer
x-timer: S1678378976.868550,VS0,VE1
etag: "b53ea8cbac0c2c93e7e1fcbdca97bdc9"
vary: Accept-Encoding
x-goog-generation: 1506108337720723
content-type: application/javascript
x-goog-hash: crc32c=4vC4kA==, md5=tT6oy6wMLJPn4fy9ype9yQ==
cache-control: private, max-age=0
x-goog-stored-content-length: 24298
accept-ranges: bytes
x-cache-hits: 15146, 1

GET
H2 200 main.js Show response
www.gannett-cdn.com/dcjs/prod/ 138 KB
38 KB 65ms
62ms Script
application/javascript 151.101.66.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gannett-cdn.com/dcjs/prod/main.js

Requested by

Host: profile.providencejournal.com
URL: https://profile.providencejournal.com/newsletters/preferences/?email=abennett@amica.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

fd0342f75c7effdc9507291f51bf0fa12bd0a2e3196db7800f15282871897fe6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://profile.providencejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:22:55 GMT
content-encoding: br
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 84580
x-amz-meta-goog-reserved-file-mtime: 1678294358
x-cache: HIT, HIT
content-length: 38681
last-modified: Wed, 08 Mar 2023 16:53:14 GMT
etag: "006988ef2f1a92d08b9b51c3d42f7cea"
vary: Accept-Encoding
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=3800
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3, 2535

GET
H2 200 logo-default.svg
www.gannett-cdn.com/gannett-web/properties/providencejournal/logos-and-branding/ 9 KB
4 KB 29ms
27ms Image
image/svg+xml 151.101.66.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gannett-cdn.com/gannett-web/properties/providencejournal/logos-and-branding/logo-default.svg

Requested by

Host: profile.providencejournal.com
URL: https://profile.providencejournal.com/newsletters/preferences/?email=abennett@amica.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

20407366757e1a04d08883682cc1928f32c12f64b36157215fc4bb78ec3a81b5

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://profile.providencejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: gzip
date: Thu, 09 Mar 2023 16:22:55 GMT
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 2530432
x-amz-meta-goog-reserved-file-mtime: 1604343910
x-cache: HIT, HIT
content-length: 3681
last-modified: Mon, 02 Nov 2020 19:06:09 GMT
etag: "e6c015a93866e51c05157ad942051185"
vary: Accept-Encoding
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 6170, 1

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 910 B
893 B 167ms
62ms Script
text/javascript 2607:f8b0:4006:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=recaptchaOnload&render=explicit

Requested by

Host: profile.providencejournal.com
URL: https://profile.providencejournal.com/newsletters/preferences/?email=abennett@amica.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

23332021628e42c377430e825b1b0f38183d50a84fad5c5c903edf6a7c902cc3

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://profile.providencejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:22:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 573
x-xss-protection: 1; mode=block
expires: Thu, 09 Mar 2023 16:22:55 GMT

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 171ms
24ms Script
application/javascript 2606:2800:220:de:468:2285:c1:4a3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: profile.providencejournal.com
URL: https://profile.providencejournal.com/newsletters/preferences/?email=abennett@amica.com
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:de:468:2285:c1:4a3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (cha/81DE) /
Resource Hash: 392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://profile.providencejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 09 Mar 2023 16:22:55 GMT
Content-Encoding: gzip
Age: 263
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27630
x-amzn-internal-status: 304
Last-Modified: Tue, 24 Jan 2023 21:41:51 GMT
Server: ECS (cha/81DE)
Etag: "9e99725b7a4cd730a934afba2a438bb5+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H2 200 NPRJ-TEALIUM-NEWSLETTER-MANAGEMENT.json Show response
www.gannett-cdn.com/dcc/prod/ 31 KB
6 KB 96ms
37ms Fetch
application/json 151.101.66.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gannett-cdn.com/dcc/prod/NPRJ-TEALIUM-NEWSLETTER-MANAGEMENT.json

Requested by

Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/dcjs/prod/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9d80d2883de094a3ed32927b5f7179fab19b4f206bf6a21e07aafaf4bd315687

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://profile.providencejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
content-encoding: br
date: Thu, 09 Mar 2023 16:22:55 GMT
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 239414
x-amz-meta-goog-reserved-file-mtime: 1675785542
x-cache: HIT, HIT
content-length: 5603
last-modified: Tue, 07 Feb 2023 16:05:17 GMT
etag: "567d412cfd9bedbfa01ea073e8a041ee"
vary: Accept-Encoding
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3800
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 5, 1

GET
H2

200

checkbox-sprite@2x.png
staticassets.gannettdigital.com/gci-static-assets/assets/global/newsletter-management/
Redirect Chain

https://profile.providencejournal.com/newsletters/resources/global/newsletter-management/checkbox-sprite@2x.png
https://staticassets.gannettdigital.com/gci-static-assets/assets/global/newsletter-management/checkbox-sprite@2x.png

2 KB
2 KB

45ms
30ms

Image
image/png

151.101.66.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://staticassets.gannettdigital.com/gci-static-assets/assets/global/newsletter-management/checkbox-sprite@2x.png
Requested by: Host: profile.providencejournal.com
URL: https://profile.providencejournal.com/newsletters/resources/core/css/core.import.css?digest=6dd226c2597867fc6cec5b1efe9713fb
Protocol: H2
Server: 151.101.66.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: c85187f49f0afb79ce0283eb4ace799c2ad50f082a73070a79fff807d46f4b38

Request headers

accept-language: en-US,en;q=0.9
Referer: https://profile.providencejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

expires: Wed, 08 Mar 2023 16:14:28 GMT
date: Thu, 09 Mar 2023 16:22:55 GMT
via: 1.1 varnish
age: 86907
x-amz-meta-goog-reserved-file-mtime: 1631212412
x-guploader-uploadid: ADPycdvFdz-_DRKXcqEZ7jTHulxMEmbHPxghrI7lUS6-z-0Fl7g3O1eeCaSb3KTzzY8mUnpQ7GvuIsdclf6cyRqcGolcJg
x-cache: HIT
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 1568
x-served-by: cache-chi-klot8100022-CHI
x-clacks-overhead: GNU Terry Pratchett
last-modified: Thu, 09 Sep 2021 18:33:52 GMT
server: UploadServer
x-timer: S1678378976.881655,VS0,VE2
etag: "bf1c7cfc3e9254d513dea2dc75dab60e"
x-goog-generation: 1631212432345744
content-type: image/png
access-control-allow-origin: *
x-goog-hash: crc32c=0iv3oA==, md5=vxx8/D6SVNUT3qLcddq2Dg==
cache-control: public, max-age=31536000
x-goog-stored-content-length: 1568
accept-ranges: bytes
x-cache-hits: 1

Redirect headers

content-security-policy: frame-ancestors 'none'
strict-transport-security: max-age=15724800; includeSubDomains
date: Thu, 09 Mar 2023 16:22:55 GMT
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005"}
age: 1392079
x-timer: S1678378976.826245,VS0,VE1
x-frame-options: DENY
x-cache: HIT, HIT
content-type: text/html; charset=utf-8
location: https://staticassets.gannettdigital.com/gci-static-assets/assets/global/newsletter-management/checkbox-sprite@2x.png
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
cache-control: max-age=86400, public
accept-ranges: bytes
content-length: 0

GET
H2 200 UnifySans_W_SBd.woff2
cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/themes/assets/universal/fonts/ 17 KB
18 KB 152ms
80ms Font
binary/octet-stream 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/themes/assets/universal/fonts/UnifySans_W_SBd.woff2

Requested by

Host: profile.providencejournal.com
URL: https://profile.providencejournal.com/newsletters/resources/core/css/core.import.css?digest=6dd226c2597867fc6cec5b1efe9713fb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a1780064eef819131bf6edccdc1d109d19f7be03b5aad25894b38b10bb07f66a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

Referer: https://profile.providencejournal.com/
Origin: https://profile.providencejournal.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:22:55 GMT
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS
content-length: 17876
x-served-by: cache-iad-kiad7000143-IAD, cache-chi-klot8100100-CHI
server: AmazonS3
x-timer: S1678378976.890094,VS0,VE43
etag: "eec61fc37ea7dff16e6503e33ab66949"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0

GET
H2 200 UnifySans_W_Rg.woff2
cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/themes/assets/universal/fonts/ 16 KB
16 KB 145ms
73ms Font
binary/octet-stream 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/themes/assets/universal/fonts/UnifySans_W_Rg.woff2

Requested by

Host: profile.providencejournal.com
URL: https://profile.providencejournal.com/newsletters/resources/core/css/core.import.css?digest=6dd226c2597867fc6cec5b1efe9713fb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

02bcac28f87dfcd0ec146c6d085d38ce01f412dcdbd194127f5d5667808125f9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

Referer: https://profile.providencejournal.com/
Origin: https://profile.providencejournal.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:22:55 GMT
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 0
x-amz-server-side-encryption: AES256
x-cache: MISS, MISS
content-length: 16620
x-served-by: cache-iad-kiad7000179-IAD, cache-chi-klot8100100-CHI
server: AmazonS3
x-timer: S1678378976.890260,VS0,VE37
etag: "3813aba0274244941c060a0cba29c5a2"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 0, 0

GET
H2 200 futura_today_normal.woff
cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/themes/assets/legacy/fonts/ 37 KB
37 KB 121ms
50ms Font
binary/octet-stream 151.101.2.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cpt-static.gannettdigital.com/universal-web-client/master/latest/gallium/themes/assets/legacy/fonts/futura_today_normal.woff

Requested by

Host: profile.providencejournal.com
URL: https://profile.providencejournal.com/newsletters/resources/core/css/core.import.css?digest=6dd226c2597867fc6cec5b1efe9713fb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.2.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5dbb36b00cc77f4fe8efd685b65e57a5e8bec9595d1b37fa0dd70b935a267fa9

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=63072000;includeSubDomains;preload

Request headers

Referer: https://profile.providencejournal.com/
Origin: https://profile.providencejournal.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:22:55 GMT
via: 1.1 varnish, 1.1 varnish
content-security-policy: upgrade-insecure-requests
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
strict-transport-security: max-age=63072000;includeSubDomains;preload
age: 15701
x-amz-server-side-encryption: AES256
x-cache: HIT, MISS
content-length: 37722
x-served-by: cache-iad-kcgs7200163-IAD, cache-chi-klot8100100-CHI
server: AmazonS3
x-timer: S1678378976.890271,VS0,VE25
etag: "ea8e2625c2ec96e0dab62894de2c9725"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: binary/octet-stream
access-control-allow-origin: *
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
access-control-expose-headers: Location
cache-control: max-age=3600
vary: Origin
accept-ranges: bytes
x-robots-tag: noindex, nofollow
x-cache-hits: 1, 0

GET
H2 200 / Show response
user.providencejournal.com/NPRJ-GUP/user/ 998 B
2 KB 212ms
195ms XHR
application/json 151.101.66.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://user.providencejournal.com/NPRJ-GUP/user/

Requested by

Host: profile.providencejournal.com
URL: https://profile.providencejournal.com/newsletters/resources/ui/js/ui_common.common.min.js?digest=6dd226c2597867fc6cec5b1efe9713fb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

bc10f8b886a7635638209cdc2b7156ebe16c3502284b02ee65979f3ce069342b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://profile.providencejournal.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-cache-hits: 0
content-security-policy: frame-ancestors 'none'
date: Thu, 09 Mar 2023 16:22:56 GMT
x-content-type-options: nosniff
via: 1.1 varnish
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
x-cache: MISS
content-length: 998
x-served-by: cache-chi-klot8100022-CHI
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-frame-options: DENY
vary: Origin
content-type: application/json
access-control-allow-origin: https://profile.providencejournal.com
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
cache-control: max-age=0, no-cache, no-store, must-revalidate, private
access-control-allow-credentials: true
accept-ranges: bytes
expires: Thu, 09 Mar 2023 16:22:56 GMT

GET
H2 200 manage_def.js Show response
profile.providencejournal.com/newsletters/resources/manage/js/views/ 16 KB
5 KB 45ms
35ms Script
text/javascript 151.101.66.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://profile.providencejournal.com/newsletters/resources/manage/js/views/manage_def.js?digest=6dd226c2597867fc6cec5b1efe9713fb

Requested by

Host: profile.providencejournal.com
URL: https://profile.providencejournal.com/newsletters/resources/ui/js/requirejs_common.common.min.js?digest=6dd226c2597867fc6cec5b1efe9713fb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6396413d842389acece9fe1da89bf96e0aecb08f3f1cb61cba6f8c4c0dd19a2b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://profile.providencejournal.com/newsletters/preferences/?email=abennett@amica.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Thu, 09 Mar 2023 16:22:55 GMT
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005"}
age: 3389895
x-timer: S1678378976.870886,VS0,VE2
x-frame-options: DENY
x-cache: HIT, HIT
content-type: text/javascript
vary: Accept-Encoding
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
cache-control: max-age=86400, public
accept-ranges: bytes
content-length: 4839

GET
H2 200 shim.css
profile.providencejournal.com/newsletters/resources/core/js/webshim/src/shims/styles/ 14 KB
3 KB 37ms
28ms Stylesheet
text/plain 151.101.66.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://profile.providencejournal.com/newsletters/resources/core/js/webshim/src/shims/styles/shim.css

Requested by

Host: profile.providencejournal.com
URL: https://profile.providencejournal.com/newsletters/resources/ui/js/ui_common.common.min.js?digest=6dd226c2597867fc6cec5b1efe9713fb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7ae8f14c176eb619347bc11a13c032bb2466e0982ede04c1825ad9c3fcc0594e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://profile.providencejournal.com/newsletters/preferences/?email=abennett@amica.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Thu, 09 Mar 2023 16:22:55 GMT
last-modified: Mon, 12 Sep 2022 18:48:48 GMT
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005"}
age: 2008275
x-timer: S1678378976.870775,VS0,VE1
vary: Accept-Encoding
x-cache: HIT, HIT
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
cache-control: max-age=86400, public
accept-ranges: bytes
content-length: 3146

GET
H2 200 form-core.js Show response
profile.providencejournal.com/newsletters/resources/core/js/webshim/src/shims/ 9 KB
3 KB 37ms
29ms Script
text/plain 151.101.66.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://profile.providencejournal.com/newsletters/resources/core/js/webshim/src/shims/form-core.js

Requested by

Host: profile.providencejournal.com
URL: https://profile.providencejournal.com/newsletters/resources/ui/js/ui_common.common.min.js?digest=6dd226c2597867fc6cec5b1efe9713fb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

67cb53a5888d0b879dbde4d0b3ce05a50498163d17481c621e76365c30d0ff06

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://profile.providencejournal.com/newsletters/preferences/?email=abennett@amica.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Thu, 09 Mar 2023 16:22:55 GMT
last-modified: Mon, 12 Sep 2022 18:48:48 GMT
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005"}
age: 1380299
x-timer: S1678378976.870890,VS0,VE1
vary: Accept-Encoding
x-cache: HIT, HIT
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
cache-control: max-age=86400, public
accept-ranges: bytes
content-length: 2855

GET
H2 200 lodash.js Show response
profile.providencejournal.com/newsletters/resources/core/js/ 73 KB
24 KB 32ms
31ms Script
text/plain 151.101.66.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://profile.providencejournal.com/newsletters/resources/core/js/lodash.js?digest=6dd226c2597867fc6cec5b1efe9713fb

Requested by

Host: profile.providencejournal.com
URL: https://profile.providencejournal.com/newsletters/resources/ui/js/requirejs_common.common.min.js?digest=6dd226c2597867fc6cec5b1efe9713fb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

50a8d144e45d069d3997b5d8a70635f1bba85fc97813c73801250f3ff00aad39

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://profile.providencejournal.com/newsletters/preferences/?email=abennett@amica.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Thu, 09 Mar 2023 16:22:55 GMT
last-modified: Mon, 12 Sep 2022 18:48:48 GMT
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005"}
age: 3750098
x-timer: S1678378976.919317,VS0,VE3
vary: Accept-Encoding
x-cache: HIT, HIT
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
cache-control: max-age=86400, public
accept-ranges: bytes
content-length: 24505

GET
H2 200 featherlight.js Show response
profile.providencejournal.com/newsletters/resources/core/js/ 36 KB
8 KB 29ms
29ms Script
text/plain 151.101.66.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://profile.providencejournal.com/newsletters/resources/core/js/featherlight.js?digest=6dd226c2597867fc6cec5b1efe9713fb

Requested by

Host: profile.providencejournal.com
URL: https://profile.providencejournal.com/newsletters/resources/ui/js/requirejs_common.common.min.js?digest=6dd226c2597867fc6cec5b1efe9713fb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

55326f24f5e76431bff2711b8317b73d6fa22f27d817e53442d2a6c3b00902e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://profile.providencejournal.com/newsletters/preferences/?email=abennett@amica.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Thu, 09 Mar 2023 16:22:55 GMT
last-modified: Mon, 12 Sep 2022 18:48:48 GMT
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005"}
age: 2022654
x-timer: S1678378976.919406,VS0,VE2
vary: Accept-Encoding
x-cache: HIT, HIT
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
cache-control: max-age=86400, public
accept-ranges: bytes
content-length: 8125

GET
H2 200 sdk.js Show response
connect.facebook.net/en_US/ 3 KB
2 KB 145ms
45ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js

Requested by

Host: profile.providencejournal.com
URL: https://profile.providencejournal.com/newsletters/resources/manage/js/views/manage_def.js?digest=6dd226c2597867fc6cec5b1efe9713fb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bf49e96238a8046d73fbc891c52b36f635c285aead7d8d26b094fc0d9615c35a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: en-US,en;q=0.9
Referer: https://profile.providencejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 09 Mar 2023 16:22:56 GMT
content-md5: 0BcR36rvfSkFKJGgR0fvxw==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 1687
x-fb-rlafr: 0
x-fb-debug: AT2igsu+KabmHJwoeo08/gex1Kk2kdcdi19X18CfA4cVYzyaczccMTJJZ54isJlCHgiT6YfHOREwYu0KFXo6sg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1512268381
x-fb-content-md5: 9555b230153e60c08c123fa211bec41d
cross-origin-opener-policy: same-origin-allow-popups
etag: "f982d553df023d304a7d4867710190a1"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Thu, 09 Mar 2023 16:35:04 GMT

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain

https://sb.scorecardresearch.com/cs/6035223/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

4 KB
2 KB

46ms
44ms

Script
application/javascript

13.225.195.115
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by: Host: profile.providencejournal.com
URL: https://profile.providencejournal.com/newsletters/preferences/
Protocol: H2
Server: 13.225.195.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-195-115.yul62.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465

Request headers

accept-language: en-US,en;q=0.9
Referer: https://profile.providencejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:09:02 GMT
content-encoding: gzip
via: 1.1 1df98836515ac348d12c9af86e1ecc48.cloudfront.net (CloudFront)
last-modified: Thu, 09 Mar 2023 10:02:11 GMT
server: AmazonS3
x-amz-cf-pop: YUL62-C1
age: 835
etag: W/"77ff4ede4693897337a38594321529a3"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: C-XRXWFsquxB_SMMighv-aXw5hLyJ7erLZK4zJJWDTEq76HWxEBKbw==

Redirect headers

location: /internal-cs/default/beacon.js
date: Thu, 09 Mar 2023 16:22:56 GMT
via: 1.1 1df98836515ac348d12c9af86e1ecc48.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-C1
content-length: 0
x-amz-cf-id: 78AVWputUN6Iufr3dAPWzKHrfq15W5vSgcxtz69W3JmRpwtLj1Io6Q==
x-cache: Miss from cloudfront

POST
H2 204 NPRJ-GCIAF-STANDARD
www.gannett-cdn.com/gciaf/prod/ 0
0 96ms
95ms Fetch
text/html 151.101.66.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gannett-cdn.com/gciaf/prod/NPRJ-GCIAF-STANDARD

Requested by

Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/dcjs/prod/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests;frame-ancestors 'none';default-src 'none'
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	1;mode=block

Request headers

Referer: https://profile.providencejournal.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Thu, 09 Mar 2023 16:22:56 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests;frame-ancestors 'none';default-src 'none'
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
x-cache: MISS
x-xss-protection: 1;mode=block
referrer-policy: strict-origin-when-cross-origin
cross-origin-opener-policy: same-origin
vary: Origin
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://profile.providencejournal.com
origin-agent-cluster: ?1
cache-control: no-store
access-control-allow-credentials: true
feature-policy: autoplay 'none';camera 'none';display-capture 'none';encrypted-media 'none';fullscreen 'none';geolocation 'none';microphone 'none';midi 'none';payment 'none';picture-in-picture 'none';publickey-credentials-get 'none';sync-xhr 'none';usb 'none';xr-spatial-tracking 'none'
permissions-policy: autoplay=(),camera=(),display-capture=(),encrypted-media=(),fullscreen=(),geolocation=(),microphone=(),midi=(),payment=(),picture-in-picture=(),publickey-credentials-get=(),usb=(),xr-spatial-tracking=()
x-frame-options: DENY
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 0

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 143ms
39ms Script
text/javascript 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/dcjs/prod/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-US,en;q=0.9
Referer: https://profile.providencejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 09 Mar 2023 14:47:24 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 5732
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Thu, 09 Mar 2023 16:47:24 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 193 KB
70 KB 159ms
57ms Script
application/javascript 2607:f8b0:4006:823::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-5JJXNTWR1D

Requested by

Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/dcjs/prod/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:823::2008 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

439b9faa37d79b97614ef0c926b519ac47d25aefa746a7c7dc6977db7e726d8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://profile.providencejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:22:56 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 71605
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 09 Mar 2023 16:22:56 GMT

GET
H2 200 p.js Show response
cdn.parsely.com/keys/providencejournal.com/ 71 KB
25 KB 183ms
53ms Script
application/javascript 52.85.107.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/providencejournal.com/p.js
Requested by: Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/dcjs/prod/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.85.107.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-85-107-60.yul62.r.cloudfront.net
Software: nginx /
Resource Hash: 6a62c325e97e3bc8066a8f9f01957af2a94b9143a3b03feee7b529b1a49030e3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://profile.providencejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: public
date: Thu, 09 Mar 2023 11:57:36 GMT
content-encoding: gzip
via: 1.1 43334f58904cd7106ee523ee0361b402.cloudfront.net (CloudFront)
last-modified: Mon, 22 Feb 2021 19:24:27 GMT
server: nginx
x-amz-cf-pop: YUL62-C2
age: 16016
etag: W/"603404eb-11db0"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400, public
x-amz-cf-id: W4WYMOJMSKh4jpfBNXL5_2wV2ZxQ86m57W1itdgaquTTgWv66j4JKw==
expires: Fri, 10 Mar 2023 11:56:00 GMT

GET
H2 200 vlliiwus2.js Show response
cdn.krxd.net/controltag/ 38 KB
11 KB 101ms
29ms Script
text/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/vlliiwus2.js
Requested by: Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/dcjs/prod/main.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5303d95ac3d24c2f57bb54682993f72d4e16c6ca413e84963936bbeba759ca90

Request headers

accept-language: en-US,en;q=0.9
Referer: https://profile.providencejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Thu, 09 Mar 2023 16:22:56 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 421
x-cache: MISS, HIT, HIT
x-app-cache: HIT
x-age: 0
content-length: 11104
x-served-by: config-service-a006-ash-prod.krxd.net, cache-iad-kiad7000055-IAD, cache-chi-klot8100115-CHI
x-response-time: 0
x-do-esi: esi
x-timer: S1678378976.097271,VS0,VE0
etag: "5c13205ed7d3cf118328b0bc529ba9b49a2f0a72"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 5, 2

GET
H2 200 A2920824-78d2-4593-b257-ae490811f1a01.js Show response
d.impactradius-event.com/ 53 KB
16 KB 94ms
30ms Script
text/javascript 35.186.249.72
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://d.impactradius-event.com/A2920824-78d2-4593-b257-ae490811f1a01.js
Requested by: Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/dcjs/prod/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.249.72 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 72.249.186.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 8e249db137399f6d8c9b59749301dc39072c04594f014a1debdafb19eecd1dcd

Request headers

accept-language: en-US,en;q=0.9
Referer: https://profile.providencejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:21:59 GMT
content-encoding: gzip
age: 57
x-guploader-uploadid: ADPycdu48s_I-BVEnxPODpyuXQ2zGfnEiDoIsnuwRicc55Hn8dBN-cXTv5zloMYV3g8xPMCGwQ44DKoXiKdIIP7GvgDa2g
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15485
last-modified: Tue, 28 Feb 2023 15:52:22 GMT
server: UploadServer
etag: "6ccc1f37fe1db9b1002e892ae450205e"
vary: Accept-Encoding
x-goog-generation: 1677599542704317
x-goog-hash: crc32c=J6P4NQ==, md5=bMwfN/4dubEALokq5FAgXg==
access-control-allow-origin: *
content-type: text/javascript; charset=utf-8
cache-control: public,max-age=900,s-maxage=300
x-goog-stored-content-length: 15485
accept-ranges: bytes
expires: Thu, 09 Mar 2023 16:26:59 GMT

GET
H2 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/MuIyr8Ej74CrXhJDQy37RPBe/ 402 KB
161 KB 139ms
40ms Script
text/javascript 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/MuIyr8Ej74CrXhJDQy37RPBe/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=recaptchaOnload&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5bff966f57c4e61aabbe35e5ce3ff49e5f370233d790fae7263789a9b842362

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://profile.providencejournal.com/
Origin: https://profile.providencejournal.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:18:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 243
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 163842
x-xss-protection: 0
last-modified: Sun, 05 Mar 2023 21:03:42 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Mar 2024 16:18:53 GMT

GET
H/1.1 200
OK widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html Show response
platform.twitter.com/widgets/ Frame 7E8B 320 KB
104 KB 29ms
26ms Document
text/html 2606:2800:220:de:468:2285:c1:4a3
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fprofile.providencejournal.com
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:220:de:468:2285:c1:4a3 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (cha/81DE) /
Resource Hash: 4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer: https://profile.providencejournal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 3782376
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105435
Content-Type: text/html; charset=utf-8
Date: Thu, 09 Mar 2023 16:22:56 GMT
Etag: "95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (cha/81DE)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-tw-cdn: VZ

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 7E8B 664 B
603 B 290ms
49ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=4f5fef7a82b5b95675627c5a74248957b103e3bf

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fprofile.providencejournal.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

b0e3dea3ead4a88d28a0203a5dd56155100bf5d61b73c371992aa9f211ff5480

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-US,en;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-response-time: 5
date: Thu, 09 Mar 2023 16:22:55 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Thu, 09 Mar 2023 16:22:56 GMT
server: tsa_b
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: 2a377082712805d2
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: db8dcd0f753a7278ec278bb59dbd2bcee396fe20d110ba818eac603b5d62f330
content-length: 284

POST
H2 200 14143 Show response
gannett.sjv.io/xur/ 120 B
678 B 249ms
39ms XHR
application/json 35.227.211.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://gannett.sjv.io/xur/14143
Requested by: Host: d.impactradius-event.com
URL: https://d.impactradius-event.com/A2920824-78d2-4593-b257-ae490811f1a01.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.227.211.136 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 136.211.227.35.bc.googleusercontent.com
Software: /
Resource Hash: f0598b6347b869f6ea9e252a3da891591bb55cd17a76901c12eb42ffac43ba67

Request headers

Referer: https://profile.providencejournal.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 16:22:56 GMT
via: 1.1 google
p3p: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
access-control-allow-origin: https://profile.providencejournal.com
content-type: application/json; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials: true
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 09 Mar 2023 16:22:56 GMT

GET
H2 200 controltag.js.d58f47095e6041e576ee04944cca45da Show response
cdn.krxd.net/ctjs/ 259 KB
83 KB 26ms
24ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.d58f47095e6041e576ee04944cca45da
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/vlliiwus2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2b1e3b3fb908a46f761d6e16bbb691442b94d9b7f22146d42b720b427b0b82ae

Request headers

accept-language: en-US,en;q=0.9
Referer: https://profile.providencejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Thu, 09 Mar 2023 16:22:56 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 504137
age: 13485595
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 84766
x-served-by: cache-chi-klot8100115-CHI
last-modified: Tue, 04 Oct 2022 09:41:11 GMT
x-timer: S1678378976.207633,VS0,VE0
etag: "d58f47095e6041e576ee04944cca45da"
content-type: application/javascript
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Fri, 01 Oct 2032 09:41:10 GMT

GET
H3 200 sdk.js Show response
connect.facebook.net/en_US/ 306 KB
87 KB 99ms
45ms Script
application/x-javascript 2a03:2880:f012:10c:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/sdk.js?hash=6eb6cb083342612e7ae73d594979b072

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f012:10c:face:b00c:0:3 Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cd7c4a748e80bc97a94f60df97812d8eb9e2b4ffd5aeaf7f61bc44f43c5c72cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://profile.providencejournal.com/
Origin: https://profile.providencejournal.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 09 Mar 2023 16:22:56 GMT
content-md5: SHWQ3hlblDdtEVw31M1jCA==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 88566
x-fb-rlafr: 0
x-fb-debug: kSYNjzfdQW5ZvY8WbTSxAbBhjfSxFunZdF75Mv/5pQMINp+H2QEBbUEURthskuC9ZGPxJoxE7cC/cJJrMfcD6g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-content-md5: 9cf2df710ab4ed0c771b8f28dea13d60
cross-origin-opener-policy: same-origin-allow-popups
etag: "59f3020617479729a9036e7e46d48b4a"
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=31536000,stale-while-revalidate=3600,immutable
x-frame-options: DENY
timing-allow-origin: *
priority: u=3,i
expires: Fri, 08 Mar 2024 12:21:39 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
219 B 59ms
57ms XHR
text/plain 2607:f8b0:4006:821::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=2041423335&t=pageview&_s=1&dl=https%3A%2F%2Fprofile.providencejournal.com%2Fnewsletters%2Fpreferences%2F&ul=en-us&de=UTF-8&dt=Newsletters%20%7C%20The%20Providence%20Journal&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KHBAAEABEAAAACgAI~&jid=253058401&gjid=1630601809&cid=1071105153.1678378976&tid=UA-166840762-48&_gid=900041296.1678378976&_r=1&_slc=1&cd177=light&cd166=1&cd130=no&cd5=4%3A00%20pm&cd6=0&cd25=Newsletters%20%7C%20The%20Providence%20Journal&cd58=&cd62=null&cd64=null&cd63=null&cd30=newsletter-management&cd132=7b558fa0-a275-4385-a05c-7980ec8e5f93&cd1=pageview&cd128=&cd129=&cd72=&cd126=&cd127=&cd159=&cd2=gciAnalytics%3Aprod%3A0.264.1%3ANPRJ-TEALIUM-NEWSLETTER-MANAGEMENT&cd3=0.264.1&cd108=&cd45=desktop&cd49=newsletter-management&cd91=https%3A%2F%2Fprofile.providencejournal.com%2Fnewsletters%2Fpreferences%2F&cd77=NPRJ-E&cd95=Providence%2C%20RI&cd68=RI&cd67=new%20england&cd43=&cd28=NPRJ&cd99=GateHouse&cd162=1&cd79=NPRJ-TEALIUM-NEWSLETTER-MANAGEMENT&cd32=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F111.0.5563.64%20Safari%2F537.36&cd4=9a90fb10-9aeb-4163-9fed-2e754973144d&cd40=1&cd160=null&cd42=null&cd90=0&cd33=na&cd7=1071105153.1678378976.55380737&cd44=1071105153.1678378976&z=1975624120

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:821::200e Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://profile.providencejournal.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 16:22:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://profile.providencejournal.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
259 B 211ms
44ms Image
image/gif 54.144.144.142
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1678378976273&plid=12037635&idsite=providencejournal.com&url=https%3A%2F%2Fprofile.providencejournal.com%2Fnewsletters%2Fpreferences%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%22sevenDayReturn%22%3Afalse%2C%22userType%22%3A%22na%22%7D&tagManager=gciAnalytics%3Aprod%3A0.264.1%3ANPRJ-TEALIUM-NEWSLETTER-MANAGEMENT&sid=1&surl=https%3A%2F%2Fprofile.providencejournal.com%2Fnewsletters%2Fpreferences%2F&sref=&sts=1678378976262&slts=0&title=Newsletters+%7C+The+Providence+Journal&date=Thu+Mar+09+2023+16%3A22%3A56+GMT%2B0000+(GMT)&action=pageview&urlRef=https%3A%2F%2Fprofile.providencejournal.com%2Fnewsletters%2Fpreferences%2F&js=1&pvid=18184487&u=pid%3D33a07376f2feb3b11e562a8a68b7ae9e
Requested by: Host: profile.providencejournal.com
URL: https://profile.providencejournal.com/newsletters/preferences/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.144.144.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-144-144-142.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: en-US,en;q=0.9
Referer: https://profile.providencejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Date: Thu, 09 Mar 2023 16:22:56 GMT
Cache-Control: no-cache
Last-Modified: Thursday, 09-Mar-2023 16:22:56 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2

204

b2
sb.scorecardresearch.com/
Redirect Chain

https://sb.scorecardresearch.com/b?c2=6035223&c1=2&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1678378976278&ns_c=UTF-8&c4=https%3A%2F%2Fprofile.providencejournal.com%2Fnewsletters%2Fpreferences%2F&c15=9a...
https://sb.scorecardresearch.com/b2?c2=6035223&c1=2&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1678378976278&ns_c=UTF-8&c4=https%3A%2F%2Fprofile.providencejournal.com%2Fnewsletters%2Fpreferences%2F&c15=9...

0
190 B

58ms
57ms

Image
text/plain

13.225.195.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c2=6035223&c1=2&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1678378976278&ns_c=UTF-8&c4=https%3A%2F%2Fprofile.providencejournal.com%2Fnewsletters%2Fpreferences%2F&c15=9a90fb10-9aeb-4163-9fed-2e754973144d&cs_ucfr=&c7=https%3A%2F%2Fprofile.providencejournal.com%2Fnewsletters%2Fpreferences%2F&c8=Newsletters%20%7C%20The%20Providence%20Journal&c9=
Requested by: Host: profile.providencejournal.com
URL: https://profile.providencejournal.com/newsletters/preferences/
Protocol: H2
Server: 13.225.195.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-195-115.yul62.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://profile.providencejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:22:56 GMT
via: 1.1 1df98836515ac348d12c9af86e1ecc48.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-C1
x-amz-cf-id: EJgijME_CNu9k0BVaaXujWJEa3rCEJyKY9sN4n_xKFtAq_5luAeBNg==
x-cache: Miss from cloudfront

Redirect headers

location: /b2?c2=6035223&c1=2&cs_it=b8&cv=4.0.0%2B2301240627&ns__t=1678378976278&ns_c=UTF-8&c4=https%3A%2F%2Fprofile.providencejournal.com%2Fnewsletters%2Fpreferences%2F&c15=9a90fb10-9aeb-4163-9fed-2e754973144d&cs_ucfr=&c7=https%3A%2F%2Fprofile.providencejournal.com%2Fnewsletters%2Fpreferences%2F&c8=Newsletters%20%7C%20The%20Providence%20Journal&c9=
date: Thu, 09 Mar 2023 16:22:56 GMT
via: 1.1 1df98836515ac348d12c9af86e1ecc48.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-C1
content-length: 0
x-amz-cf-id: lN2OzQgMhjYdUx0iDiqvDnPgHoypkwBAWwMxyGD4KvclQeXiTG-62A==
x-cache: Miss from cloudfront

POST
H2 204 collect
analytics.google.com/g/ 0
264 B 101ms
35ms Ping
text/plain 2001:4860:4802:34::181
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.google.com/g/collect?v=2&tid=G-5JJXNTWR1D&gtm=45je3360&_p=2041423335&_gaz=1&cid=1071105153.1678378976&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&uid=9a90fb10-9aeb-4163-9fed-2e754973144d&cu=USD&dl=https%3A%2F%2Fprofile.providencejournal.com%2Fnewsletters%2Fpreferences%2F&dr=&sid=1678378976&sct=1&seg=0&dt=Newsletters%20%7C%20The%20Providence%20Journal&en=page_view&_fv=1&_ss=1&_ee=1&epn.client_pixel_ratio=1&ep.client_gpc=no&ep.client_time_of_day=4%3A00%20pm&epn.client_time_zone_offset=0&ep.content_headline=Newsletters%20%7C%20The%20Providence%20Journal&ep.page_path=%2Fnewsletters%2Fpreferences%2F&ep.content_ssts_subsection=null&ep.content_ssts_subtopic=null&ep.content_ssts_topic=null&ep.content_type=newsletter-management&ep.event_id=7b558fa0-a275-4385-a05c-7980ec8e5f93&ep.event_type=pageview&ep.page_analytics_implementation=gciAnalytics%3Aprod%3A0.264.1%3ANPRJ-TEALIUM-NEWSLETTER-MANAGEMENT&ep.page_bot_status=&ep.page_experience_type=desktop&ep.page_experience_version=newsletter-management&ep.page_full_url=https%3A%2F%2Fprofile.providencejournal.com%2Fnewsletters%2Fpreferences%2F&ep.page_gci_unit=NPRJ-E&ep.ga_client_id=GA1.2.1071105153.1678378976&ep.page_publication_city=Providence&ep.page_publication_name=The%20Providence%20Journal&ep.page_publication_state=RI&ep.page_publishing_group=new%20england&ep.page_referrer_url=&ep.page_legacy_company=GateHouse&ep.page_site_code=NPRJ&ep.page_site_tier=1&up.user_id=39dc8005-ebc6-4125-9378-d6e83e331ed7&up.page_ab_slot=&up.page_ab_slot_ub=&up.user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F111.0.5563.64%20Safari%2F537.36&up.user_anonymous_id=9a90fb10-9aeb-4163-9fed-2e754973144d&up.user_propensity_to_subsc=&up.user_permission_sale_pii=true&up.user_segmentation=&up.user_type=na
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5JJXNTWR1D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::181 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://profile.providencejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 16:22:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://profile.providencejournal.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
255 B 138ms
45ms Ping
text/plain 2607:f8b0:4004:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-5JJXNTWR1D&cid=1071105153.1678378976&gtm=45je3360&aip=1&uid=9a90fb10-9aeb-4163-9fed-2e754973144d
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-5JJXNTWR1D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://profile.providencejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 16:22:56 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://profile.providencejournal.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 42DE 48 KB
26 KB 88ms
80ms Document
text/html 2607:f8b0:4006:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeEzzUUAAAAAJnyx5T-8YW6NVuQDHcLQECyoVZ2&co=aHR0cHM6Ly9wcm9maWxlLnByb3ZpZGVuY2Vqb3VybmFsLmNvbTo0NDM.&hl=en&v=MuIyr8Ej74CrXhJDQy37RPBe&size=invisible&badge=bottomleft&cb=xzfl6bjomqk7

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/MuIyr8Ej74CrXhJDQy37RPBe/recaptcha__en.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

785d05c81ced7734db8d67248bed0cb73b9acd26dbdb481a9a90eba8d498691a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-wrMtskwnCyl3aK6Ar-fzQg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://profile.providencejournal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 26621
content-security-policy: script-src 'report-sample' 'nonce-wrMtskwnCyl3aK6Ar-fzQg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 16:22:56 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 2 B
149 B 93ms
47ms XHR
text/plain 2607:f8b0:4004:c1b::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-166840762-48&cid=1071105153.1678378976&jid=253058401&gjid=1630601809&_gid=900041296.1678378976&_u=KHBAAEAAEAAAACgAI~&z=1118190168

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4004:c1b::9d Washington, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://profile.providencejournal.com/
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 09 Mar 2023 16:22:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://profile.providencejournal.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 proxy.3d2100fd7107262ecb55ce6847f01fa5.html Show response
cdn.krxd.net/partnerjs/xdi/ Frame 30E9 805 B
827 B 35ms
27ms Document
text/html 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.d58f47095e6041e576ee04944cca45da
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9

Request headers

Referer: https://profile.providencejournal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

accept-ranges: bytes
age: 21444602
cache-control: public, max-age=315360000
content-encoding: gzip
content-length: 525
content-type: text/html
date: Thu, 09 Mar 2023 16:22:56 GMT
etag: "3d2100fd7107262ecb55ce6847f01fa5"
expires: Fri, 19 Feb 2027 17:50:50 GMT
last-modified: Tue, 21 Feb 2017 17:50:54 GMT
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 187299
x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3
x-served-by: cache-chi-klot8100115-CHI
x-timer: S1678378976.470590,VS0,VE0

GET
H2 200 e88225a2-3b7b-45e3-9cc2-a3130b91f0db Show response
consumer.krxd.net/consent/get/ 237 B
436 B 105ms
33ms Script
text/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/e88225a2-3b7b-45e3-9cc2-a3130b91f0db?idt=device&dt=kxcookie&callback=Krux.ns.gannett.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.d58f47095e6041e576ee04944cca45da
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 208d4d3247c0b03ec9ef551ced347e1daf0ce627c391567940e2894212a24df7

Request headers

accept-language: en-US,en;q=0.9
Referer: https://profile.providencejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-served-by: consumer-a009-ash-prod.krxd.net, cache-chi-kigq8000103-CHI
date: Thu, 09 Mar 2023 16:22:56 GMT
content-encoding: gzip
via: 1.1 varnish
age: 59
x-timer: S1678378977.571587,VS0,VE1
vary: Accept-Encoding
x-cache: MISS, HIT
content-type: text/javascript; charset=UTF-8
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
content-length: 192
x-cache-hits: 0, 1

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/MuIyr8Ej74CrXhJDQy37RPBe/ Frame 42DE 55 KB
24 KB 138ms
50ms Stylesheet
text/css 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/MuIyr8Ej74CrXhJDQy37RPBe/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeEzzUUAAAAAJnyx5T-8YW6NVuQDHcLQECyoVZ2&co=aHR0cHM6Ly9wcm9maWxlLnByb3ZpZGVuY2Vqb3VybmFsLmNvbTo0NDM.&hl=en&v=MuIyr8Ej74CrXhJDQy37RPBe&size=invisible&badge=bottomleft&cb=xzfl6bjomqk7

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:21:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 97
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Sun, 05 Mar 2023 21:03:42 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Mar 2024 16:21:19 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/MuIyr8Ej74CrXhJDQy37RPBe/ Frame 42DE 402 KB
160 KB 136ms
48ms Script
text/javascript 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/MuIyr8Ej74CrXhJDQy37RPBe/recaptcha__en.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5bff966f57c4e61aabbe35e5ce3ff49e5f370233d790fae7263789a9b842362

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:16:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 413
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 163842
x-xss-protection: 0
last-modified: Sun, 05 Mar 2023 21:03:42 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Mar 2024 16:16:03 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 64ms
62ms Image
image/gif 2607:f8b0:4006:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-166840762-48&cid=1071105153.1678378976&jid=253058401&_u=KHBAAEAAEAAAACgAI~&z=1290787550

Requested by

Host: profile.providencejournal.com
URL: https://profile.providencejournal.com/newsletters/preferences/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://profile.providencejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 16:22:56 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vlliiwus2.js Show response
cdn.krxd.net/controltag/ Frame 30E9 38 KB
11 KB 30ms
26ms Script
text/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/vlliiwus2.js
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 5303d95ac3d24c2f57bb54682993f72d4e16c6ca413e84963936bbeba759ca90

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Thu, 09 Mar 2023 16:22:56 GMT
content-encoding: gzip
via: 1.1 varnish, 1.1 varnish
age: 421
x-cache: MISS, HIT, HIT
x-app-cache: HIT
x-age: 0
content-length: 11104
x-served-by: config-service-a006-ash-prod.krxd.net, cache-iad-kiad7000055-IAD, cache-chi-klot8100115-CHI
x-response-time: 0
x-do-esi: esi
x-timer: S1678378977.579434,VS0,VE0
etag: "5c13205ed7d3cf118328b0bc529ba9b49a2f0a72"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 5, 3

GET
H2 200 controltag.js.d58f47095e6041e576ee04944cca45da Show response
cdn.krxd.net/ctjs/ Frame 30E9 259 KB
83 KB 27ms
26ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.d58f47095e6041e576ee04944cca45da
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/vlliiwus2.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 2b1e3b3fb908a46f761d6e16bbb691442b94d9b7f22146d42b720b427b0b82ae

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Thu, 09 Mar 2023 16:22:56 GMT
content-encoding: gzip
via: 1.1 varnish
x-cache-hits: 504138
age: 13485596
x-amz-server-side-encryption: AES256
x-cache: HIT
content-length: 84766
x-served-by: cache-chi-klot8100115-CHI
last-modified: Tue, 04 Oct 2022 09:41:11 GMT
x-timer: S1678378977.618229,VS0,VE0
etag: "d58f47095e6041e576ee04944cca45da"
content-type: application/javascript
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Fri, 01 Oct 2032 09:41:10 GMT

GET
H2 200 e88225a2-3b7b-45e3-9cc2-a3130b91f0db Show response
consumer.krxd.net/consent/get/ Frame 30E9 222 B
312 B 53ms
52ms Script
text/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/e88225a2-3b7b-45e3-9cc2-a3130b91f0db?idt=device&dt=kxcookie&callback=Krux.ns.gannett.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.d58f47095e6041e576ee04944cca45da
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 7c8324267f61d882a3cb762406bb735a75abc4792826c5d8e0323bef76b9be26

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-served-by: consumer-a015-ash-prod.krxd.net, cache-chi-kigq8000103-CHI
date: Thu, 09 Mar 2023 16:22:56 GMT
content-encoding: gzip
via: 1.1 varnish
age: 0
x-timer: S1678378977.740364,VS0,VE29
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
content-length: 184
x-cache-hits: 0, 0

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame 42DE 2 KB
2 KB 48ms
47ms Image
image/png 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/MuIyr8Ej74CrXhJDQy37RPBe/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/MuIyr8Ej74CrXhJDQy37RPBe/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 15:15:23 GMT
x-content-type-options: nosniff
age: 90453
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Wed, 15 Mar 2023 15:15:23 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 42DE 15 KB
16 KB 150ms
50ms Font
font/woff2 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:16:37 GMT
x-content-type-options: nosniff
age: 50779
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Mar 2024 02:16:37 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 42DE 15 KB
15 KB 155ms
60ms Font
font/woff2 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 04:55:17 GMT
x-content-type-options: nosniff
age: 41259
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Mar 2024 04:55:17 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 42DE 102 B
134 B 65ms
65ms Other
text/javascript 2607:f8b0:4006:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=en&v=MuIyr8Ej74CrXhJDQy37RPBe

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

98a04dfb6fa03e871cff2091e6ab44a16fd2fecd0f3bfaa4fa71efb30ced827a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LeEzzUUAAAAAJnyx5T-8YW6NVuQDHcLQECyoVZ2&co=aHR0cHM6Ly9wcm9maWxlLnByb3ZpZGVuY2Vqb3VybmFsLmNvbTo0NDM.&hl=en&v=MuIyr8Ej74CrXhJDQy37RPBe&size=invisible&badge=bottomleft&cb=xzfl6bjomqk7
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:22:56 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Thu, 09 Mar 2023 16:22:56 GMT

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame E587 7 KB
1 KB 71ms
70ms Document
text/html 2607:f8b0:4006:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=en&v=MuIyr8Ej74CrXhJDQy37RPBe&k=6LeEzzUUAAAAAJnyx5T-8YW6NVuQDHcLQECyoVZ2

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/MuIyr8Ej74CrXhJDQy37RPBe/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

24b591f4c0a03a0d5d4e56f0203f246d464d65ec50b33cde2ceebe4fc861b8d8

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-1P8Xv-cG9XWWxm_OzuLjzQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://profile.providencejournal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: en-US,en;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1120
content-security-policy: script-src 'report-sample' 'nonce-1P8Xv-cG9XWWxm_OzuLjzQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Thu, 09 Mar 2023 16:22:57 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/MuIyr8Ej74CrXhJDQy37RPBe/ Frame E587 55 KB
24 KB 44ms
43ms Stylesheet
text/css 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/MuIyr8Ej74CrXhJDQy37RPBe/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=MuIyr8Ej74CrXhJDQy37RPBe&k=6LeEzzUUAAAAAJnyx5T-8YW6NVuQDHcLQECyoVZ2

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:21:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 98
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Sun, 05 Mar 2023 21:03:42 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Mar 2024 16:21:19 GMT

GET
H3 200 recaptcha__en.js Show response
www.gstatic.com/recaptcha/releases/MuIyr8Ej74CrXhJDQy37RPBe/ Frame E587 402 KB
160 KB 50ms
49ms Script
text/javascript 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/MuIyr8Ej74CrXhJDQy37RPBe/recaptcha__en.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=en&v=MuIyr8Ej74CrXhJDQy37RPBe&k=6LeEzzUUAAAAAJnyx5T-8YW6NVuQDHcLQECyoVZ2

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c5bff966f57c4e61aabbe35e5ce3ff49e5f370233d790fae7263789a9b842362

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:16:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 414
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 163842
x-xss-protection: 0
last-modified: Sun, 05 Mar 2023 21:03:42 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 08 Mar 2024 16:16:03 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 30E9
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm&google_hm=UGJLOXl3RlQ
https://cm.g.doubleclick.net/pixel?google_nid=krux_digital&google_cm=&google_hm=UGJLOXl3RlQ&google_tc=
https://beacon.krxd.net/usermatch.gif?google_gid=CAESEJfjRxHMtHF5AoFCUfvoHdY&google_cver=1

0
338 B

290ms
48ms

Image
text/plain

52.7.47.181
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?google_gid=CAESEJfjRxHMtHF5AoFCUfvoHdY&google_cver=1
Requested by: Host: profile.providencejournal.com
URL: https://profile.providencejournal.com/newsletters/preferences/
Protocol: H2
Server: 52.7.47.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-7-47-181.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-served-by: beacon-n025-ash-prod.krxd.net
date: Thu, 09 Mar 2023 16:22:57 GMT
cache-control: private, no-cache, no-store
x-request-time: D=41 t=1678378977
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Thu, 09 Mar 2023 16:22:57 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://beacon.krxd.net/usermatch.gif?google_gid=CAESEJfjRxHMtHF5AoFCUfvoHdY&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 291
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 379708.gif
idsync.rlcdn.com/ Frame 30E9 42 B
449 B 103ms
44ms Image
image/gif 35.190.60.146
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/379708.gif?partner_uid=PbK9ywFT
Requested by: Host: profile.providencejournal.com
URL: https://profile.providencejournal.com/newsletters/preferences/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 146.60.190.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:22:57 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2 200 26357
stags.bluekai.com/site/ Frame 30E9 62 B
427 B 218ms
109ms Image
image/gif 173.223.57.84
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/26357?id=PbK9ywFT
Requested by: Host: profile.providencejournal.com
URL: https://profile.providencejournal.com/newsletters/preferences/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 173.223.57.84 Secaucus, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a173-223-57-84.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Thu, 09 Mar 2023 16:22:57 GMT
content-length: 62
content-type: image/gif

GET
H2 204 load
loadm.exelator.com/ Frame 30E9 0
324 B 185ms
57ms Image
text/plain 52.0.156.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadm.exelator.com/load?_kdpid=e4942ff0-4070-4896-a7ef-e6a5a30ce9f9&buid=PbK9ywFT&p=204&g=270&j=0
Requested by: Host: profile.providencejournal.com
URL: https://profile.providencejournal.com/newsletters/preferences/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.0.156.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-0-156-250.compute-1.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:22:57 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H2 200 p
sb.scorecardresearch.com/ Frame 30E9 43 B
358 B 62ms
60ms Image
image/gif 13.225.195.115
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/p?c1=9&c2=8188709&cs_xi=PbK9ywFT&rn=1678378977
Requested by: Host: profile.providencejournal.com
URL: https://profile.providencejournal.com/newsletters/preferences/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.195.115 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-195-115.yul62.r.cloudfront.net
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:22:57 GMT
via: 1.1 1df98836515ac348d12c9af86e1ecc48.cloudfront.net (CloudFront)
x-amz-cf-pop: YUL62-C1
content-length: 43
x-amz-cf-id: l9YeVR_Fpc17fNCga3C89J1AWsRo51JCWLVRgIEzefbukQAsh1VPFw==
x-cache: Miss from cloudfront
content-type: image/gif

GET
H/1.1

200
OK

/
ps.eyeota.net/match/bounce/ Frame 30E9
Redirect Chain

https://ps.eyeota.net/match?bid=i0r4o4v&uid=PbK9ywFT
https://ps.eyeota.net/match/bounce/?bid=i0r4o4v&uid=PbK9ywFT

70 B
440 B

69ms
62ms

Image
image/gif

52.3.138.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match/bounce/?bid=i0r4o4v&uid=PbK9ywFT
Requested by: Host: profile.providencejournal.com
URL: https://profile.providencejournal.com/newsletters/preferences/
Protocol: HTTP/1.1
Server: 52.3.138.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-3-138-212.compute-1.amazonaws.com
Software: /
Resource Hash: de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/gif
Date: Thu, 09 Mar 2023 16:22:57 GMT
Content-Length: 70
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: /match/bounce/?bid=i0r4o4v&uid=PbK9ywFT
Date: Thu, 09 Mar 2023 16:22:57 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 30E9
Redirect Chain

https://ib.adnxs.com/getuid?https://beacon.krxd.net/usermatch.gif?adnxs_uid=$UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fadnxs_uid%3D%24UID
https://beacon.krxd.net/usermatch.gif?adnxs_uid=3446566111205928299

0
337 B

304ms
49ms

Image
text/plain

52.7.47.181
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?adnxs_uid=3446566111205928299
Requested by: Host: profile.providencejournal.com
URL: https://profile.providencejournal.com/newsletters/preferences/
Protocol: H2
Server: 52.7.47.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-7-47-181.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-served-by: beacon-n028-ash-prod.krxd.net
date: Thu, 09 Mar 2023 16:22:57 GMT
cache-control: private, no-cache, no-store
x-request-time: D=28 t=1678378977
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date: Thu, 09 Mar 2023 16:22:57 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 104.237.193.28; 104.237.193.28; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 385a448f-e1e3-469a-89f1-61c0e0f22d8a
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://beacon.krxd.net/usermatch.gif?adnxs_uid=3446566111205928299
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 30E9
Redirect Chain

https://ib.adnxs.com/mapuid?member=1780&user=PbK9ywFT
https://ib.adnxs.com/bounce?%2Fmapuid%3Fmember%3D1780%26user%3DPbK9ywFT

43 B
1 KB

58ms
54ms

Image
image/gif

68.67.160.76
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fmapuid%3Fmember%3D1780%26user%3DPbK9ywFT

Requested by

Host: profile.providencejournal.com
URL: https://profile.providencejournal.com/newsletters/preferences/

Protocol

HTTP/1.1

Server

68.67.160.76 New York, United States, ASN29990 (ASN-APPNEX, US),

Reverse DNS

678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Mar 2023 16:22:57 GMT
AN-X-Request-Uuid: c2a759af-9fc6-40e8-a67d-c01fc8e92054
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 104.237.193.28; 104.237.193.28; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 09 Mar 2023 16:22:57 GMT
AN-X-Request-Uuid: 2db5a54e-507c-478b-bb31-ececb60463c7
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fmapuid%3Fmember%3D1780%26user%3DPbK9ywFT
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 104.237.193.28; 104.237.193.28; 678.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 30E9
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=mediamath
https://sync.mathtag.com/sync/img?mt_exid=10031&mt_exuid=PbK9ywFT&redirect=https://beacon.krxd.net/usermatch.gif?partner%3Dmediamath%26partner_id%3D%5BMM_UUID%5D
https://beacon.krxd.net/usermatch.gif?partner=mediamath&partner_id=1358640a-07e1-4700-9282-5e8d449b459b

0
337 B

46ms
46ms

Image
text/plain

52.7.47.181
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=mediamath&partner_id=1358640a-07e1-4700-9282-5e8d449b459b
Requested by: Host: profile.providencejournal.com
URL: https://profile.providencejournal.com/newsletters/preferences/
Protocol: H2
Server: 52.7.47.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-7-47-181.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-served-by: beacon-n019-ash-prod.krxd.net
date: Thu, 09 Mar 2023 16:22:57 GMT
cache-control: private, no-cache, no-store
x-request-time: D=45 t=1678378977
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date: Thu, 09 Mar 2023 16:22:57 GMT
Server: MT3 569 46451a0 master ord-pixel-x49 config:1.0.0
Content-Type: image/gif
Access-Control-Allow-Origin: *
location: https://beacon.krxd.net/usermatch.gif?partner=mediamath&partner_id=1358640a-07e1-4700-9282-5e8d449b459b
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control: no-cache
Connection: keep-alive
Keep-Alive: timeout=360
Content-Length: 0
Expires: Thu, 09 Mar 2023 16:22:56 GMT

GET
H2

200

g.js
aa.agkn.com/adscores/ Frame 30E9
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=neustar
https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=PbK9ywFT

43 B
658 B

290ms
60ms

Image
image/gif

13.225.195.43
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=PbK9ywFT
Requested by: Host: profile.providencejournal.com
URL: https://profile.providencejournal.com/newsletters/preferences/
Protocol: H2
Server: 13.225.195.43 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-195-43.yul62.r.cloudfront.net
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 16:22:57 GMT
via: 1.1 13a23f310e3fbe72fa9a84a5fd5d4b88.cloudfront.net (CloudFront)
server: AAWebServer
x-amz-cf-pop: YUL62-C1
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
x-cache: Miss from cloudfront
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 43
x-amz-cf-id: nCjAuPhONiRM7iVTzbZj_ImqZSwLvXxjrsWevf3jrZYTPhS74f1soQ==
expires: 0

Redirect headers

location: https://aa.agkn.com/adscores/g.js?sid=9212244187&_kdpid=PbK9ywFT
date: Thu, 09 Mar 2023 16:22:57 GMT
x-cache-hits: 0
x-age: 0
content-length: 0
x-cache: MISS
x-served-by: usermatch-a019-ash-prod.krxd.net

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame 30E9
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=amazon_na&gdpr=0
https://s.amazon-adsystem.com/dcm?pid=869e3c8a-4465-4072-ac08-1ae27f62c9d4&id=PbK9ywFT&gdpr=0
https://s.amazon-adsystem.com/dcm?pid=869e3c8a-4465-4072-ac08-1ae27f62c9d4&id=PbK9ywFT&gdpr=0&dcc=t

43 B
855 B

87ms
86ms

Image
image/gif

209.54.182.161
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s.amazon-adsystem.com/dcm?pid=869e3c8a-4465-4072-ac08-1ae27f62c9d4&id=PbK9ywFT&gdpr=0&dcc=t

Protocol

HTTP/1.1

Server

209.54.182.161 Ashburn, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 09 Mar 2023 16:22:57 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: AMN7Q0KR0EDFJZ1TBN9R
Vary: Content-Type,Accept-Encoding,User-Agent
Content-Type: image/gif
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 09 Mar 2023 16:22:57 GMT
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
Server: Server
x-amz-rid: QNQ69GFRX8V7D83FEZ14
Vary: Content-Type,Accept-Encoding,User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=869e3c8a-4465-4072-ac08-1ae27f62c9d4&id=PbK9ywFT&gdpr=0&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 204
No Content token
token.rubiconproject.com/ Frame 30E9 0
653 B 182ms
45ms Image
text/plain 69.173.151.100
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/token?pid=27384&puid=krux_id&gdpr=0
Requested by: Host: profile.providencejournal.com
URL: https://profile.providencejournal.com/newsletters/preferences/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 69.173.151.100 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Expires: 0
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 8bab65602db075726861004da5629947
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 30E9
Redirect Chain

https://sync.go.sonobi.com/usc.gif?https://beacon.krxd.net/usermatch.gif?partner=sonobi&partner_uid=[UID]
https://beacon.krxd.net/usermatch.gif?partner=sonobi&partner_uid=94265f64-bc44-4d7f-bc3f-e90280291377

0
337 B

50ms
48ms

Image
text/plain

52.7.47.181
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=sonobi&partner_uid=94265f64-bc44-4d7f-bc3f-e90280291377
Protocol: H2
Server: 52.7.47.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-7-47-181.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-served-by: beacon-n005-ash-prod.krxd.net
date: Thu, 09 Mar 2023 16:22:57 GMT
cache-control: private, no-cache, no-store
x-request-time: D=32 t=1678378977
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma: no-cache
Date: Thu, 09 Mar 2023 16:22:57 GMT
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: go-iad-2-5-128
Content-Type: text/plain; charset=utf8
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location: https://beacon.krxd.net/usermatch.gif?partner=sonobi&partner_uid=94265f64-bc44-4d7f-bc3f-e90280291377
Cache-Control: no-cache, no-store, private
Tcn: Choice
Content-Length: 0
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 adsct
analytics.twitter.com/i/ Frame 30E9 43 B
393 B 298ms
47ms Image
image/gif 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?p_user_id=PbK9ywFT&p_id=10623

Requested by

Host: profile.providencejournal.com
URL: https://profile.providencejournal.com/newsletters/preferences/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_b /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-response-time: 5
date: Thu, 09 Mar 2023 16:22:56 GMT
strict-transport-security: max-age=631138519
server: tsa_b
content-type: image/gif;charset=utf-8
x-transaction-id: cb111aea8dff908f
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: f966284d87ed2475bc93ab9630c07703ca1d3adf87ae75ce77a4efa4eac38019
content-length: 43

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 30E9
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=verizon
https://cms.analytics.yahoo.com/cms?partner_id=KRUX&_hosted_id=PbK9ywFT
https://beacon.krxd.net/usermatch.gif?partner=yhoo&partner_uid=y-KYkopIpE2puzjdgY3F80rHOnslH7o4lCmg--~A

0
337 B

46ms
45ms

Image
text/plain

52.7.47.181
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=yhoo&partner_uid=y-KYkopIpE2puzjdgY3F80rHOnslH7o4lCmg--~A
Protocol: H2
Server: 52.7.47.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-7-47-181.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-served-by: beacon-n037-ash-prod.krxd.net
date: Thu, 09 Mar 2023 16:22:57 GMT
cache-control: private, no-cache, no-store
x-request-time: D=28 t=1678378977
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Thu, 09 Mar 2023 16:22:57 GMT
strict-transport-security: max-age=31536000
via: http/1.1 spdc0104.pbp.bf1.yahoo.com (ApacheTrafficServer)
server: ATS
age: 0
content-type: text/html;charset=utf-8
location: https://beacon.krxd.net/usermatch.gif?partner=yhoo&partner_uid=y-KYkopIpE2puzjdgY3F80rHOnslH7o4lCmg--~A
content-length: 0

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 30E9
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=183716&cb=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcasale%26partner_uid%3D__UID__
https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcasale%26partner_uid%3D__UID__&s=183716&C=1
https://beacon.krxd.net/usermatch.gif?partner=casale&partner_uid=ZAoH4U9g86YKsp2qNabYkwAA%261311

0
337 B

48ms
48ms

Image
text/plain

52.7.47.181
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=casale&partner_uid=ZAoH4U9g86YKsp2qNabYkwAA%261311
Protocol: H2
Server: 52.7.47.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-7-47-181.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-served-by: beacon-n017-ash-prod.krxd.net
date: Thu, 09 Mar 2023 16:22:57 GMT
cache-control: private, no-cache, no-store
x-request-time: D=19 t=1678378977
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Pragma: no-cache
Date: Thu, 09 Mar 2023 16:22:57 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://beacon.krxd.net/usermatch.gif?partner=casale&partner_uid=ZAoH4U9g86YKsp2qNabYkwAA%261311
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 0
Expires: 0

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 30E9
Redirect Chain

https://px.surveywall-api.survata.com/k
https://beacon.krxd.net/usermatch.gif?partner=survata&partner_uid=42847131-6524-234a-9c1a-365b0374cc53

0
337 B

54ms
54ms

Image
text/plain

52.7.47.181
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=survata&partner_uid=42847131-6524-234a-9c1a-365b0374cc53
Protocol: H2
Server: 52.7.47.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-7-47-181.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-served-by: beacon-n004-ash-prod.krxd.net
date: Thu, 09 Mar 2023 16:22:57 GMT
cache-control: private, no-cache, no-store
x-request-time: D=48 t=1678378977
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

Date: Thu, 09 Mar 2023 16:22:57 GMT
Server: nginx/1.19.2
X-Powered-By: Express
ETag: W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
Content-Type: image/gif; charset=utf-8
Location: https://beacon.krxd.net/usermatch.gif?partner=survata&partner_uid=42847131-6524-234a-9c1a-365b0374cc53
Referer: px.surveywall-api.survata.com, px.surveywall-api.survata.com, px.surveywall-api.survata.com
Connection: keep-alive
Content-Length: 0

GET
H2 204 /
loadus.exelator.com/load/ Frame 30E9 0
324 B 53ms
49ms Image
text/plain 52.0.156.250
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://loadus.exelator.com/load/?_kdpid=e4942ff0-4070-4896-a7ef-e6a5a30ce9f9&buid=PbK9ywFT&p=204&g=270&j=0
Requested by: Host: profile.providencejournal.com
URL: https://profile.providencejournal.com/newsletters/preferences/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.0.156.250 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-0-156-250.compute-1.amazonaws.com
Software: nginx / Undertow/1
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:22:57 GMT
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
x-powered-by: Undertow/1
p3p: policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA

GET
H2

204

usermatch.gif
beacon.krxd.net/ Frame 30E9
Redirect Chain

https://usermatch.krxd.net/um/v2?partner=simplifi&gdpr=0
https://um.simpli.fi/krux?kuid=PbK9ywFT&gdpr=0
https://beacon.krxd.net/usermatch.gif?partner=simplifi&partner_uid=33D45F425C17437CA2232DD9C351878C

0
337 B

47ms
47ms

Image
text/plain

52.7.47.181
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=simplifi&partner_uid=33D45F425C17437CA2232DD9C351878C
Protocol: H2
Server: 52.7.47.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-7-47-181.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-served-by: beacon-n008-ash-prod.krxd.net
date: Thu, 09 Mar 2023 16:22:57 GMT
cache-control: private, no-cache, no-store
x-request-time: D=19 t=1678378977
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Thu, 09 Mar 2023 16:22:57 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
server: openresty
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html
location: https://beacon.krxd.net/usermatch.gif?partner=simplifi&partner_uid=33D45F425C17437CA2232DD9C351878C
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 142
expires: Wed, 08 Mar 2023 16:22:57 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame E587 40 KB
24 KB 94ms
93ms XHR
application/json 2607:f8b0:4006:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6LeEzzUUAAAAAJnyx5T-8YW6NVuQDHcLQECyoVZ2

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/MuIyr8Ej74CrXhJDQy37RPBe/recaptcha__en.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3e09b28ac53a5d948bc5a59f88110f99255e4bbd29dc1978787d98c04dbbc391

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=MuIyr8Ej74CrXhJDQy37RPBe&k=6LeEzzUUAAAAAJnyx5T-8YW6NVuQDHcLQECyoVZ2
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Thu, 09 Mar 2023 16:22:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24834
x-xss-protection: 1; mode=block
expires: Thu, 09 Mar 2023 16:22:57 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 326ms
43ms Image
text/plain 2a03:2880:f112:182:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=736698496908282&ev=fb_page_view&dl=https%3A%2F%2Fprofile.providencejournal.com%2Fnewsletters%2Fpreferences%2F&rl=&if=false&ts=1678378977412&sw=1600&sh=1200&at=

Requested by

Host: profile.providencejournal.com
URL: https://profile.providencejournal.com/newsletters/preferences/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f112:182:face:b00c:0:25de Secaucus, United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://profile.providencejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 09 Mar 2023 16:22:57 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 refresh_2x.png
www.gstatic.com/recaptcha/api2/ Frame E587 600 B
624 B 47ms
46ms Image
image/png 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/refresh_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/MuIyr8Ej74CrXhJDQy37RPBe/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/MuIyr8Ej74CrXhJDQy37RPBe/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 16:26:36 GMT
x-content-type-options: nosniff
age: 604581
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 600
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Thu, 09 Mar 2023 16:26:36 GMT

GET
H3 200 audio_2x.png
www.gstatic.com/recaptcha/api2/ Frame E587 530 B
554 B 46ms
45ms Image
image/png 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/audio_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/MuIyr8Ej74CrXhJDQy37RPBe/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/MuIyr8Ej74CrXhJDQy37RPBe/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 02:36:47 GMT
x-content-type-options: nosniff
age: 135970
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 530
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Wed, 15 Mar 2023 02:36:47 GMT

GET
H3 200 info_2x.png
www.gstatic.com/recaptcha/api2/ Frame E587 665 B
689 B 46ms
44ms Image
image/png 2607:f8b0:4006:81e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/info_2x.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/MuIyr8Ej74CrXhJDQy37RPBe/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:81e::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/MuIyr8Ej74CrXhJDQy37RPBe/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 01:07:10 GMT
x-content-type-options: nosniff
age: 573347
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 665
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Fri, 10 Mar 2023 01:07:10 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E587 15 KB
15 KB 43ms
39ms Font
font/woff2 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: profile.providencejournal.com
URL: https://profile.providencejournal.com/newsletters/preferences/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 02:16:37 GMT
x-content-type-options: nosniff
age: 50780
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Mar 2024 02:16:37 GMT

GET
H2 200 KFOlCnqEu92Fr1MmYUtfBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E587 15 KB
15 KB 48ms
45ms Font
font/woff2 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmYUtfBBc4.woff2

Requested by

Host: profile.providencejournal.com
URL: https://profile.providencejournal.com/newsletters/preferences/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 11:33:53 GMT
x-content-type-options: nosniff
age: 535744
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15340
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:16 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Mar 2024 11:33:53 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame E587 15 KB
15 KB 57ms
54ms Font
font/woff2 2607:f8b0:4006:822::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: profile.providencejournal.com
URL: https://profile.providencejournal.com/newsletters/preferences/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:822::2003 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: en-US,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 04:55:17 GMT
x-content-type-options: nosniff
age: 41260
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Mar 2024 04:55:17 GMT

GET
H3 200 payload
www.google.com/recaptcha/api2/ Frame E587 35 KB
35 KB 68ms
61ms Image
image/jpeg 2607:f8b0:4006:809::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/recaptcha/api2/payload?p=06AFY_a8XxapXC2rqkfsIUgl_NpbWfNVDLClOo7EisVtSecJsVXWIJrwS2D_s7NwOeF36jdKokM5KT5nq4afm9Zk1Fsez6GNlkVTQ8uUJQDuo3umxnrTsIadFGK7Qy0ANH-js3IiUXn5Oa-PCzYK1dsSWdYESgmuiFZ5QO6clI3q28GMcfHe5IsNho9_kgdN8Y1des-YqAEIq2u64KXP_3JQDOJzsz-uq1Kw&k=6LeEzzUUAAAAAJnyx5T-8YW6NVuQDHcLQECyoVZ2

Requested by

Host: profile.providencejournal.com
URL: https://profile.providencejournal.com/newsletters/preferences/

Protocol

Security

QUIC, , AES_128_GCM

Server

2607:f8b0:4006:809::2004 Nutley, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cc91f013625c82b4b4ce5761e2b7e2e9bd93e2a156819ed2d0599f13991a2d24

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-US,en;q=0.9
Referer: https://www.google.com/recaptcha/api2/bframe?hl=en&v=MuIyr8Ej74CrXhJDQy37RPBe&k=6LeEzzUUAAAAAJnyx5T-8YW6NVuQDHcLQECyoVZ2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 16:22:57 GMT
content-security-policy: frame-ancestors 'self'
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: image/jpeg
cache-control: private, max-age=30
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35604
x-xss-protection: 1; mode=block
expires: Thu, 09 Mar 2023 16:22:57 GMT

GET
H2 200 async-api.6bb277af-1226.min.js Show response
js-agent.newrelic.com/ 2 KB
2 KB 86ms
24ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/async-api.6bb277af-1226.min.js
Requested by: Host: profile.providencejournal.com
URL: https://profile.providencejournal.com/newsletters/preferences/?email=abennett@amica.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f95b22047abcb76190421e53f133601b1006cfb23a01fb03caaad506a9b4d321

Request headers

accept-language: en-US,en;q=0.9
Referer: https://profile.providencejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: UGVV8ZwcOVei2szXaq59iUl1hO_.ecPe
content-encoding: gzip
via: 1.1 varnish
date: Thu, 09 Mar 2023 16:22:57 GMT
x-amz-request-id: ZQ545RRH7VF1ZSGM
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1094
x-amz-id-2: 4OQTLFW4lirUpk7pqpQWdds/dBusZZvODNLCHxEcIJswGiM4p5aep9pnegYEDa224/5L11U3DFI=
x-served-by: cache-chi-kigq8000076-CHI
last-modified: Tue, 21 Feb 2023 17:58:28 GMT
server: AmazonS3
x-timer: S1678378978.817343,VS0,VE0
etag: "dd573d973dfb2a2559befdfb616d511d"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 3047

GET
H2 200 lazy-loader.48127245-1226.min.js Show response
js-agent.newrelic.com/ 2 KB
730 B 86ms
25ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/lazy-loader.48127245-1226.min.js
Requested by: Host: profile.providencejournal.com
URL: https://profile.providencejournal.com/newsletters/preferences/?email=abennett@amica.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: a8356d715c4bd117081a0893777439ce054bbd692b8426505d358b93c1d9a7a3

Request headers

accept-language: en-US,en;q=0.9
Referer: https://profile.providencejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: RYYlcbWqAQXd8NZu5sGHRVd.T5RkMgvi
content-encoding: gzip
via: 1.1 varnish
date: Thu, 09 Mar 2023 16:22:57 GMT
x-amz-request-id: SAYV1FH306JVZH8M
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 520
x-amz-id-2: +mPuw0INXnuYRmqRqqHSxWfKgn9+u4PqsEvXkoojtqzzILiLKxxeZNRPT30yMuK13UM3m2ErKVs=
x-served-by: cache-chi-kigq8000076-CHI
last-modified: Tue, 21 Feb 2023 17:58:28 GMT
server: AmazonS3
x-timer: S1678378978.817466,VS0,VE0
etag: "a3759bbbd15fffd73531bda1e8166ae7"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2197

GET
H2 200 optout_check Show response
beacon.krxd.net/ 80 B
239 B 46ms
45ms Script
text/javascript 52.7.47.181
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/optout_check?callback=Krux.ns.gannett.kxjsonp_optOutCheck
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.d58f47095e6041e576ee04944cca45da
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.7.47.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-7-47-181.compute-1.amazonaws.com
Software: /
Resource Hash: 7302d0082eb45256dfc9e2f21cc3ff3dd55a6536b964d20f7ad90b928b63e2ae

Request headers

accept-language: en-US,en;q=0.9
Referer: https://profile.providencejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-served-by: beacon-n009-ash-prod.krxd.net
date: Thu, 09 Mar 2023 16:22:57 GMT
cache-control: private, max-age=0, s-max-age=0
x-request-time: D=31 t=1678378977
content-type: text/javascript

GET
H2 200 get Show response
cdn.krxd.net/userdata/ 367 B
521 B 54ms
53ms Script
text/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/userdata/get?pub=e88225a2-3b7b-45e3-9cc2-a3130b91f0db&technographics=1&callback=Krux.ns.gannett.kxjsonp_userdata
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.d58f47095e6041e576ee04944cca45da
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: faac55a24e5497a99410058cbac3f9ceaebba6ec212c704dc2d17684b2735a69

Request headers

accept-language: en-US,en;q=0.9
Referer: https://profile.providencejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_userdata_ash_prod_krxd_net___UserData_Service_V2
date: Thu, 09 Mar 2023 16:22:57 GMT
content-encoding: gzip
via: 1.1 varnish
x-served-by: userdata-a006-ash-prod.krxd.net, cache-chi-klot8100115-CHI
age: 0
x-timer: S1678378978.771273,VS0,VE30
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript
cache-control: private, max-age=1800
x-age: 0
accept-ranges: bytes
content-length: 283
x-cache-hits: 0, 0

GET
H2 200 /
www.ojrq.net/p/ 50 B
448 B 101ms
36ms Image
image/gif 34.95.127.121
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.ojrq.net/p/?return=&cid=14143&tpsync=no&auth=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.95.127.121 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 121.127.95.34.bc.googleusercontent.com
Software: /
Resource Hash: ec34cd386427fe6deacf99f4fdbeea4b1d1ed25f505411650d7ceaa843a7fc63

Request headers

accept-language: en-US,en;q=0.9
Referer: https://profile.providencejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 09 Mar 2023 16:22:57 GMT
via: 1.1 google
content-type: image/gif
p3p: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 50
expires: Thu, 09 Mar 2023 16:22:57 GMT

GET
H2 200 form-validation.js Show response
profile.providencejournal.com/newsletters/resources/core/js/webshim/src/shims/ 29 KB
9 KB 29ms
28ms Script
text/plain 151.101.66.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://profile.providencejournal.com/newsletters/resources/core/js/webshim/src/shims/form-validation.js

Requested by

Host: profile.providencejournal.com
URL: https://profile.providencejournal.com/newsletters/resources/ui/js/ui_common.common.min.js?digest=6dd226c2597867fc6cec5b1efe9713fb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f76d8401f80b7b3638d13676cc3b430c621f58b479aa307b98d8458b0e606407

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://profile.providencejournal.com/newsletters/preferences/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Thu, 09 Mar 2023 16:22:57 GMT
last-modified: Mon, 12 Sep 2022 18:48:48 GMT
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005"}
age: 1124898
x-timer: S1678378978.778842,VS0,VE2
vary: Accept-Encoding
x-cache: HIT, HIT
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
cache-control: max-age=86400, public
accept-ranges: bytes
content-length: 8682

GET
H2 200 jquery.ui.position.js Show response
profile.providencejournal.com/newsletters/resources/core/js/webshim/src/shims/plugins/ 16 KB
4 KB 33ms
31ms Script
text/plain 151.101.66.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://profile.providencejournal.com/newsletters/resources/core/js/webshim/src/shims/plugins/jquery.ui.position.js

Requested by

Host: profile.providencejournal.com
URL: https://profile.providencejournal.com/newsletters/resources/ui/js/ui_common.common.min.js?digest=6dd226c2597867fc6cec5b1efe9713fb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.66.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3d8b843173795be3b2a9bb4624af5d55d542096d5b7a56316ec14ea2e1ac79ee

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800; includeSubDomains

Request headers

accept-language: en-US,en;q=0.9
Referer: https://profile.providencejournal.com/newsletters/preferences/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
date: Thu, 09 Mar 2023 16:22:57 GMT
last-modified: Mon, 12 Sep 2022 18:48:48 GMT
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005"}
age: 1217981
x-timer: S1678378978.818032,VS0,VE2
vary: Accept-Encoding
x-cache: HIT, HIT
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
cache-control: max-age=86400, public
accept-ranges: bytes
content-length: 4181

GET
H2 200 118.34a59fa6-1226.min.js Show response
js-agent.newrelic.com/ 8 KB
4 KB 27ms
25ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/118.34a59fa6-1226.min.js
Requested by: Host: profile.providencejournal.com
URL: https://profile.providencejournal.com/newsletters/preferences/?email=abennett@amica.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: c94b68341f642fc63f7f5b385f1d08434c533a5f113415f82d5786de36d9a709

Request headers

accept-language: en-US,en;q=0.9
Referer: https://profile.providencejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: y3DJX7IlrJ72OYul3G3TdP3MeN5PgTuf
content-encoding: gzip
via: 1.1 varnish
date: Thu, 09 Mar 2023 16:22:57 GMT
x-amz-request-id: ZQ5CN0V4ZM36RRR5
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3412
x-amz-id-2: IfVhJ/cxCL2GskdKCDmOsEEyAAW7R8SwfkgPVZBnp6vpRTIacAHdRShie+egjZKeMw3YsBA1690=
x-served-by: cache-chi-kigq8000076-CHI
last-modified: Tue, 21 Feb 2023 17:58:28 GMT
server: AmazonS3
x-timer: S1678378978.850756,VS0,VE0
etag: "9c8a05b5703a1c30e0418f9ba42337df"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2555

GET
H2 200 page_view_event-aggregate.29613e65-1226.min.js Show response
js-agent.newrelic.com/ 4 KB
2 KB 33ms
32ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/page_view_event-aggregate.29613e65-1226.min.js
Requested by: Host: profile.providencejournal.com
URL: https://profile.providencejournal.com/newsletters/preferences/?email=abennett@amica.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ce1fe34f915fd2ff5c44d4541dad55a7bf416d55e2f9d6dc5c4a28d6c4ae3a2a

Request headers

accept-language: en-US,en;q=0.9
Referer: https://profile.providencejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: faV1t.FERNjEp970yZi7HWWi1WEMzkUP
content-encoding: gzip
via: 1.1 varnish
date: Thu, 09 Mar 2023 16:22:57 GMT
x-amz-request-id: ZQ51W0Y0SGGBR8XP
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 1682
x-amz-id-2: YoqeENzzlzYbC+TNOlFnIcrt9boM16j6OVsbJVeJPcaOV8mD9BxqE33oknVgDuulx+f0otkvROQ=
x-served-by: cache-chi-kigq8000076-CHI
last-modified: Tue, 21 Feb 2023 17:58:28 GMT
server: AmazonS3
x-timer: S1678378978.851311,VS0,VE0
etag: "0743ee0ec30428f3654ee07d779efb64"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2351

GET
H2 200 page_view_timing-aggregate.6b3fec7f-1226.min.js Show response
js-agent.newrelic.com/ 5 KB
2 KB 28ms
27ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/page_view_timing-aggregate.6b3fec7f-1226.min.js
Requested by: Host: profile.providencejournal.com
URL: https://profile.providencejournal.com/newsletters/preferences/?email=abennett@amica.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4b0c739b6c32edb18c9cb1f81f69d99550a1b9582333dee3dea3196732221e77

Request headers

accept-language: en-US,en;q=0.9
Referer: https://profile.providencejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: DO9Gty5K_gvhdqVoKBcMxYBpxtUKYiFC
content-encoding: gzip
via: 1.1 varnish
date: Thu, 09 Mar 2023 16:22:57 GMT
x-amz-request-id: ZQ55KHRCEYWZ5EZT
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 2226
x-amz-id-2: Cb5yBX0cde2HoD7zEhs5scsQ5KKZAgvz528/TXCD+B7eOj0Qxi78F1cPsFElBsW7XrMvi4cz8E0=
x-served-by: cache-chi-kigq8000076-CHI
last-modified: Tue, 21 Feb 2023 17:58:28 GMT
server: AmazonS3
x-timer: S1678378978.850929,VS0,VE0
etag: "bb17c46ee7bcc843be2e73f3e5b65d46"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2192

GET
H2 200 metrics-aggregate.7dcaee1b-1226.min.js Show response
js-agent.newrelic.com/ 1 KB
1 KB 29ms
28ms Script
application/javascript 151.101.130.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://js-agent.newrelic.com/metrics-aggregate.7dcaee1b-1226.min.js
Requested by: Host: profile.providencejournal.com
URL: https://profile.providencejournal.com/newsletters/preferences/?email=abennett@amica.com
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.130.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7168fe91c0a2521e7f93b29b1cde798db4859202d2ea5c798ee40a79b69ef969

Request headers

accept-language: en-US,en;q=0.9
Referer: https://profile.providencejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-amz-version-id: UG0CzkEimlrXJ77FXLLaJQP0HdTD7Ej0
content-encoding: gzip
via: 1.1 varnish
date: Thu, 09 Mar 2023 16:22:57 GMT
x-amz-request-id: ZQ5A46XCXDJEKH33
x-amz-server-side-encryption: AES256
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 730
x-amz-id-2: sMiD1uELzexkBz3EAFmrb/+mv2pjmm6y7TOWFTeIbAg6ru2Zzn+mWBFMrnHk2qXcrCZV2tbIs6w=
x-served-by: cache-chi-kigq8000076-CHI
last-modified: Tue, 21 Feb 2023 17:58:28 GMT
server: AmazonS3
x-timer: S1678378978.851005,VS0,VE0
etag: "395608505dac1e4fbe08bd146e09f5c0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=7200, stale-if-error=604800
accept-ranges: bytes
x-cache-hits: 2543

GET
H/1.1 200
OK b7ac0e2ada Show response
bam.nr-data.net/1/ 57 B
291 B 202ms
30ms Script
text/javascript 162.247.243.29
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://bam.nr-data.net/1/b7ac0e2ada?a=480299893&v=1226.PROD&to=NARUbRdVVhdSBk0MWQ1OcEwLV0wNXAsWC1MUElpcEUBdFmwIWAtXBARbXAtAFglSC1gCU00XX1wSRwIqVhJKCVMXFVNLFnlZClICXDB/MARETwxXXTJaAE5LUQYV&rst=3847&ck=0&s=e4393d15141efdad&ref=https://profile.providencejournal.com/newsletters/preferences/&ap=998&be=1641&fe=2074&dc=223&perf=%7B%22timing%22:%7B%22of%22:1678378974028,%22n%22:0,%22f%22:390,%22dn%22:392,%22dne%22:432,%22c%22:432,%22s%22:456,%22ce%22:486,%22rq%22:487,%22rp%22:1595,%22rpe%22:1613,%22dl%22:1607,%22di%22:1772,%22ds%22:1865,%22de%22:1867,%22dc%22:3714,%22l%22:3714,%22le%22:3733%7D,%22navigation%22:%7B%7D%7D&fp=1822&fcp=1822&jsonp=NREUM.setToken
Requested by: Host: js-agent.newrelic.com
URL: https://js-agent.newrelic.com/async-api.6bb277af-1226.min.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 162.247.243.29 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1

Request headers

accept-language: en-US,en;q=0.9
Referer: https://profile.providencejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

content-type: text/javascript;charset=iso-8859-1
date: Thu, 09 Mar 2023 16:22:57 GMT
cross-origin-resource-policy: cross-origin
Connection: keep-alive
Content-Length: 57
x-served-by: cache-chi-klot8100048-CHI

GET
H2 204 pixel.gif
beacon.krxd.net/ 0
337 B 48ms
47ms Image
text/plain 52.7.47.181
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/pixel.gif?source=smarttag&fired=report&confid=vlliiwus2&_kpid=e88225a2-3b7b-45e3-9cc2-a3130b91f0db&_kcp_s=The%20Providence%20Journal%20(Providence%2C%20RI)-Web&_kcp_d=profile.providencejournal.com&_knifr=6&_kua_kx_tz=0&geo_country=us&geo_region=ne&geo_dma=652&_kua_kx_lang=en-us&_kua_kx_tech_browser_language=en-us&_kua_web_user_anonymous_id=9a90fb10-9aeb-4163-9fed-2e754973144d&_kua_kx_tech_browser=Chrome%2011&_kua_kx_tech_manufacturer=Microsoft%20Corporation&_kua_kx_tech_device=Computer&_kua_kx_tech_os=Windows%2010&_kua_kx_geo_country=us&_kua_kx_geo_region=ne&_kua_kx_geo_dma=652&_kua_kx_whistle=0&_kpa_url_path_1=newsletters&_kpa_url_path_2=preferences&_kpa_domain=providencejournal.com&_kpa_web_client_id=39dc8005-ebc6-4125-9378-d6e83e331ed7&_kpa_web_content_headline=Newsletters%20%7C%20The%20Providence%20Journal&_kpa_web_content_type=newsletter-management&_kpa_web_page_analytics_implementation=gciAnalytics%3Aprod%3A0.264.1%3ANPRJ-TEALIUM-NEWSLETTER-MANAGEMENT&_kpa_web_page_domain=profile.providencejournal.com&_kpa_web_page_experience_type=desktop&_kpa_web_page_experience_version=newsletter-management&_kpa_web_page_publishing_group=new%20england&_kpa_web_user_anonymous_id=9a90fb10-9aeb-4163-9fed-2e754973144d&_kpa_web_user_type=na&t_navigation_type=0&t_dns=40&t_tcp=54&t_http_request=-1&t_http_response=18&t_content_ready=1772&t_window_load=3714&t_redirect=0&interchange_ran=false&userdata_was_requested=true&userdata_did_respond=true&store_user_after=ybyk21a6t&userdata_user=PbK9ywFT%2Cybyk21a6t&sview=1&kplt0=44647&kplt1=33512&kplt2=33513&kplt3=34784&jsonp_requests=https%3A%2F%2Fconsumer.krxd.net%2Fconsent%2Fget%2Fe88225a2-3b7b-45e3-9cc2-a3130b91f0db%2C110%2Chttps%3A%2F%2Fbeacon.krxd.net%2Foptout_check%2C48%2Chttps%3A%2F%2Fcdn.krxd.net%2Fuserdata%2Fget%2C55
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.7.47.181 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-7-47-181.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-US,en;q=0.9
Referer: https://profile.providencejournal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-served-by: beacon-n013-ash-prod.krxd.net
date: Thu, 09 Mar 2023 16:22:58 GMT
cache-control: private, no-cache, no-store
x-request-time: D=51 t=1678378978
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Verdicts & Comments Add Verdict or Comment

74 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

42 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 14:32:10	Name: _GRECAPTCHA Value: 09AJBLKW3stjweatn_Kiyuis8FLGR_L1GRYMInyGgCNgip5ukM3MTmbXdVNhFizHN0KmdY0uUQpjMCeTi3mXd12JQ
.providencejournal.com/	1970-01-20 18:58:34	Name: gup_lng Value: %7B%22ret-usr%22%3A%20false%2C%20%22ret-sub%22%3A%20false%2C%20%22auth%22%3A%20false%2C%20%22name%22%3A%20%22%22%2C%20%22hma%22%3A%20false%2C%20%22lic%22%3A%20%22none%22%2C%20%22lpf%22%3A%20false%2C%20%22updated%22%3A%201678378976%2C%20%223PID%22%3A%20null%2C%20%22ips%22%3A%20false%7D
.providencejournal.com/	1970-01-20 18:58:34	Name: gup_anonid Value: a612e55e-be96-11ed-94a6-3a7cb785e348
.providencejournal.com/	1970-01-20 18:58:34	Name: gup_clientid Value: a6257bf6-be96-11ed-94a6-3a7cb785e348
.providencejournal.com/	1969-12-31 23:59:59	Name: IR_gbd Value: providencejournal.com
.providencejournal.com/	1969-12-31 23:59:59	Name: IR_14143 Value: 1678378976170%7C0%7C1678378976170%7C%7C
.providencejournal.com/	1970-01-20 10:14:25	Name: _gid Value: GA1.2.900041296.1678378976
.providencejournal.com/	1970-01-20 10:12:59	Name: _gat_gciAnalytics Value: 1
.providencejournal.com/	1970-01-20 10:13:00	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://profile.providencejournal.com/newsletters/preferences/%22%2C%22sref%22:%22%22%2C%22sts%22:1678378976262%2C%22slts%22:0}
.providencejournal.com/	1970-01-20 19:42:22	Name: _parsely_visitor Value: {%22id%22:%22pid=33a07376f2feb3b11e562a8a68b7ae9e%22%2C%22session_count%22:1%2C%22last_session_ts%22:1678378976262}
.scorecardresearch.com/	1970-01-20 19:48:58	Name: UID Value: 11A97287a46572de506d6e31678378976
.providencejournal.com/	1970-01-20 19:48:58	Name: _ga_5JJXNTWR1D Value: GS1.1.1678378976.1.0.1678378976.60.0.0
.providencejournal.com/	1970-01-20 19:48:58	Name: _ga Value: GA1.1.1071105153.1678378976
.sjv.io/	1970-01-20 19:48:58	Name: brwsr Value: ac466ee9-2e65-36f6-9e36-be0e78d3161f
.sjv.io/	1970-01-20 10:14:25	Name: irtps Value: 1
.providencejournal.com/	1970-01-20 19:48:58	Name: IR_PI Value: ac466ee9-2e65-36f6-9e36-be0e78d3161f%7C1678465376170
.krxd.net/	1970-01-20 14:32:10	Name: _kuid_ Value: PbK9ywFT
.rlcdn.com/	1970-01-20 18:58:34	Name: rlas3 Value: kYzgqnQrnb+l1FYH14lYUtvoQiKDparpmBjRjTmhHIM=
.rlcdn.com/	1970-01-20 11:39:22	Name: pxrc Value: CAA=
.adnxs.com/	1970-01-20 12:22:34	Name: anj Value: dTM7k!M4/8CxrEQF']wIg2E>8wj4K>!]tbP6j2F-XstGt!@DY]$h`p+
.adnxs.com/	1970-01-20 12:22:34	Name: uuid2 Value: 2494414059423093260
.bluekai.com/	1970-01-20 14:37:56	Name: bku Value: 2VR99mWcYZEGTmyK
.bluekai.com/	1970-01-20 14:37:56	Name: bkpa Value: KJy9ayeGd02pSUHknp/t1pDlwtkAwPOiupk856jD9yOEhQzA
.doubleclick.net/	1970-01-20 19:48:58	Name: IDE Value: AHWqTUkMdotZn7PdBkhNi5af9rKO_xp_A6_bZ8pamBJIIEI-NX5b2L2ecF_tjQv2pP4
.rubiconproject.com/	1970-01-20 18:58:34	Name: khaos Value: LF1BIBCA-M-9SUD
.rubiconproject.com/	1970-01-20 18:58:34	Name: audit Value: 1\|T84Ty1hjNBfejgMzWY1hYZf2/f0f7n3/g3+EUdaLzfTr1JKW4ws3nmSvu+jd3Qmb8krSj6IjjLTyUhTWCqUS/AtWHY0oWVNXfjgahGw1TOp+Ylvr8FiasDFKKYn9IV3zFEGIyct6fgrfywGsYkrIgA==
.eyeota.net/	1970-01-20 19:00:01	Name: mako_uid Value: 186c72ec8e7-6e040000010a5cf5
.eyeota.net/	1970-01-20 10:12:59	Name: SERVERID Value: 23797~DM
.mathtag.com/	1970-01-20 19:38:54	Name: uuid Value: 1358640a-07e1-4700-9282-5e8d449b459b
.yahoo.com/	1970-01-20 18:58:56	Name: A3 Value: d=AQABBOEHCmQCEBfyOe_7haqsjStpX9oUjocFEgEBAQFZC2QTZAAAAAAA_eMAAA&S=AQAAAnJviNMkKpkG27G87kVUZs8
.casalemedia.com/	1970-01-20 18:58:34	Name: CMID Value: ZAoH4U9g86YKsp2qNabYkwAA
.casalemedia.com/	1970-01-20 12:22:34	Name: CMPS Value: 1311
.casalemedia.com/	1970-01-20 12:22:34	Name: CMPRO Value: 1311
.twitter.com/	1970-01-20 19:48:58	Name: personalization_id Value: "v1_dIe9B4cXRdR+ydSbXGb+wA=="
.agkn.com/	1970-01-20 18:58:34	Name: ab Value: 0001%3Aq3yifBrngGzqmINW%2F%2BcckXo1fIFtmAv9
.surveywall-api.survata.com/	1970-01-20 14:37:56	Name: svResp Value: 42847131-6524-234a-9c1a-365b0374cc53
.go.sonobi.com/	1970-01-20 10:56:10	Name: __uis Value: 94265f64-bc44-4d7f-bc3f-e90280291377
.go.sonobi.com/	1969-12-31 23:59:59	Name: HAPLB8S Value: s85128\|ZAoH5
.simpli.fi/	1970-01-20 19:00:01	Name: suid Value: 33D45F425C17437CA2232DD9C351878C
.ojrq.net/	1970-01-20 19:48:58	Name: brwsr Value: a73b81c5-be96-11ed-8b47-471ec94ca65a
.amazon-adsystem.com/	1970-01-20 15:09:37	Name: ad-id Value: A5-mNw-yA0pRn1EQhKtUXfg
.amazon-adsystem.com/	1970-01-20 19:48:58	Name: ad-privacy Value: 0

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=15724800; includeSubDomains
X-Frame-Options	DENY

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

aa.agkn.com
analytics.google.com
analytics.twitter.com
bam.nr-data.net
beacon.krxd.net
cdn.krxd.net
cdn.parsely.com
cl.exct.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
consumer.krxd.net
content-static.gannett.com
cpt-static.gannettdigital.com
d.impactradius-event.com
fonts.gstatic.com
gannett.sjv.io
ib.adnxs.com
idsync.rlcdn.com
js-agent.newrelic.com
loadm.exelator.com
loadus.exelator.com
p1.parsely.com
platform.twitter.com
profile.providencejournal.com
ps.eyeota.net
px.surveywall-api.survata.com
s.amazon-adsystem.com
sb.scorecardresearch.com
ssum-sec.casalemedia.com
stags.bluekai.com
staticassets.gannettdigital.com
stats.g.doubleclick.net
sync.go.sonobi.com
sync.mathtag.com
syndication.twitter.com
token.rubiconproject.com
um.simpli.fi
user.providencejournal.com
usermatch.krxd.net
www.facebook.com
www.gannett-cdn.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.ojrq.net
104.244.42.67
104.244.42.72
13.225.195.115
13.225.195.43
142.251.40.226
151.101.130.137
151.101.2.62
151.101.66.133
151.101.66.62
162.247.243.29
173.223.57.84
192.40.39.223
2001:4860:4802:34::181
209.54.182.161
216.200.232.253
2600:141b:13:78b::416d
2606:2800:220:de:468:2285:c1:4a3
2607:f8b0:4004:c1b::9d
2607:f8b0:4006:809::2004
2607:f8b0:4006:81e::2003
2607:f8b0:4006:821::200e
2607:f8b0:4006:822::2003
2607:f8b0:4006:823::2008
2a03:2880:f012:10c:face:b00c:0:3
2a03:2880:f112:182:face:b00c:0:25de
34.170.123.2
34.95.127.121
35.186.249.72
35.190.60.146
35.227.211.136
52.0.156.250
52.20.166.182
52.3.138.212
52.7.47.181
52.85.107.60
54.144.144.142
54.89.130.42
68.67.160.76
69.166.1.12
69.173.151.100
76.13.32.147
02bcac28f87dfcd0ec146c6d085d38ce01f412dcdbd194127f5d5667808125f9
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
20407366757e1a04d08883682cc1928f32c12f64b36157215fc4bb78ec3a81b5
208d4d3247c0b03ec9ef551ced347e1daf0ce627c391567940e2894212a24df7
23332021628e42c377430e825b1b0f38183d50a84fad5c5c903edf6a7c902cc3
24b591f4c0a03a0d5d4e56f0203f246d464d65ec50b33cde2ceebe4fc861b8d8
2b1e3b3fb908a46f761d6e16bbb691442b94d9b7f22146d42b720b427b0b82ae
36ab7524a07fcb1f5bcfde9f53464b2355bff5c5096575a5859c391fc3e2f0fd
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b
3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9
3d8b843173795be3b2a9bb4624af5d55d542096d5b7a56316ec14ea2e1ac79ee
3e09b28ac53a5d948bc5a59f88110f99255e4bbd29dc1978787d98c04dbbc391
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
439b9faa37d79b97614ef0c926b519ac47d25aefa746a7c7dc6977db7e726d8b
44b988703019cd6bfa86c91840fecf2a42b611b364e3eea2f4eb63bf62714e98
4650e22dc343370eb53383e2ff0c9e59adfe0660fb1c9bcb55300280f2ebff31
4b0c739b6c32edb18c9cb1f81f69d99550a1b9582333dee3dea3196732221e77
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
50a8d144e45d069d3997b5d8a70635f1bba85fc97813c73801250f3ff00aad39
5303d95ac3d24c2f57bb54682993f72d4e16c6ca413e84963936bbeba759ca90
55326f24f5e76431bff2711b8317b73d6fa22f27d817e53442d2a6c3b00902e6
55eaf62cb05da20088dc12b39d7d254d046cb1fd61ddf3ae641f1439efd0a5ee
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5dbb36b00cc77f4fe8efd685b65e57a5e8bec9595d1b37fa0dd70b935a267fa9
6068f86ff5e6d3a3e100e95fd0ab03a5fb9ebfca9386b2c0ee131361a62526c2
6396413d842389acece9fe1da89bf96e0aecb08f3f1cb61cba6f8c4c0dd19a2b
67cb53a5888d0b879dbde4d0b3ce05a50498163d17481c621e76365c30d0ff06
6a62c325e97e3bc8066a8f9f01957af2a94b9143a3b03feee7b529b1a49030e3
7168fe91c0a2521e7f93b29b1cde798db4859202d2ea5c798ee40a79b69ef969
72244c731fdf963217a627f47c10551a9c3eb1be3a52793d5e848b532df4fe88
7302d0082eb45256dfc9e2f21cc3ff3dd55a6536b964d20f7ad90b928b63e2ae
785d05c81ced7734db8d67248bed0cb73b9acd26dbdb481a9a90eba8d498691a
7ae8f14c176eb619347bc11a13c032bb2466e0982ede04c1825ad9c3fcc0594e
7c8324267f61d882a3cb762406bb735a75abc4792826c5d8e0323bef76b9be26
84e5aa85594b35c4b60787f4a97e2e1eb369dacbe23d8154f61f60bb0343d465
89c62095126fca89ea1511cf35b49b8306162946b0c26d6f60c5506c51d85992
8e249db137399f6d8c9b59749301dc39072c04594f014a1debdafb19eecd1dcd
9380763a1b297ba5b39bc676f23082610f810a11794ad2d40161fb5be6d9cb0f
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
98a04dfb6fa03e871cff2091e6ab44a16fd2fecd0f3bfaa4fa71efb30ced827a
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9d80d2883de094a3ed32927b5f7179fab19b4f206bf6a21e07aafaf4bd315687
a1780064eef819131bf6edccdc1d109d19f7be03b5aad25894b38b10bb07f66a
a8356d715c4bd117081a0893777439ce054bbd692b8426505d358b93c1d9a7a3
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0e3dea3ead4a88d28a0203a5dd56155100bf5d61b73c371992aa9f211ff5480
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
bc10f8b886a7635638209cdc2b7156ebe16c3502284b02ee65979f3ce069342b
bf49e96238a8046d73fbc891c52b36f635c285aead7d8d26b094fc0d9615c35a
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c5bff966f57c4e61aabbe35e5ce3ff49e5f370233d790fae7263789a9b842362
c85187f49f0afb79ce0283eb4ace799c2ad50f082a73070a79fff807d46f4b38
c912a9ce0c3122d4b2b29ad26bfe06b0390d1a5bdaa5d6128692c0befd1dfbbd
c94b68341f642fc63f7f5b385f1d08434c533a5f113415f82d5786de36d9a709
cc91f013625c82b4b4ce5761e2b7e2e9bd93e2a156819ed2d0599f13991a2d24
cd7c4a748e80bc97a94f60df97812d8eb9e2b4ffd5aeaf7f61bc44f43c5c72cd
ce1fe34f915fd2ff5c44d4541dad55a7bf416d55e2f9d6dc5c4a28d6c4ae3a2a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d10c94b6cdb747904baee9070f003bb45849da46f8100b1320f286c21cbcaaa1
de9d3fd0eb948bd294477d0eda60a73b85caff1794803530d0463193a113da98
e03144966e433c6432e5c6cc239099b7ec6ced4571c62270509bcf59592ae23d
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ec34cd386427fe6deacf99f4fdbeea4b1d1ed25f505411650d7ceaa843a7fc63
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0598b6347b869f6ea9e252a3da891591bb55cd17a76901c12eb42ffac43ba67
f76d8401f80b7b3638d13676cc3b430c621f58b479aa307b98d8458b0e606407
f95b22047abcb76190421e53f133601b1006cfb23a01fb03caaad506a9b4d321
fa5c9d6357e466f05922e2666e99d56ba6f154e44b03371e42bf1c768fe8e4eb
faac55a24e5497a99410058cbac3f9ceaebba6ec212c704dc2d17684b2735a69
fd0342f75c7effdc9507291f51bf0fa12bd0a2e3196db7800f15282871897fe6

profile.providencejournal.com Open in urlscan Pro 151.101.66.62 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

98 Requests

85 %HTTPS

27 %IPv6

35 Domains

47 Subdomains

32 IPs

2 Countries

1561 kBTransfer

4063 kBSize

42 Cookies

7 Outgoing links

Page URL History

Redirected requests

98 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

profile.providencejournal.com Open in urlscan Pro
151.101.66.62 Public Scan

Screenshot
Live screenshot

Full Image

98
Requests

85 %
HTTPS

27 %
IPv6

35
Domains

47
Subdomains

32
IPs

2
Countries

1561 kB
Transfer

4063 kB
Size

42
Cookies

98 HTTP transactions
0 data transactions