bangordailynews.com Open in urlscan Pro
192.0.78.146 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://hubspot.fedscoop.com/e2t/tc/VVtbbF268JrwW42vy7Q5XWCP5W99f7mw4qLW2MN5_C1nX2-G_BV1-WJV7CgY8sW4C0j0Q5DBg--N8nfYJ8NR4FxW6...
Effective URL:
https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-...
Submission: On April 26 via api (April 26th 2021, 9:11:39 pm UTC) from US

Summary HTTP 416 Redirects Links 28 Behaviour Indicators

Summary

This website contacted 89 IPs in 7 countries across 60 domains to perform 416 HTTP transactions. The main IP is 192.0.78.146, located in United States and belongs to AUTOMATTIC, US. The main domain is bangordailynews.com.
TLS certificate: Issued by R3 on April 23rd 2021. Valid for: 3 months.

This is the only time bangordailynews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	199.60.103.225 199.60.103.225	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
42	192.0.78.146 192.0.78.146	2635 (AUTOMATTIC) (AUTOMATTIC)
15	192.0.77.37 192.0.77.37	2635 (AUTOMATTIC) (AUTOMATTIC)
4	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20e... 2600:9000:20eb:8c00:9:4c16:5180:21	16509 (AMAZON-02) (AMAZON-02)
5	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	2.18.234.163 2.18.234.163	16625 (AKAMAI-AS) (AKAMAI-AS)
16	204.48.28.205 204.48.28.205	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
24	178.79.242.139 178.79.242.139	22822 (LLNW) (LLNW)
12	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
7	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
1	13.224.112.38 13.224.112.38	16509 (AMAZON-02) (AMAZON-02)
3	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2600:9000:21f... 2600:9000:21f3:f200:d:77c3:2dc0:21	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
2 7	151.101.114.137 151.101.114.137	54113 (FASTLY) (FASTLY)
1	2606:4700:303... 2606:4700:3037::6815:e6f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
4	2606:4700:20:... 2606:4700:20::ac43:4671	13335 (CLOUDFLAR...) (CLOUDFLARENET)
24	54.174.65.254 54.174.65.254	14618 (AMAZON-AES) (AMAZON-AES)
1	34.96.85.105 34.96.85.105	15169 (GOOGLE) (GOOGLE)
1	54.144.144.142 54.144.144.142	14618 (AMAZON-AES) (AMAZON-AES)
11	2606:4700::68... 2606:4700::6811:b6b1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	13.224.105.229 13.224.105.229	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f01... 2a03:2880:f01c:800e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
1	52.52.166.208 52.52.166.208	16509 (AMAZON-02) (AMAZON-02)
1	52.216.176.227 52.216.176.227	16509 (AMAZON-02) (AMAZON-02)
9	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:20c... 2600:9000:20c8:b400:18:1fcd:34e:d2a1	16509 (AMAZON-02) (AMAZON-02)
1 2	107.178.250.234 107.178.250.234	15169 (GOOGLE) (GOOGLE)
7	34.248.121.96 34.248.121.96	16509 (AMAZON-02) (AMAZON-02)
28	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
4	52.210.137.162 52.210.137.162	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:803::2006	15169 (GOOGLE) (GOOGLE)
11	2606:4700::68... 2606:4700::6810:2a41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
1	52.4.50.244 52.4.50.244	14618 (AMAZON-AES) (AMAZON-AES)
9	3.23.122.187 3.23.122.187	16509 (AMAZON-02) (AMAZON-02)
1	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:400c:c0d::9a	15169 (GOOGLE) (GOOGLE)
3	54.166.210.103 54.166.210.103	14618 (AMAZON-AES) (AMAZON-AES)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
4	52.203.28.84 52.203.28.84	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.2.146 178.250.2.146	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6811:4e22	13335 (CLOUDFLAR...) (CLOUDFLARENET)
22	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
12	2620:116:800d... 2620:116:800d:21:36a9:ecb:e518:b308	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:20c... 2600:9000:20c8:c00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	35.174.89.216 35.174.89.216	14618 (AMAZON-AES) (AMAZON-AES)
5	2a00:1450:400... 2a00:1450:400e:80d::2003	15169 (GOOGLE) (GOOGLE)
3	2600:9000:20c... 2600:9000:20c8:a400:15:6f6c:b180:93a1	16509 (AMAZON-02) (AMAZON-02)
3	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	34.252.21.138 34.252.21.138	16509 (AMAZON-02) (AMAZON-02)
5 11	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	34.120.133.55 34.120.133.55	15169 (GOOGLE) (GOOGLE)
1	52.30.186.230 52.30.186.230	16509 (AMAZON-02) (AMAZON-02)
2	185.94.180.123 185.94.180.123	35220 (SPOTX-AMS) (SPOTX-AMS)
2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2	185.33.221.88 185.33.221.88	29990 (ASN-APPNEX) (ASN-APPNEX)
3	185.33.221.91 185.33.221.91	29990 (ASN-APPNEX) (ASN-APPNEX)
3	52.16.123.27 52.16.123.27	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c0d::9b	15169 (GOOGLE) (GOOGLE)
5	3.123.45.128 3.123.45.128	16509 (AMAZON-02) (AMAZON-02)
2	54.195.94.143 54.195.94.143	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1288:80:... 2a00:1288:80:800::7000	203220 (YAHOO-DEB) (YAHOO-DEB)
9	3.122.87.145 3.122.87.145	16509 (AMAZON-02) (AMAZON-02)
4	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
1	152.199.22.185 152.199.22.185	15133 (EDGECAST) (EDGECAST)
1	69.168.106.81 69.168.106.81	36271 (SYNACOR-C...) (SYNACOR-CLUSTER)
2 2	3.120.52.76 3.120.52.76	16509 (AMAZON-02) (AMAZON-02)
2	35.164.25.130 35.164.25.130	16509 (AMAZON-02) (AMAZON-02)
2 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1	44.238.170.237 44.238.170.237	16509 (AMAZON-02) (AMAZON-02)
1	104.16.190.66 104.16.190.66	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	52.4.152.106 52.4.152.106	14618 (AMAZON-AES) (AMAZON-AES)
1	213.19.147.42 213.19.147.42	3356 (LEVEL3) (LEVEL3)
1	35.156.13.167 35.156.13.167	16509 (AMAZON-02) (AMAZON-02)
1	216.52.2.39 216.52.2.39	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
1	185.255.84.151 185.255.84.151	200271 (IGUANE-) (IGUANE-)
1	178.162.133.150 178.162.133.150	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	18.196.230.57 18.196.230.57	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:12::1460	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	152.199.22.191 152.199.22.191	15133 (EDGECAST) (EDGECAST)
1	150.136.26.45 150.136.26.45	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
416	89

2 199.60.103.225 (United States) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

hubspot.fedscoop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 192.0.78.146 (United States)

ASN2635 (AUTOMATTIC, US)

bangordailynews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 192.0.77.37 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

c0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:8c00:9:4c16:5180:21 (United States)

ASN16509 (AMAZON-02, US)

d25dfknw9ghxs6.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.163 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-163.deploy.static.akamaitechnologies.com

s.ntv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 204.48.28.205 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

serv-vdo.pixfuture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 178.79.242.139 (United States)

ASN22822 (LLNW, US)
PTR: https-178-79-242-139.fra.llnw.net

player.anyclip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
config.anyclip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.anyclip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn5.anyclip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 192.0.77.2 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com

i2.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i1.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)

assets.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.112.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-112-38.mad50.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.0.76.3 (United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:f200:d:77c3:2dc0:21 (United States)

ASN16509 (AMAZON-02, US)

d2s8wlbatk24s7.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.101.114.137 (Frankfurt am Main, Germany) 2 redirects

ASN54113 (FASTLY, US)

cd.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cds.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vid.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6815:e6f (United States)

ASN13335 (CLOUDFLARENET, US)

www.npttech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::ac43:4671 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.pixfuture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 54.174.65.254 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

pixel.anyclip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.85.105 (Kansas City, United States)

ASN15169 (GOOGLE, US)

bangordailynews.coral.coralproject.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.144.144.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6811:b6b1 (United States)

ASN13335 (CLOUDFLARENET, US)

buy.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
experience.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.105.229 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-105-229.mad50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:800e:face:b00c:0:2 (United States)

ASN32934 (FACEBOOK, US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.52.166.208 (San Jose, United States)

ASN16509 (AMAZON-02, US)

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.176.227 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

bdn-data.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20c8:b400:18:1fcd:34e:d2a1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.250.234 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)

js.matheranalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.248.121.96 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.210.137.162 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

vid.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:803::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6810:2a41 (United States)

ASN13335 (CLOUDFLARENET, US)

api-esp.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.4.50.244 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 3.23.122.187 (Columbus, United States)

ASN16509 (AMAZON-02, US)

capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0d::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.166.210.103 (United States)

ASN14618 (AMAZON-AES, US)

www.i.matheranalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.203.28.84 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-203-28-84.compute-1.amazonaws.com

trafficmanager.anyclip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.146 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:4e22 (United States)

ASN13335 (CLOUDFLARENET, US)

global.proper.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eb.proper.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2620:116:800d:21:36a9:ecb:e518:b308 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20c8:c00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.174.89.216 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

lreprx-server.anyclip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:400e:80d::2003 (Ireland)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:20c8:a400:15:6f6c:b180:93a1 (United States)

ASN16509 (AMAZON-02, US)

vpaid.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.252.21.138 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

bc-ssb-dub.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 35.244.159.8 (Kansas City, United States) 5 redirects

ASN15169 (GOOGLE, US)

anyclip-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixfuture2-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
propermedia-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.186.230 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.123 (United States)

ASN35220 (SPOTX-AMS, US)

search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.88 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.221.91 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 52.16.123.27 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

vid-io-dub.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0d::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 3.123.45.128 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

ads.adaptv.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.195.94.143 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

acds.prod.vidible.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1288:80:800::7000 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

cdn-ssl.vidible.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 3.122.87.145 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

trk.vidible.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.22.185 (United States)

ASN15133 (EDGECAST, US)

reflex.media.syn-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.168.106.81 (United States)

ASN36271 (SYNACOR-CLUSTER, US)

synacor.autoplay-plugins.static-origin.syn-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.120.52.76 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.164.25.130 (Boardman, United States)

ASN16509 (AMAZON-02, US)

usync.proper.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.238.170.237 (Boardman, United States)

ASN16509 (AMAZON-02, US)

bids.proper.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.190.66 (United States)

ASN13335 (CLOUDFLARENET, US)

dmx.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.4.152.106 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

ssc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.147.42 (United Kingdom)

ASN3356 (LEVEL3, US)

tag.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.156.13.167 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.52.2.39 (United States)

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.151 (Paris, France)

ASN200271 (IGUANE-, FR)

hb-api.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.150 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)

apex.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.230.57 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

hb.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:12::1460 (United States)

ASN41041 (VCLK-EU-SE, US)

web.hb.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.22.191 (United States)

ASN15133 (EDGECAST, US)

contango-cdn.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 150.136.26.45 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)

uat-net.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
54	anyclip.com player.anyclip.com config.anyclip.com pixel.anyclip.com assets.anyclip.com trafficmanager.anyclip.com cdn5.anyclip.com lreprx-server.anyclip.com	628 KB
42	bangordailynews.com bangordailynews.com	344 KB
32	googleapis.com fonts.googleapis.com imasdk.googleapis.com	4 MB
30	wp.com c0.wp.com i2.wp.com i1.wp.com i0.wp.com stats.wp.com pixel.wp.com	319 KB
22	googlesyndication.com pagead2.googlesyndication.com	199 KB
20	pixfuture.com serv-vdo.pixfuture.com cdn.pixfuture.com	446 KB
16	connatix.com 2 redirects cd.connatix.com cds.connatix.com capi.connatix.com vid.connatix.com img.connatix.com	474 KB
15	vidible.tv acds.prod.vidible.tv cdn-ssl.vidible.tv trk.vidible.tv	221 KB
14	revcontent.com assets.revcontent.com trends.revcontent.com img.revcontent.com cdn.revcontent.com images.revcontent.com	184 KB
12	quantserve.com secure.quantserve.com pixel.quantserve.com	11 KB
12	springserve.com vid.springserve.com vpaid.springserve.com bc-ssb-dub.springserve.com vid-io-dub.springserve.com	264 KB
11	openx.net 5 redirects anyclip-d.openx.net pixfuture2-d.openx.net propermedia-d.openx.net	4 KB
11	piano.io api-esp.piano.io i.piano.io	33 KB
11	tinypass.com buy.tinypass.com id.tinypass.com experience.tinypass.com	2 MB
10	gstatic.com fonts.gstatic.com csi.gstatic.com	160 KB
9	google-analytics.com www.google-analytics.com	59 KB
8	google.com fundingchoicesmessages.google.com ampcid.google.com www.google.com	96 KB
7	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net	360 KB
6	proper.io global.proper.io usync.proper.io bids.proper.io eb.proper.io	87 KB
6	2mdn.net s0.2mdn.net	82 KB
5	advertising.com ads.adaptv.advertising.com	5 KB
5	adnxs.com ib.adnxs.com secure.adnxs.com	6 KB
5	matheranalytics.com 1 redirects js.matheranalytics.com www.i.matheranalytics.com	41 KB
4	moatads.com z.moatads.com px.moatads.com	88 KB
4	pubmatic.com ads.pubmatic.com hbopenbid.pubmatic.com	84 KB
3	google.de ampcid.google.de www.google.de	638 B
3	facebook.com graph.facebook.com www.facebook.com	1 KB
3	amazon-adsystem.com c.amazon-adsystem.com	35 KB
3	googletagmanager.com www.googletagmanager.com	112 KB
2	technoratimedia.com contango-cdn.technoratimedia.com uat-net.technoratimedia.com	4 KB
2	yahoo.com 2 redirects ups.analytics.yahoo.com	2 KB
2	bidswitch.net 2 redirects x.bidswitch.net	1018 B
2	syn-cdn.com reflex.media.syn-cdn.com synacor.autoplay-plugins.static-origin.syn-cdn.com	93 KB
2	casalemedia.com as-sec.casalemedia.com	2 KB
2	spotxchange.com search.spotxchange.com	2 KB
2	criteo.com 1 redirects gum.criteo.com mug.criteo.com	1 KB
2	facebook.net connect.facebook.net	96 KB
2	parsely.com cdn.parsely.com p1.parsely.com	19 KB
2	cloudfront.net d25dfknw9ghxs6.cloudfront.net d2s8wlbatk24s7.cloudfront.net	29 KB
2	fedscoop.com 1 redirects hubspot.fedscoop.com	4 KB
1	dotomi.com web.hb.ad.cpe.dotomi.com	372 B
1	emxdgt.com hb.emxdgt.com	162 B
1	sonobi.com apex.go.sonobi.com	743 B
1	omnitagjs.com hb-api.omnitagjs.com	557 B
1	lijit.com ap.lijit.com	778 B
1	sharethrough.com btlr.sharethrough.com	117 B
1	1rx.io tag.1rx.io	175 B
1	33across.com ssc.33across.com	661 B
1	districtm.io dmx.districtm.io	429 B
1	adsrvr.org match.adsrvr.org	546 B
1	rlcdn.com api.rlcdn.com	224 B
1	quantcount.com rules.quantcount.com	427 B
1	googletagservices.com www.googletagservices.com	21 KB
1	chartbeat.net ping.chartbeat.net	169 B
1	chartbeat.com static.chartbeat.com	14 KB
1	amazonaws.com bdn-data.s3.amazonaws.com	9 KB
1	postrelease.com jadserve.postrelease.com	600 B
1	coralproject.net bangordailynews.coral.coralproject.net	15 KB
1	npttech.com www.npttech.com	3 KB
1	ntv.io s.ntv.io	103 KB
416	60

	Domain	Requested by
42	bangordailynews.com	hubspot.fedscoop.com bangordailynews.com c0.wp.com
28	imasdk.googleapis.com	player.anyclip.com imasdk.googleapis.com cd.connatix.com vpaid.springserve.com serv-vdo.pixfuture.com
24	pixel.anyclip.com	bangordailynews.com
22	pagead2.googlesyndication.com	srcdoc imasdk.googleapis.com
16	serv-vdo.pixfuture.com	bangordailynews.com serv-vdo.pixfuture.com
15	c0.wp.com	bangordailynews.com
11	pixel.quantserve.com	serv-vdo.pixfuture.com
11	assets.anyclip.com	player.anyclip.com bangordailynews.com
9	trk.vidible.tv
9	capi.connatix.com	cd.connatix.com
9	api-esp.piano.io	buy.tinypass.com c0.wp.com api-esp.piano.io
9	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com bangordailynews.com hubspot.fedscoop.com
9	buy.tinypass.com	bangordailynews.com buy.tinypass.com
8	pixfuture2-d.openx.net	4 redirects
8	cdn5.anyclip.com	bangordailynews.com player.anyclip.com
7	trends.revcontent.com	assets.revcontent.com
6	s0.2mdn.net	player.anyclip.com imasdk.googleapis.com
5	ads.adaptv.advertising.com	imasdk.googleapis.com cdn-ssl.vidible.tv
5	csi.gstatic.com	imasdk.googleapis.com
5	fonts.gstatic.com	fonts.googleapis.com
5	fundingchoicesmessages.google.com	bangordailynews.com
5	i2.wp.com	bangordailynews.com
5	securepubads.g.doubleclick.net	bangordailynews.com securepubads.g.doubleclick.net www.googletagservices.com global.proper.io
4	cdn-ssl.vidible.tv	acds.prod.vidible.tv cdn-ssl.vidible.tv
4	images.revcontent.com	bangordailynews.com
4	trafficmanager.anyclip.com	player.anyclip.com
4	vid.springserve.com	player.anyclip.com synacor.autoplay-plugins.static-origin.syn-cdn.com
4	cdn.pixfuture.com	serv-vdo.pixfuture.com
4	i1.wp.com	bangordailynews.com
4	player.anyclip.com	bangordailynews.com player.anyclip.com imasdk.googleapis.com
4	fonts.googleapis.com	bangordailynews.com
3	vid-io-dub.springserve.com	vpaid.springserve.com
3	secure.adnxs.com	imasdk.googleapis.com
3	hbopenbid.pubmatic.com	vpaid.springserve.com global.proper.io
3	vpaid.springserve.com	player.anyclip.com synacor.autoplay-plugins.static-origin.syn-cdn.com
3	www.i.matheranalytics.com	bangordailynews.com
3	c.amazon-adsystem.com	bangordailynews.com c.amazon-adsystem.com
3	cds.connatix.com	bangordailynews.com cd.connatix.com
3	www.googletagmanager.com	bangordailynews.com hubspot.fedscoop.com www.googletagmanager.com
3	i0.wp.com	bangordailynews.com
2	ups.analytics.yahoo.com	2 redirects
2	usync.proper.io
2	x.bidswitch.net	2 redirects
2	px.moatads.com
2	z.moatads.com	cdn-ssl.vidible.tv
2	acds.prod.vidible.tv	imasdk.googleapis.com
2	ib.adnxs.com	vpaid.springserve.com global.proper.io
2	as-sec.casalemedia.com	vpaid.springserve.com global.proper.io
2	search.spotxchange.com	vpaid.springserve.com
2	anyclip-d.openx.net	1 redirects
2	bc-ssb-dub.springserve.com	vpaid.springserve.com
2	lreprx-server.anyclip.com	imasdk.googleapis.com
2	i.piano.io	buy.tinypass.com
2	global.proper.io	assets.revcontent.com global.proper.io
2	www.google.de	bangordailynews.com
2	www.google.com	bangordailynews.com
2	www.facebook.com	bangordailynews.com connect.facebook.net
2	stats.g.doubleclick.net	www.google-analytics.com
2	js.matheranalytics.com	1 redirects bangordailynews.com
2	connect.facebook.net	hubspot.fedscoop.com connect.facebook.net
2	pixel.wp.com	bangordailynews.com
2	cd.connatix.com	2 redirects
2	hubspot.fedscoop.com	1 redirects
1	uat-net.technoratimedia.com	vpaid.springserve.com
1	eb.proper.io	global.proper.io
1	contango-cdn.technoratimedia.com	synacor.autoplay-plugins.static-origin.syn-cdn.com
1	web.hb.ad.cpe.dotomi.com	global.proper.io
1	hb.emxdgt.com	global.proper.io
1	apex.go.sonobi.com	global.proper.io
1	hb-api.omnitagjs.com	global.proper.io
1	ap.lijit.com	global.proper.io
1	btlr.sharethrough.com	global.proper.io
1	tag.1rx.io	global.proper.io
1	ssc.33across.com	global.proper.io
1	dmx.districtm.io	global.proper.io
1	propermedia-d.openx.net	global.proper.io
1	bids.proper.io	global.proper.io
1	synacor.autoplay-plugins.static-origin.syn-cdn.com	imasdk.googleapis.com
1	reflex.media.syn-cdn.com	imasdk.googleapis.com
1	match.adsrvr.org	ads.pubmatic.com
1	api.rlcdn.com	ads.pubmatic.com
1	rules.quantcount.com	secure.quantserve.com
1	img.connatix.com	bangordailynews.com
1	secure.quantserve.com	global.proper.io
1	vid.connatix.com	cd.connatix.com
1	cdn.revcontent.com	bangordailynews.com
1	img.revcontent.com	bangordailynews.com
1	www.googletagservices.com	serv-vdo.pixfuture.com
1	mug.criteo.com	bangordailynews.com
1	gum.criteo.com	1 redirects
1	experience.tinypass.com	buy.tinypass.com
1	ads.pubmatic.com	serv-vdo.pixfuture.com
1	ping.chartbeat.net	bangordailynews.com
1	id.tinypass.com	buy.tinypass.com
1	ampcid.google.de	www.google-analytics.com
1	ampcid.google.com	www.google-analytics.com
1	static.chartbeat.com	hubspot.fedscoop.com
1	bdn-data.s3.amazonaws.com	bangordailynews.com
1	jadserve.postrelease.com	s.ntv.io
1	graph.facebook.com	c0.wp.com
1	p1.parsely.com	bangordailynews.com
1	bangordailynews.coral.coralproject.net	bangordailynews.com
1	config.anyclip.com	player.anyclip.com
1	www.npttech.com	bangordailynews.com
1	d2s8wlbatk24s7.cloudfront.net	d25dfknw9ghxs6.cloudfront.net
1	stats.wp.com	bangordailynews.com
1	cdn.parsely.com	bangordailynews.com
1	assets.revcontent.com	bangordailynews.com
1	s.ntv.io	bangordailynews.com
1	d25dfknw9ghxs6.cloudfront.net	bangordailynews.com
416	110

This site contains links to these domains. Also see Links.

Domain
obituaries.bangordailynews.com
www.mainenotices.com
classifieds.bangordailynews.com
jobs.bangordailynews.com
eedition.bangordailynews.com
bangordailynews.zendesk.com
anyclip.com
trends.revcontent.com
help.revcontent.com
www.revcontent.com
store.bangordailynews.com
pulsemarketingagency.com
s3.amazonaws.com
newspack.pub

Subject Issuer	Validity	Valid
hubspot.fedscoop.com Cloudflare Inc ECC CA-3	`2020-07-17` - `2021-07-17`	a year	crt.sh
tls.automattic.com R3	`2021-04-23` - `2021-07-22`	3 months	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2021-02-22` - `2022-02-21`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.ntv.io DigiCert SHA2 Secure Server CA	`2021-01-25` - `2022-02-01`	a year	crt.sh
*.pixfuture.com Sectigo RSA Domain Validation Secure Server CA	`2019-12-03` - `2021-12-02`	2 years	crt.sh
*.anyclip.com Go Daddy Secure Certificate Authority - G2	`2020-07-13` - `2022-07-13`	2 years	crt.sh
assets.revcontent.com R3	`2021-03-15` - `2021-06-13`	3 months	crt.sh
*.parsely.com Amazon	`2020-08-02` - `2021-09-02`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.connatix.com Go Daddy Secure Certificate Authority - G2	`2020-09-29` - `2021-10-19`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-05` - `2021-08-05`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
bangordailynews.coral.coralproject.net GTS CA 1D4	`2021-04-01` - `2021-06-30`	3 months	crt.sh
*.piano.io Sectigo RSA Domain Validation Secure Server CA	`2020-09-17` - `2021-09-17`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2020-08-04` - `2021-08-02`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
*.postrelease.com Amazon	`2021-01-28` - `2022-02-26`	a year	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-01-11` - `2022-02-11`	a year	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2020-06-01` - `2021-06-02`	a year	crt.sh
js.matheranalytics.com Sectigo RSA Domain Validation Secure Server CA	`2021-03-19` - `2022-04-19`	a year	crt.sh
revcontent.com Amazon	`2020-07-08` - `2021-08-08`	a year	crt.sh
*.springserve.com Amazon	`2021-04-23` - `2022-05-22`	a year	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2020-12-01` - `2021-12-30`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
www.i.matheranalytics.com Sectigo RSA Domain Validation Secure Server CA	`2020-01-28` - `2022-01-27`	2 years	crt.sh
www.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
proper.io Cloudflare Inc ECC CA-3	`2020-07-03` - `2021-07-03`	a year	crt.sh
img.revcontent.com R3	`2021-03-16` - `2021-06-14`	3 months	crt.sh
cdn.revcontent.com R3	`2021-03-17` - `2021-06-15`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
images.revcontent.com R3	`2021-03-15` - `2021-06-13`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.spotxchange.com GeoTrust RSA CA 2018	`2021-03-10` - `2022-03-29`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.v.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-12-26` - `2021-06-22`	6 months	crt.sh
acds.prod.vidible.tv DigiCert SHA2 High Assurance Server CA	`2021-01-26` - `2021-07-20`	6 months	crt.sh
cdn-ycs.vidible.tv DigiCert SHA2 High Assurance Server CA	`2020-12-19` - `2021-06-15`	6 months	crt.sh
trk.vidible.tv DigiCert SHA2 High Assurance Server CA	`2021-02-09` - `2021-08-03`	6 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
*.media.syn-cdn.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-01` - `2022-04-01`	a year	crt.sh
sa.static-origin.syn-cdn.com DigiCert SHA2 High Assurance Server CA	`2020-04-21` - `2021-06-02`	a year	crt.sh
*.proper.io Sectigo RSA Domain Validation Secure Server CA	`2020-12-20` - `2022-01-20`	a year	crt.sh
districtm.io Cloudflare Inc ECC CA-3	`2020-07-01` - `2021-07-01`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2019-10-01` - `2021-09-30`	2 years	crt.sh
*.1rx.io Sectigo RSA Domain Validation Secure Server CA	`2019-06-28` - `2021-06-27`	2 years	crt.sh
*.sharethrough.com Amazon	`2020-09-09` - `2021-10-11`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2021-03-11` - `2022-04-12`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-18` - `2021-06-18`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
*.emxdgt.com Amazon	`2020-07-31` - `2021-08-30`	a year	crt.sh
ad.cpe.dotomi.com GlobalSign RSA OV SSL CA 2018	`2020-03-30` - `2022-06-25`	2 years	crt.sh
*.technoratimedia.com DigiCert SHA2 High Assurance Server CA	`2020-07-28` - `2021-10-01`	a year	crt.sh

This page contains 46 frames:

Primary Page: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Frame ID: 586A5AD54B3B23D2E9451F7D02F7B5FC
Requests: 244 HTTP requests in this frame

Frame: https://cds.connatix.com/p/115064/connatix.playspace.dc.js
Frame ID: FFCE5FD68CB5C400DD0566CC6B956F96
Requests: 1 HTTP requests in this frame

Frame: https://cds.connatix.com/p/115064/connatix.player.dc.js
Frame ID: E98AE48BDDDFB1496DC1A348866FAA6B
Requests: 13 HTTP requests in this frame

Frame: https://cdn.pixfuture.com/jquery.min.js
Frame ID: 54DC53DC8B4DF1DFE0042EB191433EF9
Requests: 40 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Frame ID: FD7A2778931A012C9FDE18CBF8BEAB9F
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 3E81D9A51C742BC362A5FBB7484C30E6
Requests: 1 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=%23piano-bottom&templateId=OT4SMJA264JI&offerId=OFTT8RQJHOEV&formNameByTermId=%7B%7D&hideCompletedFields=true&showCloseButton=false&experienceId=EXTQ1E06385B&activeMeters=%5B%7B%22meterName%22%3A%22MeteredExperience%22%2C%22views%22%3A1%2C%22viewsLeft%22%3A2%2C%22maxViews%22%3A3%2C%22totalViews%22%3A1%7D%5D&widget=offer&iframeId=offer-0-iXRjE&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=U1S2txQ29t&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=9f6efaef77
Frame ID: 9EE0F7E02420585656D88419D21104C1
Requests: 13 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Frame ID: 55A4207BC88DF93968D16E99335CC402
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 1AED48664D978C2510DB252F135557F2
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/loader.js
Frame ID: B74C87C9F59BB5760ED44259CC56CDF9
Requests: 15 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Frame ID: 9A43DA0350FE0ADD3C7A376DCC77859A
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 85A26751280AA069F565C5F3CFD923D4
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Frame ID: 4BB2D3AD3457A738C412DB35D1CC759A
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 4D0C75B7A93EB08F64EA80FC19ED4FC4
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Frame ID: EC23A761D8695B146A0992E50AA837A0
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 300F81352DFEBEF62D3C7226EC274418
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Frame ID: 631A27BE1FBE9E422C551AB7B588CEDF
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 3C2364D3E308EBC43DF88580E2154794
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Frame ID: 42A5B0D07F569A37E84448D75CE220A7
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: ECDAC26477C31C7DBF2C0FD88A048732
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Frame ID: 8D5C92D3AAEC5D022929B38F777FA01C
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 3496AAA34D1CFFFC3CB9960C52BEA84B
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Frame ID: 4B13B97D6F8A0B7D837D548AFD0AC13A
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 7507FFCAD57FDF75378A3EC4266FF9D3
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Frame ID: 4C3639BCAF44F30AB523014B8325BC98
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: C4C1D032E2FA0B41421177C9960F090A
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Frame ID: 3EF89E310010DCCD0D7F690A51281E2F
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 5EFB51D261B8FC15AFC5A3E02A835AF6
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/loader.js
Frame ID: 61529F0C7036B974BAE3B4EBCFD32815
Requests: 9 HTTP requests in this frame

Frame: https://cdn-ssl.vidible.tv/prod/player/ad-time/local-storage.html
Frame ID: A350B06E0439755472C97CD655F78958
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Frame ID: 7BDBA45556D0B3F8C76FEF0598D93E35
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 87C867ADC1652A1E52421A7340B66C21
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/loader.js
Frame ID: 66D0B99835060B68F204595BEBE8B951
Requests: 9 HTTP requests in this frame

Frame: https://cdn-ssl.vidible.tv/prod/player/ad-time/local-storage.html
Frame ID: 040DFBA724CFDFAF646F09557CCB6F97
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Frame ID: BC45F9885104DB6AD6465C8010F5F6AE
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 417F9D477FB027F07F0D3881329EA1CD
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Frame ID: EBB53B7D7788339C2E33F935FE0827EB
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 529BBAE8BD744FE325F770FDA34E4317
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Frame ID: F0A8CECA66FC02DFE9944D9EF239AC79
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/loader.js
Frame ID: 64D4F6CA205BB246F4F1B3BDC9C0C76C
Requests: 8 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 39E24EB1290E2D2901390118453FFC36
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Frame ID: 7616FDDAE6BB43F9C23CE7E1A9A495B4
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: FB4364BC951BA0CDA773926D0D3FA787
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/loader.js
Frame ID: F1951F997F1EEADFF249D90735596613
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 3EAE6C2001BED24B9CDBCDE59487FD8E
Requests: 2 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_982cce59.js
Frame ID: 9D1FF3D4618C30198B4A8616813A99FC
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://hubspot.fedscoop.com/e2t/tc/VVtbbF268JrwW42vy7Q5XWCP5W99f7mw4qLW2MN5_C1nX2-G_BV1-WJV7CgY8sW4C0j0Q... Page URL
https://hubspot.fedscoop.com/events/public/v1/track/tc/VVtbbF268JrwW42vy7Q5XWCP5W99f7mw4qLW2MN5_C1nX2-G_B... HTTP 307
https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-t... Page URL

Detected technologies

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /chartbeat\.js/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /2mdn\.net/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /2mdn\.net/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Google Analytics Enhanced eCommerce (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /\.quantserve\.com\/quant\.js/i

Page Statistics

416
Requests

99 %
HTTPS

36 %
IPv6

60
Domains

110
Subdomains

89
IPs

7
Countries

11377 kB
Transfer

31963 kB
Size

39
Cookies

28 Outgoing links

These are links going to different origins than the main page.

URL: https://obituaries.bangordailynews.com/
Title: Obituaries

Search URL Search Domain Scan URL

URL: http://www.mainenotices.com/
Title: Public Notices

Search URL Search Domain Scan URL

URL: https://classifieds.bangordailynews.com/
Title: Classifieds

Search URL Search Domain Scan URL

URL: https://classifieds.bangordailynews.com/bangor/transportation/search/
Title: Autos

Search URL Search Domain Scan URL

URL: https://classifieds.bangordailynews.com/me-bangor/real-estate/search
Title: Real Estate

Search URL Search Domain Scan URL

URL: http://jobs.bangordailynews.com/
Title: Jobs

Search URL Search Domain Scan URL

URL: https://www.mainenotices.com/
Title: Public Notices

Search URL Search Domain Scan URL

URL: http://eedition.bangordailynews.com/Olive/ODN/BangorDailyNews/default.aspx
Title: E-edition

Search URL Search Domain Scan URL

URL: https://bangordailynews.zendesk.com/hc/en-us/
Title: Customer service

Search URL Search Domain Scan URL

URL: https://anyclip.com/
Title: AnyClip

Search URL Search Domain Scan URL

URL: https://anyclip.com/?source=logo&wid=0011r00002SRK6m_6242

Search URL Search Domain Scan URL

URL: https://anyclip.com/?source=powered&wid=0011r00002SRK6m_6242
Title: Powered by AnyClip

Search URL Search Domain Scan URL

URL: https://anyclip.com/privacy-policy/?source=policy&wid=0011r00002SRK6m_6242
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=0qyoL6re4NcfJVd6KR3syB8zPyqx5Jj7QQEVSgDVAmYVMxDDabAxGxdE1xlC4kZtzDOmnGIYd0DMKxV6ZAGypEkZxcPFgc0b%2FsCQdtNfWg3Kw4nZoPKqdJ2RQCegoNQcMJ6zieUrEssrkMcmy89S9DIQunGGvD6CFo0lJ%2BXb%2FkwGgHTo4u7%2FD%2F88OPUcKYJbwEPQHvsq%2BBn7N7BRxfvsAyE19eFp%2BZc9JrEEthF7UAZyG2V%2Bhng6iPh2vAFGE9e1uWspCnihMf3%2BsahZ7rTbcv2N5OYRHZSAXD5HxaOfpRy69Yk6qaD3KmdNzLKRfVKoeGLyylJDF2oeRUuCbMkTNq%2BgcV3wzvqIZ%2FZJEmm2Kh0gekoIm%2B8UodgI6LIXkMgoF5NV6qXqSqrzr3h8a1G9ahLXp7B2Vqtoc7daImMpT8YeSdYj6UWnyMICAtZlMiZ%2BzdUMFmsdj79ZTmX0C%2FSyPXvBEk%2FDSrnV6AWh2DenqW4gcRm9l7ldwMmHmqaR3E0oaYECZNd1WRPU%2FpUYlq%2FsKXr3oS1uqKXIvoxo6OI0NUDRzqJ%2FAO%2BLRUB7ecanPLKeeI5GO2hPyA2JuuYcOWDiePn5j%2FzaI%2FydJxvFSprH43Mi9DoD6h21nfl0r%2FoqGD%2FjJdENpQohlnRQ2Z51XFzGMn79xCHAEk9Yvgs5uk%2FHtwMqDq6vBrmLkzgatZd00jZ5yRydK3us8yh%2Fi7ITq%2BfhXxnxxVfjPO4dRKn6xlN7QLP09nLBaK7WyY9VZAOPCBoYEa7JCd%2FvPn1F52RJWbAQ%2BL%2FTnZWYrwUYXwL5TExhAFwfkXKpgBlJFcQ82QLvTOT33jXGrx7NMN%2Fb54nBR8urS0enk0PWQ6EReGjNF6GsjELgcj7kDO2%2BH1LY4CR6WKSGiCuohX4Izf1v6pn%2FuFgt5wBbUYiWgk6vTt6Hv%2FlQSl7oSSiIMs%2FITbg%2B5alblCEn4qOvqZEZwPAzravk5VAK57MWgP2OnhAEhCIkYLKbom%2BjSpC%2BqFHYeBkQy8qPeNDAm7w8v%2Fc%2FKuhWOO37rjA0Q8gutlTcsqDUrdLwteGfVJ7I2ipYnzZrUYODCGd18cPi%2Fb6DTaLhze%2FgMH7K9f%2F9fiq7qkQu8FB%2BdVHFIQ0WP9KDmlnCI1aQS67M4SEkaedGUlvWsk3GGUEfz5lsBp0S2CKQ332wx86r65SpGDmM7Hjav2uhbm%2FYUtUoWNAP89q1wdaTaVOeOraAn9Xc6ponS9Q2%2BG911H1JvE1N3s69T8awSOOn4aP6zRYFHR6sjcHaHiB3mBiD2%2FmlapjnBl7sg1Rglrood5n02zDuqBmCigY%3D&s2s=1
Title: Doctors Stunned: Mole & Skin Tag Removal Has Never Been Easier (No Surgery)Essential Health

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=5%2BnFb1kzTM77YwR48SYvsT1VjB6XO8m3bffY1zvVvEux2raCMNWeOflq9kHGBzRkzVeoH00ZzrLKCEV9nFpsXwpaifkaNDbbdwnOUb9WP4LRJUEjLhiV61To7HIPu4u62a9kXFmoOKfopCMvhAUcpBIGVl1A21i2nxdnPVvS5Itol7i%2B3Gwr3wvvRbt793D578UGxFXaxoQ5j4U560rxCo3wlCAJKtOAItzl4y0MnZ7Ogob67DN8eiWBeZYkG4gSrNrPOB5Bvbia4xTAyl82mOn%2BHzAoTYzeSGR7WKEDvQBtb6CCG3vTXnJOscmy2y5qmvrniqmewA1GiTzfr6F11587z7gh%2BQQ%2BiD3Q5xS7OIXIasDCpqIBpWX%2FTCcyTNczA7LtL2YRRiM9hMQQUpJRxkWNYkggvy%2BcmAE1jZZFwhT8QmyFLR3aqFInO%2FcdPNpFajOPGXS5r6l%2FhJyv4Rf9GVA8LGLG1QhXIywPV6P1Ud0GO4nge9rWgHnlnw0XcHfpsYSFhwRzjmhHfnGX3RR%2BFiEMqLiAHvvGikNDecfwv9sclaZOq088%2F84viUvJKMfBlO53Gkqb83aq%2FwMUpazAaBqVJgzO%2FPavEt4qrOwMcLzM%2F9wL99edYhyOAp8gCoNbslZg10mL3UHisGsPjhdw%2BkE5%2B9LhE%2FqZ9IO%2FWoDrHE2QPr%2BA1PEHgcn2vuKhoAmCSM%2BiO6st4R8%2FCLqxZcu64%2FhqKI9l6nIbY7s%2BFzuXeAf057dQ5HAB8G1HfperMTmbel2SNZALskxY1BovU2juntyAmE9mKADuL0Tmznb2YiEm40hRiFWqDSoLE5hYFF4iqtPCknQU8F1%2ByDVz27kVXRxo8DcNWWOY72myLoVTtl0j3YK5C415nIF2o6jX46WPmqRi3kUTQQdPh6El7KJpzmawpyphQX6DZTcGOp%2BfC4O8F4RZG4AoqfiGf%2B3bN%2FzxaCA%2BBTMvEySxR34gYCwZv9P8wKOGrqdne2S1sQ%2F41cXcepi21ndmrqv1qd9q%2FQ1wR0i3LBOQNFPFMsli9N%2Fm%2FGkhCCGrzP1aJm7rW2uyL7wWkJZqNHJ5ukgKUDQZ5tm%2F4zMwtdYgrPo953tWTC83VlH8i0MCF2cu0xbnBwzwFHez69%2BVkPf9s1D%2FOok17H1iQeKjjtO9yYOflod0UXK0zSS7oEYQspmdLqBWdNnxwSttTa2vrmrK%2BZPJjln6UWSuKVWFvVFMuRfXA1gNx8gv4g%3D%3D&s2s=1
Title: This Video Will Soon Be Banned. Watch Before It's DeletedSecrets Revealed

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=UJfiAlQx813RiaKkgYUFmXm49eNSzhf1Fp4yLSJLqDP%2BHihWgLJzWLKM4%2BZMxM2k89KUttEq4u5Utx96w56V51mkYlEZ9DUdFq5N27Z05S1I48Rk7Y9LQwUEztdxFhGRl8Wuwv5Ny1K%2BCaHAi4g2jWNuyXP7PdViRmtNl0f9uER8gtWwy6X7V9mmwziQkjMXbfM%2B1T9CesrYIaK8k3nz7lZYrqFpJqFNB70JozIMJrFw%2Bmf4c2cRjnCfDCZleT6Nv6cDBBsBnDWHRPpyel0p3S3z6F3cfDt5CClnn%2B0BTI6sTvi6ZMNshl40v0S%2FyZoDnHbo%2Fp2pHBxXn2C%2FGyYjgEzV9wTZ4nAVPkhJzISwosAv%2BkJGaXyOs%2FGprrzGw1ckWw8Pwyl%2BPsvg4I7%2BMzYv%2B%2FzDxabgbuP%2BOh%2F2%2FjH5Mwo0lqR5f3ZUejtM92bQtdgjZ8qAlY70bDG2bRzsQ%2B%2FaYs6xfrHI5sL0v5tutPAXYgAWsMUucHtJd2AUrfZOK88vMnNrWAsiyvgalBsKvRIcajBa0RAht7W3nN%2BLOSIXMVoGu3IkEmUWVtN7ulh3dZru19E9uvPZ6rxKhnJj4I63EuuBwIh2eNgtgwmqMLo%2FsdXi7n4wSW3WKXaiiJxiwNpLyhYnvBqNFkuLr7D9Tt%2F73IdAKz4kRLK5vExOkUJqy%2BcFitORrDMmjyUBHNPosc4hHmO50cMUq46OVsrA%2BG2y1h5GIe8IWgpqp7nvYgWcGAhlEAnMb50XCGP4pa26kw2NOf0zw4aEe7wG%2BCyKHQwbZXi%2B38mfCERNb5z6XcUtSQCOZjkVbn%2Fu12Hw1L5mNeiorNGIK2Z%2BuMq9C1irurXU2XlDu9DE8vPDWftgMy%2B%2F59QnXS%2F3bvU6jp%2FIu3fozgDUG0aPngxybSKPoaMofFqmgepz6cfBBm3GoxAqc0zgPRDVpJuKlDBGLr4rpq3Zq07fwoj%2FPVX%2B7BeT1x50KRYezE%2FJGt2oBAdLRDB9jd55JLiirEuEWnPqHL8tcfSybUAp%2Fq%2FKOIrQ%2FIJ4Tr3mpqrGiK9DlFkbC7n3C18y15tzGDzJHFrKuxhZB5Ui0GA9%2FkwsAefJNnhY9DYNlDJ%2FIjqN3Pl132yk70B0sl3QqU%2FEd7lVl47TOn2aiwhve4DBeLLRMEnBAZqBrGbzLAsXg2R%2BJscEcpoZT7uj%2FC4vTEWPKcRMM5mHrwDXNvP2IEniz7XUygnUgunwkAIf3EuxIFlNBBrjRqSMhNsB90zCpcl1nIxQMhTYPT%2BzC8GEhSVko7tSpynFA4UvX%2BDESGdTfgU9hg%3D%3D
Title: You Won't Believe What the World's Most Beautiful Girl Looks Like TodayNueey

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=Z388BeR8594jSliXChX3wz8LjYB7QyDrZIUs6DJ8aMCZfj05cnqe639PiixxjcIy8cPx6L7PkGOqtZnPkRpGMQ4vNAeGdtILMvltbMylILGXUjv4jxLocpoyPhunoQa3sd%2Bj3hSXsnccSPmnsS1oWPdODgrC%2BKpeFajGc3mbtQPzTV7YGtOZikdxdwMMbyhgZnV7rKjixwzod1YIEf4G5UnVJD97vjWB19r%2B69L2lDJUmGc3ldslJfHD7fYNYk6fLudUYBSc5ik2tmWBW8RL%2FTneliuINKSiZtQZDRl7zLti4eiqz9r6Val9x3EvlccLeuar7%2F67c1r2ZirA2Bs5Bbo6n%2BvkhuHdVE9YCI33JkPy6dG%2B53SuauIQaX0xXkTEeWx6ny2wjqjLyZKoYFPOTAsp%2BHmKs6DS2AGraZfMJ7DkR1BOn%2FJTNmfYpNzYe%2BIlifa3m1%2BlM4Ke4eSpqMSKpaQVYKgzpJK9%2BX1rVSpaO%2BXj6yV9%2FIHxlJ5Lr7bstavzqjaZycej8tXP9OTqZsr%2BFKMt6ggUemuMF2J4dbZoXjf8d6hSE5qdp4b7xuyfkYVaslgerBxZjkUPudYTKLOjWYzPkRq51FDcc9KlvHSS9i9ZwRkqfp0pXpI3PxJjl9mcZ6h8dVJhBupyelJVrLB4ngWCEX56WDAuPeecK%2Bq%2BtCAPCmFcgJXUFdVRe1%2BlSwzESxwV%2BAdOd8ilRbf%2BmT4jV9p%2FbMpI94uhhI3QK%2F06ZAQmSGOcXYYtpFcoF7jxiSAx3GSFKMUOOT%2BrZv%2FP69Bw2K6dyJxSZ2daNdH4V4X71d6kESGdVnjzzNEzYyD2JkUdlD0KQ1IloWauU%2FgVD%2BWtBFdwITLEBnE681G8%2BIYEJHQyRfHJkCGFqHwLCLq3Hn85oihvPY6ICDqKf%2BYUuBClG9bME%2F8S6emfDTLPFRJLPq%2FX7GHyGMKuo9BTebNpBNsotBsAPpUY%2B5lZz5YzGC9IlzoDVsRqyROn4EuwYSQuadCYsfAKI1vVUfBrqKUre%2Fg5k6WWvgAAwcNOJL2dH%2FTNYrqo6LU00A%2BSkyIqXq1tjNuaBmYpbD5fmP6X6PY3Wb16%2FCgMoo3Y7yqWm9UEAeZpj8CVJ12FUmO%2F7%2Bd6NH2iwZnnem6Oj4%2Fxe1BS5iwmnruPSNg%2FuXeoGieVOpDvnMSQcpsFNJQKZnRPtkIsMr0ipmiXa3OoFK%2BvxZvHxaHqoeFh1bVHOPi7J%2BTS0ajffEetw7%2BqiZMNfc6pbrLonTSTc%2FGThQOzDqntOshQ1DKZz3wWgIdpTMvdw3posv0wvBiYoI9j2UsKUJul7PkYjZeJDn4%3D&s2s=1
Title: 26 Mexican Slangs You Have to Know Before Visiting MexicoViral Vacation Ideas

Search URL Search Domain Scan URL

URL: https://help.revcontent.com/en/knowledge/revcontent-privacy-policy
Title: Revcontent's Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.revcontent.com/
Title: Increase Your Engagement Now!

Search URL Search Domain Scan URL

URL: https://help.revcontent.com/en/knowledge/fake-news-complaints
Title: Submit a Report

Search URL Search Domain Scan URL

URL: https://bangordailynews.zendesk.com/hc/en-us/articles/360042380972-The-history-of-the-BDN
Title: About Us

Search URL Search Domain Scan URL

URL: https://classifieds.bangordailynews.com/?ref=footer&_ga=2.128907657.425825190.1592087148-346633731.1589997382
Title: Classifieds

Search URL Search Domain Scan URL

URL: https://classifieds.bangordailynews.com/bangor/transportation/search/?ref=footer&_ga=2.123772175.425825190.1592087148-346633731.1589997382
Title: Autos

Search URL Search Domain Scan URL

URL: https://classifieds.bangordailynews.com/me-bangor/real-estate/search/?ref=footer&_ga=2.127785992.425825190.1592087148-346633731.1589997382
Title: Real Estate

Search URL Search Domain Scan URL

URL: https://store.bangordailynews.com/?ref=footer
Title: Photo & Video Store

Search URL Search Domain Scan URL

URL: https://pulsemarketingagency.com/
Title: Pulse Marketing Agency

Search URL Search Domain Scan URL

URL: https://s3.amazonaws.com/bdn-data/uploads/PDFs/2019_print_digital_creative_specs.pdf
Title: Creative Guide

Search URL Search Domain Scan URL

URL: https://newspack.pub/
Title: Proudly powered by Newspack by Automattic

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://hubspot.fedscoop.com/e2t/tc/VVtbbF268JrwW42vy7Q5XWCP5W99f7mw4qLW2MN5_C1nX2-G_BV1-WJV7CgY8sW4C0j0Q5DBg--N8nfYJ8NR4FxW65CZwB3TD_ZgW6lKmPq8k81xyW3qvRnr35zBHzW6jMv_n1HTk8FW7wGZQb6S6Dy0W1y8LK43tXyxzW70Xypj9fywsRW2ZZSql1bvwZXW7V1RFz4lvpzcW56rK7L3h_HC0W5-rG0P3K7j62W6gcfw75kd4QRW6wyN7t4JM843N7VqDX54BHcqW7S-gj52nDkMTW2z_3dT13pcDfN7--9lSzFPcxW4SN5XV1GjFWdMgTYNSfTsBzW1P39RX3Y_flkW5BTl6v80kDXdW6S7s467lPRsMW2w82sk6H2zLYW1hRGG72Z_zsjW4rPGkB154XtFW9k94HV1W3lVfW2Pj5bQ3jRrHkW6Cxggd5_0f0y37gk1 Page URL
https://hubspot.fedscoop.com/events/public/v1/track/tc/VVtbbF268JrwW42vy7Q5XWCP5W99f7mw4qLW2MN5_C1nX2-G_BV1-WJV7CgY8sW4C0j0Q5DBg--N8nfYJ8NR4FxW65CZwB3TD_ZgW6lKmPq8k81xyW3qvRnr35zBHzW6jMv_n1HTk8FW7wGZQb6S6Dy0W1y8LK43tXyxzW70Xypj9fywsRW2ZZSql1bvwZXW7V1RFz4lvpzcW56rK7L3h_HC0W5-rG0P3K7j62W6gcfw75kd4QRW6wyN7t4JM843N7VqDX54BHcqW7S-gj52nDkMTW2z_3dT13pcDfN7--9lSzFPcxW4SN5XV1GjFWdMgTYNSfTsBzW1P39RX3Y_flkW5BTl6v80kDXdW6S7s467lPRsMW2w82sk6H2zLYW1hRGG72Z_zsjW4rPGkB154XtFW9k94HV1W3lVfW2Pj5bQ3jRrHkW6Cxggd5_0f0y37gk1?_ud=2151aae4-96a7-4089-b913-3d136051beba&_ch=p&_pr2=p&_pl=0&_lg=en-US&_dr=b&_ts=p HTTP 307
https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 76

https://cd.connatix.com/connatix.playspace.js HTTP 302
https://cds.connatix.com/p/115064/connatix.playspace.dc.js

Request Chain 82

https://cd.connatix.com/connatix.player.js HTTP 302
https://cds.connatix.com/p/115064/connatix.player.dc.js

Request Chain 106

https://js.matheranalytics.com/s/ma63069/92760912/ml.js?cb=1562 HTTP 301
https://js.matheranalytics.com/static/ltm/ma63069/92760912/12/ml.br.js

Request Chain 169

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fbangordailynews.com%2F&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=vPqRzHxZOU1BUmZ6YzcyOUlSUjhzNXNDSlFzMDlaanU1WGVEQkZhYTNPNWpSQ0Nmb3FkR01CS1lEY1YrUXZFU3ZqbGRJVXBWTmVuaHBBRFJhSmp4dTJGS1FXM2FjVHhpcHgwVlZhM0tzdm5ZREc4ZUtjNWhmQTI3VDdSa1FIcDBlR0pnMlYrMjRWbys5Qm1yRWprbTgvMnd3K3lMRkgydC9nQVNuLy9FR1V6dml2NHdFNGlOZW1sZ3ROVlVETmZsMW4zQjlhdVd2ODVMZm1lLzRncUJKRXhjK0w5SVlwMXQyWWswL1dkdkdWSkxCbENnPXw&cppv=2

Request Chain 248

https://anyclip-d.openx.net/v/1.0/avjp?auid=543971735&url=https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/&vht=439&vwd=780&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%2C%22video%2Fwebm%22%2C%22video%2Fogg%22%5D%2C%22w%22%3A780%2C%22h%22%3A439%7D%7D%5D%7D&be=true&schain=1.0,1!anyclip.com,0011r00002SRK6mAAH,1,,,&us_privacy=1--- HTTP 302
https://anyclip-d.openx.net/v/1.0/avjp?cc=1&auid=543971735&url=https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/&vht=439&vwd=780&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%2C%22video%2Fwebm%22%2C%22video%2Fogg%22%5D%2C%22w%22%3A780%2C%22h%22%3A439%7D%7D%5D%7D&be=true&schain=1.0,1!anyclip.com,0011r00002SRK6mAAH,1,,,&us_privacy=1---

Request Chain 266

https://pixfuture2-d.openx.net/v/1.0/av?auid=540462321&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&vht=360&vwd=640&cb=97b8045abb&us_privacy=1---&schain=1.0,1!pixfuture.com,231,1,MTEyMDIxLTA0LTI2IDA5MDk6MTExMToyMDIw HTTP 302
https://pixfuture2-d.openx.net/v/1.0/av?cc=1&auid=540462321&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&vht=360&vwd=640&cb=97b8045abb&us_privacy=1---&schain=1.0,1!pixfuture.com,231,1,MTEyMDIxLTA0LTI2IDA5MDk6MTExMToyMDIw

Request Chain 291

https://pixfuture2-d.openx.net/v/1.0/av?auid=540453138&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&vht=360&vwd=640&cb=5908ebcb3c&us_privacy=1---&schain=1.0,1!pixfuture.com,231,1,MTEyMDIxLTA0LTI2IDA5MDk6MTExMToyMDIw HTTP 302
https://pixfuture2-d.openx.net/v/1.0/av?cc=1&auid=540453138&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&vht=360&vwd=640&cb=5908ebcb3c&us_privacy=1---&schain=1.0,1!pixfuture.com,231,1,MTEyMDIxLTA0LTI2IDA5MDk6MTExMToyMDIw

Request Chain 312

https://pixfuture2-d.openx.net/v/1.0/av?auid=540453133&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&vht=360&vwd=640&cb=cd8a542a46&us_privacy=1---&schain=1.0,1!pixfuture.com,231,1,MTEyMDIxLTA0LTI2IDA5MDk6MTExMToyMDIw HTTP 302
https://pixfuture2-d.openx.net/v/1.0/av?cc=1&auid=540453133&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&vht=360&vwd=640&cb=cd8a542a46&us_privacy=1---&schain=1.0,1!pixfuture.com,231,1,MTEyMDIxLTA0LTI2IDA5MDk6MTExMToyMDIw

Request Chain 372

https://pixfuture2-d.openx.net/v/1.0/av?auid=540453114&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&vht=360&vwd=640&cb=cd9bf2faf8&us_privacy=1---&schain=1.0,1!pixfuture.com,231,1,MTEyMDIxLTA0LTI2IDA5MDk6MTExMToyMDIw HTTP 302
https://pixfuture2-d.openx.net/v/1.0/av?cc=1&auid=540453114&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&vht=360&vwd=640&cb=cd9bf2faf8&us_privacy=1---&schain=1.0,1!pixfuture.com,231,1,MTEyMDIxLTA0LTI2IDA5MDk6MTExMToyMDIw

Request Chain 397

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3Ddac3b70f-69b7-4d2e-8adf-d0a5a988ec5b%26uid%3D%24%7BBSW_UUID%7D?gdpr=true&us_privacy=1---&callback=window.proper_e4ee9348_cd716153_1 HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3Ddac3b70f-69b7-4d2e-8adf-d0a5a988ec5b%26uid%3D%24%7BBSW_UUID%7D?gdpr=true&us_privacy=1---&callback=window.proper_e4ee9348_cd716153_1 HTTP 302
https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=dac3b70f-69b7-4d2e-8adf-d0a5a988ec5b&uid=ef2f4444-c0b2-4692-9ac8-7ae5e7d7b33e

Request Chain 398

https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_481a8a9d_19c7e078_2 HTTP 302
https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_481a8a9d_19c7e078_2&verify=true HTTP 302
https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-fvGfkghE2uH9fx7wpkZ8DnGhuqyFBHRD~A

416 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 VVtbbF268JrwW42vy7Q5XWCP5W99f7mw4qLW2MN5_C1nX2-G_BV1-WJV7CgY8sW4C0j0Q5DBg--N8nfYJ8NR4FxW65CZwB3TD_ZgW6lKmPq8k81xyW3qvRnr35zBHzW6jMv_n1HTk8FW7wGZQb6S6Dy0W1y8LK43tXyxzW70Xypj9fywsRW2ZZSql1bvwZXW7V1RF...
hubspot.fedscoop.com/e2t/tc/ 9 KB
3 KB 218ms
83ms Document
text/html 199.60.103.225
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://hubspot.fedscoop.com/e2t/tc/VVtbbF268JrwW42vy7Q5XWCP5W99f7mw4qLW2MN5_C1nX2-G_BV1-WJV7CgY8sW4C0j0Q5DBg--N8nfYJ8NR4FxW65CZwB3TD_ZgW6lKmPq8k81xyW3qvRnr35zBHzW6jMv_n1HTk8FW7wGZQb6S6Dy0W1y8LK43tXyxzW70Xypj9fywsRW2ZZSql1bvwZXW7V1RFz4lvpzcW56rK7L3h_HC0W5-rG0P3K7j62W6gcfw75kd4QRW6wyN7t4JM843N7VqDX54BHcqW7S-gj52nDkMTW2z_3dT13pcDfN7--9lSzFPcxW4SN5XV1GjFWdMgTYNSfTsBzW1P39RX3Y_flkW5BTl6v80kDXdW6S7s467lPRsMW2w82sk6H2zLYW1hRGG72Z_zsjW4rPGkB154XtFW9k94HV1W3lVfW2Pj5bQ3jRrHkW6Cxggd5_0f0y37gk1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.60.103.225 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: hubspot.fedscoop.com
:scheme: https
:path: /e2t/tc/VVtbbF268JrwW42vy7Q5XWCP5W99f7mw4qLW2MN5_C1nX2-G_BV1-WJV7CgY8sW4C0j0Q5DBg--N8nfYJ8NR4FxW65CZwB3TD_ZgW6lKmPq8k81xyW3qvRnr35zBHzW6jMv_n1HTk8FW7wGZQb6S6Dy0W1y8LK43tXyxzW70Xypj9fywsRW2ZZSql1bvwZXW7V1RFz4lvpzcW56rK7L3h_HC0W5-rG0P3K7j62W6gcfw75kd4QRW6wyN7t4JM843N7VqDX54BHcqW7S-gj52nDkMTW2z_3dT13pcDfN7--9lSzFPcxW4SN5XV1GjFWdMgTYNSfTsBzW1P39RX3Y_flkW5BTl6v80kDXdW6S7s467lPRsMW2w82sk6H2zLYW1hRGG72Z_zsjW4rPGkB154XtFW9k94HV1W3lVfW2Pj5bQ3jRrHkW6Cxggd5_0f0y37gk1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:17 GMT
content-type: text/html;charset=utf-8
set-cookie: __cfduid=d621d86b6576d497fd1c52aca2ef6e80e1619471477; expires=Wed, 26-May-21 21:11:17 GMT; path=/; domain=.hubspot.fedscoop.com; HttpOnly; SameSite=Lax __cfruid=2d0e589e8c97b049a86b5d5e6e9acfd661e72402-1619471477; path=/; domain=.hubspot.fedscoop.com; HttpOnly; Secure; SameSite=None
cf-ray: 6462cd80196d4dc4-FRA
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
cf-request-id: 09b19ec41100004dc4621f0000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
x-hubspot-correlation-id: 016f3312-483e-4ccc-8116-e1471b4cdd50
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XKK6Sg33RBGJd%2FyWf%2F63Rduhjq0kNRb4RZ8ZStz9ybNdaLPu4%2FFy0Vd0d8FcaapBhLPL5ngttxTEOswXmQPWvlpKy0Vha3TeCiN084%2FSpLaYiuX%2BXQ%3D%3D"}]}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br

GET
H2

200

Primary Request / Show response
bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Redirect Chain

https://hubspot.fedscoop.com/events/public/v1/track/tc/VVtbbF268JrwW42vy7Q5XWCP5W99f7mw4qLW2MN5_C1nX2-G_BV1-WJV7CgY8sW4C0j0Q5DBg--N8nfYJ8NR4FxW65CZwB3TD_ZgW6lKmPq8k81xyW3qvRnr35zBHzW6jMv_n1HTk8FW7w...
https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

154 KB
35 KB

738ms
687ms

Document
text/html

192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Requested by

Host: hubspot.fedscoop.com
URL: https://hubspot.fedscoop.com/e2t/tc/VVtbbF268JrwW42vy7Q5XWCP5W99f7mw4qLW2MN5_C1nX2-G_BV1-WJV7CgY8sW4C0j0Q5DBg--N8nfYJ8NR4FxW65CZwB3TD_ZgW6lKmPq8k81xyW3qvRnr35zBHzW6jMv_n1HTk8FW7wGZQb6S6Dy0W1y8LK43tXyxzW70Xypj9fywsRW2ZZSql1bvwZXW7V1RFz4lvpzcW56rK7L3h_HC0W5-rG0P3K7j62W6gcfw75kd4QRW6wyN7t4JM843N7VqDX54BHcqW7S-gj52nDkMTW2z_3dT13pcDfN7--9lSzFPcxW4SN5XV1GjFWdMgTYNSfTsBzW1P39RX3Y_flkW5BTl6v80kDXdW6S7s467lPRsMW2w82sk6H2zLYW1hRGG72Z_zsjW4rPGkB154XtFW9k94HV1W3lVfW2Pj5bQ3jRrHkW6Cxggd5_0f0y37gk1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

ba57c404a232b9810837dc515c6ec41d10b7d4558ecf62d5bab8c4435a72bd26

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: bangordailynews.com
:scheme: https
:path: /2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hubspot.fedscoop.com/e2t/tc/VVtbbF268JrwW42vy7Q5XWCP5W99f7mw4qLW2MN5_C1nX2-G_BV1-WJV7CgY8sW4C0j0Q5DBg--N8nfYJ8NR4FxW65CZwB3TD_ZgW6lKmPq8k81xyW3qvRnr35zBHzW6jMv_n1HTk8FW7wGZQb6S6Dy0W1y8LK43tXyxzW70Xypj9fywsRW2ZZSql1bvwZXW7V1RFz4lvpzcW56rK7L3h_HC0W5-rG0P3K7j62W6gcfw75kd4QRW6wyN7t4JM843N7VqDX54BHcqW7S-gj52nDkMTW2z_3dT13pcDfN7--9lSzFPcxW4SN5XV1GjFWdMgTYNSfTsBzW1P39RX3Y_flkW5BTl6v80kDXdW6S7s467lPRsMW2w82sk6H2zLYW1hRGG72Z_zsjW4rPGkB154XtFW9k94HV1W3lVfW2Pj5bQ3jRrHkW6Cxggd5_0f0y37gk1

Response headers

server: nginx
date: Mon, 26 Apr 2021 21:11:18 GMT
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000
vary: Accept-Encoding Cookie
host-header: Newspack
link: <https://bangordailynews.com/wp-json/>; rel="https://api.w.org/" <https://bangordailynews.com/wp-json/wp/v2/posts/3087062>; rel="alternate"; type="application/json" <https://bangordailynews.com/?p=3087062>; rel=shortlink
x-tec-api-version: v1
x-tec-api-root: https://bangordailynews.com/wp-json/tribe/events/v1/
x-tec-api-origin: https://bangordailynews.com
set-cookie: bdn_subscriber=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.bangordailynews.com bdn_subscriber=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0
content-encoding: gzip
x-ac: 3.vie _atomic_ams EXPIRED

Redirect headers

date: Mon, 26 Apr 2021 21:11:18 GMT
location: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
cf-ray: 6462cd80ba6c4dc4-FRA
link: <https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/>; rel="canonical"
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
cf-request-id: 09b19ec46f00004dc4fb3ce000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
x-hubspot-correlation-id: dbc77d69-bc01-4821-9bd0-ebc2eac12b42
x-robots-tag: none
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=OnzGAuT24uCh%2BnA04KaZ6aH13bcGLY5qT2ctd8NAPXDEHWOlKI%2F24uxXMbkXc4ZngBc2mlZWzvQdmbpEt3ts3vmdzHTcFvRZT3ZJsMJRHgQIc8vVyw%3D%3D"}]}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 common-skeleton.min.css
bangordailynews.com/wp-content/plugins/the-events-calendar/common/src/resources/css/ 12 KB
2 KB 22ms
20ms Stylesheet
text/css 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/the-events-calendar/common/src/resources/css/common-skeleton.min.css?ver=4.13.0

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

cd1c57063478b82f0dbf91525785d7dd35115da8a1cee2aba6472bab7e069c7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/the-events-calendar/common/src/resources/css/common-skeleton.min.css?ver=4.13.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 30 Mar 2021 14:21:33 GMT
server: nginx
etag: W/"606333ed-3144"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
date: Mon, 26 Apr 2021 21:11:18 GMT
x-ac: 3.vie _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tooltip.min.css
bangordailynews.com/wp-content/plugins/the-events-calendar/common/src/resources/css/ 2 KB
623 B 22ms
21ms Stylesheet
text/css 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/the-events-calendar/common/src/resources/css/tooltip.min.css?ver=4.13.0

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

872454cbfd47b444a3fa6cfa9a74b0f57e5f6b3a47b9870108d2b0e5ce4aace5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/the-events-calendar/common/src/resources/css/tooltip.min.css?ver=4.13.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 30 Mar 2021 14:21:33 GMT
server: nginx
etag: W/"606333ed-662"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
date: Mon, 26 Apr 2021 21:11:18 GMT
x-ac: 3.vie _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.min.css
c0.wp.com/c/5.7.1/wp-includes/css/dist/block-library/ 57 KB
8 KB 66ms
22ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.7.1/wp-includes/css/dist/block-library/style.min.css

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT vie 2
date: Mon, 26 Apr 2021 21:11:18 GMT
content-encoding: br
last-modified: Tue, 06 Apr 2021 23:50:28 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Tue, 26 Apr 2022 21:11:18 GMT

GET
H2 200 theme.min.css
c0.wp.com/c/5.7.1/wp-includes/css/dist/block-library/ 3 KB
706 B 67ms
23ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.7.1/wp-includes/css/dist/block-library/theme.min.css

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

3ee638689e343730a82027d03714f274b6c665cf7e3bf60b5208a3a0cdb3581d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT vie 2
date: Mon, 26 Apr 2021 21:11:18 GMT
content-encoding: br
last-modified: Tue, 02 Feb 2021 05:17:13 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Tue, 26 Apr 2022 21:11:18 GMT

GET
H2 200 style.min.css
c0.wp.com/c/5.7.1/wp-includes/css/dist/components/ 109 KB
15 KB 66ms
23ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.7.1/wp-includes/css/dist/components/style.min.css

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

326d0bda74e1b897845728260dafccd9ec8847ce2180eb0cae0255097308f688

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT vie 2
date: Mon, 26 Apr 2021 21:11:18 GMT
content-encoding: br
last-modified: Wed, 24 Feb 2021 15:57:54 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Tue, 26 Apr 2022 21:11:18 GMT

GET
H2 200 style.min.css
c0.wp.com/c/5.7.1/wp-includes/css/dist/block-editor/ 91 KB
11 KB 66ms
23ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.7.1/wp-includes/css/dist/block-editor/style.min.css

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

26a8833b3f616d42ce16ba186e2283f43aaca6b97ce2231d38e8789bfc6f0798

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT vie 2
date: Mon, 26 Apr 2021 21:11:18 GMT
content-encoding: br
last-modified: Wed, 24 Feb 2021 15:57:54 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Tue, 26 Apr 2022 21:11:18 GMT

GET
H2 200 style.min.css
c0.wp.com/c/5.7.1/wp-includes/css/dist/nux/ 3 KB
729 B 110ms
67ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.7.1/wp-includes/css/dist/nux/style.min.css

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

f14fdd346b1ec64d40a6a03c7cfb4561f784e8249c1fde667bf018ccff66c238

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT vie 2
date: Mon, 26 Apr 2021 21:11:18 GMT
content-encoding: br
last-modified: Thu, 28 Jan 2021 02:04:13 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Tue, 26 Apr 2022 21:11:18 GMT

GET
H2 200 style.min.css
c0.wp.com/c/5.7.1/wp-includes/css/dist/editor/ 22 KB
4 KB 110ms
67ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.7.1/wp-includes/css/dist/editor/style.min.css

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

caceb5c6afee7548a5281cfe5be7af62aee13db7652c5425af34a7d2661dd9fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT vie 2
date: Mon, 26 Apr 2021 21:11:18 GMT
content-encoding: br
last-modified: Tue, 02 Feb 2021 05:17:13 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Tue, 26 Apr 2022 21:11:18 GMT

GET
H2 200 blocks.style.build.css
bangordailynews.com/wp-content/plugins/simple-iframe/dist/ 0
62 B 26ms
20ms Stylesheet
text/css 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/simple-iframe/dist/blocks.style.build.css?ver=5.7.1

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/simple-iframe/dist/blocks.style.build.css?ver=5.7.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:18 GMT
x-ac: 3.vie _atomic_ams HIT
last-modified: Tue, 25 Aug 2020 17:41:56 GMT
server: nginx
etag: "5f454d64-0"
strict-transport-security: max-age=31536000
content-type: text/css
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 0
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 frontend.css
bangordailynews.com/wp-content/plugins/ad-lite-experience/assets/css/ 18 B
85 B 26ms
20ms Stylesheet
text/css 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/ad-lite-experience/assets/css/frontend.css?ver=1.0.0

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

737786f290221d12ae8613dadd87f7189d417e282c05c0c3d389f889ed1f978c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/ad-lite-experience/assets/css/frontend.css?ver=1.0.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:18 GMT
x-ac: 3.vie _atomic_ams HIT
last-modified: Mon, 01 Mar 2021 17:14:51 GMT
server: nginx
etag: "603d210b-12"
strict-transport-security: max-age=31536000
content-type: text/css
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 18
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 frontend.css
bangordailynews.com/wp-content/plugins/bdn-misc-tweaks/assets/css/ 586 B
338 B 26ms
21ms Stylesheet
text/css 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/bdn-misc-tweaks/assets/css/frontend.css?ver=1.0.11

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

3ebd30a29a8df5a32c81526db897a1a34fd567a6f6743fef70a02171e911c2c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/bdn-misc-tweaks/assets/css/frontend.css?ver=1.0.11
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 09 Apr 2021 14:23:29 GMT
server: nginx
etag: W/"60706361-24a"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
date: Mon, 26 Apr 2021 21:11:18 GMT
x-ac: 3.vie _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.css
bangordailynews.com/wp-content/plugins/covid-19-dashboard/assets/css/ 14 KB
3 KB 308ms
302ms Stylesheet
text/css 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/covid-19-dashboard/assets/css/style.css?ver=178416191

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

18bd9979ced86ec37946bfd5d2d1ba858d261aca517a54948a33b0fbda732e92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/covid-19-dashboard/assets/css/style.css?ver=178416191
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Thu, 02 Jul 2020 17:41:36 GMT
server: nginx
etag: W/"5efe1c50-3875"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
date: Mon, 26 Apr 2021 21:11:19 GMT
x-ac: 3.vie _atomic_ams MISS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Chart.css
bangordailynews.com/wp-content/plugins/covid-19-dashboard/assets/chartjs/ 811 B
433 B 27ms
21ms Stylesheet
text/css 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/covid-19-dashboard/assets/chartjs/Chart.css?ver=1.0.0

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

22f33d9c97ff6f997646879b8859e8f7613938db6d57268412c75e9830ba8900

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/covid-19-dashboard/assets/chartjs/Chart.css?ver=1.0.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 28 Apr 2020 12:21:15 GMT
server: nginx
etag: W/"5ea81fbb-32b"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
date: Mon, 26 Apr 2021 21:11:18 GMT
x-ac: 3.vie _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 block_styles.css
bangordailynews.com/wp-content/plugins/newspack-blocks/dist/ 2 KB
558 B 27ms
21ms Stylesheet
text/css 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/newspack-blocks/dist/block_styles.css?ver=1.24.0

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

265a9021a7dab4a38e6f910cebc316b99f48a3f526ce54a1d3b880fd6461a72c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/newspack-blocks/dist/block_styles.css?ver=1.24.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 13 Apr 2021 20:46:33 GMT
server: nginx
etag: W/"60760329-809"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
date: Mon, 26 Apr 2021 21:11:18 GMT
x-ac: 3.vie _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.css
bangordailynews.com/wp-content/plugins/newspack-header-widget-area/ 284 B
353 B 27ms
21ms Stylesheet
text/css 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/newspack-header-widget-area/style.css?ver=1591911793

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

6b59ddfb5e523c6ba40ed6fb7b912da7aef494812b9ae95767df2aef6a42a26b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/newspack-header-widget-area/style.css?ver=1591911793
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:18 GMT
x-ac: 3.vie _atomic_ams HIT
last-modified: Thu, 11 Jun 2020 21:43:13 GMT
server: nginx
etag: "5ee2a571-11c"
strict-transport-security: max-age=31536000
content-type: text/css
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 284
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 assets.css
bangordailynews.com/wp-content/plugins/newspack-listings/dist/ 6 KB
1 KB 27ms
21ms Stylesheet
text/css 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/newspack-listings/dist/assets.css?ver=0.0.1

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

db4b253272b2002cec9f281c1444d5c0efea44dfaceb3dde7df26259f1ab96c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/newspack-listings/dist/assets.css?ver=0.0.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 18 Dec 2020 21:49:20 GMT
server: nginx
etag: W/"5fdd23e0-18ae"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
date: Mon, 26 Apr 2021 21:11:18 GMT
x-ac: 3.vie _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-parsely.css
bangordailynews.com/wp-content/plugins/wp-parsely/ 2 KB
601 B 38ms
32ms Stylesheet
text/css 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/wp-parsely/wp-parsely.css?ver=1618956761

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

115c7b67d5ef5d6fac8f12989a63efc39f2ccc39855b33e031a2a65519040e0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/wp-parsely/wp-parsely.css?ver=1618956761
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 20 Apr 2021 18:20:38 GMT
server: nginx
etag: W/"607f1b76-706"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
date: Mon, 26 Apr 2021 21:11:18 GMT
x-ac: 3.vie _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
834 B 20ms
15ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=IBM+Plex+Serif%3A400%2C400i%2C700%2C700i&subset=latin%2Clatin-ext&display=swap

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3284132fdb7ccdd0ccc87aa0b7651fea00583f9900d25915b834567b6afae59b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 26 Apr 2021 21:11:18 GMT
server: ESF
date: Mon, 26 Apr 2021 21:11:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 26 Apr 2021 21:11:18 GMT

GET
H2 200 style.css
bangordailynews.com/wp-content/themes/newspack-sacha/ 149 KB
24 KB 46ms
41ms Stylesheet
text/css 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/themes/newspack-sacha/style.css?ver=1.36.0

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

e8f1356fc872c07c400d3c261fc3a667e08f019eb2448626caa01a14d1417308

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/themes/newspack-sacha/style.css?ver=1.36.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 20 Apr 2021 22:12:49 GMT
server: nginx
etag: W/"607f51e1-25265"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
date: Mon, 26 Apr 2021 21:11:18 GMT
x-ac: 3.vie _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
619 B 20ms
15ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Oswald&display=swap

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dbdf77316101cc3b934e7f5499baa34d0ffb4aeefc00003327cc339e8ecdd23a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 26 Apr 2021 19:54:52 GMT
server: ESF
date: Mon, 26 Apr 2021 21:11:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 26 Apr 2021 21:11:18 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
632 B 27ms
22ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c340f2fc9103b3a383daf2262c4c58829e4acd29f2e18e02675a823f89eef33b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 26 Apr 2021 19:17:39 GMT
server: ESF
date: Mon, 26 Apr 2021 21:11:18 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 26 Apr 2021 21:11:18 GMT

GET
H2 200 newspack-sponsors.css
bangordailynews.com/wp-content/themes/newspack-theme/styles/ 6 KB
2 KB 49ms
45ms Stylesheet
text/css 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/themes/newspack-theme/styles/newspack-sponsors.css?ver=1.36.0

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

56e08d9805d2273ad1d88eccd2a9ab07d98a2df54936d049bb73483ceb2ad398

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/themes/newspack-theme/styles/newspack-sponsors.css?ver=1.36.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 20 Apr 2021 22:12:41 GMT
server: nginx
etag: W/"607f51d9-164b"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
date: Mon, 26 Apr 2021 21:11:18 GMT
x-ac: 3.vie _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tablepress-combined.min.css
bangordailynews.com/wp-content/ 5 KB
2 KB 50ms
46ms Stylesheet
text/css 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/tablepress-combined.min.css?ver=6

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

5fe68142c54c445608347635bf9501e0dc95e3b774659bf900a3acd2c1cff5d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/tablepress-combined.min.css?ver=6
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 09 Mar 2021 22:18:20 GMT
server: nginx
etag: W/"6047f42c-14a5"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
date: Mon, 26 Apr 2021 21:11:18 GMT
x-ac: 3.vie _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 social-logos.min.css
c0.wp.com/p/jetpack/9.6.1/_inc/social-logos/ 12 KB
8 KB 62ms
22ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/9.6.1/_inc/social-logos/social-logos.min.css

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

b958e0f47861dde13a175cc69494bdb54f08e2b5e78cecf6abd16470d2085257

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT vie 2
date: Mon, 26 Apr 2021 21:11:18 GMT
content-encoding: br
last-modified: Tue, 30 Jun 2020 14:24:10 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Tue, 26 Apr 2022 21:11:18 GMT

GET
H2 200 jetpack.css
c0.wp.com/p/jetpack/9.6.1/css/ 75 KB
13 KB 62ms
23ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/9.6.1/css/jetpack.css

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

b17a1dde76cbfa8f7e19a7121ecde1ad3d2cc9fca6bbd795042d3f484b53d2a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT vie 2
date: Mon, 26 Apr 2021 21:11:18 GMT
content-encoding: br
last-modified: Tue, 30 Mar 2021 16:59:40 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Tue, 26 Apr 2022 21:11:18 GMT

GET
H2 200 related-posts.min.js Show response
c0.wp.com/p/jetpack/9.6.1/_inc/build/related-posts/ 6 KB
2 KB 107ms
68ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/9.6.1/_inc/build/related-posts/related-posts.min.js

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

fc2e4fd761c3a7833d11973c14ace3a38828e52a56f1be8c5ba3ab7fe0376bcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT vie 2
date: Mon, 26 Apr 2021 21:11:18 GMT
content-encoding: br
last-modified: Tue, 23 Feb 2021 16:08:42 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Tue, 26 Apr 2022 21:11:18 GMT

GET
H2 200 jquery.min.js Show response
c0.wp.com/c/5.7.1/wp-includes/js/jquery/ 87 KB
30 KB 107ms
69ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.7.1/wp-includes/js/jquery/jquery.min.js

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT vie 2
date: Mon, 26 Apr 2021 21:11:18 GMT
content-encoding: br
last-modified: Wed, 07 Oct 2020 16:33:25 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Tue, 26 Apr 2022 21:11:18 GMT

GET
H2 200 jquery-migrate.min.js Show response
c0.wp.com/c/5.7.1/wp-includes/js/jquery/ 11 KB
4 KB 107ms
68ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.7.1/wp-includes/js/jquery/jquery-migrate.min.js

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT vie 2
date: Mon, 26 Apr 2021 21:11:18 GMT
content-encoding: br
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Tue, 26 Apr 2022 21:11:18 GMT

GET
H2 200 advanced.min.js Show response
bangordailynews.com/wp-content/plugins/advanced-ads/public/assets/js/ 11 KB
4 KB 52ms
48ms Script
application/javascript 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/advanced-ads/public/assets/js/advanced.min.js?ver=1.24.1

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

c280a532f1bfe942302340b698487d9fc32c8f5f0916fb27b3dc528d43226802

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/advanced-ads/public/assets/js/advanced.min.js?ver=1.24.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 30 Mar 2021 14:31:12 GMT
server: nginx
etag: W/"60633630-2a54"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
date: Mon, 26 Apr 2021 21:11:18 GMT
x-ac: 3.vie _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 conditions.min.js Show response
bangordailynews.com/wp-content/plugins/advanced-ads-pro/modules/advanced-visitor-conditions/inc/ 776 B
276 B 52ms
49ms Script
application/javascript 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/advanced-ads-pro/modules/advanced-visitor-conditions/inc/conditions.min.js?ver=2.11.0

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

34a076e639ab3a82f7aabf481baea42f28f323dd18176be527f7a64e8f528ade

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/advanced-ads-pro/modules/advanced-visitor-conditions/inc/conditions.min.js?ver=2.11.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 19 Feb 2021 18:41:06 GMT
server: nginx
etag: W/"60300642-308"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
date: Mon, 26 Apr 2021 21:11:18 GMT
x-ac: 3.vie _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 advanced-ads-pro.js Show response
bangordailynews.com/wp-content/plugins/advanced-ads-pro/assets/ 9 KB
3 KB 53ms
50ms Script
application/javascript 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/advanced-ads-pro/assets/advanced-ads-pro.js?ver=2.11.0

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

7cd95461f1915f7955a9fa168745fdff91b4c30058495667bc2429a60d2ccbab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/advanced-ads-pro/assets/advanced-ads-pro.js?ver=2.11.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 19 Feb 2021 18:40:23 GMT
server: nginx
etag: W/"60300617-2328"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
date: Mon, 26 Apr 2021 21:11:18 GMT
x-ac: 3.vie _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 base.min.js Show response
bangordailynews.com/wp-content/plugins/advanced-ads-pro/modules/cache-busting/inc/ 90 KB
26 KB 62ms
59ms Script
application/javascript 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/advanced-ads-pro/modules/cache-busting/inc/base.min.js?ver=2.11.0

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

3755d95c7e731819ba231813d9f769b66e091cb4896c01e776043b41460caf1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/advanced-ads-pro/modules/cache-busting/inc/base.min.js?ver=2.11.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 19 Feb 2021 18:41:18 GMT
server: nginx
etag: W/"6030064e-168ac"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
date: Mon, 26 Apr 2021 21:11:18 GMT
x-ac: 3.vie _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sp.js Show response
d25dfknw9ghxs6.cloudfront.net/ 36 KB
11 KB 42ms
8ms Script
application/javascript 2600:9000:20eb:8c00:9:4c16:5180:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d25dfknw9ghxs6.cloudfront.net/sp.js
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:8c00:9:4c16:5180:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dd1be805fb7b6b55ba270703ce9e23cf5ba35bc271a2bcb7a65b321facf4ab9c

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: JCe5I2lNvuti8Cl.nqdofRN.76AQPq.e
content-encoding: gzip
last-modified: Tue, 20 Apr 2021 17:12:31 GMT
server: AmazonS3
age: 73332
etag: W/"43eefb7f4eb22e1ecc914737224f37ed"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 172e63b20fb363ed969de28ae3937e21.cloudfront.net (CloudFront)
date: Mon, 26 Apr 2021 00:49:07 GMT
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: uip53CtKN6LIl8Qm3uLReUHu9BtMmuq486YuyuPUDF_xWcgWfLQbSg==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 62 KB
21 KB 138ms
43ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

831cb0eead43f007ccc83bfbb5335762875256f25bc8b39e5f029270ee8c1adf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "854 / 52 of 1000 / last-modified: 1619435394"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21141
x-xss-protection: 0
expires: Mon, 26 Apr 2021 21:11:19 GMT

GET
H/1.1 200
OK load.js Show response
s.ntv.io/serve/ 353 KB
103 KB 146ms
74ms Script
application/x-javascript 2.18.234.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/serve/load.js
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-163.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 1550346cc4acb90924ac38fd0a7157a20e8750c2df0fa0cfab411980c9bc1cfe

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 21:11:19 GMT
Content-Encoding: gzip
x-amz-request-id: ASQN1PRP804NWXA1
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: ZRYmF8laE7W+rNo0x0Br73VtWDGUnCeQql5FC+nFnIixtRsOx5apfEAX89EIzwNW9q+1JUjv2Ts=
Last-Modified: Tue, 13 Apr 2021 17:19:57 GMT
Server: AmazonS3
ETag: "4330b9a8c8acd8b7385eb09575a0f098"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 wp-emoji-release.min.js Show response
bangordailynews.com/wp-includes/js/ 14 KB
5 KB 60ms
55ms Script
application/javascript 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.1

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-includes/js/wp-emoji-release.min.js?ver=5.7.1
pragma: no-cache
cookie: advanced_ads_page_impressions=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 06 Jan 2021 15:29:24 GMT
server: nginx
etag: W/"5ff5d754-3795"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
date: Mon, 26 Apr 2021 21:11:19 GMT
x-ac: 3.vie _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 print.css
bangordailynews.com/wp-content/themes/newspack-theme/styles/ 3 KB
1 KB 59ms
55ms Stylesheet
text/css 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/themes/newspack-theme/styles/print.css?ver=1.36.0

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

992224de1fc2af7964f26e6f191525d0a844fcb391707631d058c86105dfe329

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/themes/newspack-theme/styles/print.css?ver=1.36.0
pragma: no-cache
cookie: advanced_ads_page_impressions=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 20 Apr 2021 22:12:41 GMT
server: nginx
etag: W/"607f51d9-ad9"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
date: Mon, 26 Apr 2021 21:11:19 GMT
x-ac: 3.vie _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK ads.js Show response
serv-vdo.pixfuture.com/vpaid/ 8 KB
9 KB 353ms
115ms Script
application/javascript 204.48.28.205
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://serv-vdo.pixfuture.com/vpaid/ads.js
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.48.28.205 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 074e983a3f30d6842f672e0bfb8f30b3fdb2847c856b39bfec3fe0fe06e5b6ab

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 21:11:19 GMT
Last-Modified: Wed, 03 Feb 2021 18:56:08 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "601af1c8-2148"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800, public, no-transform
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 8520
Expires: Wed, 28 Apr 2021 21:11:19 GMT

GET
H/1.1 200
OK lre.js Show response
player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/ 1 MB
343 KB 127ms
50ms Script
application/javascript 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash: 24c0e9f44162bbae5a0426d68c0c36368f3c945a96043cc6cb1ccfe8ec12f8cd

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 21:11:18 GMT
Content-Encoding: gzip
Age: 783
Connection: keep-alive
Content-Length: 350817
x-amz-id-2: /HcllLcxBTrONYCeMclqB7RPWNTbD3jMC5/DTP3dWsRiVEUwscZiqUTG8DYcTu0fEvVf/sufLCM=
Last-Modified: Tue, 13 Apr 2021 08:15:51 GMT
Server: AmazonS3
Vary: Accept-Encoding
x-amz-request-id: 9JDQAVGY90SCPKG4
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=60
x-amz-version-id: qgVhjFjc0SAIfYby.bjZb.FjcikqUUqc
Accept-Ranges: bytes
Content-Type: application/javascript
X-LLID: 8555879479ff2fe4bab6087f34d86ae5
Expires: Mon, 26 Apr 2021 20:59:15 GMT

GET
H2 200 natashairving-A-LCO-1.jpg
i2.wp.com/bdn-data.s3.amazonaws.com/uploads/2021/04/ 494 B
673 B 27ms
21ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/bdn-data.s3.amazonaws.com/uploads/2021/04/natashairving-A-LCO-1.jpg?fit=1024%2C696&ssl=1&resize=40%2C40

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

37b3fcaac2fff52fcc1a8fd979c1fe36f23477f9800b4a6474f37b8bbcaa74da

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT vie 1
date: Mon, 26 Apr 2021 21:11:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 25 Apr 2021 15:44:57 GMT
server: nginx
etag: "c5b16568748808f2"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://bdn-data.s3.amazonaws.com/uploads/2021/04/natashairving-A-LCO-1.jpg>; rel="canonical"
content-length: 494
expires: Wed, 26 Apr 2023 03:44:57 GMT

GET
H2 200 munye-mohamed-shine-portland-maine-troy-bennett-3-1.jpg
i1.wp.com/bdn-data.s3.amazonaws.com/uploads/2021/04/ 790 B
1013 B 27ms
21ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/bdn-data.s3.amazonaws.com/uploads/2021/04/munye-mohamed-shine-portland-maine-troy-bennett-3-1.jpg?fit=1024%2C683&ssl=1&resize=40%2C40

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

f83993e9f4eebf9e0e6041fec8768042b9ae0761e683b39e5c6bf3c3406c2e6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT vie 2
date: Mon, 26 Apr 2021 21:11:19 GMT
x-content-type-options: nosniff
last-modified: Mon, 26 Apr 2021 13:12:36 GMT
server: nginx
etag: "0eab8683b173c728"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://bdn-data.s3.amazonaws.com/uploads/2021/04/munye-mohamed-shine-portland-maine-troy-bennett-3-1.jpg>; rel="canonical"
content-length: 790
expires: Thu, 27 Apr 2023 01:12:36 GMT

GET
H2 200 hpt_border_crossing_canada-2-1.jpg
i2.wp.com/bdn-data.s3.amazonaws.com/uploads/2021/04/ 558 B
743 B 27ms
22ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/bdn-data.s3.amazonaws.com/uploads/2021/04/hpt_border_crossing_canada-2-1.jpg?fit=1024%2C640&ssl=1&resize=40%2C40

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

e6f388e9eae391c1de0edd3510f4df5cef223a0d4cae535a460ca4738e076cae

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT vie 5
date: Mon, 26 Apr 2021 21:11:19 GMT
x-content-type-options: nosniff
last-modified: Sat, 24 Apr 2021 18:43:53 GMT
server: nginx
etag: "c3fcf8d65afcde48"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://bdn-data.s3.amazonaws.com/uploads/2021/04/hpt_border_crossing_canada-2-1.jpg>; rel="canonical"
content-length: 558
expires: Tue, 25 Apr 2023 06:43:53 GMT

GET
H2 200 Police-lights-7.jpg
i2.wp.com/bdn-data.s3.amazonaws.com/uploads/2021/04/ 460 B
636 B 27ms
21ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/bdn-data.s3.amazonaws.com/uploads/2021/04/Police-lights-7.jpg?fit=1200%2C800&ssl=1&resize=40%2C40

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

ae2e6561ced3a7de5d3d9e66dddbffd15b8d0e6fc676f1b018916992755c8332

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT vie 4
date: Mon, 26 Apr 2021 21:11:19 GMT
x-content-type-options: nosniff
last-modified: Mon, 26 Apr 2021 04:06:49 GMT
server: nginx
etag: "bd8783f71ed9fa3d"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://bdn-data.s3.amazonaws.com/uploads/2021/04/Police-lights-7.jpg>; rel="canonical"
content-length: 460
expires: Wed, 26 Apr 2023 16:06:49 GMT

GET
H2 200 Food-Truck-A-LCO-1.jpg
i2.wp.com/bdn-data.s3.amazonaws.com/uploads/2021/04/ 958 B
1 KB 27ms
22ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/bdn-data.s3.amazonaws.com/uploads/2021/04/Food-Truck-A-LCO-1.jpg?fit=1024%2C612&ssl=1&resize=40%2C40

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

e4c6fdab9a48f0a27f4bd33993a1b824c68d26ef992eace91e0650833c059e33

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT vie 7
date: Mon, 26 Apr 2021 21:11:19 GMT
x-content-type-options: nosniff
last-modified: Sat, 24 Apr 2021 13:49:32 GMT
server: nginx
etag: "e5c8d851c2bb9048"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://bdn-data.s3.amazonaws.com/uploads/2021/04/Food-Truck-A-LCO-1.jpg>; rel="canonical"
content-length: 958
expires: Tue, 25 Apr 2023 01:49:32 GMT

GET
H2 200 Virus-Outbreak-Schools-1.jpg
i0.wp.com/bdn-data.s3.amazonaws.com/uploads/2021/04/ 868 B
1 KB 27ms
22ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/bdn-data.s3.amazonaws.com/uploads/2021/04/Virus-Outbreak-Schools-1.jpg?fit=1024%2C684&ssl=1&resize=40%2C40

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

2197820c8ec59d71befa274a43dd7b5d573d59bd720313e83610c997316d3d6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT vie 2
date: Mon, 26 Apr 2021 21:11:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 25 Apr 2021 17:00:27 GMT
server: nginx
etag: "0341a2d80de52759"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://bdn-data.s3.amazonaws.com/uploads/2021/04/Virus-Outbreak-Schools-1.jpg>; rel="canonical"
content-length: 868
expires: Wed, 26 Apr 2023 05:00:27 GMT

GET
H2 200 BorderPatrol020320_NAW1.jpg
i1.wp.com/bdn-data.s3.amazonaws.com/uploads/2021/04/ 464 B
646 B 43ms
41ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/bdn-data.s3.amazonaws.com/uploads/2021/04/BorderPatrol020320_NAW1.jpg?fit=1024%2C640&ssl=1&resize=40%2C40

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

0e15782517f2a5d7cbf2d88e2e861b518ee4794e3bf7a09cfc72ff420c8e5d06

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: MISS vie 4
date: Mon, 26 Apr 2021 21:11:19 GMT
x-content-type-options: nosniff
last-modified: Mon, 26 Apr 2021 21:08:38 GMT
server: nginx
etag: "cf5ebdd25c7962ea"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://bdn-data.s3.amazonaws.com/uploads/2021/04/BorderPatrol020320_NAW1.jpg>; rel="canonical"
content-length: 464
expires: Thu, 27 Apr 2023 09:08:38 GMT

GET
H2 200 delivery.js Show response
assets.revcontent.com/master/ 358 KB
101 KB 124ms
43ms Script
application/x-javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/delivery.js
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d9d56ba371a99b5c76a73f85319718e8ac8c0bbac5fcc5eccd52656061f02e6d

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:19 GMT
content-encoding: gzip
last-modified: Tue, 13 Apr 2021 16:20:23 GMT
server: AmazonS3
x-amz-request-id: A6KB672E58BTB55Z
etag: "c75fba731f8a2c6605eca5cabf593e6c"
x-hw: 1619471479.cds156.am5.hn,1619471479.cds109.am5.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=60
accept-ranges: bytes
content-length: 103064
x-amz-id-2: di3wMZylemzA3Dm/nFSR145KkViIlFV937mMTzMw1Tm2hgnjvLXUuwUrDMHpP/rv6l2eS0pSw04=

GET
H2 200 p.js Show response
cdn.parsely.com/keys/bangordailynews.com/ 50 KB
19 KB 195ms
76ms Script
application/x-javascript 13.224.112.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/bangordailynews.com/p.js
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.112.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-112-38.mad50.r.cloudfront.net
Software: nginx /
Resource Hash: 989f8d4c8cb3c69644f338fd1c860ad92300a155472c096619befde19f6adc96

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Mon, 26 Apr 2021 20:39:33 GMT
content-encoding: gzip
last-modified: Wed, 03 Mar 2021 18:34:21 GMT
server: nginx
age: 3320
etag: W/"603fd6ad-c8bd"
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 546db6834bf5885f55b5457c969e7ad6.cloudfront.net (CloudFront)
cache-control: max-age=86400, public
x-amz-cf-pop: MAD50-C1
x-amz-cf-id: KkCNBWOywLNV7Ut2I-iSAruwXsf8WTvp3-5LVwEOGSaDDIRV1CdGfA==
expires: Tue, 27 Apr 2021 20:15:59 GMT

GET
H2 200 loading.gif
bangordailynews.com/wp-content/plugins/jetpack/modules/sharedaddy/images/ 2 KB
3 KB 59ms
54ms Image
image/gif 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bangordailynews.com/wp-content/plugins/jetpack/modules/sharedaddy/images/loading.gif

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

3fa54e29f88aee644eaaac38e11681ea07858eb1ea76b1baae12597aae83fe82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/jetpack/modules/sharedaddy/images/loading.gif
pragma: no-cache
cookie: advanced_ads_page_impressions=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:19 GMT
x-ac: 3.vie _atomic_ams HIT
last-modified: Wed, 09 Mar 2011 16:12:50 GMT
server: nginx
etag: "4d77a702-9e2"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: max-age=604800
accept-ranges: bytes
content-length: 2530
expires: Wed, 22 Jul 2020 00:48:44 GMT

GET
H2 200 photon.min.js Show response
c0.wp.com/p/jetpack/9.6.1/_inc/build/photon/ 758 B
471 B 29ms
19ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/9.6.1/_inc/build/photon/photon.min.js

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT vie 2
date: Mon, 26 Apr 2021 21:11:19 GMT
content-encoding: br
last-modified: Tue, 31 Mar 2020 17:26:38 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Tue, 26 Apr 2022 21:11:19 GMT

GET
H2 200 frontend.min.js Show response
bangordailynews.com/wp-content/plugins/ad-lite-experience/assets/js/ 37 B
105 B 30ms
20ms Script
application/javascript 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/ad-lite-experience/assets/js/frontend.min.js?ver=1.0.0

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

9120fc5e7b83f3083c39b6ee71d2cd0322451890f95440289b32dca28294e68f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/ad-lite-experience/assets/js/frontend.min.js?ver=1.0.0
pragma: no-cache
cookie: advanced_ads_page_impressions=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:19 GMT
x-ac: 3.vie _atomic_ams HIT
last-modified: Mon, 01 Mar 2021 17:14:53 GMT
server: nginx
etag: "603d210d-25"
strict-transport-security: max-age=31536000
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 37
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 frontend.min.js Show response
bangordailynews.com/wp-content/plugins/bdn-misc-tweaks/assets/js/ 37 B
103 B 30ms
20ms Script
application/javascript 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/bdn-misc-tweaks/assets/js/frontend.min.js?ver=1.0.11

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

9120fc5e7b83f3083c39b6ee71d2cd0322451890f95440289b32dca28294e68f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/bdn-misc-tweaks/assets/js/frontend.min.js?ver=1.0.11
pragma: no-cache
cookie: advanced_ads_page_impressions=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:19 GMT
x-ac: 3.vie _atomic_ams HIT
last-modified: Fri, 02 Apr 2021 11:04:58 GMT
server: nginx
etag: "6066fa5a-25"
strict-transport-security: max-age=31536000
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 37
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 frontend.min.js Show response
bangordailynews.com/wp-content/plugins/covid-19-dashboard/assets/js/ 37 B
103 B 30ms
20ms Script
application/javascript 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/covid-19-dashboard/assets/js/frontend.min.js?ver=1.0.0

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

9120fc5e7b83f3083c39b6ee71d2cd0322451890f95440289b32dca28294e68f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/covid-19-dashboard/assets/js/frontend.min.js?ver=1.0.0
pragma: no-cache
cookie: advanced_ads_page_impressions=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:19 GMT
x-ac: 3.vie _atomic_ams HIT
last-modified: Tue, 28 Apr 2020 12:21:07 GMT
server: nginx
etag: "5ea81fb3-25"
strict-transport-security: max-age=31536000
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 37
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Chart.js Show response
bangordailynews.com/wp-content/plugins/covid-19-dashboard/assets/chartjs/ 418 KB
105 KB 33ms
24ms Script
application/javascript 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/covid-19-dashboard/assets/chartjs/Chart.js?ver=1.0.0

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

c8e4a27e6f793df7f0d93f11973224c9bdc0a6b182276ee211c2c140e87ff0db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/covid-19-dashboard/assets/chartjs/Chart.js?ver=1.0.0
pragma: no-cache
cookie: advanced_ads_page_impressions=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 28 Apr 2020 12:21:15 GMT
server: nginx
etag: W/"5ea81fbb-68824"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
date: Mon, 26 Apr 2021 21:11:19 GMT
x-ac: 3.vie _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 utils.js Show response
bangordailynews.com/wp-content/plugins/covid-19-dashboard/assets/chartjs/ 3 KB
1 KB 45ms
35ms Script
application/javascript 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/covid-19-dashboard/assets/chartjs/utils.js?ver=1.0.0

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

0f2aa0b48a55e5bada7d08c3a536a9c3d33cf0b4a6cd600a9b3a9aa743dd9ff1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/covid-19-dashboard/assets/chartjs/utils.js?ver=1.0.0
pragma: no-cache
cookie: advanced_ads_page_impressions=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 28 Apr 2020 12:21:16 GMT
server: nginx
etag: W/"5ea81fbc-cf6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
date: Mon, 26 Apr 2021 21:11:19 GMT
x-ac: 3.vie _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 raphael.min.js Show response
bangordailynews.com/wp-content/plugins/covid-19-dashboard/assets/map/ 91 KB
32 KB 48ms
39ms Script
application/javascript 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/covid-19-dashboard/assets/map/raphael.min.js?ver=1.0.0

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

ebb072f8da4eb66f646b547ac6951e7de18e63c9165871d100a96f69327b38d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/covid-19-dashboard/assets/map/raphael.min.js?ver=1.0.0
pragma: no-cache
cookie: advanced_ads_page_impressions=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 28 Apr 2020 12:20:59 GMT
server: nginx
etag: W/"5ea81fab-16c43"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
date: Mon, 26 Apr 2021 21:11:19 GMT
x-ac: 3.vie _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 mousewheel.min.js Show response
bangordailynews.com/wp-content/plugins/covid-19-dashboard/assets/map/ 3 KB
1 KB 51ms
42ms Script
application/javascript 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/covid-19-dashboard/assets/map/mousewheel.min.js?ver=1.0.0

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

8e73a30d35c83ea6a597c3343324d2b7df097ad26e67b62efb5266ee12d317b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/covid-19-dashboard/assets/map/mousewheel.min.js?ver=1.0.0
pragma: no-cache
cookie: advanced_ads_page_impressions=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 28 Apr 2020 12:20:59 GMT
server: nginx
etag: W/"5ea81fab-ad3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
date: Mon, 26 Apr 2021 21:11:19 GMT
x-ac: 3.vie _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 chroma.min.js Show response
bangordailynews.com/wp-content/plugins/covid-19-dashboard/assets/map/ 33 KB
13 KB 52ms
44ms Script
application/javascript 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/covid-19-dashboard/assets/map/chroma.min.js?ver=1.0.0

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

baac72a1bfa929ed13fe7e4ad64195bc0f9015c467c190eab6b06d67110e00df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/covid-19-dashboard/assets/map/chroma.min.js?ver=1.0.0
pragma: no-cache
cookie: advanced_ads_page_impressions=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Thu, 26 Mar 2020 17:01:14 GMT
server: nginx
etag: W/"5e7cdfda-8309"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
date: Mon, 26 Apr 2021 21:11:19 GMT
x-ac: 3.vie _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.mapael.js Show response
bangordailynews.com/wp-content/plugins/covid-19-dashboard/assets/map/ 120 KB
24 KB 54ms
45ms Script
application/javascript 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/covid-19-dashboard/assets/map/jquery.mapael.js?ver=1.0.0

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

55255cb11b3ec899f616cf39ebdb309a4af82996918d9324a539f97b22f6693e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/covid-19-dashboard/assets/map/jquery.mapael.js?ver=1.0.0
pragma: no-cache
cookie: advanced_ads_page_impressions=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 28 Apr 2020 12:20:58 GMT
server: nginx
etag: W/"5ea81faa-1e07a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
date: Mon, 26 Apr 2021 21:11:19 GMT
x-ac: 3.vie _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 maine-counties.js Show response
bangordailynews.com/wp-content/plugins/covid-19-dashboard/assets/map/maps/ 23 KB
10 KB 56ms
48ms Script
application/javascript 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/covid-19-dashboard/assets/map/maps/maine-counties.js?ver=1.0.0

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

064f4bac94e9ff6a1a83ad14389745dfdb762132ffd6fb21cea533c72abb6f24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/covid-19-dashboard/assets/map/maps/maine-counties.js?ver=1.0.0
pragma: no-cache
cookie: advanced_ads_page_impressions=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Thu, 26 Mar 2020 17:01:14 GMT
server: nginx
etag: W/"5e7cdfda-5cdf"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
date: Mon, 26 Apr 2021 21:11:19 GMT
x-ac: 3.vie _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 usa_states.js Show response
bangordailynews.com/wp-content/plugins/covid-19-dashboard/assets/map/maps/ 64 KB
24 KB 59ms
50ms Script
application/javascript 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/covid-19-dashboard/assets/map/maps/usa_states.js?ver=1.0.0

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

144bc702fd7d0201a22691d071e63a96f65412ed61b2bc30eb6c1a5d481e2ad0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/covid-19-dashboard/assets/map/maps/usa_states.js?ver=1.0.0
pragma: no-cache
cookie: advanced_ads_page_impressions=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 21 Apr 2020 16:14:13 GMT
server: nginx
etag: W/"5e9f1bd5-100f8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
date: Mon, 26 Apr 2021 21:11:19 GMT
x-ac: 3.vie _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 assets.js Show response
bangordailynews.com/wp-content/plugins/newspack-listings/dist/ 14 KB
4 KB 61ms
52ms Script
application/javascript 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/newspack-listings/dist/assets.js?ver=0.0.1

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

b47ea457146a75df3b104a01ca95875cefeac7088fc7d262ea19e045ff7c9399

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/newspack-listings/dist/assets.js?ver=0.0.1
pragma: no-cache
cookie: advanced_ads_page_impressions=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 18 Dec 2020 21:49:20 GMT
server: nginx
etag: W/"5fdd23e0-37e6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
date: Mon, 26 Apr 2021 21:11:19 GMT
x-ac: 3.vie _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sticky.js Show response
bangordailynews.com/wp-content/plugins/advanced-ads-sticky-ads/public/assets/js/ 6 KB
2 KB 61ms
52ms Script
application/javascript 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/advanced-ads-sticky-ads/public/assets/js/sticky.js?ver=1.8.1

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

d8503c041e7f21942aa95fcd5992a29989cb49116d3cb3bf096455658498417a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/advanced-ads-sticky-ads/public/assets/js/sticky.js?ver=1.8.1
pragma: no-cache
cookie: advanced_ads_page_impressions=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 19 Feb 2021 18:42:54 GMT
server: nginx
etag: W/"603006ae-171a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
date: Mon, 26 Apr 2021 21:11:19 GMT
x-ac: 3.vie _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 comment-reply.min.js Show response
c0.wp.com/c/5.7.1/wp-includes/js/ 3 KB
1 KB 28ms
20ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.7.1/wp-includes/js/comment-reply.min.js

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT vie 2
date: Mon, 26 Apr 2021 21:11:19 GMT
content-encoding: br
last-modified: Thu, 25 Mar 2021 20:02:19 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Tue, 26 Apr 2022 21:11:19 GMT

GET
H2 200 amp-fallback.js Show response
bangordailynews.com/wp-content/themes/newspack-theme/js/dist/ 12 KB
3 KB 61ms
53ms Script
application/javascript 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/themes/newspack-theme/js/dist/amp-fallback.js?ver=1.36.0

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

84a81507549904bca8c739183162c261a1e499b8d7ae0645ae63eddb4903fd36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/themes/newspack-theme/js/dist/amp-fallback.js?ver=1.36.0
pragma: no-cache
cookie: advanced_ads_page_impressions=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 20 Apr 2021 22:12:44 GMT
server: nginx
etag: W/"607f51dc-3143"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
date: Mon, 26 Apr 2021 21:11:19 GMT
x-ac: 3.vie _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 amp-fallback-newspack-sponsors.js Show response
bangordailynews.com/wp-content/themes/newspack-theme/js/dist/ 5 KB
2 KB 61ms
53ms Script
application/javascript 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/themes/newspack-theme/js/dist/amp-fallback-newspack-sponsors.js?ver=1.36.0

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

4d8c0efbdf5e45fa5383d08d690203d0d499e7a8279600f5aec0e264d7134ea3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/themes/newspack-theme/js/dist/amp-fallback-newspack-sponsors.js?ver=1.36.0
pragma: no-cache
cookie: advanced_ads_page_impressions=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 20 Apr 2021 22:12:44 GMT
server: nginx
etag: W/"607f51dc-14f0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
date: Mon, 26 Apr 2021 21:11:19 GMT
x-ac: 3.vie _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 intersectionobserver-polyfill.min.js Show response
bangordailynews.com/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/src/js/ 8 KB
3 KB 61ms
53ms Script
application/javascript 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/src/js/intersectionobserver-polyfill.min.js?ver=1.1.2

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

88264adf3d3193fb56c229f0b92e2a6096770eb76996d1fedc95f5bcb208ccda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/src/js/intersectionobserver-polyfill.min.js?ver=1.1.2
pragma: no-cache
cookie: advanced_ads_page_impressions=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 05 Jan 2021 15:42:42 GMT
server: nginx
etag: W/"5ff488f2-1e63"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
date: Mon, 26 Apr 2021 21:11:19 GMT
x-ac: 3.vie _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 lazy-images.min.js Show response
bangordailynews.com/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/src/js/ 3 KB
1 KB 61ms
54ms Script
application/javascript 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/src/js/lazy-images.min.js?ver=1.1.2

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

51e78e904c795ed5b0154a9995d1ab0b7e3667f5aede719bda86ba38236c5989

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/src/js/lazy-images.min.js?ver=1.1.2
pragma: no-cache
cookie: advanced_ads_page_impressions=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 05 Jan 2021 15:42:42 GMT
server: nginx
etag: W/"5ff488f2-cb7"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
date: Mon, 26 Apr 2021 21:11:19 GMT
x-ac: 3.vie _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 script.js Show response
bangordailynews.com/wp-content/plugins/advanced-ads-tracking/public/assets/js/ 13 KB
3 KB 61ms
54ms Script
application/javascript 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/advanced-ads-tracking/public/assets/js/script.js?ver=1.21.0

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

719d8b1d77fd1f103d9d3a46e4b96e5122d0edeb80b85565b5a6882f0b50d573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/advanced-ads-tracking/public/assets/js/script.js?ver=1.21.0
pragma: no-cache
cookie: advanced_ads_page_impressions=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 19 Feb 2021 18:43:26 GMT
server: nginx
etag: W/"603006ce-333b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
date: Mon, 26 Apr 2021 21:11:19 GMT
x-ac: 3.vie _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-embed.min.js Show response
c0.wp.com/c/5.7.1/wp-includes/js/ 1 KB
719 B 27ms
21ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.7.1/wp-includes/js/wp-embed.min.js

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT vie 2
date: Mon, 26 Apr 2021 21:11:19 GMT
content-encoding: br
last-modified: Wed, 06 Jan 2021 15:29:24 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Tue, 26 Apr 2022 21:11:19 GMT

GET
H2 200 sharing.min.js Show response
c0.wp.com/p/jetpack/9.6.1/_inc/build/sharedaddy/ 12 KB
4 KB 27ms
21ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/9.6.1/_inc/build/sharedaddy/sharing.min.js

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

80ee2d8ce5d2a3f78fc3b8eaa67bc266645c58b96d8a804556f1e6cb8737d0cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT vie 2
date: Mon, 26 Apr 2021 21:11:19 GMT
content-encoding: br
last-modified: Tue, 26 Jan 2021 16:25:48 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Tue, 26 Apr 2022 21:11:19 GMT

GET
H2 200 e-202117.js Show response
stats.wp.com/ 9 KB
3 KB 65ms
20ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202117.js
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT vie
date: Mon, 26 Apr 2021 21:11:19 GMT
content-encoding: gzip
server: nginx
etag: W/"5c6340e3-350a"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sun, 17 Apr 2022 21:19:11 GMT

GET
H2 200 e3bf52b8-991a-41fe-9bb4-1acf24a22d27.js Show response
d2s8wlbatk24s7.cloudfront.net/service/js/ 51 KB
17 KB 50ms
12ms XHR
application/javascript 2600:9000:21f3:f200:d:77c3:2dc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2s8wlbatk24s7.cloudfront.net/service/js/e3bf52b8-991a-41fe-9bb4-1acf24a22d27.js
Requested by: Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/sp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:f200:d:77c3:2dc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 573a89ca120aefa174231f8ac23a259f089f0ef0304a7f23b7cd05d3c1187e2e

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 19:00:31 GMT
content-encoding: gzip
server: nginx/1.10.3 (Ubuntu)
age: 7848
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 14400
cache-control: public, max-age=14400
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C2
access-control-allow-headers: *
x-amz-cf-id: fM-FePh5ZFhQYuHXb6di_9hCIFDp7b0IqpyPuAfmI14XdcgSyXL_XA==
via: 1.1 83caebe1f817a31bd75ba17dff7ae1a6.cloudfront.net (CloudFront)

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 137 KB
47 KB 32ms
30ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W3QLSF

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d38c017481e8cec527a67de72c5efc0855a694c6803f997a5bad66d409096c5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:19 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47553
x-xss-protection: 0
expires: Mon, 26 Apr 2021 21:11:19 GMT

GET
H2 200 AGSKWxW-2D-NpOj-Hh67ZS7JVI4_Q0GEMemkPkF9m__v_6YFUh1r7KgeU9oTjsajdLc_nxARZIXW4BDHXowiQDVBBI8= Show response
fundingchoicesmessages.google.com/f/ 83 KB
31 KB 39ms
35ms Script
application/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW-2D-NpOj-Hh67ZS7JVI4_Q0GEMemkPkF9m__v_6YFUh1r7KgeU9oTjsajdLc_nxARZIXW4BDHXowiQDVBBI8=

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ec8609274aad9ab0f68b806f4c736b84e6e8fc3bad2a3e2bb0f8389d2342d1d0

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-L7PPbhhn+4XswZOh3s6UhQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-L7PPbhhn+4XswZOh3s6UhQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 21:11:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-L7PPbhhn+4XswZOh3s6UhQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-L7PPbhhn+4XswZOh3s6UhQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

connatix.playspace.dc.js Show response
cds.connatix.com/p/115064/ Frame FFCE
Redirect Chain

https://cd.connatix.com/connatix.playspace.js
https://cds.connatix.com/p/115064/connatix.playspace.dc.js

1 MB
230 KB

38ms
32ms

Script
application/javascript

151.101.114.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/115064/connatix.playspace.dc.js
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d2ab45aba734c6f2bd5cf4b106d5890152b22011f063358e0fa2dac3aa4145d6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:19 GMT
content-encoding: br
last-modified: Mon, 26 Apr 2021 15:04:09 GMT
age: 16835
etag: "133862d2c2cd044139eae0f492f54fc3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 234968

Redirect headers

location: https://cds.connatix.com/p/115064/connatix.playspace.dc.js
date: Mon, 26 Apr 2021 21:11:19 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
age: 0
accept-ranges: bytes
content-length: 0
retry-after: 0

GET
H2 200 advertising.js Show response
www.npttech.com/ 7 KB
3 KB 32ms
14ms Script
application/javascript 2606:4700:3037::6815:e6f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.npttech.com/advertising.js
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3037::6815:e6f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:19 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 2468
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: MY9S0PJDNWKA0N4N
x-amz-id-2: u+L7370psI8SIxAmhNpCXyD7oSJ5Mvj4UhFctRtjgqEQW9IRVxx/Z0CAHkLIPiAPTAks5+rBcUw=
last-modified: Wed, 19 Jun 2019 08:25:01 GMT
server: cloudflare
etag: W/"3d6f80c860866175f58a84bbbc9217c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=f4EQmqscTaSgeE9QaiX4aWt0hX1jYbUBSounR1YsztjHh%2FexyT01rY2ZeCe5VB6frFon5fpYH6DP%2B0JsESUY0602f42FraiFlpcb2bWnqIdioJ4ikyH77zXqTPo%3D"}],"max_age":604800,"group":"cf-nel"}
x-amz-version-id: hXQWgdpwSBM26VgKOeTSlm.4VT89.h9w
cache-control: max-age=28800
cf-request-id: 09b19ec9830000c2d6d02eb000000001
cf-ray: 6462cd88d943c2d6-FRA

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ 14 KB
14 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://bangordailynews.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 01:50:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:22 GMT
server: sffe
age: 588042
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14380
x-xss-protection: 0
expires: Wed, 20 Apr 2022 01:50:37 GMT

GET
DATA 200
OK truncated
/ 7 KB
7 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cdf3f88beb166e98d2656e957b247c886d1702027559a290e74a02d58d950c8c

Request headers

Origin: https://bangordailynews.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 logo-1.png
i2.wp.com/bdn-data.s3.amazonaws.com/uploads/2020/06/ 4 KB
4 KB 22ms
22ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/bdn-data.s3.amazonaws.com/uploads/2020/06/logo-1.png?resize=480%2C128&ssl=1

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

a76c8b8ecd594c086cc4849151090ad114d1688e039d33f0a6df1cb67b6ee277

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:19 GMT
x-content-type-options: nosniff
x-bytes-saved: 9713
content-length: 3640
x-nc: HIT vie 1
last-modified: Wed, 17 Jun 2020 19:18:03 GMT
server: nginx
etag: "7f5aaff2ae054cc2"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://bdn-data.s3.amazonaws.com/uploads/2020/06/logo-1.png>; rel="canonical"
expires: Sat, 18 Jun 2022 07:18:03 GMT

GET
H2

200

connatix.player.dc.js Show response
cds.connatix.com/p/115064/ Frame E98A
Redirect Chain

https://cd.connatix.com/connatix.player.js
https://cds.connatix.com/p/115064/connatix.player.dc.js

1007 KB
219 KB

50ms
50ms

Script
application/javascript

151.101.114.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/115064/connatix.player.dc.js
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3aaf702c0f3b57c8d8ae99a8c98336e838c9fe4a6fa33cb4bbe5b268f4200963

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:19 GMT
content-encoding: br
last-modified: Mon, 26 Apr 2021 15:04:08 GMT
age: 16834
etag: "5567d457731d7b3e403bd22f5842235e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 223850

Redirect headers

location: https://cds.connatix.com/p/115064/connatix.player.dc.js
date: Mon, 26 Apr 2021 21:11:19 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
age: 0
accept-ranges: bytes
content-length: 0
retry-after: 0

GET
H2 200 jquery.min.js Show response
cdn.pixfuture.com/ Frame 54DC 85 KB
30 KB 39ms
15ms Script
application/javascript 2606:4700:20::ac43:4671
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/jquery.min.js
Requested by: Host: serv-vdo.pixfuture.com
URL: https://serv-vdo.pixfuture.com/vpaid/ads.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4671 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:19 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3610
cf-request-id: 09b19eca9c0000dff760b87000000001
last-modified: Wed, 12 Aug 2020 19:49:59 GMT
server: cloudflare
etag: W/"5f3447e7-1538f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=a%2FQcNmoH4v%2BvfD9hBilQUBx1CyzroAYB6y0zvNqiPQDnbNNyDY%2FTR63Ae10leufoSUFdjf8sy6R2gXHg1YXQuL6eIjdOFKlspL4SV%2F6CfL6Ugteq%2Bel%2Bwn9yEMscGw%3D%3D"}]}
content-type: application/javascript
cache-control: public, max-age=2678400, no-transform
cf-ray: 6462cd8a9c27dff7-FRA
expires: Wed, 28 Apr 2021 20:11:08 GMT

GET
H/1.1 200
OK conf.js Show response
config.anyclip.com/anyclip-widget/config/bangordailynewscom/0011r00002SRK6m_6242/ 8 KB
3 KB 102ms
32ms Script
application/javascript 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://config.anyclip.com/anyclip-widget/config/bangordailynewscom/0011r00002SRK6m_6242/conf.js?cb=706415
Requested by: Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash: dd209c8b96b55de842b9a2ea39c082ed2fd84b2999cf71d90d9e3afbb2cb1746

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 21:11:19 GMT
Content-Encoding: gzip
Age: 72
x-amz-meta-updatedby: adela@anyclip.com
Connection: keep-alive
x-amz-request-id: 8CWASXPAVZE990X4
x-amz-id-2: o9LfWzD9YGOyXpZX9gyYYtJNj2FWxyjeqn7VxPLEStG5PSoKKRgjWAySkIZOnRJbL1voeW/rN9o=
Accept-Ranges: bytes
Last-Modified: Thu, 22 Apr 2021 13:27:14 GMT
Server: AmazonS3
Vary: Accept-Encoding
x-amz-version-id: UZf6SjhF.vAO11.UZZPGoZapYnemoCnV
Access-Control-Allow-Origin: *
Content-Length: 2226
Content-Type: application/javascript;charset=UTF-8
X-LLID: 73f07a50cd5c7604b943def73397c259

GET
H/1.1 200
OK rules.js Show response
player.anyclip.com/anyclip-widget/lre-widget/sps-flow/ 474 B
959 B 44ms
44ms Script
application/javascript 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://player.anyclip.com/anyclip-widget/lre-widget/sps-flow/rules.js
Requested by: Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash: bf8a3d71354828a837da5f234fdeab608b2e535b11b4851e89d75b1686686635

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 21:11:19 GMT
Content-Encoding: gzip
Age: 55214
x-amz-meta-sha256: bf8a3d71354828a837da5f234fdeab608b2e535b11b4851e89d75b1686686635
Connection: keep-alive
Content-Length: 216
x-amz-id-2: 7HkPI7+B5C7IcunixJO7C4idNtfQ8FLMqRRWbLD82w87FYgtWGA4i7/NoLd6iFqdZ0VFgy7r+uk=
Last-Modified: Thu, 30 Apr 2020 15:11:24 GMT
Server: AmazonS3
Vary: Accept-Encoding
x-amz-request-id: 0AD2C118F7F81FB1
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=60
x-amz-meta-s3b-last-modified: 20200430T151051Z
x-amz-version-id: Dnob.rNfaHkFPCA9eGou8IS.DrpBU9EH
Accept-Ranges: bytes
Content-Type: application/javascript
X-LLID: 8f3d510c36c54efab4e227682c5eadb0
Expires: Mon, 26 Apr 2021 05:52:05 GMT

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 353ms
117ms Image
image/gif 54.174.65.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=68&val=vjs&wnx=0&abc=&ty=wlo&v=0&ext=0&ta=1&lnx=0&sid=wegb4rEJFhNbEzXdMh0WvgKTG3yDTusU&pid=bangordailynewscom&wid=0011r00002SRK6m_6242&pt=a
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.65.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:19 GMT
last-modified: Wed, 30 Dec 2020 14:34:46 GMT
server: nginx
accept-ranges: bytes
etag: "5fec9006-23"
content-length: 35
content-type: image/gif

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
180 B 351ms
116ms Image
image/gif 54.174.65.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?dom=bangordailynews.com&cke=true&lan=en-US&plat=Linux+x86_64&net=-&ver=js4.0.4.1.923&dev=desktop&os=Windows&bw=Chrome%2C89&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&ty=data&rt=69&sid=wegb4rEJFhNbEzXdMh0WvgKTG3yDTusU&pid=bangordailynewscom&wid=0011r00002SRK6m_6242&pt=a
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.65.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:19 GMT
last-modified: Wed, 30 Dec 2020 14:34:46 GMT
server: nginx
accept-ranges: bytes
etag: "5fec9006-23"
content-length: 35
content-type: image/gif

GET
H2 200 embed.js Show response
bangordailynews.coral.coralproject.net/assets/js/ 52 KB
15 KB 116ms
32ms Script
application/javascript 34.96.85.105
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.coral.coralproject.net/assets/js/embed.js

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.85.105 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

fa180e0c5c49d672e65b866e3f0809042cc76209788f323267ab5e51ca386b3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
x-content-type-options: nosniff
age: 562041
alt-svc: clear
content-length: 15359
x-xss-protection: 1; mode=block
x-trace-id: 57658450-a1b7-11eb-a7d7-77b6c4c3b059
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 11 Feb 2021 21:23:31 GMT
date: Tue, 20 Apr 2021 09:03:58 GMT
vary: Accept-Encoding
content-language: en-US
via: 1.1 google
cache-control: public, max-age=604800
etag: W/"3bff-17792fa4438"
accept-ranges: bytes
content-type: application/javascript; charset=UTF-8

GET
BLOB 200
OK 3036ecb0-237a-49c4-9df4-70776f3625e5
https://bangordailynews.com/ 417 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://bangordailynews.com/3036ecb0-237a-49c4-9df4-70776f3625e5
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7c1d63e26285cc21e133de0ecdb2364c797317e45fd3405ddd49930a1e949a11

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 417

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
257 B 483ms
118ms Image
image/gif 54.144.144.142
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1619471479614&plid=53262091&idsite=bangordailynews.com&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&sref=&sts=1619471479601&slts=0&title=Holden+brothers+sue+Northern+Light+over+data+breach+they+claim+left+them+vulnerable+to+identity+theft&date=Mon+Apr+26+2021+23%3A11%3A19+GMT%2B0200+(Central+European+Summer+Time)&action=pageview&pvid=40902303&u=pid%3D06d89b9957dc6263508f366e43a5a47a
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.144.144.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 21:11:20 GMT
Cache-Control: no-cache
Last-Modified: Monday, 26-Apr-2021 21:11:20 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 tinypass.min.js Show response
buy.tinypass.com/api/ 1009 KB
234 KB 61ms
41ms Script
application/javascript 2606:4700::6811:b6b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/tinypass.min.js

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee5cf9111ad49f7f2de82277cfb3f825a54444269d7bc7724292582efbff6265

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:19 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 274
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 09b19ecb5e000005fd26240000000001
wn: prod-dash-10-0-124-91
last-modified: Fri, 23 Apr 2021 17:53:42 GMT
server: cloudflare
etag: W/"1033310-1619200422000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
content-type: application/javascript
server-time: 0.001
cache-control: public, max-age=300
cf-ray: 6462cd8bcd4405fd-FRA
expires: Mon, 26 Apr 2021 21:16:19 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 119 KB
31 KB 180ms
63ms Script
application/javascript 13.224.105.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.105.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-105-229.mad50.r.cloudfront.net
Software: Server /
Resource Hash: 9e5a3984c873d9f7009795b85f0d9bfa38e8f9dddc2309d83556aea4d7ee41a0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: FUA623DCjlDRvcvJxerHmi4TRUp1BV44
content-encoding: gzip
server: Server
age: 274
etag: 433bd8b9aebf928ab8f51e43abc531d2
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 02fcbf68a81897cc093ee1510fb7e93e.cloudfront.net (CloudFront)
cache-control: public, max-age=900
date: Mon, 26 Apr 2021 21:06:45 GMT
x-amz-cf-pop: MAD50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: dvJ9eDtSnHWSt29BMgFnsM6yVVIRY6LJNZVowOTlZnyF5EeXSJi2vQ==

GET
H2 200 g.gif
pixel.wp.com/ 50 B
92 B 21ms
20ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A9.6.1&blog=38606143&post=3087062&tz=-4&srv=bangordailynews.com&host=bangordailynews.com&ref=&fcp=1540&rand=0.2931111307978316
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:19 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 / Show response
bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/ 2 KB
1 KB 585ms
585ms XHR
application/json 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/?relatedposts=1

Requested by

Host: c0.wp.com
URL: https://c0.wp.com/p/jetpack/9.6.1/_inc/build/related-posts/related-posts.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

19cff09123b7c8f052b5fcf83f97eda885abeceac7abac7d9f6e1a286a2f40dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: test; _parsely_session={%22sid%22:1%2C%22surl%22:%22https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/%22%2C%22sref%22:%22%22%2C%22sts%22:1619471479601%2C%22slts%22:0}; _parsely_visitor={%22id%22:%22pid=06d89b9957dc6263508f366e43a5a47a%22%2C%22session_count%22:1%2C%22last_session_ts%22:1619471479601}
:path: /2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/?relatedposts=1
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
x-requested-with: XMLHttpRequest

Response headers

x-nananana: Batcache-Set
strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 26 Apr 2021 21:11:20 GMT
server: nginx
date: Mon, 26 Apr 2021 21:11:20 GMT
vary: Accept-Encoding Cookie
content-type: application/json; charset=utf-8
cache-control: max-age=300, must-revalidate
x-ac: 3.vie _atomic_ams MISS
host-header: Newspack

GET
H2 200 / Show response
graph.facebook.com/ 244 B
652 B 54ms
40ms Script
text/javascript 2a03:2880:f01c:800e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?callback=WPCOMSharing.update_facebook_count&ids=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F

Requested by

Host: c0.wp.com
URL: https://c0.wp.com/p/jetpack/9.6.1/_inc/build/sharedaddy/sharing.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:800e:face:b00c:0:2 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

778b1557f57ddb55a1ccc0b1dd882cd4199a0d80bc67d583c8ca43a661759361

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
www-authenticate: OAuth "Facebook Platform" "invalid_request" "(#2) Service temporarily unavailable"
x-fb-rev: 1003684644
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 182
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: sUbdypRAMaKzx+9ADSVKz4q988Pg61QGrYQYW+h8i1mGrXmApaahrt6aYFXLaU9v0SGdc28C59VfJ6k7jt6GMA==
x-fb-trace-id: DQWcrmj16S7
date: Mon, 26 Apr 2021 21:11:19 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-fb-request-id: AGOu_D9SfpY2xIxioRANPul
cache-control: no-store
facebook-api-version: v3.2
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
74 B 21ms
20ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=wpcom-no-pv&x_sharing-count-request=facebook&r=0.4296466991737564
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:19 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

POST
H2 204 AGSKWxVEgrzezpXmWq0BOnCwIm0MkImo_Hk5Dt6SdGywHBGSJa8KsCwBFWEjZY1aTbRBMvWoXeJGmVOPE_X-b6eFhB8= Show response
fundingchoicesmessages.google.com/l/ 0
941 B 40ms
19ms XHR
text/html 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/l/AGSKWxVEgrzezpXmWq0BOnCwIm0MkImo_Hk5Dt6SdGywHBGSJa8KsCwBFWEjZY1aTbRBMvWoXeJGmVOPE_X-b6eFhB8=?pvid=C876E320-0DCD-44CC-A6B2-BADE66DDC7E6&anonid=509C88E7-DDD2-4CDE-9BA1-153C0EDBAC8F

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.en_US.yBB4d6BTfRc.es5.O/d=1/rs=AJlcJMxclVqNNZ5tV-63qo4lEWKqY67sDg/m=loader_js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-YQnfR6HaopMTt+tTIUpOFw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-YQnfR6HaopMTt+tTIUpOFw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 26 Apr 2021 21:11:19 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://bangordailynews.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-YQnfR6HaopMTt+tTIUpOFw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-YQnfR6HaopMTt+tTIUpOFw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxUf5pbCH439xse-d81iOwuO57ljJDnnE33xKBBBRYNlnblnnby7auAYECcXXBfjWB4u0oOPCkTCJfKvuHpWLPM= Show response
fundingchoicesmessages.google.com/f/ 283 KB
63 KB 51ms
50ms Script
application/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxUf5pbCH439xse-d81iOwuO57ljJDnnE33xKBBBRYNlnblnnby7auAYECcXXBfjWB4u0oOPCkTCJfKvuHpWLPM=?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCwyLFsxNjE5NDcxNDc5LDc0MzAwMDAwMF0sIkM4NzZFMzIwLTBEQ0QtNDRDQy1BNkIyLUJBREU2NkREQzdFNiIsIjUwOUM4OEU3LURERDItNENERS05QkExLTE1M0MwRURCQUM4RiIsbnVsbCxbbnVsbCxbN11dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.en_US.yBB4d6BTfRc.es5.O/d=1/rs=AJlcJMxclVqNNZ5tV-63qo4lEWKqY67sDg/m=loader_js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f5ad06b3c530987c2dd5c6120fa353e676a7d30639156a8631b90ddb255f905f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-l0sEfYadd469OE2ppgIwwQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-l0sEfYadd469OE2ppgIwwQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-security-policy: script-src 'report-sample' 'nonce-l0sEfYadd469OE2ppgIwwQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-l0sEfYadd469OE2ppgIwwQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubads_impl_2021042101.js Show response
securepubads.g.doubleclick.net/gpt/ 301 KB
106 KB 43ms
43ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042101.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

59c35f54d601301c5ad4ac4d92d0d60f8c09e264cafe2e61a756c059889b6da9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 21 Apr 2021 08:38:12 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108325
x-xss-protection: 0
expires: Mon, 26 Apr 2021 21:11:19 GMT

GET
H2 200 t Show response
jadserve.postrelease.com/ 223 B
600 B 659ms
298ms Script
text/javascript 52.52.166.208
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&ntv_mvi&us_privacy=1---
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.52.166.208 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.12.1 /
Resource Hash: 1eab91f81bf81819c8832c3a70044b09fc8a6c73fd75df3eda4b0decda03da4f

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 21:11:20 GMT
content-encoding: gzip
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: text/javascript;charset=UTF-8
content-length: 184
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
H/1.1 200
OK Harrison-Judy-employee-headshot-JCR-1-200x200.jpg
bdn-data.s3.amazonaws.com/uploads/2020/06/ 8 KB
9 KB 508ms
142ms Image
image/jpeg 52.216.176.227
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bdn-data.s3.amazonaws.com/uploads/2020/06/Harrison-Judy-employee-headshot-JCR-1-200x200.jpg
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.176.227 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d46cdf5cd6827461ac61fcff2768bfff82203c047c7c93e1c82091f1232610fb

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 21:11:21 GMT
Last-Modified: Thu, 18 Jun 2020 02:58:23 GMT
Server: AmazonS3
x-amz-request-id: GB5BHPB1S2G7ZKGD
ETag: "268b990f7103e86c2be5a8cbedbb9b53"
x-amz-version-id: HtSq84lLDSsbDF.It5rdjSpKWYffj93A
Cache-Control: max-age=2592000
x-amz-replication-status: COMPLETED
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 8413
x-amz-id-2: l8X78BL4R7MDTUeDP7E64jK4reo0+hLZxMZItytrtySTsh2nA4b/R53I6qqDh9FOMNJqhqxGawo=

GET
H2 200 016-EMHS-Brewer-06-16-2014-090-14-293-x-1.jpg
i0.wp.com/bdn-data.s3.amazonaws.com/uploads/2021/04/ 185 KB
186 KB 27ms
26ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/bdn-data.s3.amazonaws.com/uploads/2021/04/016-EMHS-Brewer-06-16-2014-090-14-293-x-1.jpg?w=1024&ssl=1

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

6bb02f4b3e234d03c30f0a6c214ea2a851709f607db2edbb7cf4ad66a35561a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT vie 5
date: Mon, 26 Apr 2021 21:11:19 GMT
x-content-type-options: nosniff
last-modified: Fri, 23 Apr 2021 05:05:02 GMT
server: nginx
etag: "6825ac0c6211e0cc"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://bdn-data.s3.amazonaws.com/uploads/2021/04/016-EMHS-Brewer-06-16-2014-090-14-293-x-1.jpg>; rel="canonical"
content-length: 189820
expires: Sun, 23 Apr 2023 17:05:02 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W3QLSF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 5446
date: Mon, 26 Apr 2021 19:40:33 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Mon, 26 Apr 2021 21:40:33 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 92 KB
24 KB 9ms
9ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0ae5ed57dc48abbee125d5f915e37110c9f2bb6a95d1aa5ccf3c141f8fe10db3

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23961
x-fb-rlafr: 0
pragma: public
x-fb-debug: kF5Yy0EaP7eFctPjvTuc/yQ48wGxIb/1Ou1Nd9v3obEg0bqeg+kRZr8oknBZxfk0rjahRCEESxz1dN3OAYBsUw==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Mon, 26 Apr 2021 21:11:19 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 117ms
40ms Script
application/x-javascript 2600:9000:20c8:b400:18:1fcd:34e:d2a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: hubspot.fedscoop.com
URL: https://hubspot.fedscoop.com/e2t/tc/VVtbbF268JrwW42vy7Q5XWCP5W99f7mw4qLW2MN5_C1nX2-G_BV1-WJV7CgY8sW4C0j0Q5DBg--N8nfYJ8NR4FxW65CZwB3TD_ZgW6lKmPq8k81xyW3qvRnr35zBHzW6jMv_n1HTk8FW7wGZQb6S6Dy0W1y8LK43tXyxzW70Xypj9fywsRW2ZZSql1bvwZXW7V1RFz4lvpzcW56rK7L3h_HC0W5-rG0P3K7j62W6gcfw75kd4QRW6wyN7t4JM843N7VqDX54BHcqW7S-gj52nDkMTW2z_3dT13pcDfN7--9lSzFPcxW4SN5XV1GjFWdMgTYNSfTsBzW1P39RX3Y_flkW5BTl6v80kDXdW6S7s467lPRsMW2w82sk6H2zLYW1hRGG72Z_zsjW4rPGkB154XtFW9k94HV1W3lVfW2Pj5bQ3jRrHkW6Cxggd5_0f0y37gk1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c8:b400:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: ec93813683cccb74a7896a34a2ed1b2163288620f6959ae06de3ded30cf518b9

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 16:18:05 GMT
content-encoding: gzip
last-modified: Fri, 02 Apr 2021 00:04:46 GMT
server: nginx
age: 17594
etag: W/"60665f9e-8e96"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 52523006e1ee5c08eea6e9267e18fabf.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: MAD50-C1
x-amz-cf-id: WVRyXp-BC7gSwTaz8EXj-B5hic8ZvP-pvBBXcojG_rC2zi4KEejqPw==
expires: Tue, 27 Apr 2021 16:18:05 GMT

GET
H2

200

ml.br.js Show response
js.matheranalytics.com/static/ltm/ma63069/92760912/12/
Redirect Chain

https://js.matheranalytics.com/s/ma63069/92760912/ml.js?cb=1562
https://js.matheranalytics.com/static/ltm/ma63069/92760912/12/ml.br.js

136 KB
40 KB

41ms
41ms

Script
application/x-javascript

107.178.250.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.matheranalytics.com/static/ltm/ma63069/92760912/12/ml.br.js
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.250.234 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx /
Resource Hash: 5bb1dbff0830b6ff798a95ceb6d01d9c04ead26188e18da619699bc3135a1e47

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 17:36:04 GMT
content-encoding: br
last-modified: Wed, 12 Aug 2020 16:26:04 GMT
server: nginx
age: 12916
etag: "88fbdebeb74ed488bdf0ebada228f578"
vary: Accept-Encoding
x-cache: HIT Wed, 12 Aug 2020 16:39:09 GMT
content-type: application/x-javascript
via: 1.1 google
cache-control: public,max-age=3600
alt-svc: clear
content-length: 40740

Redirect headers

date: Mon, 26 Apr 2021 21:11:19 GMT
via: 1.1 google
server: nginx
vary: Accept-Encoding
location: https://js.matheranalytics.com/static/ltm/ma63069/92760912/12/ml.br.js
cache-control: public, max-age=269200
alt-svc: clear
x-served-by: 7-gc-euw1-10925

GET
H/1.1 200
OK ads-iframe.js Show response
serv-vdo.pixfuture.com/vpaid/ Frame 54DC 49 KB
49 KB 205ms
205ms Script
application/javascript 204.48.28.205
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://serv-vdo.pixfuture.com/vpaid/ads-iframe.js
Requested by: Host: serv-vdo.pixfuture.com
URL: https://serv-vdo.pixfuture.com/vpaid/ads.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.48.28.205 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 04b25bf1bce048c6c1ee2b85818b0c335193bef7bfcc62a2bb9a58c021de28b8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 21:11:19 GMT
Last-Modified: Wed, 17 Mar 2021 20:57:13 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60526d29-c2f6"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800, public, no-transform
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 49910
Expires: Wed, 28 Apr 2021 21:11:19 GMT

GET
H/1.1 200
OK push_player.js Show response
serv-vdo.pixfuture.com/vpaid/ Frame 54DC 1 KB
2 KB 336ms
112ms Script
application/javascript 204.48.28.205
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://serv-vdo.pixfuture.com/vpaid/push_player.js
Requested by: Host: serv-vdo.pixfuture.com
URL: https://serv-vdo.pixfuture.com/vpaid/ads.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.48.28.205 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1441bff79eb18764087ec481fa0018adb219abe2bf3178ece73aa8e0d35f12f3

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 21:11:20 GMT
Last-Modified: Mon, 08 Feb 2021 16:32:36 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "602167a4-50e"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800, public, no-transform
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 1294
Expires: Wed, 28 Apr 2021 21:11:20 GMT

GET
H2 200 / Show response
trends.revcontent.com/api/demand/ 52 B
269 B 175ms
60ms Fetch
text/html 34.248.121.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/api/demand/?w=165643

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.248.121.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.25 (Debian) /

Resource Hash

8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://bangordailynews.com
date: Mon, 26 Apr 2021 21:11:20 GMT
access-control-allow-credentials: true
server: Apache/2.4.25 (Debian)
content-length: 52
strict-transport-security: max-age=931536000; includeSubDomains
content-type: text/html; charset=UTF-8

GET
H2 204 sync
trends.revcontent.com/ 0
0 171ms
56ms Fetch 34.248.121.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trends.revcontent.com/sync
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.121.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://bangordailynews.com
date: Mon, 26 Apr 2021 21:11:20 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H2 200 connatix.player.css
cds.connatix.com/p/115064/ 54 KB
8 KB 41ms
41ms Stylesheet
text/css 151.101.114.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/115064/connatix.player.css
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f1c022aff023cba27a95c593e440595dfb6f16413a18483866e74a56e2563db5

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:20 GMT
content-encoding: br
last-modified: Mon, 26 Apr 2021 15:04:09 GMT
age: 16835
etag: "fcaa0ea82bb0765612e6ce7eef717e24"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 8363

HEAD
H/1.1 200
OK advertising.js
assets.anyclip.com/anyclip-widget/lre-widget/assets/js/ 0
0 102ms
31ms Fetch
application/javascript 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.anyclip.com/anyclip-widget/lre-widget/assets/js/advertising.js
Requested by: Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 21:11:20 GMT
Age: 1039
Connection: keep-alive
Content-Length: 32
x-amz-id-2: TE1LlP6v1FuIediBAbvTJcntLB8pPizYnSPlkqUirghQVEOX1bexc3GTdkReCz0S+EpD9BG1G0E=
Last-Modified: Mon, 10 Dec 2018 11:26:45 GMT
Server: AmazonS3
x-amz-request-id: H7CK13QB0N1H5GE0
Access-Control-Allow-Origin: *
Expires: Tue, 27 Apr 2021 00:54:01 GMT
Cache-Control: public,max-age=14400
x-amz-version-id: yQR7I__mdWlTGiugUbenyyFFuDDzo_a4
Accept-Ranges: bytes
Content-Type: application/javascript
X-LLID: a81a283bd0217d7d052604c671c03f23
x-amz-meta-s3b-last-modified: 20181210T110233Z

HEAD
H2 200 ima3.js
imasdk.googleapis.com/js/sdkloader/ 0
0 34ms
14ms Fetch
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 26 Apr 2021 21:11:20 GMT

GET
H2 200 362290
vid.springserve.com/vast/ 22 B
0 175ms
56ms Fetch
application/xml 52.210.137.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/362290
Requested by: Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.137.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 26 Apr 2021 21:11:20 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 22
content-type: application/xml;charset=UTF-8

HEAD
H2 200 loader.js
imasdk.googleapis.com/js/sdkloader/ 0
0 26ms
7ms Fetch
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/loader.js

Requested by

Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:10:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 21 Apr 2021 20:57:11 GMT
server: sffe
age: 61
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18070
x-xss-protection: 0
expires: Mon, 26 Apr 2021 21:25:19 GMT

HEAD
H2 200 client.js
s0.2mdn.net/instream/video/ 0
0 35ms
14ms Fetch
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 26 Apr 2021 21:11:20 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 334 KB
115 KB 33ms
14ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d25942b7da85bc7cdb258cdb436227b1de7e3a2b50c61f7d7050eff911f88f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117044
x-xss-protection: 0
expires: Mon, 26 Apr 2021 21:11:20 GMT

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 117ms
117ms Image
image/gif 54.174.65.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=549&val=0&wnx=0&abc=&ty=blo&v=0&ext=0&ta=1&lnx=0&sid=wegb4rEJFhNbEzXdMh0WvgKTG3yDTusU&pid=bangordailynewscom&wid=0011r00002SRK6m_6242&pt=a
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.65.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:20 GMT
last-modified: Wed, 30 Dec 2020 14:34:46 GMT
server: nginx
accept-ranges: bytes
etag: "5fec9006-23"
content-length: 35
content-type: image/gif

GET
H2 200 sdk.js Show response
api-esp.piano.io/public/sdk/v04/ 43 KB
14 KB 52ms
34ms Script
application/javascript 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a2f415894088c48d895ce6549090ee756a6f1b3e05699bbf0547b005b3b68d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:20 GMT
content-encoding: gzip
x-tq-node: x
cf-cache-status: HIT
age: 726
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=60; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09b19ecd0d00004e80d328a000000001
last-modified: Wed, 21 Apr 2021 11:16:56 GMT
server: cloudflare
etag: W/"1bbec-178f425b840"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: api-esp.piano.io
vary: Accept-Encoding
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 6462cd8e79c04e80-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Tue, 27 Apr 2021 01:11:20 GMT

GET
H2 200 get.js Show response
buy.tinypass.com/api/v3/anon/captcha/ 153 B
410 B 153ms
152ms Script
application/javascript 2606:4700::6811:b6b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/v3/anon/captcha/get.js?callback=jsonpCallback&aid=U1S2txQ29t

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f592bf3e47093c56c97793b1b58902d2a38495f5bb48f4fba1715b7080721fb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:20 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: EXPIRED
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 09b19eccf9000005fdf58a7000000001
x-request-id: Cw6w6sq02x2
pragma
wn: prod-dash-10-0-133-161
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
content-type: application/javascript
server-time: 0.001
cache-control: public, max-age=1200
cf-ray: 6462cd8e5a5305fd-FRA
expires: Mon, 26 Apr 2021 21:31:20 GMT

GET
H3-29 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 20:36:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 2097
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
expires: Mon, 26 Apr 2021 21:36:23 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
539 B 35ms
14ms XHR
application/json 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 26 Apr 2021 21:11:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://bangordailynews.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 94
x-xss-protection: 0

GET
H3-29 200 733394673714818 Show response
connect.facebook.net/signals/config/ 254 KB
72 KB 58ms
56ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/733394673714818?v=2.9.39&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ef0b6e589e662ef1b9c44e23acea2320db067ebaf821d262febe0e4d576013f1

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: PDbFK0OkJ1EKndFkB24UgiHje91vL9llnc6xf37IU6ng9PpNMGTG7GOVeylvJDQI8bLGuocvx9OgL/cAyqV3Wg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
date: Mon, 26 Apr 2021 21:11:20 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 css
fonts.googleapis.com/ 52 KB
3 KB 19ms
18ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabTcfV2ClientJs.en_US.8ep3xi8CkMA.es5.O/d=1/rs=AJlcJMyFrSO2jIY22_vIzSxZlBSR8QB5HA/m=iabtcfv2wallscript

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4818ee6ad6d1167b02d5d560cbcebabbe23414debce3ee661c661f5fc7f0d87c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 26 Apr 2021 21:11:20 GMT
server: ESF
date: Mon, 26 Apr 2021 21:11:20 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 26 Apr 2021 21:11:20 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
374 B 456ms
456ms XHR
text/javascript 13.224.105.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&pid=da8vaac8T4J4q&cb=0&ws=1600x1200&v=7.61.00&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22180x80%22%5D%2C%22sn%22%3A%22%2F21682974628%2Fbangordailynews%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22180x80%22%5D%2C%22sn%22%3A%22%2F21682974628%2Fbangordailynews%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F21682974628%2Fbangordailynews%22%7D%2C%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22300x600%22%2C%22160x600%22%5D%2C%22sn%22%3A%22%2F21682974628%2Fbangordailynews%22%7D%5D&cfgv=0&pubid=b9cc9a74-23ed-483b-9eb8-000dee4af668&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.105.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-105-229.mad50.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:20 GMT
via: 1.1 02fcbf68a81897cc093ee1510fb7e93e.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: MAD50-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://bangordailynews.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: WVL7wheOO3O2AmWtcCBHS73xWGFtbLQqESEzz_XaNP_IO1fLZbiW-Q==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 170ms
58ms XHR
application/javascript 13.224.105.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.105.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-105-229.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 15:17:53 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
age: 21208
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Wed, 07 Apr 2021 05:49:36 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: eEYYOb32LZFr6yGAi8hXG4401uAIPew2
via: 1.1 adaa7e69b304066aa4eaf0d2190ecfd7.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: MAD50-C1
content-type: application/javascript
x-amz-cf-id: NNWYPoYjZhUUQE7rM7cSn8cuBTFKpEUCt3CSn3JwQ8JnX2M33zKBbA==

POST
H3-29 204 AGSKWxVEgrzezpXmWq0BOnCwIm0MkImo_Hk5Dt6SdGywHBGSJa8KsCwBFWEjZY1aTbRBMvWoXeJGmVOPE_X-b6eFhB8= Show response
fundingchoicesmessages.google.com/l/ 0
27 B 33ms
20ms XHR
text/html 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.en_US.yBB4d6BTfRc.es5.O/d=1/rs=AJlcJMxclVqNNZ5tV-63qo4lEWKqY67sDg/m=loader_js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-9x/Tb3S7e+1+TG2/1uEXdA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-9x/Tb3S7e+1+TG2/1uEXdA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 26 Apr 2021 21:11:20 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://bangordailynews.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-9x/Tb3S7e+1+TG2/1uEXdA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-9x/Tb3S7e+1+TG2/1uEXdA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 76 KB
31 KB 15ms
14ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

05b4aeada635e360f83307e47f81ed9f16d40c629fc2f8f8680d29594cfe022f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:20 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31129
x-xss-protection: 0
expires: Mon, 26 Apr 2021 21:11:20 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
468 B 32ms
13ms XHR
application/json 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 26 Apr 2021 21:11:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://bangordailynews.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

GET
H2 200 verify Show response
id.tinypass.com/id/api/v1/identity/token/ 208 B
966 B 154ms
146ms Script
application/javascript 2606:4700::6811:b6b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://id.tinypass.com/id/api/v1/identity/token/verify?callback=jQuery1124029047282767597116_1619471479938&client_id=U1S2txQ29t&site=https%3A%2F%2Fbangordailynews.com&_=1619471479939

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9c183d21b8c2f33ee64aa01946495a4b240585d84054862fed3c6165a17e5bc9

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:20 GMT
content-encoding: br
cf-cache-status: DYNAMIC
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL", CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 09b19ecd73000005fdf58af000000001
x-request-id: Cw6w6sqvVaZ
pragma: no-cache
wn: prod-id-10-0-94-153
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-cache="set-cookie"
access-control-allow-credentials: true
server-time: 0.001
cf-ray: 6462cd8f1bf305fd-FRA
access-control-allow-headers: origin, content-type, accept, authorization
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ 15 KB
15 KB 7ms
5ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://bangordailynews.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 20:40:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:00 GMT
server: sffe
age: 520242
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15056
x-xss-protection: 0
expires: Wed, 20 Apr 2022 20:40:38 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v85/ 100 KB
100 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v85/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ee528fae3270a18f9ef02e08baa054b2a428d449190346a68afefeb047fa6a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://bangordailynews.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Apr 2021 22:06:12 GMT
x-content-type-options: nosniff
last-modified: Thu, 15 Apr 2021 23:28:06 GMT
server: sffe
age: 342308
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102728
x-xss-protection: 0
expires: Fri, 22 Apr 2022 22:06:12 GMT

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ 15 KB
15 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhp.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://bangordailynews.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:47 GMT
server: sffe
age: 126462
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14880
x-xss-protection: 0
expires: Mon, 25 Apr 2022 10:03:38 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://bangordailynews.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Apr 2021 01:43:32 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
age: 415668
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
expires: Fri, 22 Apr 2022 01:43:32 GMT

POST
H3-29 204 AGSKWxXG4qKK2DXhseMxojokmj_bf3fWcCmMKTi6e8cp6MTjuvx2izzGb61AyiC-11xTvVgYavHjFEvjGZzYKg21m0dPGMeIkavaUIyWxCh2JfeeYi7fGfknRsL4r9g46lbp_9KAgRWH5Hj33j9-c5zhzGsM-nxOXFL31bGavp_99lqnKqySZvurbAM1nrVD Show response
fundingchoicesmessages.google.com/l/ 0
26 B 27ms
26ms XHR
text/html 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/l/AGSKWxXG4qKK2DXhseMxojokmj_bf3fWcCmMKTi6e8cp6MTjuvx2izzGb61AyiC-11xTvVgYavHjFEvjGZzYKg21m0dPGMeIkavaUIyWxCh2JfeeYi7fGfknRsL4r9g46lbp_9KAgRWH5Hj33j9-c5zhzGsM-nxOXFL31bGavp_99lqnKqySZvurbAM1nrVD?dmid=9a88d2cd9a80bfe2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-pkt+AqJqYykmtcwu5gmgqQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-pkt+AqJqYykmtcwu5gmgqQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 26 Apr 2021 21:11:20 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://bangordailynews.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-pkt+AqJqYykmtcwu5gmgqQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-pkt+AqJqYykmtcwu5gmgqQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
169 B 355ms
116ms Image
image/gif 52.4.50.244
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=bangordailynews.com&p=%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&u=BmU1n3DIOXwXCZMh2s&d=bangordailynews.com&g=14550&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=4284&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=2386&t=Bil_-tfS5dn-rcyWBQdytvZ2ipz&V=126&i=Holden%20brothers%20sue%20Northern%20Light%20over%20data%20breach%20they%20claim%20left%20them%20vulnerable%20to%20identity%20thef&tz=-120&sn=1&sv=DFZWtlBpkOsxB5i3gI3kN1eDGQBIS&sd=1&im=067b2fff&_
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.4.50.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 21:11:20 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

POST
H/1.1 200
OK pls Show response
capi.connatix.com/core/ Frame E98A 2 KB
2 KB 582ms
195ms XHR
multipart/form-data 3.23.122.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/pls?v=115064
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.23.122.187 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: df0abe41e3bc0c498565c24ec5a1d5ec36ba777fc75996fa6586fdf9211442d4

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Mon, 26 Apr 2021 21:11:20 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://bangordailynews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1700

GET
H/1.1 200
OK pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/158127/2642/ Frame 54DC 275 KB
84 KB 105ms
38ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/158127/2642/pwt.js
Requested by: Host: serv-vdo.pixfuture.com
URL: https://serv-vdo.pixfuture.com/vpaid/ads-iframe.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e98e8d723dd2eaca28bade949628d27e81e6cf8c9b3e0fd8091fe4b3843f78ce

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 21:11:20 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Oct 2020 22:47:13 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "10c1257-44c71-5b2d70fa58647"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: public, max-age=99116
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 85626
Expires: Wed, 28 Apr 2021 00:43:16 GMT

GET
H/1.1 200
OK vast_prebid_init.php Show response
serv-vdo.pixfuture.com/vpaid/ Frame 54DC 16 KB
16 KB 227ms
226ms Script
application/javascript 204.48.28.205
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://serv-vdo.pixfuture.com/vpaid/vast_prebid_init.php?zoneid=11&siteid=231&keywords=holden,brothers,sue,northern,light,over,data,breach,they,claim,left,them,vulnerable,identity,theft&url=https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/&ads_counter=not_started
Requested by: Host: serv-vdo.pixfuture.com
URL: https://serv-vdo.pixfuture.com/vpaid/ads-iframe.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.48.28.205 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: c1d5e21849004e9801d70b2704762bba11a321bf7f6b07b4f84f9a6ed689db49

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 21:11:20 GMT
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800, public, no-transform
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Wed, 28 Apr 2021 21:11:20 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
91 B 37ms
37ms XHR
text/plain 2a00:1450:400c:c0d::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-5329647-52&cid=971043729.1619471480&jid=313152973&gjid=918149274&_gid=2137732637.1619471480&_u=aGBAgUALAAQCAE~&z=1963817121

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0d::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 26 Apr 2021 21:11:20 GMT
content-type: text/plain
access-control-allow-origin: https://bangordailynews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1763094032&t=pageview&_s=1&dl=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&ul=en-us&de=UTF-8&dt=Holden%20brothers%20sue%20Northern%20Light%20over%20data%20breach%20they%20claim%20left%20them%20vulnerable%20to%20identity%20theft&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgUALAAQC~&jid=313152973&gjid=918149274&cid=971043729.1619471480&tid=UA-5329647-52&_gid=2137732637.1619471480&gtm=2wg4e1W3QLSF&cd24=https&cd25=false&cd28=no&cm5=0&z=556305239

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 06:40:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 52230
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1763094032&t=pageview&_s=1&dl=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&ul=en-us&de=UTF-8&dt=Holden%20brothers%20sue%20Northern%20Light%20over%20data%20breach%20they%20claim%20left%20them%20vulnerable%20to%20identity%20theft&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAiUALBAQCAE~&jid=&gjid=&cid=971043729.1619471480&tid=UA-5329647-52&_gid=2137732637.1619471480&gtm=2wg4e1W3QLSF&cd24=https&cd25=false&cd28=no&cm5=0&z=1453880926

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 06:40:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 52230
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 204 generic
trends.revcontent.com/event/ 0
0 166ms
56ms Fetch 34.248.121.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trends.revcontent.com/event/generic
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.121.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Grizzly/2.4.4 /
Resource Hash

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://bangordailynews.com
date: Mon, 26 Apr 2021 21:11:20 GMT
access-control-allow-credentials: true
server: Grizzly/2.4.4
access-control-allow-headers: Content-Type

GET
H2 200 / Show response
trends.revcontent.com/api/delivery/ 17 KB
7 KB 221ms
221ms Fetch
text/html 34.248.121.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/api/delivery/?is_blocked=false&w=165643&width=1600&rev_allow_cookies=0&site_url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&icr_url=&va=1&time=1619471480286&up=pc&bn=chrome&bv=89&widget_width=780

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.248.121.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.25 (Debian) /

Resource Hash

fd39aa74e7a2f67013146c1fee313d0095d43c06fda1355616a58634514351c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:20 GMT
content-encoding: gzip
server: Apache/2.4.25 (Debian)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://bangordailynews.com
access-control-allow-credentials: true
strict-transport-security: max-age=931536000; includeSubDomains
content-length: 7345

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
245 B 482ms
116ms Image
image/gif 54.166.210.103
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=pv&page=Holden%20brothers%20sue%20Northern%20Light%20over%20data%20breach%20they%20claim%20left%20them%20vulnerable%20to%20identity%20theft&pubname=Bangor%20Daily%20News&artupt=1619174198&artpubt=1619154000&tv=js-3.0.109&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=-120&lang=en-US&cs=UTF-8&navt=link&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&tvltm=12&tid=d8e49267-00e7-4096-b0e5-f167c3009dae&pid=896500d5-2653-4022-8473-ae8a49b1a2fb&dtm=1619471480315&qnm=_matherq&visible=1&tabid=944e02b7-f4ff-416d-97f0-0ea3424c929c&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&vp=1600x1200&ds=1600x4284&tofa=1619471480&vid=1&lvidt=1619471480&duid=85f106e94802ff6b&fp=1072425006&cid=ma63069&mrk=92760912&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTYxOTQ3MTQ3Nzg1NSIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIzNS4xbWIiLCJoZWFwVCI6IjM5LjZtYiIsImZzdFBhaW50IjoiMTU0MCIsImZldGNoUyI6IjE3OSIsImRvbWFpblMiOiIxODAiLCJkb21haW5FIjoiMTg2IiwiY29ublMiOiIxODYiLCJjb25uRSI6IjIzMCIsInNzbFMiOiIyMDUiLCJyZXF1UyI6IjIzMCIsInJlc3BTIjoiOTE3IiwicmVzcEUiOiIxMDAxIiwiZG9tTG9hZCI6IjkyMCIsImRvbUludGVyIjoiMTc5NiIsImRvbUxvYWRTIjoiMTgyOCIsImRvbUxvYWRFIjoiMTgzNSJ9fQ
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.166.210.103 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 21:11:20 GMT
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length: 43
Content-Type: image/gif

OPTIONS
H3-29 200 232
api-esp.piano.io/publisher/fusion/lucid/data/ Frame 0
0 159ms
146ms Preflight 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/publisher/fusion/lucid/data/232?email=&visitor=&stored_visitor=&pnespid=

Protocol

H3-29

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://bangordailynews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 26 Apr 2021 21:11:20 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://bangordailynews.com
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-max-age: 36000
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-tq-node: x
strict-transport-security: max-age=60; includeSubDomains
cf-cache-status: DYNAMIC
cf-request-id: 09b19ece1e00004ec89c258000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6462cd902d044ec8-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3-29 200 232 Show response
api-esp.piano.io/publisher/fusion/lucid/data/ 4 KB
2 KB 203ms
192ms XHR
application/json 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/publisher/fusion/lucid/data/232?email=&visitor=&stored_visitor=&pnespid=

Requested by

Host: c0.wp.com
URL: https://c0.wp.com/c/5.7.1/wp-includes/js/jquery/jquery.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9612c93d0a8f6c4d11b62d22658e36367025dad4fe1e154738cccc61ca741414

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 26 Apr 2021 21:11:20 GMT
content-encoding: gzip
x-tq-node: x
cf-cache-status: DYNAMIC
x-cache-status: BYPASS
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=60; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09b19eceb600004a5bafa52000000001
server: cloudflare
etag: W/"117d-ZzGffRB/prhu9XXSVJ2VqDrlx3g"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bangordailynews.com
vary: Accept-Encoding
access-control-allow-credentials: true
cf-ray: 6462cd912fdc4a5b-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 117ms
116ms Image
image/gif 54.174.65.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=888&val=ima&wnx=0&abc=&ty=ami&v=0&ext=0&ta=1&lnx=0&sid=wegb4rEJFhNbEzXdMh0WvgKTG3yDTusU&pid=bangordailynewscom&wid=0011r00002SRK6m_6242&pt=a
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.65.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:20 GMT
last-modified: Wed, 30 Dec 2020 14:34:46 GMT
server: nginx
accept-ranges: bytes
etag: "5fec9006-23"
content-length: 35
content-type: image/gif

GET
H2 200 Perkins_Wrigley.jpg
i1.wp.com/bdn-data.s3.amazonaws.com/uploads/2021/04/ 4 KB
4 KB 71ms
70ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/bdn-data.s3.amazonaws.com/uploads/2021/04/Perkins_Wrigley.jpg?fit=1024%2C768&ssl=1&resize=350%2C200

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

63212c3f7b2974ad304272eae4a980c5913ac2c220d0bb47f396f46544b0e128

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: MISS vie 3
date: Mon, 26 Apr 2021 21:11:20 GMT
x-content-type-options: nosniff
last-modified: Mon, 26 Apr 2021 21:11:20 GMT
server: nginx
etag: "39ceb2929b2d89f0"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://bdn-data.s3.amazonaws.com/uploads/2021/04/Perkins_Wrigley.jpg>; rel="canonical"
content-length: 4190
expires: Thu, 27 Apr 2023 09:11:20 GMT

GET
H2 200 Spring-Snow-042221-LCO-1.jpg
i0.wp.com/bdn-data.s3.amazonaws.com/uploads/2021/04/ 7 KB
7 KB 45ms
44ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/bdn-data.s3.amazonaws.com/uploads/2021/04/Spring-Snow-042221-LCO-1.jpg?fit=1024%2C635&ssl=1&resize=350%2C200

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

a24cc1d44b3023d00ab2d32622623c7dbf0b87727974904107b30bcbd3933d79

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: MISS vie 5
date: Mon, 26 Apr 2021 21:11:20 GMT
x-content-type-options: nosniff
last-modified: Mon, 26 Apr 2021 19:15:45 GMT
server: nginx
etag: "ff9d6217721150ae"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://bdn-data.s3.amazonaws.com/uploads/2021/04/Spring-Snow-042221-LCO-1.jpg>; rel="canonical"
content-length: 7386
expires: Thu, 27 Apr 2023 07:15:45 GMT

GET
H2 200 BHHospital4.jpg
i1.wp.com/bdn-data.s3.amazonaws.com/uploads/2021/03/ 8 KB
8 KB 776ms
775ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/bdn-data.s3.amazonaws.com/uploads/2021/03/BHHospital4.jpg?fit=1024%2C683&ssl=1&resize=350%2C200

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

fdd12761bc6e5a46c20a2e0053e3b53c7df5efae0e2aebd0eeb70b41bdfa75f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: MISS vie 2
date: Mon, 26 Apr 2021 21:11:21 GMT
x-content-type-options: nosniff
last-modified: Mon, 26 Apr 2021 21:11:21 GMT
server: nginx
etag: "2959686461b60540"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://bdn-data.s3.amazonaws.com/uploads/2021/03/BHHospital4.jpg>; rel="canonical"
content-length: 7980
expires: Thu, 27 Apr 2023 09:11:21 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
409 B 19ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=733394673714818&ev=PageView&dl=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&rl=&if=false&ts=1619471480370&sw=1600&sh=1200&v=2.9.39&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1619471480368.1268646807&it=1619471480072&coo=false&exp=l1&rqm=GET

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:20 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 26 Apr 2021 21:11:20 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 17ms
16ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-5329647-52&cid=971043729.1619471480&jid=313152973&_u=aGBAgUALAAQCAE~&z=1715603531

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 21:11:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 24ms
23ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-5329647-52&cid=971043729.1619471480&jid=313152973&_u=aGBAgUALAAQCAE~&z=1715603531

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 21:11:20 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK play-big.svg
assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/ 650 B
1 KB 95ms
31ms Image
image/svg+xml 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/play-big.svg?hash=55977d5a99
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash: 3cc9389c9cfdbc0fb7c282c3026c3cd9c11894913f4cf60cf9d1140a1415ad0a

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 21:11:20 GMT
Content-Encoding: gzip
Age: 11001
Connection: keep-alive
Content-Length: 400
x-amz-id-2: 2ZRGmD+kh257W9+vyOdL6QpvAOGlYqi9dgt1aL0FP89CyWLDvZNesGZlGXxYDzF/4PQZCl44NDY=
Last-Modified: Tue, 06 Aug 2019 13:18:15 GMT
Server: AmazonS3
Vary: Accept-Encoding
x-amz-request-id: 842E25E42F23E437
Access-Control-Allow-Origin: *
Expires: Mon, 26 Apr 2021 22:07:59 GMT
Cache-Control: public,max-age=14400
x-amz-version-id: P54LBC7dA7.CKZKZL0usNEXn5r08cUmk
Accept-Ranges: bytes
Content-Type: image/svg+xml
X-LLID: 454b60a7ef9fa84aaf3de6cadee0521b
x-amz-meta-s3b-last-modified: 20190806T131201Z

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 118ms
118ms Image
image/gif 54.174.65.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=971&val=1---&wnx=0&abc=&ty=crs&v=0&ext=0&ta=1&lnx=0&sid=wegb4rEJFhNbEzXdMh0WvgKTG3yDTusU&pid=bangordailynewscom&wid=0011r00002SRK6m_6242&pt=a
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.65.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:20 GMT
last-modified: Wed, 30 Dec 2020 14:34:46 GMT
server: nginx
accept-ranges: bytes
etag: "5fec9006-23"
content-length: 35
content-type: image/gif

GET
H3-29 200 bridge3.453.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame FD7A 570 KB
186 KB 20ms
6ms Document
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03fa924099182c607c33fb7877f50e7de0ae3522e1bcff8f7247ae5e88a2b25b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.453.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bangordailynews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://bangordailynews.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 190793
date: Thu, 22 Apr 2021 15:44:13 GMT
expires: Fri, 22 Apr 2022 15:44:13 GMT
last-modified: Wed, 21 Apr 2021 20:50:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 365227
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
16 KB 27ms
14ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Mon, 26 Apr 2021 21:11:20 GMT

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 117ms
117ms Image
image/gif 54.174.65.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=1076&val=0&wnx=0&abc=&ty=wre&v=0&ext=0&ta=1&lnx=0&sid=wegb4rEJFhNbEzXdMh0WvgKTG3yDTusU&pid=bangordailynewscom&wid=0011r00002SRK6m_6242&pt=a
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.65.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:20 GMT
last-modified: Wed, 30 Dec 2020 14:34:46 GMT
server: nginx
accept-ranges: bytes
etag: "5fec9006-23"
content-length: 35
content-type: image/gif

GET
H/1.1 200
OK anyclip-logo.png
assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/ 1 KB
2 KB 42ms
32ms Image
image/png 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/anyclip-logo.png
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash: a9face165b5af8cc8cd1aef61858dc946c4296ee34ef63790747394d4f25c38b

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 21:11:20 GMT
Age: 6224
Connection: keep-alive
Content-Length: 1316
x-amz-id-2: N/VDY41NRXTx/nPQAv9dDCcMACdcAIt2Fm18wi1xCY9RUyh4EgW+SPCtCrkLkstP59oOzMRV7GM=
Last-Modified: Thu, 20 Dec 2018 13:30:18 GMT
Server: AmazonS3
x-amz-request-id: BB40BB343D4078AE
Access-Control-Allow-Origin: *
Expires: Mon, 26 Apr 2021 23:27:36 GMT
Cache-Control: public,max-age=14400
x-amz-version-id: OklAUkiF01qvm0z5Jbxqbgl4N5mndRTg
Accept-Ranges: bytes
Content-Type: image/png
X-LLID: da8aa7665a6bbbb09510568f4071dfd9
x-amz-meta-s3b-last-modified: 20180812T120014Z

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 117ms
117ms Image
image/gif 54.174.65.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=1097&val=780&wnx=0&abc=&ty=psw&v=0&ext=0&ta=1&lnx=0&sid=wegb4rEJFhNbEzXdMh0WvgKTG3yDTusU&pid=bangordailynewscom&wid=0011r00002SRK6m_6242&pt=a
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.65.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:20 GMT
last-modified: Wed, 30 Dec 2020 14:34:46 GMT
server: nginx
accept-ranges: bytes
etag: "5fec9006-23"
content-length: 35
content-type: image/gif

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 118ms
117ms Image
image/gif 54.174.65.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=1098&val=439&wnx=0&abc=&ty=psh&v=0&ext=0&ta=1&lnx=0&sid=wegb4rEJFhNbEzXdMh0WvgKTG3yDTusU&pid=bangordailynewscom&wid=0011r00002SRK6m_6242&pt=a
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.65.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:20 GMT
last-modified: Wed, 30 Dec 2020 14:34:46 GMT
server: nginx
accept-ranges: bytes
etag: "5fec9006-23"
content-length: 35
content-type: image/gif

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 88 KB
35 KB 31ms
29ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-5329647-52&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

607e9c3cd7cb12c02b763d658b5fa6064c12571584c23c1c3c862909f985d663

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:20 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35815
x-xss-protection: 0
expires: Mon, 26 Apr 2021 21:11:20 GMT

POST
H2 200 execute Show response
experience.tinypass.com/xbuilder/experience/ 8 KB
4 KB 144ms
143ms XHR
application/json 2606:4700::6811:b6b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://experience.tinypass.com/xbuilder/experience/execute?aid=U1S2txQ29t

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a15b1de9ebd27e92c9b23c0cd3651eb03fc0fb4e6989c007657d0a83b33a64d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Accept: */*
Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 26 Apr 2021 21:11:20 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 09b19ecf02000005fdae07e000000001
x-request-id: Cw6w6sqn2vy
pragma: no-cache
wn: prod-exp-10-0-87-200
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://bangordailynews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6462cd91990505fd-FRA
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 117ms
117ms Image
image/gif 54.174.65.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=1128&val=&wnx=0&abc=&ty=cuc&v=0&ext=0&ta=1&lnx=0&sid=wegb4rEJFhNbEzXdMh0WvgKTG3yDTusU&pid=bangordailynewscom&wid=0011r00002SRK6m_6242&pt=a
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.65.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:20 GMT
last-modified: Wed, 30 Dec 2020 14:34:46 GMT
server: nginx
accept-ranges: bytes
etag: "5fec9006-23"
content-length: 35
content-type: image/gif

OPTIONS
H2 200 playlist
trafficmanager.anyclip.com/trafficmanager/api/v2/player/ Frame 0
0 362ms
119ms Preflight
text/plain 52.203.28.84
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trafficmanager.anyclip.com/trafficmanager/api/v2/player/playlist?
Protocol: H2
Server: 52.203.28.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-203-28-84.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://bangordailynews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 26 Apr 2021 21:11:20 GMT
content-type: text/plain
content-length: 24
access-control-allow-origin: https://bangordailynews.com
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-headers: Content-Type
allow: HEAD,POST,GET,OPTIONS

POST
H2 200 playlist Show response
trafficmanager.anyclip.com/trafficmanager/api/v2/player/ 12 KB
3 KB 129ms
127ms Fetch
application/json 52.203.28.84
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trafficmanager.anyclip.com/trafficmanager/api/v2/player/playlist?
Requested by: Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.203.28.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-203-28-84.compute-1.amazonaws.com
Software: /
Resource Hash: 32b24176630969394e10f1ce73fb23aed0d4dd274323b281dbbad12b493fa5c3

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 26 Apr 2021 21:11:21 GMT
content-encoding: gzip
vary: accept-encoding
access-control-allow-methods: GET,POST
content-type: application/json
access-control-allow-origin: https://bangordailynews.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 118ms
117ms Image
image/gif 54.174.65.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=1129&val=0&wnx=0&abc=&ty=prq&v=0&ext=0&ta=1&lnx=0&sid=wegb4rEJFhNbEzXdMh0WvgKTG3yDTusU&pid=bangordailynewscom&wid=0011r00002SRK6m_6242&pt=a
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.65.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:20 GMT
last-modified: Wed, 30 Dec 2020 14:34:46 GMT
server: nginx
accept-ranges: bytes
etag: "5fec9006-23"
content-length: 35
content-type: image/gif

GET
H2

200

sid Show response
mug.criteo.com/ Frame 54DC
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fbangordailynews.com%2F&cw=1
https://mug.criteo.com/sid?cpp=vPqRzHxZOU1BUmZ6YzcyOUlSUjhzNXNDSlFzMDlaanU1WGVEQkZhYTNPNWpSQ0Nmb3FkR01CS1lEY1YrUXZFU3ZqbGRJVXBWTmVuaHBBRFJhSmp4dTJGS1FXM2FjVHhpcHgwVlZhM0tzdm5ZREc4ZUtjNWhmQTI3VDdSa1...

355 B
634 B

116ms
38ms

XHR
application/json

178.250.2.146
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=vPqRzHxZOU1BUmZ6YzcyOUlSUjhzNXNDSlFzMDlaanU1WGVEQkZhYTNPNWpSQ0Nmb3FkR01CS1lEY1YrUXZFU3ZqbGRJVXBWTmVuaHBBRFJhSmp4dTJGS1FXM2FjVHhpcHgwVlZhM0tzdm5ZREc4ZUtjNWhmQTI3VDdSa1FIcDBlR0pnMlYrMjRWbys5Qm1yRWprbTgvMnd3K3lMRkgydC9nQVNuLy9FR1V6dml2NHdFNGlOZW1sZ3ROVlVETmZsMW4zQjlhdVd2ODVMZm1lLzRncUJKRXhjK0w5SVlwMXQyWWswL1dkdkdWSkxCbENnPXw&cppv=2

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.2.146 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

0730dcdcc5c4da68d88294b596ef4049ff1c75cc0de96e1684dd269e5bf0f615

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Mon, 26 Apr 2021 21:11:20 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1856
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Mon, 26 Apr 2021 21:11:20 GMT
location: https://mug.criteo.com/sid?cpp=vPqRzHxZOU1BUmZ6YzcyOUlSUjhzNXNDSlFzMDlaanU1WGVEQkZhYTNPNWpSQ0Nmb3FkR01CS1lEY1YrUXZFU3ZqbGRJVXBWTmVuaHBBRFJhSmp4dTJGS1FXM2FjVHhpcHgwVlZhM0tzdm5ZREc4ZUtjNWhmQTI3VDdSa1FIcDBlR0pnMlYrMjRWbys5Qm1yRWprbTgvMnd3K3lMRkgydC9nQVNuLy9FR1V6dml2NHdFNGlOZW1sZ3ROVlVETmZsMW4zQjlhdVd2ODVMZm1lLzRncUJKRXhjK0w5SVlwMXQyWWswL1dkdkdWSkxCbENnPXw&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://bangordailynews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1667
content-length: 482
expires: 0

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 54DC 62 KB
21 KB 33ms
14ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: serv-vdo.pixfuture.com
URL: https://serv-vdo.pixfuture.com/vpaid/ads-iframe.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57f83c06cedade6f7f939dd10d4eaf36923b631578205a859792898506d3d7a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "854 / 968 of 1000 / last-modified: 1619435394"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21141
x-xss-protection: 0
expires: Mon, 26 Apr 2021 21:11:20 GMT

GET
H2 200 prebid_4_23.js Show response
cdn.pixfuture.com/ Frame 54DC 318 KB
319 KB 24ms
24ms Script
application/javascript 2606:4700:20::ac43:4671
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/prebid_4_23.js
Requested by: Host: serv-vdo.pixfuture.com
URL: https://serv-vdo.pixfuture.com/vpaid/ads-iframe.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4671 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb20b25bccd61ce9602de4ea1a9ceb31f6f65a945ba5da6ed9e91c88486288bd

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:20 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3610
cf-polished: origSize=326091
cf-bgj: minify
cf-request-id: 09b19ecf410000dff71039d000000001
last-modified: Tue, 02 Feb 2021 20:10:57 GMT
server: cloudflare
etag: W/"6019b1d1-4f9cb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DmXwB7AeIZ%2FVSkEjKU0izuc55llkpP%2FBdBeiAziMvHeXD531oCKbGexAeQiCreXaZWVQxdQuOG9iNiujuB%2FGs4wGy8EGcdpDlr5Hq4sI2PHVv2P1faHF3G6moabWWg%3D%3D"}]}
content-type: application/javascript
cache-control: public, max-age=2678400, no-transform
cf-ray: 6462cd920e73dff7-FRA
expires: Wed, 28 Apr 2021 20:11:07 GMT

GET
H2 200 bangordailynews.min.js Show response
global.proper.io/ 15 KB
5 KB 46ms
20ms Script
application/javascript 2606:4700::6811:4e22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://global.proper.io/bangordailynews.min.js
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4e22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6ab38c80589bb5c0c5a3019da49047c6d1aadcb9feac43450f2d7769d662ace

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 23 Apr 2021 17:02:26 GMT
server: cloudflare
age: 274000
etag: W/"6082fda2-3de8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=300
cf-ray: 6462cd924cf34eeb-FRA
cf-request-id: 09b19ecf6a00004eeb36239000000001
expires: Mon, 26 Apr 2021 21:16:20 GMT

POST
H2 204 impression
trends.revcontent.com/event/ 0
0 56ms
56ms Fetch 34.248.121.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trends.revcontent.com/event/impression
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.121.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Grizzly/2.4.4 /
Resource Hash

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://bangordailynews.com
date: Mon, 26 Apr 2021 21:11:20 GMT
access-control-allow-credentials: true
server: Grizzly/2.4.4
access-control-allow-headers: Content-Type

GET
H2 200 /
img.revcontent.com/ 20 KB
20 KB 123ms
42ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.revcontent.com/?url=https://cdn.revcontent.com/assets/img/full_color.png&static=true
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: c842ab9a59af3f3d62511fdb5488ad527d2193c3371b5561ade4a2a19a8e7062

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:20 GMT
last-modified: Wed, 01 Jul 2020 17:13:25 GMT
etag: "1593623605"
x-hw: 1619471480.cds080.am5.hn,1619471480.cds012.am5.c
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 20438

GET
H2 200 rc-logo.png
cdn.revcontent.com/assets/img/ 4 KB
4 KB 122ms
41ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revcontent.com/assets/img/rc-logo.png
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 66e0312cb1c8f068831abec6de6c5c6e8e7b6134881cc245c3fd99744619aec1

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:20 GMT
last-modified: Mon, 26 Apr 2021 16:17:17 GMT
etag: "1619453837"
x-hw: 1619471480.cds118.am5.hn,1619471480.cds221.am5.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=25
accept-ranges: bytes
content-length: 4298

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 3E81 36 KB
13 KB 24ms
5ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:01:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 613
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Mon, 26 Apr 2021 22:01:07 GMT

GET
H/1.1 200
OK scroll-right.svg
assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/ 645 B
1 KB 32ms
31ms Image
image/svg+xml 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/scroll-right.svg?hash=55977d5a99
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash: 6c73cf3d94d29e498f66facb6891a9be80ef4f5caee6c9b09e6128b167b3c966

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 21:11:20 GMT
Content-Encoding: gzip
Age: 4987
Connection: keep-alive
Content-Length: 403
x-amz-id-2: nLnfk/r/mIXzGPk6s/OAXbdiUorGp0Dst2sOdUesks19NoBk9ZzcrAStbBxZFu6HfLuA3cKNJuI=
Last-Modified: Thu, 09 Aug 2018 13:37:36 GMT
Server: AmazonS3
Vary: Accept-Encoding
x-amz-request-id: 234AAB5878CD704F
Access-Control-Allow-Origin: *
Expires: Mon, 26 Apr 2021 23:48:13 GMT
Cache-Control: public,max-age=14400
x-amz-version-id: LWFiUmbBDbZYtKTcsVUC4L21DxkdHU5h
Accept-Ranges: bytes
Content-Type: image/svg+xml
X-LLID: a0c9d930aa150e221651455640c71573
x-amz-meta-s3b-last-modified: 20180710T071342Z

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 117ms
117ms Image
image/gif 54.174.65.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=undefined&inx=undefined&rt=1287&val=ad%3Dhttps%253A%252F%252Fvid.springserve.com%252Fvast%252F630417%253Fima%253D4%2526w%253D780%2526h%253D439%2526url%253Dhttps%25253A%25252F%25252Fbangordailynews.com%25252F2021%25252F04%25252F23%25252Fnews%25252Fbangor%25252Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%25252F%2526cb%253D871658043%2526widgetid%253D0011r00002SRK6m_6242%2526lob%253D%2526clipid%253Dundefined%2526key_custom1%253D%255Ew%253D0011r00002SRK6m_6242%255Ec%253Dundefined%255Ei%253D0%255Eab%253D%255Ev%253D0%255Ep%253Dbangordailynewscom%2526key_custom2%253D%255Ed%253Dbangordailynews.com%255Eu%253D%255Edv%253D1%255Eco%253D%255Epl%253Da%2526gdpr%253D%2526consent%253D%2526viewability%253D0%2526schain%253D1.0%252C1%2521anyclip.com%252C0011r00002SRK6mAAH%252C1%252C%252C%252C%252C%2526us_privacy%253D1---%2526domain%253Dbangordailynews.com%26mavs%3D0%26rqcm%3D1%26ast%3D-1%26smb%3D1%26sid%3Dwegb4rEJFhNbEzXdMh0WvgKTG3yDTusU%26imaw%3D0%26amd%3D1%26sf%3D0&wnx=0&abc=&ty=arq&v=0&ext=0&ta=1&lnx=0&sid=wegb4rEJFhNbEzXdMh0WvgKTG3yDTusU&pid=bangordailynewscom&wid=0011r00002SRK6m_6242&pt=a&anx=1&arx=1&crt=0&s=0&aty=vid&tty=ac&rol=mid
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.65.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:20 GMT
last-modified: Wed, 30 Dec 2020 14:34:46 GMT
server: nginx
accept-ranges: bytes
etag: "5fec9006-23"
content-length: 35
content-type: image/gif

GET
H2 200 show Show response
buy.tinypass.com/checkout/offer/ Frame 9EE0 3 MB
2 MB 134ms
134ms Document
text/html 2606:4700::6811:b6b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=%23piano-bottom&templateId=OT4SMJA264JI&offerId=OFTT8RQJHOEV&formNameByTermId=%7B%7D&hideCompletedFields=true&showCloseButton=false&experienceId=EXTQ1E06385B&activeMeters=%5B%7B%22meterName%22%3A%22MeteredExperience%22%2C%22views%22%3A1%2C%22viewsLeft%22%3A2%2C%22maxViews%22%3A3%2C%22totalViews%22%3A1%7D%5D&widget=offer&iframeId=offer-0-iXRjE&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=U1S2txQ29t&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=9f6efaef77

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5e1b5c70fbdc192fb65d3d904ba88264d1d0c2597d3dc86e2483de94fda7b8c8

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Xss-Protection	0

Request headers

:method: GET
:authority: buy.tinypass.com
:scheme: https
:path: /checkout/offer/show?displayMode=inline&containerSelector=%23piano-bottom&templateId=OT4SMJA264JI&offerId=OFTT8RQJHOEV&formNameByTermId=%7B%7D&hideCompletedFields=true&showCloseButton=false&experienceId=EXTQ1E06385B&activeMeters=%5B%7B%22meterName%22%3A%22MeteredExperience%22%2C%22views%22%3A1%2C%22viewsLeft%22%3A2%2C%22maxViews%22%3A3%2C%22totalViews%22%3A1%7D%5D&widget=offer&iframeId=offer-0-iXRjE&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=U1S2txQ29t&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=9f6efaef77
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bangordailynews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://bangordailynews.com/

Response headers

date: Mon, 26 Apr 2021 21:11:20 GMT
content-type: text/html;charset=UTF-8
access-control-allow-methods: *
access-control-allow-origin: https://dashboard.piano.io
cache-control: no-cache, no-store, must-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NON DSP COR OUR IND"
pragma: no-cache
server-time: 0.009
set-cookie: ch_sid=a8GwJCAEDD2bPOA;Version=1;Domain=.tinypass.com;Path=/;Max-Age=3600;Secure;SameSite=None LANG=en_US;Version=1;Domain=.tinypass.com;Path=/;Max-Age=2592000;Secure;SameSite=None __cflb=02DiuHCYe3gAA7tKYXZHc1Kjp8tYqQh4cyficitGFMkdr; SameSite=Lax; path=/; expires=Tue, 27-Apr-21 20:11:20 GMT; HttpOnly
strict-transport-security: max-age=60; includeSubDomains
vary: accept-encoding
wn: prod-dash-10-0-89-107
x-forwarded-https: on
x-request-id: Cw6w6sqsWIt
x-xss-protection: 0
cf-cache-status: DYNAMIC
cf-request-id: 09b19ecfce000005fdb1355000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6462cd92eb7805fd-FRA
content-encoding: br

OPTIONS
H3-29 200 114
api-esp.piano.io/tracker/lucid/visit/ Frame 0
0 131ms
130ms Preflight 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/tracker/lucid/visit/114?story_url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&visitor=1vx95z1jy68vn05s

Protocol

H3-29

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://bangordailynews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 26 Apr 2021 21:11:20 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://bangordailynews.com
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-max-age: 36000
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-tq-node: x
strict-transport-security: max-age=60; includeSubDomains
cf-cache-status: DYNAMIC
cf-request-id: 09b19ecfdc00004ec8a90fb000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6462cd92fb634ec8-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3-29 200 114 Show response
api-esp.piano.io/tracker/lucid/visit/ 65 B
711 B 145ms
145ms XHR
application/json 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: c0.wp.com
URL: https://c0.wp.com/c/5.7.1/wp-includes/js/jquery/jquery.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b13c2450599935398fcf77d05daaecbe1d1fc0df3ff2cbdf532d689701d16536

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 26 Apr 2021 21:11:21 GMT
content-encoding: gzip
x-tq-node: x
cf-cache-status: DYNAMIC
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=60; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09b19ed05f00004a5ba8a00000000001
server: cloudflare
etag: W/"41-XREyeTBglxZKfulhW9Bw+ptrmYM"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bangordailynews.com
vary: Accept-Encoding, X-HTTP-Method-Override
access-control-allow-credentials: true
cf-ray: 6462cd93cd1c4a5b-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token

GET
H3-29 200 iframeResizer.min.js Show response
api-esp.piano.io/public/sdk/vx/lib/iframeResizer/ 11 KB
5 KB 24ms
23ms Script
application/javascript 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/public/sdk/vx/lib/iframeResizer/iframeResizer.min.js?v=vd.1.63.3.13-2b559ec&p=114

Requested by

Host: api-esp.piano.io
URL: https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5b874cb5c9f3a822335797b9ce5ef7a08fc29ec8e14d84c5662d41745e24b12

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:20 GMT
content-encoding: gzip
x-tq-node: x
cf-cache-status: HIT
age: 33117
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=60; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09b19ecfdd00004a5bde969000000001
last-modified: Wed, 21 Apr 2021 11:16:56 GMT
server: cloudflare
etag: W/"2e2f-178f425b840"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: api-esp.piano.io
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 6462cd92fb844a5b-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Tue, 26 Apr 2022 21:11:20 GMT

GET
H3-29 200 state-machine.min.js Show response
api-esp.piano.io/public/sdk/vx/lib/state-machine/ 4 KB
2 KB 21ms
20ms Script
application/javascript 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/public/sdk/vx/lib/state-machine/state-machine.min.js?v=vd.1.63.3.13-2b559ec&p=114

Requested by

Host: api-esp.piano.io
URL: https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22397b41dbe5333180c07d20dbc2d3dac3742e1e1cd2cbeb9fc3126d9a249b51

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:20 GMT
content-encoding: gzip
x-tq-node: x
cf-cache-status: HIT
age: 33117
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=60; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09b19ecfdd00004a5b6b2ae000000001
last-modified: Wed, 21 Apr 2021 11:16:56 GMT
server: cloudflare
etag: W/"f2a-178f425b840"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: api-esp.piano.io
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 6462cd92fb854a5b-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Tue, 26 Apr 2022 21:11:20 GMT

GET
H3-29 200 displayer.js Show response
api-esp.piano.io/public/sdk/vx/widgets/base/ 16 KB
5 KB 19ms
19ms Script
application/javascript 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/public/sdk/vx/widgets/base/displayer.js?v=vd.1.63.3.13-2b559ec&p=114

Requested by

Host: api-esp.piano.io
URL: https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b3f47c88cda76867aaf6d622b230307763d73eb759601b447b2c4deb912904f

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:20 GMT
content-encoding: gzip
x-tq-node: x
cf-cache-status: HIT
age: 33117
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=60; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09b19ecfde00004a5bafa6c000000001
last-modified: Wed, 21 Apr 2021 11:16:56 GMT
server: cloudflare
etag: W/"8abb-178f425b840"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: api-esp.piano.io
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 6462cd92fb874a5b-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Tue, 26 Apr 2022 21:11:20 GMT

GET
H3-29 200 displayer.js Show response
api-esp.piano.io/public/sdk/vx/widgets/embedded/ 2 KB
2 KB 19ms
19ms Script
application/javascript 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/public/sdk/vx/widgets/embedded/displayer.js?v=vd.1.63.3.13-2b559ec&p=114

Requested by

Host: api-esp.piano.io
URL: https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61c08be466a49ad1612b95a5d57048744ba6490a0a0a4ff0bafe302ef51dd3a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:20 GMT
content-encoding: gzip
x-tq-node: x
cf-cache-status: HIT
age: 33117
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=60; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09b19ecfde00004a5b919de000000001
last-modified: Wed, 21 Apr 2021 11:16:56 GMT
server: cloudflare
etag: W/"19c7-178f425b840"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: api-esp.piano.io
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 6462cd92fb884a5b-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Tue, 26 Apr 2022 21:11:20 GMT

GET
H3-29 200 pubads_impl_2021042101.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 54DC 301 KB
106 KB 96ms
52ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042101.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

59c35f54d601301c5ad4ac4d92d0d60f8c09e264cafe2e61a756c059889b6da9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 21 Apr 2021 08:38:12 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108325
x-xss-protection: 0
expires: Mon, 26 Apr 2021 21:11:20 GMT

GET
H/1.1 200
OK req_demand.php Show response
serv-vdo.pixfuture.com/www/delivery/ Frame 54DC 0
579 B 114ms
114ms Script
text/html 204.48.28.205
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://serv-vdo.pixfuture.com/www/delivery/req_demand.php?script=videoAds:&bidders=pubmatic,synacormedia,openx,gumgum,spotx,sonobi,smartadserver,33across,oneVideo,conversant,appnexus,districtm&zoneid=11
Requested by: Host: serv-vdo.pixfuture.com
URL: https://serv-vdo.pixfuture.com/vpaid/ads-iframe.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.48.28.205 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 21:11:20 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Wed, 28 Apr 2021 21:11:20 GMT

GET
H2 200 latest.js Show response
global.proper.io/payloads/ 319 KB
81 KB 27ms
27ms Script
application/javascript 2606:4700::6811:4e22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://global.proper.io/payloads/latest.js
Requested by: Host: global.proper.io
URL: https://global.proper.io/bangordailynews.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4e22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35093baf103e71966e4a720b9f6785024df6ac9be544e6411c696b438957b74b

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Jan 2021 15:33:24 GMT
server: cloudflare
age: 3024539
etag: W/"5fff12c4-4fbd6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=300
cf-ray: 6462cd936f524eeb-FRA
cf-request-id: 09b19ed02100004eebd7111000000001
expires: Mon, 26 Apr 2021 21:16:20 GMT

POST
H/1.1 200
OK sr Show response
capi.connatix.com/tr/ Frame E98A 0
300 B 131ms
130ms XHR
multipart/form-data 3.23.122.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/sr?v=115064
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.23.122.187 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Mon, 26 Apr 2021 21:11:20 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://bangordailynews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 200 3_media.bin Show response
vid.connatix.com/fda58192-ade4-4b70-87e4-8bec8591c31e/ Frame E98A 390 B
513 B 101ms
34ms XHR
application/octet-stream 151.101.114.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/fda58192-ade4-4b70-87e4-8bec8591c31e/3_media.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6dc5c9f36a861e185f9cf18b37141d6994018dc1049951ee5f0ec657bf4cb789

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:21 GMT
content-encoding: gzip
last-modified: Thu, 01 Apr 2021 17:51:48 GMT
age: 418197
etag: "970778f64e38b9fc544908eb03688bc9"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 324

POST
H3-29 200 /
www.facebook.com/tr/ 0
15 B 14ms
6ms Ping
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarySdv63iuqcABugBmg

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Mon, 26 Apr 2021 21:11:20 GMT
content-type: text/plain
access-control-allow-origin: https://bangordailynews.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 26ms
8ms Script
application/javascript 2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8000d797097e74bfff377d2f3fca7e046ee4490ea4edb70c2c0b189575847629

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:21 GMT
content-encoding: gzip
etag: "9iaPKZLFg6XYoMRMhilE8g=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Mon, 03 May 2021 21:11:21 GMT

GET
H2 200 checkout.bundle.1.1.css
buy.tinypass.com/widget/dist/checkout/css/ Frame 9EE0 308 KB
47 KB 58ms
52ms Stylesheet
text/css 2606:4700::6811:b6b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/widget/dist/checkout/css/checkout.bundle.1.1.css

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=%23piano-bottom&templateId=OT4SMJA264JI&offerId=OFTT8RQJHOEV&formNameByTermId=%7B%7D&hideCompletedFields=true&showCloseButton=false&experienceId=EXTQ1E06385B&activeMeters=%5B%7B%22meterName%22%3A%22MeteredExperience%22%2C%22views%22%3A1%2C%22viewsLeft%22%3A2%2C%22maxViews%22%3A3%2C%22totalViews%22%3A1%7D%5D&widget=offer&iframeId=offer-0-iXRjE&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=U1S2txQ29t&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=9f6efaef77

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d16d5e3a0aff3f3b11fb37c313e172797ff9e25f4298537beb8bb58038f81424

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=%23piano-bottom&templateId=OT4SMJA264JI&offerId=OFTT8RQJHOEV&formNameByTermId=%7B%7D&hideCompletedFields=true&showCloseButton=false&experienceId=EXTQ1E06385B&activeMeters=%5B%7B%22meterName%22%3A%22MeteredExperience%22%2C%22views%22%3A1%2C%22viewsLeft%22%3A2%2C%22maxViews%22%3A3%2C%22totalViews%22%3A1%7D%5D&widget=offer&iframeId=offer-0-iXRjE&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=U1S2txQ29t&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=9f6efaef77
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:21 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 6695
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 09b19ed0b9000005fd348ce000000001
wn: prod-dash-10-0-86-80
last-modified: Fri, 23 Apr 2021 17:49:06 GMT
server: cloudflare
etag: W/"315098-1619200146000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
content-type: text/css
server-time: 0.000
cache-control: public, max-age=7200
cf-ray: 6462cd945e6705fd-FRA
expires: Mon, 26 Apr 2021 23:11:21 GMT

GET
H2 200 platform-translation-map_en_US.js Show response
buy.tinypass.com/ng/common/i18n/ Frame 9EE0 47 KB
9 KB 44ms
40ms Script
application/javascript 2606:4700::6811:b6b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/ng/common/i18n/platform-translation-map_en_US.js?version=12.167.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f958dca7921982c0e587c0606cf48887865fea588a623bdab97a33211c74726

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=%23piano-bottom&templateId=OT4SMJA264JI&offerId=OFTT8RQJHOEV&formNameByTermId=%7B%7D&hideCompletedFields=true&showCloseButton=false&experienceId=EXTQ1E06385B&activeMeters=%5B%7B%22meterName%22%3A%22MeteredExperience%22%2C%22views%22%3A1%2C%22viewsLeft%22%3A2%2C%22maxViews%22%3A3%2C%22totalViews%22%3A1%7D%5D&widget=offer&iframeId=offer-0-iXRjE&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=U1S2txQ29t&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=9f6efaef77
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:21 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: HIT
age: 35499
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 09b19ed0b9000005fdf5138000000001
wn: prod-dash-10-0-133-192
last-modified: Fri, 23 Apr 2021 16:25:20 GMT
server: cloudflare
etag: W/"48411-1619195120000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
content-type: application/javascript;charset=UTF-8
server-time: 0.001
cache-control: public, max-age=86400
cf-ray: 6462cd945e6805fd-FRA
expires: Tue, 27 Apr 2021 21:11:21 GMT

GET
H2 200 H4sIAAAAAAAAAD3ISQrAIAwAwA_VBD31N8Ul2NgQoYn0-715GwY_bp0cG5tjvak-czkO24aytAmBcL_9QOFimLUvyW-IkCAl5HjqPpk1C12kYRkM-wFw5y1kYAAAAA Show response
buy.tinypass.com/_sam/ Frame 9EE0 553 KB
160 KB 47ms
43ms Script
text/javascript 2606:4700::6811:b6b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3ISQrAIAwAwA_VBD31N8Ul2NgQoYn0-715GwY_bp0cG5tjvak-czkO24aytAmBcL_9QOFimLUvyW-IkCAl5HjqPpk1C12kYRkM-wFw5y1kYAAAAA?compressed=true&v=12.167.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a10e468908f0836c577b2231649534f718e802fb941221bf488a6f8fcef5d186

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=%23piano-bottom&templateId=OT4SMJA264JI&offerId=OFTT8RQJHOEV&formNameByTermId=%7B%7D&hideCompletedFields=true&showCloseButton=false&experienceId=EXTQ1E06385B&activeMeters=%5B%7B%22meterName%22%3A%22MeteredExperience%22%2C%22views%22%3A1%2C%22viewsLeft%22%3A2%2C%22maxViews%22%3A3%2C%22totalViews%22%3A1%7D%5D&widget=offer&iframeId=offer-0-iXRjE&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=U1S2txQ29t&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=9f6efaef77
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:21 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 3045
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 09b19ed0b9000005fd288a5000000001
wn: prod-dash-10-0-124-91
last-modified: Fri, 23 Apr 2021 17:55:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
content-type: text/javascript
server-time: 0.004
cache-control: public, max-age=601755
x-optimized-by: _sam
cf-ray: 6462cd945e6905fd-FRA
expires: Mon, 03 May 2021 20:20:36 GMT

GET
H2 200 e4596a5f2ba98ef1f0e097bf016cb191.png
images.revcontent.com/revcontent/image/fetch/f_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ 5 KB
5 KB 136ms
51ms Image
image/webp 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/e4596a5f2ba98ef1f0e097bf016cb191.png

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

a81ac9c01d11b5ff2ba40cf04af8ed6a38c341044b9bfc659d93211454ba9380

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:21 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="e4596a5f2ba98ef1f0e097bf016cb191.webp"
server-timing: fastly;dur=2;cpu=1;start=2021-03-04T12:08:57.063Z;desc=hit,rtt;dur=0
content-length: 5040
last-modified: Wed, 03 Mar 2021 19:20:24 GMT
server: Cloudinary
etag: "810e855ad9d96ac5c62ba507e0033a2e"
vary: Accept
x-hw: 1619471481.cds140.am5.hn,1619471481.cds248.am5.c
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 15307408701791290436.jpg
images.revcontent.com/revcontent/image/fetch/f_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ 19 KB
19 KB 132ms
72ms Image
image/webp 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/15307408701791290436.jpg

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

bb0a3dda5577b7e9c474c62306eafef201802ea9498e3a23ebc9a43c67b16340

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:21 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="15307408701791290436.webp"
server-timing: fastly;dur=1;cpu=0;start=2021-04-19T11:50:05.048Z;desc=hit,rtt;dur=1
content-length: 19128
last-modified: Mon, 12 Oct 2020 18:20:53 GMT
server: Cloudinary
etag: "d079594628c61bf9f24873ba75d79bb5"
vary: Accept
x-hw: 1619471481.cds140.am5.hn,1619471481.cds233.am5.c
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 15607864980674604554.jpg
images.revcontent.com/revcontent/image/fetch/f_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ 7 KB
7 KB 134ms
82ms Image
image/webp 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/15607864980674604554.jpg

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

d225211fdc556dd164992c9b3fc91e398f326ff6fe42159a04291bb45f475b42

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:21 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="15607864980674604554.webp"
server-timing: fastly;dur=1;cpu=0;start=2021-03-10T14:12:56.977Z;desc=hit,rtt;dur=0
content-length: 6656
last-modified: Mon, 12 Oct 2020 18:14:31 GMT
server: Cloudinary
etag: "0991843435281f170e89e48db4aa2ca1"
vary: Accept
x-hw: 1619471481.cds140.am5.hn,1619471481.cds110.am5.c
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 15778086202031083303.jpg
images.revcontent.com/revcontent/image/fetch/f_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ 20 KB
20 KB 95ms
51ms Image
image/jp2 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/15778086202031083303.jpg

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:21 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
server-timing: fastly;dur=1;cpu=0;start=2021-02-17T03:11:24.427Z;desc=hit,rtt;dur=0
content-length: 20052
last-modified: Mon, 12 Oct 2020 18:14:40 GMT
server: Cloudinary
etag: "a1fca2e4fc3883a6dc7e6bf70b6bf8fa"
vary: Accept
x-hw: 1619471481.cds140.am5.hn,1619471481.cds121.am5.c
content-type: image/jp2
access-control-allow-origin: *
access-control-expose-headers: Content-Length,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

POST
H/1.1 200
OK ao Show response
capi.connatix.com/tr/ Frame E98A 0
300 B 133ms
133ms XHR
multipart/form-data 3.23.122.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/ao?v=115064
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.23.122.187 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Mon, 26 Apr 2021 21:11:21 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://bangordailynews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK g Show response
capi.connatix.com/rtb/ Frame E98A 117 B
404 B 553ms
169ms XHR
multipart/form-data 3.23.122.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/rtb/g?v=115064
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.23.122.187 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: c4de6303dd67dd974fed52872ff034dbbb3d3ff2b4657817548bee0410d986dc

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Mon, 26 Apr 2021 21:11:21 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://bangordailynews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 123

POST
H/1.1 200
OK ps Show response
capi.connatix.com/tr/ Frame E98A 0
300 B 255ms
128ms XHR
multipart/form-data 3.23.122.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/ps?v=115064
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.23.122.187 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Mon, 26 Apr 2021 21:11:21 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://bangordailynews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 200 1_th.jpg
img.connatix.com/fda58192-ade4-4b70-87e4-8bec8591c31e/ 11 KB
12 KB 35ms
33ms Image
image/jpeg 151.101.114.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/fda58192-ade4-4b70-87e4-8bec8591c31e/1_th.jpg?crop=546:307,smart&width=546&height=307&format=jpeg&quality=60&fit=crop
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6967e76dda8a91ef00d9999741ea147446fa952edb4c0ed5522f2453693a25fc

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:21 GMT
age: 2163920
etag: "Xod04Z/uExQG5zbJq0sDzGdgxFwSlQM/kDUqyHdPfcI"
access-control-max-age: 86400
fastly-io-info: ifsz=15731 idim=375x212 ifmt=jpeg ofsz=11766 odim=375x211 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=31557600
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 11766

GET
H2 200 rules-p-mEzuYq24VEJ-3.js Show response
rules.quantcount.com/ 3 B
427 B 116ms
38ms Script
application/javascript 2600:9000:20c8:c00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-mEzuYq24VEJ-3.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c8:c00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 20:17:31 GMT
via: 1.1 bba411d0a1e93905fdec1b327205fbe0.cloudfront.net (CloudFront)
age: 3231
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 02:39:21 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-pop: MAD50-C1
accept-ranges: bytes
x-amz-cf-id: PVRxsoK4wlI_xTL5W4V1MwBh9FBIjvJ--AQGZRtq4XL_ULxTbI1V9A==

GET
H2 200 BDN_square_logo.svg
i.piano.io/managedservices/bangor-daily-news/ Frame 9EE0 2 KB
1 KB 82ms
71ms Image
image/svg+xml 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.piano.io/managedservices/bangor-daily-news/BDN_square_logo.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6bd40ddeee3347941e62e54a12e1534a71c45517a8c5f61be6790feb1be4fee9

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:21 GMT
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: REVALIDATED
x-amz-cf-pop: FRA6-C1
x-cache: Hit from cloudfront
content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09b19ed1a800004e80b02e6000000001
last-modified: Wed, 15 Jan 2020 17:32:45 GMT
server: cloudflare
etag: W/"7edd00f9f23e9f6572a677bb121f2d39"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
content-type: image/svg+xml
cache-control: public, max-age=14400
cf-ray: 6462cd95d8874e80-FRA
x-amz-cf-id: kpJl3LOwq89cMO4DLXf_G1UPPO8Z-0Dn-PmCtmTS6nzrlCrLBkUvOg==
expires: Tue, 27 Apr 2021 01:11:21 GMT

POST
H2 204 generic
trends.revcontent.com/event/ 0
0 56ms
56ms Fetch 34.248.121.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trends.revcontent.com/event/generic
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.121.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Grizzly/2.4.4 /
Resource Hash

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://bangordailynews.com
date: Mon, 26 Apr 2021 21:11:21 GMT
access-control-allow-credentials: true
server: Grizzly/2.4.4
access-control-allow-headers: Content-Type

POST
H2 204 generic
trends.revcontent.com/event/ 0
0 56ms
56ms Fetch 34.248.121.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trends.revcontent.com/event/generic
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.121.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Grizzly/2.4.4 /
Resource Hash

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://bangordailynews.com
date: Mon, 26 Apr 2021 21:11:21 GMT
access-control-allow-credentials: true
server: Grizzly/2.4.4
access-control-allow-headers: Content-Type

GET
H/1.1 200
OK 1619104036829_852x480_thumbnail.jpg
cdn5.anyclip.com/GWgZ-ngBS4c3fdCU5nse/ 154 KB
154 KB 309ms
237ms Image
image/jpeg 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn5.anyclip.com/GWgZ-ngBS4c3fdCU5nse/1619104036829_852x480_thumbnail.jpg?wid=0011r00002SRK6m_6242
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash: 6d8673cdf4ca9648f88a93ef5e7286ba32b6f777ccb7a82eae62b6a95af3d51b

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 21:11:21 GMT
Last-Modified: Thu, 22 Apr 2021 15:07:17 GMT
Server: AmazonS3
x-amz-request-id: 96M6NWX662TSMSYY
x-amz-id-2: UdJr/E0AHniEpgyYd1wnE1sJheFmOLox1vnU5bEu7JTD9VnEMKkkGEhtlHaydBpesF6S4m3x5gE=
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 157301
X-LLID: 43c0228ecf4471a60d3cae5ff94284e3

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 118ms
118ms Image
image/gif 54.174.65.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=1808&val=%7B%22userAgent%22%3A%7B%22allow%22%3Atrue%2C%22software%22%3A%7B%22nameCode%22%3A%22chrome%22%2C%22ver%22%3A%2289%22%7D%2C%22os%22%3A%7B%22nameCode%22%3A%22windows%22%2C%22ver%22%3A%2210%22%7D%2C%22hw%22%3A%7B%22type%22%3A%22computer%22%2C%22subType%22%3Anull%7D%7D%7D&wnx=0&abc=&ty=prs&v=0&ext=0&ta=1&lnx=0&sid=wegb4rEJFhNbEzXdMh0WvgKTG3yDTusU&pid=bangordailynewscom&wid=0011r00002SRK6m_6242&pt=a
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.65.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:21 GMT
last-modified: Wed, 30 Dec 2020 14:34:46 GMT
server: nginx
accept-ranges: bytes
etag: "5fec9006-23"
content-length: 35
content-type: image/gif

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 120ms
119ms Image
image/gif 54.174.65.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=1809&val=0&wnx=0&abc=&ty=pll&v=0&ext=0&ta=1&lnx=0&sid=wegb4rEJFhNbEzXdMh0WvgKTG3yDTusU&pid=bangordailynewscom&wid=0011r00002SRK6m_6242&pt=a
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.65.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:21 GMT
last-modified: Wed, 30 Dec 2020 14:34:46 GMT
server: nginx
accept-ranges: bytes
etag: "5fec9006-23"
content-length: 35
content-type: image/gif

GET
H/1.1 200
OK 1619104036758_248x140_thumbnail.jpg
cdn5.anyclip.com/GWgZ-ngBS4c3fdCU5nse/ 21 KB
22 KB 103ms
38ms Image
image/jpeg 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn5.anyclip.com/GWgZ-ngBS4c3fdCU5nse/1619104036758_248x140_thumbnail.jpg?wid=0011r00002SRK6m_6242
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash: c1c45358e23710e17cc8f7efdc30edfa2ab217cbb843f445b39921eaa1ae530e

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 21:11:21 GMT
Last-Modified: Thu, 22 Apr 2021 15:07:17 GMT
Server: AmazonS3
Age: 5265
x-amz-id-2: ZV3md2h0A+nHtq3mZw1yqGDA3KEO3vPiaVH+DyeN1BRxwQAOm6NleesGrfWs0lpPjYegVgqKoNo=
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=86400
Content-Length: 21852
Connection: keep-alive
Accept-Ranges: bytes
x-amz-request-id: WP7BKX5XZX6119JK
X-LLID: f4302b0a47cd51828aa1d0f85ab8150d

GET
H/1.1 200
OK 1618905797651_248x140_thumbnail.jpg
cdn5.anyclip.com/8T9M7ngBxQuMbRQg72pX/ 20 KB
21 KB 115ms
49ms Image
image/jpeg 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn5.anyclip.com/8T9M7ngBxQuMbRQg72pX/1618905797651_248x140_thumbnail.jpg?wid=0011r00002SRK6m_6242
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash: 01a8d3f4c7e0263845c2480b92812b0c50b72123c8e2bdeb5ac594ffb9a6679c

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 21:11:21 GMT
Last-Modified: Tue, 20 Apr 2021 08:03:18 GMT
Server: AmazonS3
Age: 7592
x-amz-id-2: D9I1CzxABc2OsW997/zFIQpG6YDWH8QjkPt1it2Zas05XAgZtnLLO6UA7Oh23MN39wWVUCXh744=
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=86400
Content-Length: 20531
Connection: keep-alive
Accept-Ranges: bytes
x-amz-request-id: 799MTSQSZGJ1MD6H
X-LLID: e72e29a6f7171c1ca9223e08bfc1ce33

GET
H/1.1 200
OK 1619026651087_248x140_thumbnail.jpg
cdn5.anyclip.com/EFNv9XgBS4c3fdCUKLu7/ 8 KB
8 KB 101ms
35ms Image
image/jpeg 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn5.anyclip.com/EFNv9XgBS4c3fdCUKLu7/1619026651087_248x140_thumbnail.jpg?wid=0011r00002SRK6m_6242
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash: b2662757e77781a39210c37b7a5abc104e460d682416f70584b6eb19dfbdea67

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 21:11:21 GMT
Last-Modified: Wed, 21 Apr 2021 17:37:32 GMT
Server: AmazonS3
Age: 51794
x-amz-id-2: WfVVvr+lcVwcs/NKlbXSa5fhx6wzw01TEgr2lHWtCPoi5k6LRHfPu4iwBuxP8aJdbXPpCj27xtg=
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=86400
Content-Length: 7902
Connection: keep-alive
Accept-Ranges: bytes
x-amz-request-id: 8M2T9YESYP0KFNAM
X-LLID: b063128f007616efd5c346f23184c70f

GET
H/1.1 200
OK 1619449640509_248x140_thumbnail.jpg
cdn5.anyclip.com/BaC0DnkBc_W7xeGl6DPY/ 17 KB
18 KB 282ms
216ms Image
image/jpeg 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn5.anyclip.com/BaC0DnkBc_W7xeGl6DPY/1619449640509_248x140_thumbnail.jpg?wid=0011r00002SRK6m_6242
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash: d5b949958171ec2adc2c5b926aa13d7a8db03067efe7a65844aabdac707074f0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 21:11:21 GMT
Last-Modified: Mon, 26 Apr 2021 15:07:21 GMT
Server: AmazonS3
x-amz-request-id: F2MQW5C9BH4BHFJM
x-amz-id-2: rMV3WhCWUSxn6CMMFEGgOhHX0EApk5QQaXCMb5CMWc9Tnyz2FBnPSxTiQf2sKR2I5vvYjzUsnaE=
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 17827
X-LLID: 97489985ceb6ab29db4355d9f3c55538

GET
H/1.1 200
OK 1617729410172_210x140_thumbnail.jpg
cdn5.anyclip.com/1rovqHgBi_HOy6yVe6J9/ 13 KB
14 KB 100ms
32ms Image
image/jpeg 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn5.anyclip.com/1rovqHgBi_HOy6yVe6J9/1617729410172_210x140_thumbnail.jpg?wid=0011r00002SRK6m_6242
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash: 90a6c1119e64439672d3060b7a67c8387a236515704fdae29ed9ea534e2eeedf

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 21:11:21 GMT
Last-Modified: Tue, 06 Apr 2021 17:16:51 GMT
Server: AmazonS3
Age: 80004
x-amz-id-2: n8sukG1M8TTD+EsKB2TR2KQilOozbhWRB/YCV6uzv1T2C4Pu0p1vrlecAwgNwgGv83Zyo6/oktM=
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=86400
Content-Length: 13624
Connection: keep-alive
Accept-Ranges: bytes
x-amz-request-id: 0SW7JK7F28004YCC
X-LLID: ff014e29c814bb8c6f0aa582775baf88

GET
H/1.1 200
OK 1619103769277_subtitles.vtt Show response
cdn5.anyclip.com/GWgZ-ngBS4c3fdCU5nse/cc/EN/ 3 KB
4 KB 100ms
32ms XHR
application/octet-stream 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn5.anyclip.com/GWgZ-ngBS4c3fdCU5nse/cc/EN/1619103769277_subtitles.vtt
Requested by: Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash: 0595e7d433e3e142736ce98a4df9b8193ee226f392dcb7d8ed6291def1bd970a

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 21:11:21 GMT
Last-Modified: Thu, 22 Apr 2021 15:02:50 GMT
Server: AmazonS3
Age: 45394
x-amz-id-2: pwjebJ1+cFsUTNmwVGgnpyAIq699T5YZQYnTf5eN1+l9fhu3oH3Lr0PJzNH30uOpX7knCfdFwLo=
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=86400
Content-Length: 3576
Connection: keep-alive
Accept-Ranges: bytes
x-amz-request-id: 6FYH6C4GWD3GR9GK
X-LLID: acb0e973f11ead4ba82bd20e1c7cab0f

GET
H/1.1 200
OK watch.svg
assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/ 364 B
982 B 32ms
31ms Image
image/svg+xml 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/watch.svg?hash=55977d5a99
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash: 67386f7f6c11079518c59fdca44b5a6c5b17f4b8cda8ead4e993f3b2dfda0e5d

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 21:11:21 GMT
Content-Encoding: gzip
Age: 10412
x-amz-meta-sha256: 67386f7f6c11079518c59fdca44b5a6c5b17f4b8cda8ead4e993f3b2dfda0e5d
Connection: keep-alive
Content-Length: 245
x-amz-id-2: 2nGMXII0jg7YAkO3jU84XMesq35GbzJUyaLc24gp3i1+Or8LOhiV8RiCVaoYVCN0E/cyPX8iy3Y=
Last-Modified: Tue, 04 Aug 2020 10:39:53 GMT
Server: AmazonS3
Vary: Accept-Encoding
x-amz-request-id: F5D829359B29FCE1
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=14400
x-amz-meta-s3b-last-modified: 20200804T103752Z
x-amz-version-id: jJ7plitpaP9q57Aey2ETnqu6JQKZQWu3
Accept-Ranges: bytes
Content-Type: image/svg+xml
X-LLID: 06f72112f8a788a240174526a2b8c5f1
Expires: Mon, 26 Apr 2021 22:17:49 GMT

GET
H/1.1 200
OK like.svg
assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/ 401 B
1 KB 32ms
32ms Image
image/svg+xml 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/like.svg?hash=55977d5a99
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash: 453e9cc6fc295196d8914da9858a388ce58a1dcb9b033aab9037aa2badbbc0d9

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 21:11:21 GMT
Content-Encoding: gzip
Age: 10414
x-amz-meta-sha256: 453e9cc6fc295196d8914da9858a388ce58a1dcb9b033aab9037aa2badbbc0d9
Connection: keep-alive
Content-Length: 287
x-amz-id-2: YJwcVjjXEYHrgbfUQ0ZprM+hynZGigUcRCrQAb35V3o7TeudfG+54d8Yf0o2jYAbR1wWkA0is7Y=
Last-Modified: Tue, 04 Aug 2020 10:39:58 GMT
Server: AmazonS3
Vary: Accept-Encoding
x-amz-request-id: 9ZAG8KANCKER4H5Y
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=14400
x-amz-meta-s3b-last-modified: 20200804T103803Z
x-amz-version-id: AgMuGLHw2p4hvvpUt5__8K6ZhGhprdTJ
Accept-Ranges: bytes
Content-Type: image/svg+xml
X-LLID: 455da67958759d49757de0c67c6ccdaa
Expires: Mon, 26 Apr 2021 22:17:47 GMT

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 119ms
114ms Image
image/gif 54.174.65.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=i5lwowrnnztueuzummzwmzcdku2w443f&inx=0&rt=1882&val=&wnx=1&abc=&ty=pli&v=0&ext=0&ta=1&lnx=0&sid=wegb4rEJFhNbEzXdMh0WvgKTG3yDTusU&pid=bangordailynewscom&wid=0011r00002SRK6m_6242&pt=a
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.65.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:21 GMT
last-modified: Wed, 30 Dec 2020 14:34:46 GMT
server: nginx
accept-ranges: bytes
etag: "5fec9006-23"
content-length: 35
content-type: image/gif

GET
H2 200 / Show response
lreprx-server.anyclip.com/ Frame FD7A 1 KB
2 KB 361ms
119ms XHR
text/xml 35.174.89.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://lreprx-server.anyclip.com/?ad=https%3A%2F%2Fvid.springserve.com%2Fvast%2F630417%3Fima%3D4%26w%3D780%26h%3D439%26url%3Dhttps%253A%252F%252Fbangordailynews.com%252F2021%252F04%252F23%252Fnews%252Fbangor%252Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%252F%26cb%3D871658043%26widgetid%3D0011r00002SRK6m_6242%26lob%3D%26clipid%3Dundefined%26key_custom1%3D%5Ew%3D0011r00002SRK6m_6242%5Ec%3Dundefined%5Ei%3D0%5Eab%3D%5Ev%3D0%5Ep%3Dbangordailynewscom%26key_custom2%3D%5Ed%3Dbangordailynews.com%5Eu%3D%5Edv%3D1%5Eco%3D%5Epl%3Da%26gdpr%3D%26consent%3D%26viewability%3D0%26schain%3D1.0%2C1%21anyclip.com%2C0011r00002SRK6mAAH%2C1%2C%2C%2C%2C%26us_privacy%3D1---%26domain%3Dbangordailynews.com&mavs=0&rqcm=1&ast=-1&smb=1&sid=wegb4rEJFhNbEzXdMh0WvgKTG3yDTusU&imaw=0&amd=1&sf=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.174.89.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: / Express
Resource Hash: fba5dff2f0020535b59ad09fead980cd1e14159b4086713aada48c30d6f01a61

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://imasdk.googleapis.com
date: Mon, 26 Apr 2021 21:11:21 GMT
access-control-allow-credentials: true
x-powered-by: Express
content-length: 1358
etag: W/"54e-PnqDyEN/zseba6pIRfD6ZTiLnZk"
content-type: text/xml; charset=utf-8

GET
DATA 200
OK truncated
/ Frame 9EE0 129 KB
129 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3160d60bd35ec46668de0789dd5566aff8a9182ef7896e68ef98550d24211426

Request headers

Origin: https://buy.tinypass.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/font-woff2;charset=utf-8

GET
H3-29 200 BDN_square_logo.svg
i.piano.io/managedservices/bangor-daily-news/ Frame 9EE0 2 KB
2 KB 19ms
19ms Image
image/svg+xml 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.piano.io/managedservices/bangor-daily-news/BDN_square_logo.svg

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3ISQrAIAwAwA_VBD31N8Ul2NgQoYn0-715GwY_bp0cG5tjvak-czkO24aytAmBcL_9QOFimLUvyW-IkCAl5HjqPpk1C12kYRkM-wFw5y1kYAAAAA?compressed=true&v=12.167.0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6bd40ddeee3347941e62e54a12e1534a71c45517a8c5f61be6790feb1be4fee9

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:21 GMT
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
age: 0
x-cache: Hit from cloudfront
content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09b19ed32000004a5b6b2fd000000001
last-modified: Wed, 15 Jan 2020 17:32:45 GMT
server: cloudflare
etag: W/"7edd00f9f23e9f6572a677bb121f2d39"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
content-type: image/svg+xml
cache-control: public, max-age=14400
x-amz-cf-pop: FRA6-C1
cf-ray: 6462cd983f7c4a5b-FRA
x-amz-cf-id: kpJl3LOwq89cMO4DLXf_G1UPPO8Z-0Dn-PmCtmTS6nzrlCrLBkUvOg==
expires: Tue, 27 Apr 2021 01:11:21 GMT

POST
H2 200 trackShow Show response
buy.tinypass.com/checkout/offer/ Frame 9EE0 1 KB
1 KB 166ms
166ms XHR
application/json 2606:4700::6811:b6b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/checkout/offer/trackShow

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

89b3c6b189f589bf3a4184c5be65e838779a825219c191f13e31c091adc25f89

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
Ng-Request: 1
Referer: https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=%23piano-bottom&templateId=OT4SMJA264JI&offerId=OFTT8RQJHOEV&formNameByTermId=%7B%7D&hideCompletedFields=true&showCloseButton=false&experienceId=EXTQ1E06385B&activeMeters=%5B%7B%22meterName%22%3A%22MeteredExperience%22%2C%22views%22%3A1%2C%22viewsLeft%22%3A2%2C%22maxViews%22%3A3%2C%22totalViews%22%3A1%7D%5D&widget=offer&iframeId=offer-0-iXRjE&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=U1S2txQ29t&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=9f6efaef77
X-Requested-With: XMLHttpRequest
Piano-request-without-spinner: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Mon, 26 Apr 2021 21:11:21 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
x-xss-protection: 0
x-request-id: Cx6w6sqYKjx
pragma: no-cache
wn: prod-dash-10-200-134-72
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
access-control-allow-methods: *
content-type: application/json;charset=utf-8
access-control-allow-origin: https://dashboard.piano.io
cache-control: no-cache, no-store, must-revalidate
server-time: 0.001
cf-request-id: 09b19ed33e000005fdea098000000001
cf-ray: 6462cd98580505fd-FRA
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame E98A 334 KB
114 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d25942b7da85bc7cdb258cdb436227b1de7e3a2b50c61f7d7050eff911f88f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117044
x-xss-protection: 0
expires: Mon, 26 Apr 2021 21:11:21 GMT

GET
DATA 200
OK truncated
/ Frame 9EE0 91 KB
91 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eeab69fe0fb6bd777609e74ee6e777f6f2aadef3cd2a3e11f5177e04a09eca5a

Request headers

Origin: https://buy.tinypass.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/font-woff2;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 9EE0 58 KB
58 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1711edcf9f24fffab7f631a0f721dd91bccc3d72217d13b67e01de9245481ecb

Request headers

Origin: https://buy.tinypass.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/font-woff2;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 9EE0 129 KB
129 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d3154353d46d52fb4f4b3ca5832d8f0d30ca387dc03d1d754b8dc3404facde06

Request headers

Origin: https://buy.tinypass.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/font-woff2;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 9EE0 68 KB
68 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 15545d12a24bc9e8a8f459860336b85734f18632692e5bbc1b79982a4a28bdb3

Request headers

Origin: https://buy.tinypass.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/font-woff2;charset=utf-8

GET
H2 200 performanceMetrics Show response
buy.tinypass.com/api/v3/anon/assets/ 199 B
387 B 129ms
129ms Script
application/javascript 2606:4700::6811:b6b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/v3/anon/assets/performanceMetrics?tbc=%7Bjzx%7D8jDEHxOqpL8qr2PEo4tolIFrq3vhMQo0SmusEvbwCBdJQf1ecxw-D0Y4NQT0o8gAiKND2r8uxuLQ96hLHGk-Kz_KjmHDe_cCw78w2Ty9zDKOjIIkH6gmZw9EthoDnEgaT7yOLjkew0vrrlYWyqoNDA&aid=U1S2txQ29t&user_provider=piano_id&user_token=&callApiJsonp=true&callback=jQuery1124029047282767597116_1619471479938&_=1619471479940

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

408d8d61e635a2823dcb815d944a122d0f1c90fe33ac6467bf40c16ddec1602b

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray: 6462cd98b90905fd-FRA
date: Mon, 26 Apr 2021 21:11:21 GMT
content-encoding: br
cf-cache-status: DYNAMIC
wn: prod-dash-10-0-130-38
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
p3p: CP="NON DSP COR OUR IND"
server-time: 0.001
cache-control: public, max-age=86400, s-maxage=86400
x-forwarded-https: on
content-type: application/javascript
cf-request-id: 09b19ed377000005fd133c6000000001
x-request-id: Cx6w6sqHyWc

GET
H3-29 200 bridge3.453.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 55A4 570 KB
186 KB 9ms
8ms Document
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03fa924099182c607c33fb7877f50e7de0ae3522e1bcff8f7247ae5e88a2b25b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.453.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bangordailynews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://bangordailynews.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 190793
date: Thu, 22 Apr 2021 15:44:13 GMT
expires: Fri, 22 Apr 2022 15:44:13 GMT
last-modified: Wed, 21 Apr 2021 20:50:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 365228
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame E98A 44 KB
16 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Mon, 26 Apr 2021 21:11:21 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 1AED 36 KB
12 KB 20ms
5ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:01:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 614
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Mon, 26 Apr 2021 22:01:07 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame FD7A 0
331 B 52ms
26ms Ping
image/gif 2a00:1450:400e:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~knz3i88q&c=1237164597814&slotId=618582298907&fb=ima-html5&sdkv=h.3.453.0&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&vmfc=1&vhc=0&ghmsh_eids=44726393%2C44739826
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400e:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 21:11:21 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 loader.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame B74C 50 KB
18 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/loader.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

733f87f07bd9fe3cb01564f66523fbbcc3bb54614363eda52236e5cd32ca3d5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:10:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 21 Apr 2021 20:57:11 GMT
server: sffe
age: 62
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18070
x-xss-protection: 0
expires: Mon, 26 Apr 2021 21:25:19 GMT

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 117ms
117ms Image
image/gif 54.174.65.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=i5lwowrnnztueuzummzwmzcdku2w443f&inx=0&rt=2371&val=&wnx=1&abc=&ty=alo&v=0&ext=0&ta=1&lnx=0&sid=wegb4rEJFhNbEzXdMh0WvgKTG3yDTusU&pid=bangordailynewscom&wid=0011r00002SRK6m_6242&pt=a&anx=1&arx=1&crt=0&s=0&aty=vid&tty=ac&rol=mid
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.65.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:21 GMT
last-modified: Wed, 30 Dec 2020 14:34:46 GMT
server: nginx
accept-ranges: bytes
etag: "5fec9006-23"
content-length: 35
content-type: image/gif

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
245 B 119ms
118ms Image
image/gif 54.166.210.103
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=pv&page=Holden%20brothers%20sue%20Northern%20Light%20over%20data%20breach%20they%20claim%20left%20them%20vulnerable%20to%20identity%20theft&tv=js-3.0.109&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=-120&lang=en-US&cs=UTF-8&navt=link&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&tvltm=12&tid=5591ab74-02b3-480e-84bb-9d8298e13295&pid=896500d5-2653-4022-8473-ae8a49b1a2fb&dtm=1619471481831&qnm=_matherq&visible=1&tabid=944e02b7-f4ff-416d-97f0-0ea3424c929c&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&vp=1600x1200&ds=1600x5938&tofa=1619471480&vid=1&lvidt=1619471480&duid=85f106e94802ff6b&fp=1072425006&cid=ma63069&mrk=92760912&cx=eyJhY3Rpb24iOnsiY2F0ZWdvcnkiOiJwYXltZW50IiwiYWN0aW9uIjoic3Vic2NyaXB0aW9uc19vZmZlcmVkIiwiZGF0YSI6eyJkaXJlY3RDaGVja291dCI6IjAiLCJoaWRlQ29tcGxldGVkRmllbGRzIjoiMSIsInNob3dDbG9zZUJ1dHRvbiI6IjAiLCJjb250YWluZXJTZWxlY3RvciI6IiNwaWFuby1ib3R0b20iLCJkaXNwbGF5TW9kZSI6ImlubGluZSIsInRlbXBsYXRlSWQiOiJPVDRTTUpBMjY0SkkiLCJ0ZW1wbGF0ZVZhcmlhbnRJZCI6bnVsbCwib2ZmZXJJZCI6Ik9GVFQ4UlFKSE9FViIsImV4Y2VwdGlvbnMiOnsiaGFzQWNjZXNzVG9BbnlSZXNvdXJjZXMiOiIxIn0sImZvcm1OYW1lQnlUZXJtSWQiOiJ7fSIsImNoZWNrb3V0Rmxvd0lkIjoiIiwiZXhwZXJpZW5jZUlkIjoiRVhUUTFFMDYzODVCIiwiZXhwZXJpZW5jZUV4ZWN1dGlvbklkIjoiMTgwNWZpMDB0ay0wMDAwMnU4ZzBtcmxmYTRyYWVjNmFndGFscyIsImV4cGVyaWVuY2VBY3Rpb25JZCI6InNob3dPZmZlckpPU0kxSENJV0E5QzY4IiwiZXhwZXJpZW5jZUNvbmRpdGlvbnMiOltdLCJicm93c2VySWQiOiJBNlZyVFMwNkp1OHpTZWdvdmVKMzhxWk9PUEhSMURiVjRsdGxBM3d2OERVM0JWU3kzYUVhc2RKdEoyYmYiLCJhZGRpdGlvbmFsUGFyYW1OYW1lcyI6W10sImFjdGl2ZU1ldGVycyI6W3sibWV0ZXJOYW1lIjoiTWV0ZXJlZEV4cGVyaWVuY2UiLCJ2aWV3cyI6IjEiLCJ2aWV3c0xlZnQiOiIyIiwibWF4Vmlld3MiOiIzIiwidG90YWxWaWV3cyI6IjEifV19LCJvZmZlcnMiOlt7Im9mZmVySWQiOiJPRlRUOFJRSkhPRVYiLCJkaXNwbGF5TW9kZSI6ImlubGluZSIsInRlbXBsYXRlSWQiOiJPVDRTTUpBMjY0SkkifV0sInZlbmRvciI6IlBpYW5vIiwidHlwZSI6InVua25vd24ifX0
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.166.210.103 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 21:11:21 GMT
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK lreprx.js Show response
player.anyclip.com/lreprx/js/v1/src/ Frame B74C 33 KB
10 KB 79ms
78ms Script
application/javascript 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://player.anyclip.com/lreprx/js/v1/src/lreprx.js?ad_tag=https%3A%2F%2Fvid.springserve.com%2Fvast%2F630417%3Fima%3D4%26w%3D780%26h%3D439%26url%3Dhttps%253A%252F%252Fbangordailynews.com%252F2021%252F04%252F23%252Fnews%252Fbangor%252Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%252F%26cb%3D871658043%26widgetid%3D0011r00002SRK6m_6242%26lob%3D%26clipid%3Dundefined%26key_custom1%3D%5Ew%3D0011r00002SRK6m_6242%5Ec%3Dundefined%5Ei%3D0%5Eab%3D%5Ev%3D0%5Ep%3Dbangordailynewscom%26key_custom2%3D%5Ed%3Dbangordailynews.com%5Eu%3D%5Edv%3D1%5Eco%3D%5Epl%3Da%26gdpr%3D%26consent%3D%26viewability%3D0%26schain%3D1.0%2C1!anyclip.com%2C0011r00002SRK6mAAH%2C1%2C%2C%2C%2C%26us_privacy%3D1---%26domain%3Dbangordailynews.com&sid=wegb4rEJFhNbEzXdMh0WvgKTG3yDTusU&imaw=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/loader.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash: b71963704e136edf961e62f8293a52e71ec294d069270d5108d41001a1aeea79

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 21:11:21 GMT
Content-Encoding: gzip
Age: 47064
Connection: keep-alive
Content-Length: 9324
x-amz-id-2: MvnKdu9HLNmuAOS6H9bV+ty3WcpDMJXgtwreNyioAibEuA1OxzR/5cnaw1nbFohcyQKUnARpFsw=
Last-Modified: Sun, 07 Mar 2021 09:26:06 GMT
Server: AmazonS3
Vary: Accept-Encoding
x-amz-request-id: 29JF1Q0DH5B7ECSG
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=60
x-amz-version-id: FaPWwIbbXX6vU3u1YrO_6kI7ChoCX9Rb
Accept-Ranges: bytes
Content-Type: application/javascript
X-LLID: 84dca0677a31e1aca9bda2701a5ea974
Expires: Mon, 26 Apr 2021 08:07:57 GMT

GET
H2 200 630417 Show response
vid.springserve.com/vast/ Frame B74C 5 KB
2 KB 163ms
56ms Fetch
application/xml 52.210.137.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/630417?ima=4&w=780&h=439&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&cb=871658043&widgetid=0011r00002SRK6m_6242&lob=&clipid=undefined&key_custom1=^w=0011r00002SRK6m_6242^c=undefined^i=0^ab=^v=0^p=bangordailynewscom&key_custom2=^d=bangordailynews.com^u=^dv=1^co=^pl=a&gdpr=&consent=&viewability=0&schain=1.0,1!anyclip.com,0011r00002SRK6mAAH,1,,,,&us_privacy=1---&domain=bangordailynews.com
Requested by: Host: player.anyclip.com
URL: https://player.anyclip.com/lreprx/js/v1/src/lreprx.js?ad_tag=https%3A%2F%2Fvid.springserve.com%2Fvast%2F630417%3Fima%3D4%26w%3D780%26h%3D439%26url%3Dhttps%253A%252F%252Fbangordailynews.com%252F2021%252F04%252F23%252Fnews%252Fbangor%252Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%252F%26cb%3D871658043%26widgetid%3D0011r00002SRK6m_6242%26lob%3D%26clipid%3Dundefined%26key_custom1%3D%5Ew%3D0011r00002SRK6m_6242%5Ec%3Dundefined%5Ei%3D0%5Eab%3D%5Ev%3D0%5Ep%3Dbangordailynewscom%26key_custom2%3D%5Ed%3Dbangordailynews.com%5Eu%3D%5Edv%3D1%5Eco%3D%5Epl%3Da%26gdpr%3D%26consent%3D%26viewability%3D0%26schain%3D1.0%2C1!anyclip.com%2C0011r00002SRK6mAAH%2C1%2C%2C%2C%2C%26us_privacy%3D1---%26domain%3Dbangordailynews.com&sid=wegb4rEJFhNbEzXdMh0WvgKTG3yDTusU&imaw=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.137.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: f0af9a636e59c63d91b6c28c4d7af19bb4a4aadb0ffa66997f17736acef1d633

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://bangordailynews.com
date: Mon, 26 Apr 2021 21:11:22 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-encoding: gzip
content-type: application/xml;charset=UTF-8

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 118ms
117ms Image
image/gif 54.174.65.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=i5lwowrnnztueuzummzwmzcdku2w443f&inx=0&rt=2480&val=1.1.11_183_prod&wnx=1&abc=&ty=xlo&v=0&ext=0&ta=1&lnx=0&sid=wegb4rEJFhNbEzXdMh0WvgKTG3yDTusU&pid=bangordailynewscom&wid=0011r00002SRK6m_6242&pt=a
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.65.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:21 GMT
last-modified: Wed, 30 Dec 2020 14:34:46 GMT
server: nginx
accept-ranges: bytes
etag: "5fec9006-23"
content-length: 35
content-type: image/gif

POST
H2 200 admin-ajax.php Show response
bangordailynews.com/wp-admin/ 63 B
316 B 934ms
933ms XHR
application/json 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-admin/admin-ajax.php

Requested by

Host: c0.wp.com
URL: https://c0.wp.com/c/5.7.1/wp-includes/js/jquery/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

08d19de9a8d2d436a8f65e2cfe40c15937761b17d76e77b8edc29529f15b6b2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-fetch-mode: cors
origin: https://bangordailynews.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
x-requested-with: XMLHttpRequest
cookie: _parsely_session={%22sid%22:1%2C%22surl%22:%22https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/%22%2C%22sref%22:%22%22%2C%22sts%22:1619471479601%2C%22slts%22:0}; _parsely_visitor={%22id%22:%22pid=06d89b9957dc6263508f366e43a5a47a%22%2C%22session_count%22:1%2C%22last_session_ts%22:1619471479601}; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1619471479726]]; ntv_as_us_privacy=1---; __adblocker=false; _cb_ls=1; _cb=BmU1n3DIOXwXCZMh2s; _chartbeat2=.1619471480225.1619471480225.1.DFZWtlBpkOsxB5i3gI3kN1eDGQBIS.1; _cb_svref=null; AMP_TOKEN=%24NOT_FOUND; _ga=GA1.2.971043729.1619471480; _gid=GA1.2.2137732637.1619471480; _dc_gtm_UA-5329647-52=1; _ml_ses=*; _fbp=fb.1.1619471480368.1268646807; __pnahc=0; ac_user_id=ac2s08vwpegt304587855b9affe7f90dd2a12679432f64ce59038c557cee3e9da11852caf5b1b82; _pbjs_userid_consent_data=3524755945110770; _pubcid=dac3b70f-69b7-4d2e-8adf-d0a5a988ec5b; __tbc=%7Bjzx%7D8jDEHxOqpL8qr2PEo4tolIFrq3vhMQo0SmusEvbwCBdJQf1ecxw-D0Y4NQT0o8gAiKND2r8uxuLQ96hLHGk-Kz_KjmHDe_cCw78w2Ty9zDKOjIIkH6gmZw9EthoDnEgaT7yOLjkew0vrrlYWyqoNDA; __pat=-14400000; __pvi=%7B%22id%22%3A%22v-2021-04-26-23-11-20-032-SnA2Uty21IPt6amN-d2ad19a1efd03d0e145f58606f9b778c%22%2C%22domain%22%3A%22.bangordailynews.com%22%2C%22time%22%3A1619471480750%7D; xbc=%7Bjzx%7D5p57FlIFfzaOwf3XfYE4azmHzx9SSwv798mOqrWt7a2v0o7IrU-ZCEkIkl1DeiLK7b7eXesWLD0yLzQE9uGzI7p8hegr93wu9OP7AMmnptJnpxUUTRbs1xo0lFjnDrvzl2Ya6gjWqx7w6hCbwkbNkb3gtRRstBBn7HMG2-sE_Cdxkr28SlfHx3Ob2eK8UmLBzgPkxbJzp0uQJ0AkO2Qk_Xf96BR8jT_9X9GJXzuV8a16p3SEsWJjQu37IKq5NXOi95Dmnyrg_1wRKtqABhZlfvEqipW4Nz2c82YLAaEc37i9oWbbh0iyl9PXyw93EevCwFYo4taA8LYWgO1Cd1tPWjyC5rab-2ALkgl7CbVvkf1fs71Lc4eVEhqZL7QCzzm3RfAJNaZBVejpP6J0DHNccA; pnespsdk_ssn=%7B%22%24s%22%3A1619471480791%2C%22visitNumber%22%3A1%7D; pnespsdk_visitor=1vx95z1jy68vn05s; cto_bidid=PXbU5l9vOFNRSndyJTJCaWsxMERRS2N4ZDUxVWRCTnNlYzg2NVclMkJyRUtmeXpkJTJCWXUwRkNxd2JlRk9iZTI5QlBMTXRuJTJGZmUzcER5TlhCTiUyRkdmWXVsbXVBcjNGOGclM0QlM0Q; cto_bundle=DJIIfF9xWmglMkZ1T1lwZ1NLNkRrbGZldVZoQUFSZWoyUXlGaGZaUlNUUGdFbzY3cVA5ZEMlMkJGZCUyRjlGanVwNFlGTHB0c0lIeVc1RzFvZHJYOTR2VE82SmtyMU8lMkJFcnZWVHEwZTJKbVdjcllNVkNDNmFDVWRPV1JOSmJ5ZVgzR1Fza2pZamhw; _pubcid=dac3b70f-69b7-4d2e-8adf-d0a5a988ec5b; __pil=en_US; _ml_id=85f106e94802ff6b.1619471480.1.1619471482.1619471480
content-length: 26
:path: /wp-admin/admin-ajax.php
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/x-www-form-urlencoded; charset=UTF-8
accept: application/json, text/javascript, */*; q=0.01
cache-control: no-cache
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
host-header: Newspack
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-frame-options: SAMEORIGIN
date: Mon, 26 Apr 2021 21:11:22 GMT
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://bangordailynews.com
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-ac: 3.vie _atomic_ams
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1763094032&t=timing&_s=2&dl=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&ul=en-us&de=UTF-8&dt=Holden%20brothers%20sue%20Northern%20Light%20over%20data%20breach%20they%20claim%20left%20them%20vulnerable%20to%20identity%20theft&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&plt=4202&pdt=84&dns=6&rrt=179&srt=687&tcp=44&dit=1796&clt=1828&_gst=1952&_gbt=2203&_cst=1252&_cbt=1903&_u=aGDAiUALBAQCAE~&jid=&gjid=&cid=971043729.1619471480&tid=UA-5329647-52&_gid=2137732637.1619471480&gtm=2wg4e1W3QLSF&cd24=https&cd25=false&cd28=no&cm5=0&z=1660026866

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 06:40:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 52232
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 06:40:50 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 52232
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vpaid_982cce59.js Show response
vpaid.springserve.com/production/ Frame B74C 483 KB
86 KB 128ms
43ms Script
application/javascript 2600:9000:20c8:a400:15:6f6c:b180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_982cce59.js
Requested by: Host: player.anyclip.com
URL: https://player.anyclip.com/lreprx/js/v1/src/lreprx.js?ad_tag=https%3A%2F%2Fvid.springserve.com%2Fvast%2F630417%3Fima%3D4%26w%3D780%26h%3D439%26url%3Dhttps%253A%252F%252Fbangordailynews.com%252F2021%252F04%252F23%252Fnews%252Fbangor%252Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%252F%26cb%3D871658043%26widgetid%3D0011r00002SRK6m_6242%26lob%3D%26clipid%3Dundefined%26key_custom1%3D%5Ew%3D0011r00002SRK6m_6242%5Ec%3Dundefined%5Ei%3D0%5Eab%3D%5Ev%3D0%5Ep%3Dbangordailynewscom%26key_custom2%3D%5Ed%3Dbangordailynews.com%5Eu%3D%5Edv%3D1%5Eco%3D%5Epl%3Da%26gdpr%3D%26consent%3D%26viewability%3D0%26schain%3D1.0%2C1!anyclip.com%2C0011r00002SRK6mAAH%2C1%2C%2C%2C%2C%26us_privacy%3D1---%26domain%3Dbangordailynews.com&sid=wegb4rEJFhNbEzXdMh0WvgKTG3yDTusU&imaw=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c8:a400:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 917a243df62d59505a727f26b2d8c554c02ba074e678fb4f0386a3e58f6df1a2

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 18:42:00 GMT
content-encoding: br
last-modified: Tue, 20 Apr 2021 18:40:58 GMT
server: AmazonS3
age: 527363
etag: W/"f71e7ede41bd33d400f47552243c4827"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 bd86a70de12d26e8fcde971fee50512c.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD50-C1
x-amz-cf-id: -u_axhAQh_QRYzZH_ug7-db0QswiH2d05qpXJa8RGCreZfwkvvsYUw==

GET
DATA 200
OK truncated
/ 777 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb705299f61aeec4baf4a54ed4621c97f86270f9fccc894e23e260285c4613aa

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 ads Show response
pagead2.googlesyndication.com/gampad/live/ Frame 55A4 0
566 B 251ms
233ms XHR
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/live/ads?iu=%2F8749%2FBDN_Ora&description_url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=824565551040352&sdkv=h.3.453.0&osd=2&frm=1&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&us_privacy=1---&gdpr=1&gdpr_consent=tcunavailable&sdki=44d&adk=3360247788&sdk_apis=2%2C8&sid=89757E60-844B-479A-B3E2-8C046774F727&eid=420706110%2C44725356%2C44739826&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&dlt=1619471479389&idt=2521&dt=1619471482252&scor=3785068249544741&ged=ve4_td3_tt0_pd3_la3000_er1843.317.1996.617_vi0.0.1200.1600_vp0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ltt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:22 GMT
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: ltt
google-creative-id: -2
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame B74C 0
119 B 174ms
94ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_982cce59.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://bangordailynews.com
date: Mon, 26 Apr 2021 21:11:21 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 bc2 Show response
bc-ssb-dub.springserve.com/ Frame B74C 20 B
211 B 173ms
57ms XHR
application/json 34.252.21.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-ssb-dub.springserve.com/bc2?r=e15d6d2d-b5e2-4462-b701-49971f6c1f5a-s.630417-d.388962-dc.83478&aid=316&det_d=bangordailynews.com&det_w=780
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_982cce59.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.21.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://bangordailynews.com
date: Mon, 26 Apr 2021 21:11:22 GMT
access-control-allow-credentials: true
server: nginx
content-length: 20
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json

GET
H2

200

avjp Show response
anyclip-d.openx.net/v/1.0/ Frame B74C
Redirect Chain

https://anyclip-d.openx.net/v/1.0/avjp?auid=543971735&url=https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-i...
https://anyclip-d.openx.net/v/1.0/avjp?cc=1&auid=543971735&url=https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable...

106 B
369 B

57ms
57ms

XHR
application/json

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://anyclip-d.openx.net/v/1.0/avjp?cc=1&auid=543971735&url=https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/&vht=439&vwd=780&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%2C%22video%2Fwebm%22%2C%22video%2Fogg%22%5D%2C%22w%22%3A780%2C%22h%22%3A439%7D%7D%5D%7D&be=true&schain=1.0,1!anyclip.com,0011r00002SRK6mAAH,1,,,&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.205.4 /
Resource Hash: 730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 21:11:22 GMT
via: 1.1 google
server: OXGW/16.205.4
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://bangordailynews.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 106
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Mon, 26 Apr 2021 21:11:22 GMT
via: 1.1 google
server: OXGW/16.205.4
location: https://anyclip-d.openx.net/v/1.0/avjp?cc=1&auid=543971735&url=https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/&vht=439&vwd=780&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%2C%22video%2Fwebm%22%2C%22video%2Fogg%22%5D%2C%22w%22%3A780%2C%22h%22%3A439%7D%7D%5D%7D&be=true&schain=1.0,1!anyclip.com,0011r00002SRK6mAAH,1,,,&us_privacy=1---
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://bangordailynews.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame B74C 334 KB
114 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_982cce59.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d25942b7da85bc7cdb258cdb436227b1de7e3a2b50c61f7d7050eff911f88f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117044
x-xss-protection: 0
expires: Mon, 26 Apr 2021 21:11:22 GMT

GET
H3-29 200 bridge3.453.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 9A43 570 KB
186 KB 7ms
7ms Document
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03fa924099182c607c33fb7877f50e7de0ae3522e1bcff8f7247ae5e88a2b25b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.453.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bangordailynews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://bangordailynews.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 190793
date: Thu, 22 Apr 2021 15:44:13 GMT
expires: Fri, 22 Apr 2022 15:44:13 GMT
last-modified: Wed, 21 Apr 2021 20:50:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 365229
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame B74C 44 KB
16 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Mon, 26 Apr 2021 21:11:22 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 85A2 36 KB
12 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:01:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 615
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Mon, 26 Apr 2021 22:01:07 GMT

GET
H2 451 envelope Show response
api.rlcdn.com/api/identity/ Frame 54DC 0
224 B 117ms
47ms XHR
text/plain 34.120.133.55
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rlcdn.com/api/identity/envelope?pid=1258
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158127/2642/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 26 Apr 2021 21:11:22 GMT
via: 1.1 google
alt-svc: clear
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://bangordailynews.com
access-control-allow-credentials: true
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame 54DC 109 B
546 B 163ms
53ms XHR
application/json 52.30.186.230
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158127/2642/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.186.230 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8f0ee98246498b18687e070bf26c82321a6d6a5096768ae64a831dbfb1c687da

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 26 Apr 2021 21:11:22 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bangordailynews.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Wed, 26 May 2021 21:11:22 GMT

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 54DC 334 KB
114 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: serv-vdo.pixfuture.com
URL: https://serv-vdo.pixfuture.com/vpaid/ads-iframe.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d25942b7da85bc7cdb258cdb436227b1de7e3a2b50c61f7d7050eff911f88f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117044
x-xss-protection: 0
expires: Mon, 26 Apr 2021 21:11:22 GMT

GET
H3-29 200 bridge3.453.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 4BB2 570 KB
186 KB 7ms
6ms Document
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03fa924099182c607c33fb7877f50e7de0ae3522e1bcff8f7247ae5e88a2b25b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.453.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 190793
date: Thu, 22 Apr 2021 15:44:13 GMT
expires: Fri, 22 Apr 2022 15:44:13 GMT
last-modified: Wed, 21 Apr 2021 20:50:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 365229
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 54DC 44 KB
16 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Mon, 26 Apr 2021 21:11:22 GMT

GET
H2 200 ef.png
cdn.pixfuture.com/prebidvideo/ Frame 54DC 1 KB
2 KB 31ms
31ms Image
image/png 2606:4700:20::ac43:4671
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pixfuture.com/prebidvideo/ef.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4671 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a4e707bf57a8ff7474bf343837e5b2123ccf8d63245e9e29cc0a21788440d1d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:22 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3611
content-length: 1080
cf-request-id: 09b19ed81c0000dff75d98f000000001
last-modified: Fri, 07 Aug 2020 14:21:25 GMT
server: cloudflare
etag: "5f2d6365-438"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4RhOFnpGw4BsLY5YX7HR6c1rKGHdTLfmMKLGKDzJ58LIcu%2FqNj2zVkLhvQJAF9JwTUjIn6aSTkq8kkUHt8cp3%2FUhSEQ8ckw4TQ87%2By3nmiNqAzvFjOEeMa31vXwUwQ%3D%3D"}]}
content-type: image/png
cache-control: public, max-age=2678400, no-transform
accept-ranges: bytes
cf-ray: 6462cda02c41dff7-FRA
expires: Wed, 28 Apr 2021 20:11:07 GMT

GET
H/1.1 200
OK internel_req_demand.php
serv-vdo.pixfuture.com/www/delivery/ Frame 54DC 0
579 B 117ms
114ms Image
text/html 204.48.28.205
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serv-vdo.pixfuture.com/www/delivery/internel_req_demand.php?script=videoAds:&bidderCode=open_int&zoneid=11
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.48.28.205 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 21:11:22 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Wed, 28 Apr 2021 21:11:22 GMT

GET
H2 200 p-7ccbedljiLMl2.gif
pixel.quantserve.com/pixel/ Frame 54DC 35 B
371 B 12ms
8ms Image
image/gif 2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-7ccbedljiLMl2.gif

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 21:11:22 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 206 blank.mp4
cdn.pixfuture.com/prebidvideo/ Frame 54DC 11 KB
11 KB 104ms
102ms Media
video/mp4 2606:4700:20::ac43:4671
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/prebidvideo/blank.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4671 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ece8d21fc724b18df3d459e6932c68f067eedeea76f65e6e3c575173eb4e332e

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 26 Apr 2021 21:11:23 GMT
access-control-allow-methods: GET, POST, OPTIONS
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
Content-Range: bytes 0-11115/11116
Content-Length: 11116
cf-request-id: 09b19ed8230000dff71002b000000001
last-modified: Fri, 07 Aug 2020 14:20:50 GMT
server: cloudflare
etag: "5f2d6342-2b6c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=u1tuIcGDXOSeZgRUA0uAawHiE%2BuH99WhGAKzMof35C0Z55AFoziblyzTbh5jsh3CBWnf%2Fn2amgY1%2FssiA7p850wDcxliPR2O49%2BpBLvGdrZE6qGDsQk76puhEDg6ow%3D%3D"}]}
content-type: video/mp4
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 6462cda03c51dff7-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 4D0C 36 KB
12 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:01:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 615
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Mon, 26 Apr 2021 22:01:07 GMT

GET
H2 200 ads Show response
pagead2.googlesyndication.com/gampad/ Frame 9A43 0
64 B 17ms
17ms XHR
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?iu=%2F127641337%2Fbangordailynews.com875242&description_url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&env=vp&correlator=2523585344248507&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=640x480&unviewed_position_start=1&vpmute=0&vpa=auto&cust_params=domainname%3Dbangordailynews.comA%26viewability%3D0&gdpr_consent=_755&gdpr=1&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&sdkv=h.3.453.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70%2C728x90&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&us_privacy=1---&sdki=44d&adk=2408233548&sdk_apis=2%2C8&sid=AA4066F5-B151-414C-AEF6-584FC15B7BFA&eid=44739826&dlt=1619471481814&idt=835&dt=1619471483109&scor=231723959802732&ged=ve4_td1_tt0_pd1_la1000_er3475.200.3634.500_vi0.0.1200.1600_vp0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:23 GMT
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-creative-id: -2
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 bc2 Show response
bc-ssb-dub.springserve.com/ Frame B74C 20 B
210 B 125ms
125ms XHR
application/json 34.252.21.138
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-ssb-dub.springserve.com/bc2?r=e15d6d2d-b5e2-4462-b701-49971f6c1f5a-s.630417-d.880466-dc.67255_s.624019-d.388976-dc.130942&aid=316&det_d=bangordailynews.com&det_w=780
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_982cce59.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.252.21.138 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://bangordailynews.com
date: Mon, 26 Apr 2021 21:11:23 GMT
access-control-allow-credentials: true
server: nginx
content-length: 20
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json

POST
H/1.1 204
No Content 309154 Show response
search.spotxchange.com/openrtb/2.3/dados/ Frame B74C 0
1 KB 193ms
62ms XHR
application/json 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/309154
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_982cce59.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 26 Apr 2021 21:11:23 GMT
X-SpotX-Timing-Transform: 0.001445
X-SpotX-Timing-SpotMarket: 0.007471
X-SpotX-Timing-Page-Mux: 0.001237
X-SpotX-Timing-Page-Require: 0.000417
X-fe: 022
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000038
X-SpotX-Timing-Page: 0.018947
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.005171
Last-Modified: Mon, 26 Apr 2021 21:11:23 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.007471
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://bangordailynews.com
X-SpotX-Timing-Page-Misc: 0.003153
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000014
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

av Show response
pixfuture2-d.openx.net/v/1.0/ Frame 4BB2
Redirect Chain

https://pixfuture2-d.openx.net/v/1.0/av?auid=540462321&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-t...
https://pixfuture2-d.openx.net/v/1.0/av?cc=1&auid=540462321&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-l...

48 B
333 B

58ms
57ms

XHR
text/xml

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pixfuture2-d.openx.net/v/1.0/av?cc=1&auid=540462321&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&vht=360&vwd=640&cb=97b8045abb&us_privacy=1---&schain=1.0,1!pixfuture.com,231,1,MTEyMDIxLTA0LTI2IDA5MDk6MTExMToyMDIw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.205.4 /
Resource Hash: a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 21:11:23 GMT
content-encoding: gzip
server: OXGW/16.205.4
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: text/xml
alt-svc: clear
content-length: 56
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Mon, 26 Apr 2021 21:11:23 GMT
via: 1.1 google
server: OXGW/16.205.4
location: https://pixfuture2-d.openx.net/v/1.0/av?cc=1&auid=540462321&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&vht=360&vwd=640&cb=97b8045abb&us_privacy=1---&schain=1.0,1!pixfuture.com,231,1,MTEyMDIxLTA0LTI2IDA5MDk6MTExMToyMDIw
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://imasdk.googleapis.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

GET
H/1.1 200
OK 300752 Show response
search.spotxchange.com/vast/2.0/ Frame B74C 67 B
1 KB 58ms
58ms XHR
text/xml 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/300752?VPAID=js&content_page_url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&player_width=780&player_height=439&cb=1619471482070&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_982cce59.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 21:11:23 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000439
X-SpotX-Timing-SpotMarket: 0.005494
X-SpotX-Timing-Page-Mux: 0.000967
X-SpotX-Timing-Page-Require: 0.000615
X-fe: 030
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000044
Content-Length: 77
X-SpotX-Timing-Page: 0.014599
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.003984
Last-Modified: Mon, 26 Apr 2021 21:11:23 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.005494
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://bangordailynews.com
X-SpotX-Timing-Page-Misc: 0.003041
X-SpotX-Timing-Page-Exception: 0.000000
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000015
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29 200 bridge3.453.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame EC23 570 KB
186 KB 7ms
6ms Document
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03fa924099182c607c33fb7877f50e7de0ae3522e1bcff8f7247ae5e88a2b25b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.453.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 190793
date: Thu, 22 Apr 2021 15:44:13 GMT
expires: Fri, 22 Apr 2022 15:44:13 GMT
last-modified: Wed, 21 Apr 2021 20:50:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 365230
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 p-7ccbedljiLMl2.gif
pixel.quantserve.com/pixel/ Frame 54DC 35 B
210 B 8ms
8ms Image
image/gif 2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-7ccbedljiLMl2.gif

Requested by

Host: serv-vdo.pixfuture.com
URL: https://serv-vdo.pixfuture.com/vpaid/ads-iframe.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 21:11:23 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK internel_req_demand.php
serv-vdo.pixfuture.com/www/delivery/ Frame 54DC 0
579 B 114ms
113ms Image
text/html 204.48.28.205
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serv-vdo.pixfuture.com/www/delivery/internel_req_demand.php?script=videoAds:&bidderCode=Appnexus_cs_int&zoneid=11
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.48.28.205 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 21:11:23 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Wed, 28 Apr 2021 21:11:23 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 300F 36 KB
12 KB 8ms
5ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:01:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 616
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Mon, 26 Apr 2021 22:01:07 GMT

GET
H2 200 ads Show response
pagead2.googlesyndication.com/gampad/ Frame 9A43 0
51 B 20ms
19ms XHR
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?iu=%2F51666783%2Fbangordailynews.com871501&description_url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&vpmute=0&vpa=auto&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&env=vp&correlator=1067493490985002&nofb=1&ord=1619471482070&gdpr_consent=_755&gdpr=1&sdkv=h.3.453.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70%2C728x90&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&us_privacy=1---&sdki=44d&adk=2408233548&sdk_apis=2%2C8&sid=AA4066F5-B151-414C-AEF6-584FC15B7BFA&eid=44739826&dlt=1619471481814&idt=835&dt=1619471484021&scor=2259411271222192&ged=ve4_td2_tt1_pd2_la2000_er3475.200.3634.500_vi0.0.1200.1600_vp0_ts1_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:24 GMT
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-creative-id: -2
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ Frame B74C 46 B
375 B 152ms
86ms Script
text/javascript 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?fn=indexResponsee15d6d2d22&v=8.8&s=631839&r=%7B%22id%22%3A%22e15d6d2d22%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F%22%2C%22ref%22%3A%22https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F%22%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%220%22%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%2C%22video%2Fwebm%22%2C%22video%2Fogg%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A200%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%5D%2C%22w%22%3A780%2C%22h%22%3A439%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22playbackmethod%22%3A%5B3%5D%2C%22startdelay%22%3A0%2C%22placement%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22pr_1_1_s%22%2C%22custom%22%3A%22videoPlayback%22%7D%2C%22bidfloor%22%3A1.25%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22anyclip.com%22%2C%22hp%22%3A1%2C%22sid%22%3A%220011r00002SRK6mAAH%22%7D%5D%2C%22complete%22%3A1%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%7D
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_982cce59.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: bc8e9b883ae6b1e1ff73a54c0f4b25b4b21b45d6b7b94e1660d3b14048c18170

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 21:11:24 GMT
Content-Encoding: gzip
Server: Apache
Vary: Is-Traffic-Invalid,Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 58
Expires: Mon, 26 Apr 2021 21:11:24 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame B74C 165 B
1 KB 144ms
64ms XHR
application/json 185.33.221.88
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_982cce59.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

22e700a34535e7c4198bfc1becd6af81613deff15f98a63f02f40af444687939

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 21:11:24 GMT
X-Proxy-Origin: 89.187.168.226; 89.187.168.226; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.154:80
AN-X-Request-Uuid: 30f502c5-4efb-4bf7-875c-2be853fe75ef
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://bangordailynews.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 165
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK ptv Show response
secure.adnxs.com/ Frame EC23 27 B
1 KB 128ms
49ms XHR
application/xml 185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/ptv?id=14483186&vmaxduration=120&vskippable=1&vplaybackmethod=4&vwidth=640&vheight=360&vcontext=4&vframeworks=1,2&referrer=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&cb=0a7e726618&us_privacy=1---&schain=1.0,1!pixfuture.com,231,1,MTEyMDIxLTA0LTI2IDA5MDk6MTExMToyMDIw

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 21:11:24 GMT
X-Proxy-Origin: 89.187.168.226; 89.187.168.226; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.47:80
AN-X-Request-Uuid: df1ef4e5-fbde-4c14-9f7f-f3153c7cade8
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://imasdk.googleapis.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 27
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 i Show response
vid-io-dub.springserve.com/vd/ Frame B74C 0
120 B 173ms
56ms XHR
text/plain 52.16.123.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io-dub.springserve.com/vd/i?suuid=e15d6d2d&ps_id=630417&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_982cce59.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.123.27 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://bangordailynews.com
date: Mon, 26 Apr 2021 21:11:24 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0

GET
H3-29 200 bridge3.453.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 631A 570 KB
186 KB 6ms
6ms Document
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03fa924099182c607c33fb7877f50e7de0ae3522e1bcff8f7247ae5e88a2b25b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.453.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 190793
date: Thu, 22 Apr 2021 15:44:13 GMT
expires: Fri, 22 Apr 2022 15:44:13 GMT
last-modified: Wed, 21 Apr 2021 20:50:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 365231
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 p-7ccbedljiLMl2.gif
pixel.quantserve.com/pixel/ Frame 54DC 35 B
210 B 12ms
12ms Image
image/gif 2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-7ccbedljiLMl2.gif

Requested by

Host: serv-vdo.pixfuture.com
URL: https://serv-vdo.pixfuture.com/vpaid/ads-iframe.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 21:11:24 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK internel_req_demand.php
serv-vdo.pixfuture.com/www/delivery/ Frame 54DC 0
579 B 114ms
114ms Image
text/html 204.48.28.205
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serv-vdo.pixfuture.com/www/delivery/internel_req_demand.php?script=videoAds:&bidderCode=open_int&zoneid=11
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.48.28.205 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 21:11:24 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Wed, 28 Apr 2021 21:11:24 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 3C23 36 KB
12 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:01:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 617
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Mon, 26 Apr 2021 22:01:07 GMT

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 116ms
116ms Image
image/gif 54.174.65.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=i5lwowrnnztueuzummzwmzcdku2w443f&inx=0&rt=4923&val=An+unexpected+error+occurred+within+the+VPAID+creative.+Refer+to+the+inner+error+for+more+info.+%7C%7C+Error%3A+NO_FILL&wnx=1&abc=&ty=aer&v=0&ext=0&ta=1&lnx=0&sid=wegb4rEJFhNbEzXdMh0WvgKTG3yDTusU&pid=bangordailynewscom&wid=0011r00002SRK6m_6242&pt=a&anx=1&arx=1&crt=0&s=0&aty=vid&tty=ac&rol=mid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.65.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:24 GMT
last-modified: Wed, 30 Dec 2020 14:34:46 GMT
server: nginx
accept-ranges: bytes
etag: "5fec9006-23"
content-length: 35
content-type: image/gif

GET
H/1.1 206
Partial Content 1619104278576_852x480_video.mp4
cdn5.anyclip.com/GWgZ-ngBS4c3fdCU5nse/ 1 MB
0 34ms
34ms Media
video/mp4 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn5.anyclip.com/GWgZ-ngBS4c3fdCU5nse/1619104278576_852x480_video.mp4?wid=0011r00002SRK6m_6242
Requested by: Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://bangordailynews.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Date: Mon, 26 Apr 2021 21:11:24 GMT
Last-Modified: Thu, 22 Apr 2021 15:11:19 GMT
Server: AmazonS3
Age: 60368
x-amz-id-2: GCMQFgSxZJaC5bZ0TdJ2bN9vN4FklNstsZ2UJ9IeFSwp/nmK4ERCu44aSVyOeQCTta4rzk4KZZc=
Content-Type: video/mp4
Content-Range: bytes 0-11604142/11604143
Cache-Control: public,max-age=86400
x-amz-request-id: A79WAZXX9Q9G0WFX
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 11604143
X-LLID: 9580503d6496bad34ce3150dabd543b1

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 122ms
121ms Image
image/gif 54.174.65.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=i5lwowrnnztueuzummzwmzcdku2w443f&inx=0&rt=4938&val=1&wnx=1&abc=&ty=cla&v=0&ext=0&ta=1&lnx=0&sid=wegb4rEJFhNbEzXdMh0WvgKTG3yDTusU&pid=bangordailynewscom&wid=0011r00002SRK6m_6242&pt=a
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.65.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:24 GMT
last-modified: Wed, 30 Dec 2020 14:34:46 GMT
server: nginx
accept-ranges: bytes
etag: "5fec9006-23"
content-length: 35
content-type: image/gif

GET
H/1.1 200
OK pause.svg
assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/ 758 B
1 KB 32ms
32ms Image
image/svg+xml 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/pause.svg?hash=55977d5a99
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash: d544eae637d61ee786c0a45bb0a7f250f9280bcd2ea1576655a761f1d397b8df

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 21:11:24 GMT
Content-Encoding: gzip
Age: 6257
Connection: keep-alive
Content-Length: 426
x-amz-id-2: pwQ4BccTl3xu4hcG4EEqMuGkgBdLgswri452ajCrVFunhV7elfgdUd4Tx9luZcp+/EZHGwBJCMU=
Last-Modified: Thu, 09 Aug 2018 13:37:34 GMT
Server: AmazonS3
Vary: Accept-Encoding
x-amz-request-id: C6D5400B3114C6E3
Access-Control-Allow-Origin: *
Expires: Mon, 26 Apr 2021 23:27:07 GMT
Cache-Control: public,max-age=14400
x-amz-version-id: COllNS2vUDfTYhxXvQJ57jWZVnnMficH
Accept-Ranges: bytes
Content-Type: image/svg+xml
X-LLID: ac06dfa68931a6e01e3be0191003d78f
x-amz-meta-s3b-last-modified: 20180704T113405Z

GET
H/1.1 200
OK volume-off.svg
assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/ 901 B
1 KB 31ms
31ms Image
image/svg+xml 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/volume-off.svg?hash=55977d5a99
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash: 2bf4b5202559dbe01d8188a3adb26d68755a69064f233ef63f284b08efaed6ad

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 21:11:24 GMT
Content-Encoding: gzip
Age: 5280
Connection: keep-alive
Content-Length: 521
x-amz-id-2: Cqh+mlrONOH/wc7a/m3Q9U7Kz08wV1Yr0heatOAdYVK7gs5aXKj8UCFPjSbDcXUEfkPA9e/wI6M=
Last-Modified: Sun, 12 Aug 2018 11:52:27 GMT
Server: AmazonS3
Vary: Accept-Encoding
x-amz-request-id: C0D1F04334E80FDB
Access-Control-Allow-Origin: *
Expires: Mon, 26 Apr 2021 23:43:24 GMT
Cache-Control: public,max-age=14400
x-amz-version-id: LD1v9d__0LhgJzdvbwPuMTNvxNdup1gK
Accept-Ranges: bytes
Content-Type: image/svg+xml
X-LLID: 480d3138b7fc69cdc40cf571d0194bad
x-amz-meta-s3b-last-modified: 20180812T115113Z

GET
H/1.1 200
OK cc-hidden.svg
assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/ 909 B
1 KB 65ms
32ms Image
image/svg+xml 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/cc-hidden.svg?hash=55977d5a99
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash: 2391cc30306861b59fcdb16b83a8f427ee342e5f5d6e8299a91d586687e8bef2

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 21:11:24 GMT
Content-Encoding: gzip
Age: 12454
Connection: keep-alive
Content-Length: 458
x-amz-id-2: uxa9DFI/0a6EJQhaDHRQ/OBzyTQx2REonEpKJDsLeMKts+Px+jfRA7JRRtH9kkt9rBcF/csUnNQ=
Last-Modified: Wed, 13 Nov 2019 11:51:46 GMT
Server: AmazonS3
Vary: Accept-Encoding
x-amz-request-id: 767E599404B79C11
Access-Control-Allow-Origin: *
Expires: Mon, 26 Apr 2021 21:43:50 GMT
Cache-Control: public,max-age=14400
x-amz-version-id: y.QX4vCTrlpSO9kX_WB6RqB1CKq9apE_
Accept-Ranges: bytes
Content-Type: image/svg+xml
X-LLID: 0bfabc1cdb7bf25da6b31954e0e9de7d
x-amz-meta-s3b-last-modified: 20191113T095137Z

GET
H/1.1 200
OK fullscreen.svg
assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/ 1 KB
1 KB 63ms
31ms Image
image/svg+xml 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/fullscreen.svg?hash=55977d5a99
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash: 0b7b74a139779fba8e1d17d597aa7cbffa27bd33d2b5c43d8039264c2a627412

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 21:11:24 GMT
Content-Encoding: gzip
Age: 6151
Connection: keep-alive
Content-Length: 524
x-amz-id-2: BRh90W2EfVzECaSH5h6jfUSFDTvgYjWMypRYQrJp7lo8LXFtr2iKyo+wwxm5PYvFOhZO6qVjHDA=
Last-Modified: Thu, 09 Aug 2018 13:37:33 GMT
Server: AmazonS3
Vary: Accept-Encoding
x-amz-request-id: D79B0CDA8EB8F2DB
Access-Control-Allow-Origin: *
Expires: Mon, 26 Apr 2021 23:28:53 GMT
Cache-Control: public,max-age=14400
x-amz-version-id: U03j5muVk7AbvhQemSaiRqevJSRY_Dma
Accept-Ranges: bytes
Content-Type: image/svg+xml
X-LLID: 30918a4dea3fa1dbd6e0195328c6ae92
x-amz-meta-s3b-last-modified: 20180704T113429Z

GET
H/1.1 200
OK next.svg
assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/ 729 B
1 KB 94ms
31ms Image
image/svg+xml 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/next.svg?hash=55977d5a99
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash: 55775baf70d2f1d40bac3a60de82e8e42b7e34687802f73671f25f2f60fdc6d4

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 21:11:24 GMT
Content-Encoding: gzip
Age: 6257
Connection: keep-alive
Content-Length: 461
x-amz-id-2: aZiDwTlw4rciTlz48Jhfji0MF1tA2KOd+P1qYYUg8NE7marJLgmCvgIWPlvmWLDv8DtP+5AGNHI=
Last-Modified: Thu, 09 Aug 2018 13:37:34 GMT
Server: AmazonS3
Vary: Accept-Encoding
x-amz-request-id: CC3D2AF47BC35EBB
Access-Control-Allow-Origin: *
Expires: Mon, 26 Apr 2021 23:27:07 GMT
Cache-Control: public,max-age=14400
x-amz-version-id: 9oEyfyolAdum9dgyt9Cw6qZIm50OH1cD
Accept-Ranges: bytes
Content-Type: image/svg+xml
X-LLID: 5577117b489bb4de07ec05d8e6f1ed93
x-amz-meta-s3b-last-modified: 20180704T113415Z

GET
DATA 200
OK truncated
/ 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Origin: https://bangordailynews.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 gaAccount Show response
buy.tinypass.com/api/v3/anon/assets/ 110 B
379 B 134ms
133ms Script
application/javascript 2606:4700::6811:b6b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/v3/anon/assets/gaAccount?aid=U1S2txQ29t&tbc=%7Bjzx%7D8jDEHxOqpL8qr2PEo4tolIFrq3vhMQo0SmusEvbwCBdJQf1ecxw-D0Y4NQT0o8gAiKND2r8uxuLQ96hLHGk-Kz_KjmHDe_cCw78w2Ty9zDKOjIIkH6gmZw9EthoDnEgaT7yOLjkew0vrrlYWyqoNDA&user_provider=piano_id&user_token=&callApiJsonp=true&callback=jQuery1124029047282767597116_1619471479938&_=1619471479941

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b6b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3d9d4096684439db1f8f6abe77c14d6bf45e21c93e011cc067f08d699e772a55

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray: 6462cdab5de805fd-FRA
date: Mon, 26 Apr 2021 21:11:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
wn: prod-dash-10-0-130-38
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
p3p: CP="NON DSP COR OUR IND"
server-time: 0.007
cache-control: public, max-age=86400, s-maxage=86400
x-forwarded-https: on
content-type: application/javascript
cf-request-id: 09b19edf17000005fdae1cd000000001
x-request-id: C07w6sqdZsK

GET
H2

200

av Show response
pixfuture2-d.openx.net/v/1.0/ Frame 631A
Redirect Chain

https://pixfuture2-d.openx.net/v/1.0/av?auid=540453138&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-t...
https://pixfuture2-d.openx.net/v/1.0/av?cc=1&auid=540453138&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-l...

48 B
248 B

57ms
57ms

XHR
text/xml

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pixfuture2-d.openx.net/v/1.0/av?cc=1&auid=540453138&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&vht=360&vwd=640&cb=5908ebcb3c&us_privacy=1---&schain=1.0,1!pixfuture.com,231,1,MTEyMDIxLTA0LTI2IDA5MDk6MTExMToyMDIw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.205.4 /
Resource Hash: a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 21:11:24 GMT
content-encoding: gzip
server: OXGW/16.205.4
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: text/xml
alt-svc: clear
content-length: 56
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Mon, 26 Apr 2021 21:11:24 GMT
via: 1.1 google
server: OXGW/16.205.4
location: https://pixfuture2-d.openx.net/v/1.0/av?cc=1&auid=540453138&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&vht=360&vwd=640&cb=5908ebcb3c&us_privacy=1---&schain=1.0,1!pixfuture.com,231,1,MTEyMDIxLTA0LTI2IDA5MDk6MTExMToyMDIw
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://imasdk.googleapis.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 5451
date: Mon, 26 Apr 2021 19:40:33 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Mon, 26 Apr 2021 21:40:33 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 13ms
13ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1763094032&t=event&ni=1&_s=1&dl=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&ul=en-us&de=UTF-8&dt=Holden%20brothers%20sue%20Northern%20Light%20over%20data%20breach%20they%20claim%20left%20them%20vulnerable%20to%20identity%20theft&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=showOffer&ea=%20offerId_OFTT8RQJHOEV____templateId_OT4SMJA264JI____aid_U1S2txQ29t&el=Show%20offer%20offerId%3AOFTT8RQJHOEV%20templateId%3AOT4SMJA264JI%20aid%3AU1S2txQ29t&_u=6GDACUALBAQCAG~&jid=1781682369&gjid=1533372066&cid=971043729.1619471480&tid=UA-5329647-52&_gid=2137732637.1619471480&_r=1&_slc=1&z=677199305

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 21:11:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bangordailynews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ Frame 9EE0 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 5451
date: Mon, 26 Apr 2021 19:40:33 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Mon, 26 Apr 2021 21:40:33 GMT

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 27ms
13ms XHR
text/plain 2a00:1450:400c:c0d::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-5329647-52&cid=971043729.1619471480&jid=1781682369&gjid=1533372066&_gid=2137732637.1619471480&_u=6GDACUALBAQCAG~&z=1477479378

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0d::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 26 Apr 2021 21:11:24 GMT
content-type: text/plain
access-control-allow-origin: https://bangordailynews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 19ms
18ms Image
image/gif 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-5329647-52&cid=971043729.1619471480&jid=1781682369&_u=6GDACUALBAQCAG~&z=838495589

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 21:11:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.de/ads/ 42 B
63 B 18ms
18ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-5329647-52&cid=971043729.1619471480&jid=1781682369&_u=6GDACUALBAQCAG~&z=838495589

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 21:11:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 bridge3.453.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 42A5 570 KB
186 KB 6ms
6ms Document
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03fa924099182c607c33fb7877f50e7de0ae3522e1bcff8f7247ae5e88a2b25b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.453.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 190793
date: Thu, 22 Apr 2021 15:44:13 GMT
expires: Fri, 22 Apr 2022 15:44:13 GMT
last-modified: Wed, 21 Apr 2021 20:50:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 365231
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 p-7ccbedljiLMl2.gif
pixel.quantserve.com/pixel/ Frame 54DC 35 B
210 B 8ms
8ms Image
image/gif 2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-7ccbedljiLMl2.gif

Requested by

Host: serv-vdo.pixfuture.com
URL: https://serv-vdo.pixfuture.com/vpaid/ads-iframe.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 21:11:24 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK internel_req_demand.php
serv-vdo.pixfuture.com/www/delivery/ Frame 54DC 0
579 B 114ms
114ms Image
text/html 204.48.28.205
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serv-vdo.pixfuture.com/www/delivery/internel_req_demand.php?script=videoAds:&bidderCode=Appnexus_cs_int&zoneid=11
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.48.28.205 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 21:11:24 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Wed, 28 Apr 2021 21:11:24 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame ECDA 36 KB
12 KB 8ms
5ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:01:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 617
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Mon, 26 Apr 2021 22:01:07 GMT

OPTIONS
H2 200 action
trafficmanager.anyclip.com/trafficmanager/api/videos/video/ Frame 0
0 119ms
119ms Preflight
text/plain 52.203.28.84
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trafficmanager.anyclip.com/trafficmanager/api/videos/video/action
Protocol: H2
Server: 52.203.28.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-203-28-84.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://bangordailynews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 26 Apr 2021 21:11:25 GMT
content-type: text/plain
content-length: 13
access-control-allow-origin: https://bangordailynews.com
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-headers: Content-Type
allow: POST,OPTIONS

POST
H2 200 action
trafficmanager.anyclip.com/trafficmanager/api/videos/video/ 0
0 118ms
118ms Fetch 52.203.28.84
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trafficmanager.anyclip.com/trafficmanager/api/videos/video/action
Requested by: Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.203.28.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-203-28-84.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://bangordailynews.com
date: Mon, 26 Apr 2021 21:11:25 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 0
access-control-allow-methods: GET,POST

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 117ms
117ms Image
image/gif 54.174.65.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=i5lwowrnnztueuzummzwmzcdku2w443f&inx=0&rt=5763&val=&wnx=1&abc=&ty=cmp&v=0&ext=0&ta=1&lnx=0&sid=wegb4rEJFhNbEzXdMh0WvgKTG3yDTusU&pid=bangordailynewscom&wid=0011r00002SRK6m_6242&pt=a
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.65.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:25 GMT
last-modified: Wed, 30 Dec 2020 14:34:46 GMT
server: nginx
accept-ranges: bytes
etag: "5fec9006-23"
content-length: 35
content-type: image/gif

GET
H/1.1 200
OK ptv Show response
secure.adnxs.com/ Frame 42A5 27 B
1 KB 62ms
62ms XHR
application/xml 185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/ptv?id=14483184&vmaxduration=120&vskippable=1&vplaybackmethod=4&vwidth=640&vheight=360&vcontext=4&vframeworks=1,2&referrer=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&cb=a2459bbca6&us_privacy=1---&schain=1.0,1!pixfuture.com,231,1,MTEyMDIxLTA0LTI2IDA5MDk6MTExMToyMDIw

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 21:11:25 GMT
X-Proxy-Origin: 89.187.168.226; 89.187.168.226; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.36:80
AN-X-Request-Uuid: 6281e600-89b2-4339-9ecd-4fb0ffac1767
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://imasdk.googleapis.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 27
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29 200 bridge3.453.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 8D5C 570 KB
186 KB 6ms
6ms Document
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03fa924099182c607c33fb7877f50e7de0ae3522e1bcff8f7247ae5e88a2b25b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.453.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 190793
date: Thu, 22 Apr 2021 15:44:13 GMT
expires: Fri, 22 Apr 2022 15:44:13 GMT
last-modified: Wed, 21 Apr 2021 20:50:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 365232
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 p-7ccbedljiLMl2.gif
pixel.quantserve.com/pixel/ Frame 54DC 35 B
210 B 9ms
9ms Image
image/gif 2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-7ccbedljiLMl2.gif

Requested by

Host: serv-vdo.pixfuture.com
URL: https://serv-vdo.pixfuture.com/vpaid/ads-iframe.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 21:11:25 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK internel_req_demand.php
serv-vdo.pixfuture.com/www/delivery/ Frame 54DC 0
579 B 117ms
115ms Image
text/html 204.48.28.205
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serv-vdo.pixfuture.com/www/delivery/internel_req_demand.php?script=videoAds:&bidderCode=open_int&zoneid=11
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.48.28.205 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 21:11:25 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Wed, 28 Apr 2021 21:11:25 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 3496 36 KB
12 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:01:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 618
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Mon, 26 Apr 2021 22:01:07 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
234 B 38ms
38ms Image
image/gif 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=ima_sdk_v&pvsid=3168498082861414&v=h.3.453.0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 21:11:25 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK abt Show response
capi.connatix.com/tr/ Frame E98A 0
300 B 129ms
129ms XHR
multipart/form-data 3.23.122.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/abt?v=115064
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.23.122.187 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Mon, 26 Apr 2021 21:11:25 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://bangordailynews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2

200

av Show response
pixfuture2-d.openx.net/v/1.0/ Frame 8D5C
Redirect Chain

https://pixfuture2-d.openx.net/v/1.0/av?auid=540453133&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-t...
https://pixfuture2-d.openx.net/v/1.0/av?cc=1&auid=540453133&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-l...

48 B
248 B

57ms
57ms

XHR
text/xml

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pixfuture2-d.openx.net/v/1.0/av?cc=1&auid=540453133&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&vht=360&vwd=640&cb=cd8a542a46&us_privacy=1---&schain=1.0,1!pixfuture.com,231,1,MTEyMDIxLTA0LTI2IDA5MDk6MTExMToyMDIw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.205.4 /
Resource Hash: a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 21:11:26 GMT
content-encoding: gzip
server: OXGW/16.205.4
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: text/xml
alt-svc: clear
content-length: 56
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Mon, 26 Apr 2021 21:11:25 GMT
via: 1.1 google
server: OXGW/16.205.4
location: https://pixfuture2-d.openx.net/v/1.0/av?cc=1&auid=540453133&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&vht=360&vwd=640&cb=cd8a542a46&us_privacy=1---&schain=1.0,1!pixfuture.com,231,1,MTEyMDIxLTA0LTI2IDA5MDk6MTExMToyMDIw
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://imasdk.googleapis.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

GET
H3-29 200 bridge3.453.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 4B13 570 KB
186 KB 7ms
6ms Document
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03fa924099182c607c33fb7877f50e7de0ae3522e1bcff8f7247ae5e88a2b25b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.453.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 190793
date: Thu, 22 Apr 2021 15:44:13 GMT
expires: Fri, 22 Apr 2022 15:44:13 GMT
last-modified: Wed, 21 Apr 2021 20:50:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 365233
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 p-7ccbedljiLMl2.gif
pixel.quantserve.com/pixel/ Frame 54DC 35 B
210 B 8ms
8ms Image
image/gif 2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-7ccbedljiLMl2.gif

Requested by

Host: serv-vdo.pixfuture.com
URL: https://serv-vdo.pixfuture.com/vpaid/ads-iframe.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 21:11:26 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK internel_req_demand.php
serv-vdo.pixfuture.com/www/delivery/ Frame 54DC 0
579 B 114ms
114ms Image
text/html 204.48.28.205
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serv-vdo.pixfuture.com/www/delivery/internel_req_demand.php?script=videoAds:&bidderCode=aol_cs_int&zoneid=11
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.48.28.205 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 21:11:26 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Wed, 28 Apr 2021 21:11:26 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 7507 36 KB
12 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:01:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 619
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Mon, 26 Apr 2021 22:01:07 GMT

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 117ms
117ms Image
image/gif 54.174.65.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=6993&val=0&wnx=0&abc=&ty=grf&v=0&ext=0&ta=1&lnx=0&sid=wegb4rEJFhNbEzXdMh0WvgKTG3yDTusU&pid=bangordailynewscom&wid=0011r00002SRK6m_6242&pt=a
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.65.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:26 GMT
last-modified: Wed, 30 Dec 2020 14:34:46 GMT
server: nginx
accept-ranges: bytes
etag: "5fec9006-23"
content-length: 35
content-type: image/gif

GET
H/1.1 200
OK 1cOB4sKZGVtuf69VhZVrMN3zAw0BCUWiKk2GoZrIK3yg63SWosWzAw== Show response
ads.adaptv.advertising.com/a/h/ Frame 4B13 249 B
551 B 168ms
44ms XHR
text/xml 3.123.45.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/1cOB4sKZGVtuf69VhZVrMN3zAw0BCUWiKk2GoZrIK3yg63SWosWzAw==?cb=8e81e255ac&gdpr=0&gdpr_consent=undefined&pet=preroll&pageUrl=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&duration=120&pi.width=640&pi.height=360&pi.viewable=1&a.ip=89.187.168.226&a.ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&eov=eov&us_privacy=1---&schain=1.0,1!pixfuture.com,231,1,MTEyMDIxLTA0LTI2IDA5MDk6MTExMToyMDIw

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.123.45.128 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

adaptv/1.0 /

Resource Hash

6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

GET
H3-29 200 bridge3.453.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 4C36 570 KB
186 KB 7ms
6ms Document
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03fa924099182c607c33fb7877f50e7de0ae3522e1bcff8f7247ae5e88a2b25b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.453.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 190793
date: Thu, 22 Apr 2021 15:44:13 GMT
expires: Fri, 22 Apr 2022 15:44:13 GMT
last-modified: Wed, 21 Apr 2021 20:50:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 365233
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 p-7ccbedljiLMl2.gif
pixel.quantserve.com/pixel/ Frame 54DC 35 B
210 B 8ms
8ms Image
image/gif 2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-7ccbedljiLMl2.gif

Requested by

Host: serv-vdo.pixfuture.com
URL: https://serv-vdo.pixfuture.com/vpaid/ads-iframe.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 21:11:26 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK internel_req_demand.php
serv-vdo.pixfuture.com/www/delivery/ Frame 54DC 0
579 B 114ms
114ms Image
text/html 204.48.28.205
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serv-vdo.pixfuture.com/www/delivery/internel_req_demand.php?script=videoAds:&bidderCode=aol_cs_int&zoneid=11
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.48.28.205 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 21:11:26 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Wed, 28 Apr 2021 21:11:26 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame C4C1 36 KB
12 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:01:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 619
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Mon, 26 Apr 2021 22:01:07 GMT

GET
H3-29 200 bridge3.453.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 3EF8 570 KB
186 KB 6ms
6ms Document
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03fa924099182c607c33fb7877f50e7de0ae3522e1bcff8f7247ae5e88a2b25b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.453.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bangordailynews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://bangordailynews.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 190793
date: Thu, 22 Apr 2021 15:44:13 GMT
expires: Fri, 22 Apr 2022 15:44:13 GMT
last-modified: Wed, 21 Apr 2021 20:50:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 365234
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 5EFB 36 KB
12 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:01:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 620
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Mon, 26 Apr 2021 22:01:07 GMT

GET
H/1.1 200
OK 1cOB4sKZGVtuf69VhZVrMCSPYDez0LhhKrCINBW6Tb+g63SWosWzAw== Show response
ads.adaptv.advertising.com/a/h/ Frame 4C36 3 KB
1 KB 42ms
42ms XHR
text/xml 3.123.45.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.123.45.128 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

adaptv/1.0 /

Resource Hash

59de2e9362cad9588726543deb9863ba7a6fa4cadf678f3814097a78ee3cb032

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 1123
expires: 0

POST
H3-29 204 csi
csi.gstatic.com/ Frame 4C36 0
17 B 41ms
27ms Ping
image/gif 2a00:1450:400e:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~knz3icmb&c=1237164597814&slotId=618582298907&fb=ima-html5&sdkv=h.3.453.0&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&vmfc=1&vhc=0&ccc=5&ccrh=5&ccri=0&ccrs=0&ccru=0&ccrhc=true&ghmsh_eids=44739826
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400e:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 21:11:27 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 loader.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 6152 50 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/loader.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

733f87f07bd9fe3cb01564f66523fbbcc3bb54614363eda52236e5cd32ca3d5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:10:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 21 Apr 2021 20:57:11 GMT
server: sffe
age: 68
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18070
x-xss-protection: 0
expires: Mon, 26 Apr 2021 21:25:19 GMT

GET
H2 200 o2shim Show response
acds.prod.vidible.tv/ Frame 6152 15 KB
7 KB 173ms
52ms Script
application/javascript 54.195.94.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://acds.prod.vidible.tv/o2shim?companionId=&cpmPassback=&placementId=1003583&orgId=24140&injectCompanionDummy=&pauseOnClick=&d.vw=&d.app=&r=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&vrid=24df4d77-8c94-42a1-8e57-73b62bcc8976&pblob=
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.195.94.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 5882cd9b82d02334e5c37abdf7d4e21382f218b094cbb08479ea22c5c83162c2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:27 GMT
content-encoding: gzip
access-control-max-age: 3600
access-control-allow-methods: POST, GET, HEAD, PUT, PATCH, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-headers
content-length: 6724

GET
H2 200 ads Show response
pagead2.googlesyndication.com/gampad/live/ Frame 3EF8 0
61 B 50ms
49ms XHR
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/live/ads?iu=%2F8749%2FBDN_Ora&description_url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=64677548067278&sdkv=h.3.453.0&osd=2&frm=1&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&us_privacy=1---&gdpr=1&gdpr_consent=tcunavailable&sdki=44d&adk=3360247788&sdk_apis=2%2C8&sid=89757E60-844B-479A-B3E2-8C046774F727&eid=420706110%2C44725356%2C44739826&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&dlt=1619471479389&idt=7847&dt=1619471487668&scor=290513095562467&ged=ve4_td9_tt6_pd9_la9000_er1843.317.1996.617_vi0.0.1200.1600_vp0_ts6_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ltt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:27 GMT
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: ltt
google-creative-id: -2
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 0.js Show response
cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/ Frame 6152 317 KB
102 KB 30ms
6ms Script
application/javascript 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/0.js

Requested by

Host: acds.prod.vidible.tv
URL: https://acds.prod.vidible.tv/o2shim?companionId=&cpmPassback=&placementId=1003583&orgId=24140&injectCompanionDummy=&pauseOnClick=&d.vw=&d.app=&r=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&vrid=24df4d77-8c94-42a1-8e57-73b62bcc8976&pblob=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

9451b6a3cdd0cdb92edab30292bd02e5a841fc9f27133ba127ee9717db70cff4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Apr 2021 22:02:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 342553
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-amz-request-id: 4TZQZ0QWQKDKJPSF
x-amz-id-2: N98OkTPwk2Bsb8zLhcgYcw1MZfijUP4TY061/HCkHVqkkDU1IdlLFzG7HbjpF2fgoQzvDmmSIck=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 31 Mar 2021 05:09:03 GMT
server: ATS
etag: "ce274b08c0547a727a3ff76c208f4a16-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
x-amz-version-id: null
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
content-length: 104243
content-type: application/javascript

GET
H2 200 impression.gif
trk.vidible.tv/trk/ Frame 6152 43 B
246 B 137ms
37ms Image
image/gif 3.122.87.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/impression.gif?pid=59947c0544a64b1a49e52a48&bcid=59b6c8917cdce075232fe0e3&s=true&pv=10.2.63&ifr=true&cb=0.6723328990751647&pt=o2unit&sid=b25053ae-5c53-4bb5-bd77-7fb167f33f7b&r=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.87.145 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.8 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:27 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.8
content-type: image/gif
content-length: 43
expires: Mon, 26 Apr 2021 21:11:27 GMT

GET
H2 200 moatapi.js Show response
z.moatads.com/aolvidibleapi29384728347/ Frame 54DC 133 KB
44 KB 96ms
30ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/aolvidibleapi29384728347/moatapi.js
Requested by: Host: cdn-ssl.vidible.tv
URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 90542f9de6cab010087ab4bcab0e3b0a2ec1e449e445434dc1bb5c852033f046

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:27 GMT
content-encoding: gzip
last-modified: Tue, 25 Feb 2020 18:37:38 GMT
server: AmazonS3
x-amz-request-id: 323F191B2EF28804
etag: "d678022569896f7b7293494e3a69c8c7"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=52401
accept-ranges: bytes
content-length: 44266
x-amz-id-2: w1vBWHvJ9SRbTv6kBUzFv3+JSN3a/Rn6XLROBEKaUemhdjhQ2HcKwcNvnRLQiZ2qBEcwDFhSxhs=

GET
H2 200 local-storage.html Show response
cdn-ssl.vidible.tv/prod/player/ad-time/ Frame A350 2 KB
796 B 8ms
7ms Document
text/html 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/player/ad-time/local-storage.html

Requested by

Host: cdn-ssl.vidible.tv
URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

25234bf0138f056ab8b0706a3f5d76bcee06a5bfa500f3bb04e715c252476c6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: cdn-ssl.vidible.tv
:scheme: https
:path: /prod/player/ad-time/local-storage.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-id-2: X8mtLbmDSoDT3rYceEYyDCssCm6B4UAwNWomrEUZrqghrhc3SPaEbvyf7xBMG6a0vDq/vVqc2ek=
x-amz-request-id: CSGFSVMNQ7R9VCP0
date: Sun, 25 Apr 2021 15:29:21 GMT
last-modified: Wed, 19 Feb 2020 12:29:18 GMT
etag: "3ba0167f9f40b17c70af8074ec7b3c55-df"
x-amz-server-side-encryption: AES256
x-amz-version-id: null
accept-ranges: bytes
content-type: text/html
server: ATS
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=1209600
age: 106927
ats-carp-promotion: 1
access-control-allow-methods: GET
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
content-length: 557
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff

GET
H/1.1 200
OK 1cOB4sKZGVtuf69VhZVrMCSPYDez0LhhKrCINBW6Tb+g63SWosWzAw== Show response
ads.adaptv.advertising.com/a/h/ Frame 6152 249 B
549 B 158ms
42ms XHR
text/xml 3.123.45.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/1cOB4sKZGVtuf69VhZVrMCSPYDez0LhhKrCINBW6Tb+g63SWosWzAw==?cb=4472c7d2e8&gdpr=0&gdpr_consent=undefined&pet=preroll&pageUrl=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&eov=eov&us_privacy=1---&schain=1.0,1!pixfuture.com,231,1,MTEyMDIxLTA0LTI2IDA5MDk6MTExMToyMDIw&a.cluster=0&a.pvt=0&a.d.pageUrl=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&a.hasAppInfo=2&a.sdk=o2unit&a.sdkType=js&depth=0&height=360&moatViewableOpportunity=0&p.vw.active=1&p.vw.psize=3&p.vw.viewable=0&p.vw.viewableOpportunity=0&referrerUrl=&width=640

Requested by

Host: cdn-ssl.vidible.tv
URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.123.45.128 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

adaptv/1.0 /

Resource Hash

6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: text/javascript, application/json, text/html, application/xml, text/xml, */*
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://bangordailynews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

GET
H2 200 display.gif
trk.vidible.tv/trk/ Frame 6152 43 B
245 B 46ms
39ms Image
image/gif 3.122.87.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/display.gif?bcid=59b6c8917cdce075232fe0e3&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.63&r=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&s=true&sid=b25053ae-5c53-4bb5-bd77-7fb167f33f7b&vvuid=594ab662-fce1-45e7-9234-3efdb41d28a9&orgId=24140&plcid=1003583&vrid=24df4d77-8c94-42a1-8e57-73b62bcc8976&ab=0&dt=88&h=0&spaceid=793604934&w=0&cb=0.25393328100424406
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.87.145 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.4 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:27 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.4
content-type: image/gif
content-length: 43
expires: Mon, 26 Apr 2021 21:11:27 GMT

GET
H2 200 ad-request.gif
trk.vidible.tv/trk/ Frame 6152 43 B
245 B 45ms
39ms Image
image/gif 3.122.87.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/ad-request.gif?bcid=59b6c8917cdce075232fe0e3&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.63&r=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&s=true&sid=b25053ae-5c53-4bb5-bd77-7fb167f33f7b&vvuid=594ab662-fce1-45e7-9234-3efdb41d28a9&orgId=24140&plcid=1003583&vrid=24df4d77-8c94-42a1-8e57-73b62bcc8976&at=preroll&ps=html5-vpaid&spaceid=793604934&p.vw.active=1&p.vw.sound=0&vwa=0&vwm=-1&cb=0.14039148050743466
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.87.145 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.4 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:27 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.4
content-type: image/gif
content-length: 43
expires: Mon, 26 Apr 2021 21:11:27 GMT

GET
H2 200 ad-engine-request.gif
trk.vidible.tv/trk/ Frame 6152 43 B
245 B 44ms
38ms Image
image/gif 3.122.87.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/ad-engine-request.gif?bcid=59b6c8917cdce075232fe0e3&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.63&r=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&s=true&sid=b25053ae-5c53-4bb5-bd77-7fb167f33f7b&vvuid=594ab662-fce1-45e7-9234-3efdb41d28a9&orgId=24140&plcid=1003583&vrid=24df4d77-8c94-42a1-8e57-73b62bcc8976&at=preroll&adIdx=-1&pbl=true&ps=html5-vpaid&seq=-1&spaceid=793604934&v=593fb311c214e33ec50202f0&w=0&p.vw.active=1&p.vw.sound=0&vwa=0&vwm=-1&h=0&cb=0.5251819959432071
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.87.145 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.4 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:27 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.4
content-type: image/gif
content-length: 43
expires: Mon, 26 Apr 2021 21:11:27 GMT

POST
H/1.1 200
OK st Show response
capi.connatix.com/tr/ Frame E98A 0
300 B 129ms
129ms XHR
multipart/form-data 3.23.122.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/st?v=115064
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.23.122.187 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Mon, 26 Apr 2021 21:11:27 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://bangordailynews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 35ms
32ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&ac=1&bq=7&i=AOL_VIDIBLE_API1&t=1619471487961&de=732233411684&d=296%3A-%3A-%3A-&bo=bangordailynews.com&bd=bangordailynews.com&f=0&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 21:11:27 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 26 Apr 2021 21:11:27 GMT

GET ad-engine-response.gif
trk.vidible.tv/trk/ Frame 6152 0
0

POST csi
csi.gstatic.com/ Frame 4C36 0
0

GET
H3-29 200 bridge3.453.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 7BDB 570 KB
186 KB 7ms
6ms Document
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03fa924099182c607c33fb7877f50e7de0ae3522e1bcff8f7247ae5e88a2b25b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.453.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 190793
date: Thu, 22 Apr 2021 15:44:13 GMT
expires: Fri, 22 Apr 2022 15:44:13 GMT
last-modified: Wed, 21 Apr 2021 20:50:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 365235
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 p-7ccbedljiLMl2.gif
pixel.quantserve.com/pixel/ Frame 54DC 35 B
210 B 8ms
8ms Image
image/gif 2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-7ccbedljiLMl2.gif

Requested by

Host: serv-vdo.pixfuture.com
URL: https://serv-vdo.pixfuture.com/vpaid/ads-iframe.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 21:11:28 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK internel_req_demand.php
serv-vdo.pixfuture.com/www/delivery/ Frame 54DC 0
579 B 117ms
114ms Image
text/html 204.48.28.205
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serv-vdo.pixfuture.com/www/delivery/internel_req_demand.php?script=videoAds:&bidderCode=aol_cs_int&zoneid=11
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.48.28.205 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 21:11:28 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Wed, 28 Apr 2021 21:11:28 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 87C8 36 KB
12 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:01:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 621
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Mon, 26 Apr 2021 22:01:07 GMT

GET
H/1.1 200
OK 1cOB4sKZGVtuf69VhZVrMDSdWzhQWF8Se9Jkh26K1oKg63SWosWzAw== Show response
ads.adaptv.advertising.com/a/h/ Frame 7BDB 3 KB
1 KB 42ms
41ms XHR
text/xml 3.123.45.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.123.45.128 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

adaptv/1.0 /

Resource Hash

94958abd56157210ca8817aae604e1b23ab21f05aca5e38449a75181fe73d6c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 1122
expires: 0

POST
H2 204 csi
csi.gstatic.com/ Frame 7BDB 0
54 B 25ms
25ms Ping
image/gif 2a00:1450:400e:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~knz3idks&c=1237164597814&slotId=618582298907&fb=ima-html5&sdkv=h.3.453.0&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&vmfc=1&vhc=0&ccc=5&ccrh=5&ccri=0&ccrs=0&ccru=0&ccrhc=true&ghmsh_eids=44739826
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400e:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 21:11:28 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 loader.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 66D0 50 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/loader.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

733f87f07bd9fe3cb01564f66523fbbcc3bb54614363eda52236e5cd32ca3d5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:10:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 21 Apr 2021 20:57:11 GMT
server: sffe
age: 69
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18070
x-xss-protection: 0
expires: Mon, 26 Apr 2021 21:25:19 GMT

GET
H2 200 o2shim Show response
acds.prod.vidible.tv/ Frame 66D0 15 KB
7 KB 55ms
54ms Script
application/javascript 54.195.94.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://acds.prod.vidible.tv/o2shim?companionId=&cpmPassback=&placementId=1003578&orgId=24140&injectCompanionDummy=&pauseOnClick=&d.vw=&d.app=&r=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&vrid=63f903f1-999f-487f-952b-14c18b39ecfd&pblob=
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.195.94.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: f6e71ec6525b66bb5a9452265ee7a24e627f91697b7e341f6d69a6d06758b788

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:28 GMT
content-encoding: gzip
access-control-max-age: 3600
access-control-allow-methods: POST, GET, HEAD, PUT, PATCH, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-headers
content-length: 6727

GET
H2 200 0.js Show response
cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/ Frame 66D0 317 KB
102 KB 7ms
6ms Script
application/javascript 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/0.js

Requested by

Host: acds.prod.vidible.tv
URL: https://acds.prod.vidible.tv/o2shim?companionId=&cpmPassback=&placementId=1003578&orgId=24140&injectCompanionDummy=&pauseOnClick=&d.vw=&d.app=&r=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&vrid=63f903f1-999f-487f-952b-14c18b39ecfd&pblob=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

9451b6a3cdd0cdb92edab30292bd02e5a841fc9f27133ba127ee9717db70cff4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Apr 2021 22:02:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 342554
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-amz-request-id: 4TZQZ0QWQKDKJPSF
x-amz-id-2: N98OkTPwk2Bsb8zLhcgYcw1MZfijUP4TY061/HCkHVqkkDU1IdlLFzG7HbjpF2fgoQzvDmmSIck=
accept-ranges: bytes
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 31 Mar 2021 05:09:03 GMT
server: ATS
etag: "ce274b08c0547a727a3ff76c208f4a16-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
x-amz-version-id: null
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
content-length: 104243
content-type: application/javascript

GET
H2 200 impression.gif
trk.vidible.tv/trk/ Frame 66D0 43 B
245 B 38ms
38ms Image
image/gif 3.122.87.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/impression.gif?pid=59947c0544a64b1a49e52a48&bcid=59b6c8917cdce075232fe0e3&s=true&pv=10.2.63&ifr=true&cb=0.6818656079212058&pt=o2unit&sid=c002ce84-7320-42a7-9278-7bf039eb9ef1&r=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.87.145 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.8 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:28 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.8
content-type: image/gif
content-length: 43
expires: Mon, 26 Apr 2021 21:11:28 GMT

GET
H2 200 moatapi.js Show response
z.moatads.com/aolvidibleapi29384728347/ Frame 54DC 133 KB
44 KB 35ms
34ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/aolvidibleapi29384728347/moatapi.js
Requested by: Host: cdn-ssl.vidible.tv
URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 90542f9de6cab010087ab4bcab0e3b0a2ec1e449e445434dc1bb5c852033f046

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:28 GMT
content-encoding: gzip
last-modified: Tue, 25 Feb 2020 18:37:38 GMT
server: AmazonS3
x-amz-request-id: 323F191B2EF28804
etag: "d678022569896f7b7293494e3a69c8c7"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=52400
accept-ranges: bytes
content-length: 44266
x-amz-id-2: w1vBWHvJ9SRbTv6kBUzFv3+JSN3a/Rn6XLROBEKaUemhdjhQ2HcKwcNvnRLQiZ2qBEcwDFhSxhs=

GET
H2 200 local-storage.html Show response
cdn-ssl.vidible.tv/prod/player/ad-time/ Frame 040D 2 KB
614 B 7ms
6ms Document
text/html 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/player/ad-time/local-storage.html

Requested by

Host: cdn-ssl.vidible.tv
URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

25234bf0138f056ab8b0706a3f5d76bcee06a5bfa500f3bb04e715c252476c6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: cdn-ssl.vidible.tv
:scheme: https
:path: /prod/player/ad-time/local-storage.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-id-2: X8mtLbmDSoDT3rYceEYyDCssCm6B4UAwNWomrEUZrqghrhc3SPaEbvyf7xBMG6a0vDq/vVqc2ek=
x-amz-request-id: CSGFSVMNQ7R9VCP0
date: Sun, 25 Apr 2021 15:29:21 GMT
last-modified: Wed, 19 Feb 2020 12:29:18 GMT
etag: "3ba0167f9f40b17c70af8074ec7b3c55-df"
x-amz-server-side-encryption: AES256
x-amz-version-id: null
accept-ranges: bytes
content-type: text/html
server: ATS
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=1209600
age: 106928
ats-carp-promotion: 1
access-control-allow-methods: GET
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
content-length: 557
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff

GET
H/1.1 200
OK 1cOB4sKZGVtuf69VhZVrMDSdWzhQWF8Se9Jkh26K1oKg63SWosWzAw== Show response
ads.adaptv.advertising.com/a/h/ Frame 66D0 249 B
549 B 45ms
45ms XHR
text/xml 3.123.45.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/1cOB4sKZGVtuf69VhZVrMDSdWzhQWF8Se9Jkh26K1oKg63SWosWzAw==?cb=79eca6ef55&gdpr=0&gdpr_consent=undefined&pet=preroll&pageUrl=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&eov=eov&us_privacy=1---&schain=1.0,1!pixfuture.com,231,1,MTEyMDIxLTA0LTI2IDA5MDk6MTExMToyMDIw&a.cluster=0&a.pvt=0&a.d.pageUrl=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&a.hasAppInfo=2&a.sdk=o2unit&a.sdkType=js&depth=0&height=360&moatViewableOpportunity=0&p.vw.active=1&p.vw.psize=3&p.vw.viewable=0&p.vw.viewableOpportunity=0&referrerUrl=&width=640

Requested by

Host: cdn-ssl.vidible.tv
URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

3.123.45.128 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

adaptv/1.0 /

Resource Hash

6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: text/javascript, application/json, text/html, application/xml, text/xml, */*
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://bangordailynews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

GET
H2 200 display.gif
trk.vidible.tv/trk/ Frame 66D0 43 B
245 B 40ms
39ms Image
image/gif 3.122.87.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/display.gif?bcid=59b6c8917cdce075232fe0e3&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.63&r=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&s=true&sid=c002ce84-7320-42a7-9278-7bf039eb9ef1&vvuid=d0d7a28d-c3a2-4783-a0f3-b15db44fa8a0&orgId=24140&plcid=1003578&vrid=63f903f1-999f-487f-952b-14c18b39ecfd&ab=0&dt=46&h=0&spaceid=793604934&w=0&cb=0.7882004001129339
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.87.145 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.4 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:28 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.4
content-type: image/gif
content-length: 43
expires: Mon, 26 Apr 2021 21:11:28 GMT

GET
H2 200 ad-request.gif
trk.vidible.tv/trk/ Frame 66D0 43 B
245 B 39ms
38ms Image
image/gif 3.122.87.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/ad-request.gif?bcid=59b6c8917cdce075232fe0e3&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.63&r=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&s=true&sid=c002ce84-7320-42a7-9278-7bf039eb9ef1&vvuid=d0d7a28d-c3a2-4783-a0f3-b15db44fa8a0&orgId=24140&plcid=1003578&vrid=63f903f1-999f-487f-952b-14c18b39ecfd&at=preroll&ps=html5-vpaid&spaceid=793604934&p.vw.active=1&p.vw.sound=0&vwa=0&vwm=-1&cb=0.7675201085182204
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.87.145 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.4 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:28 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.4
content-type: image/gif
content-length: 43
expires: Mon, 26 Apr 2021 21:11:28 GMT

GET
H2 200 ad-engine-request.gif
trk.vidible.tv/trk/ Frame 66D0 43 B
245 B 40ms
39ms Image
image/gif 3.122.87.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/ad-engine-request.gif?bcid=59b6c8917cdce075232fe0e3&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.63&r=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&s=true&sid=c002ce84-7320-42a7-9278-7bf039eb9ef1&vvuid=d0d7a28d-c3a2-4783-a0f3-b15db44fa8a0&orgId=24140&plcid=1003578&vrid=63f903f1-999f-487f-952b-14c18b39ecfd&at=preroll&adIdx=-1&pbl=true&ps=html5-vpaid&seq=-1&spaceid=793604934&v=593fb311c214e33ec50202f0&w=0&p.vw.active=1&p.vw.sound=0&vwa=0&vwm=-1&h=0&cb=0.33672420472472187
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.87.145 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.4 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:28 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.4
content-type: image/gif
content-length: 43
expires: Mon, 26 Apr 2021 21:11:28 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 33ms
33ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&ac=1&bq=7&i=AOL_VIDIBLE_API1&t=1619471488741&de=519948060294&d=2%3A-%3A-%3A-&bo=bangordailynews.com&bd=bangordailynews.com&f=0&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 21:11:28 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 26 Apr 2021 21:11:28 GMT

GET
H2 200 ad-engine-response.gif
trk.vidible.tv/trk/ Frame 66D0 43 B
245 B 39ms
38ms Image
image/gif 3.122.87.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/ad-engine-response.gif?bcid=59b6c8917cdce075232fe0e3&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.63&r=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&s=true&sid=c002ce84-7320-42a7-9278-7bf039eb9ef1&vvuid=d0d7a28d-c3a2-4783-a0f3-b15db44fa8a0&orgId=24140&plcid=1003578&vrid=63f903f1-999f-487f-952b-14c18b39ecfd&at=preroll&adIdx=-1&pbl=true&ps=html5-vpaid&seq=-1&spaceid=793604934&v=593fb311c214e33ec50202f0&w=0&aert=58&ar=no&fo=0&ft=0&h=0&cb=0.15529831757581491
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.87.145 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.4 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:28 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.4
content-type: image/gif
content-length: 43
expires: Mon, 26 Apr 2021 21:11:28 GMT

POST csi
csi.gstatic.com/ Frame 7BDB 0
0

GET
H3-29 200 bridge3.453.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame BC45 570 KB
186 KB 7ms
7ms Document
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03fa924099182c607c33fb7877f50e7de0ae3522e1bcff8f7247ae5e88a2b25b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.453.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 190793
date: Thu, 22 Apr 2021 15:44:13 GMT
expires: Fri, 22 Apr 2022 15:44:13 GMT
last-modified: Wed, 21 Apr 2021 20:50:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 365235
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK internel_req_demand.php
serv-vdo.pixfuture.com/www/delivery/ Frame 54DC 0
579 B 120ms
116ms Image
text/html 204.48.28.205
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serv-vdo.pixfuture.com/www/delivery/internel_req_demand.php?script=videoAds:&bidderCode=Appnexus_cs_int&zoneid=11
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.48.28.205 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 21:11:28 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Wed, 28 Apr 2021 21:11:28 GMT

GET
H2 200 p-7ccbedljiLMl2.gif
pixel.quantserve.com/pixel/ Frame 54DC 35 B
371 B 11ms
7ms Image
image/gif 2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-7ccbedljiLMl2.gif

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 21:11:28 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 417F 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:01:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 621
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Mon, 26 Apr 2021 22:01:07 GMT

GET
H/1.1 200
OK ptv Show response
secure.adnxs.com/ Frame BC45 27 B
1 KB 92ms
92ms XHR
application/xml 185.33.221.91
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/ptv?id=14406689&vmaxduration=120&vskippable=0&vplaybackmethod=4&vwidth=640&vheight=360&vcontext=4&vframeworks=1,2&referrer=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&cb=601606d7d4&gdpr=0&gdpr_consent=undefined&us_privacy=1---&schain=1.0,1!pixfuture.com,231,1,MTEyMDIxLTA0LTI2IDA5MDk6MTExMToyMDIw

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.91 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 21:11:29 GMT
X-Proxy-Origin: 89.187.168.226; 89.187.168.226; 721.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.222.234:80
AN-X-Request-Uuid: 118c3912-84ae-4224-b904-03e747feb23a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://imasdk.googleapis.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 27
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 117ms
117ms Image
image/gif 54.174.65.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=i5lwowrnnztueuzummzwmzcdku2w443f&inx=0&rt=9945&val=ad%3Dhttps%253A%252F%252Fvid.springserve.com%252Fvast%252F630417%253Fima%253D4%2526w%253D780%2526h%253D439%2526url%253Dhttps%25253A%25252F%25252Fbangordailynews.com%25252F2021%25252F04%25252F23%25252Fnews%25252Fbangor%25252Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%25252F%2526cb%253D308359162%2526widgetid%253D0011r00002SRK6m_6242%2526lob%253D%2526clipid%253Di5lwowrnnztueuzummzwmzcdku2w443f%2526key_custom1%253D%255Ew%253D0011r00002SRK6m_6242%255Ec%253Di5lwowrnnztueuzummzwmzcdku2w443f%255Ei%253D1%255Eab%253D%255Ev%253D0%255Ep%253Dbangordailynewscom%2526key_custom2%253D%255Ed%253Dbangordailynews.com%255Eu%253D%255Edv%253D1%255Eco%253DAT%255Epl%253Da%2526gdpr%253D%2526consent%253D%2526viewability%253D0%2526schain%253D1.0%252C1%2521anyclip.com%252C0011r00002SRK6mAAH%252C1%252C%252C%252C%252C%2526us_privacy%253D1---%2526domain%253Dbangordailynews.com%26mavs%3D0%26rqcm%3D1%26m%3D1%26ast%3D-1%26smb%3D1%26sid%3Dwegb4rEJFhNbEzXdMh0WvgKTG3yDTusU%26imaw%3D0%26amd%3D1%26sf%3D0&wnx=1&abc=&ty=arq&v=0&ext=0&ta=1&lnx=0&sid=wegb4rEJFhNbEzXdMh0WvgKTG3yDTusU&pid=bangordailynewscom&wid=0011r00002SRK6m_6242&pt=a&anx=2&arx=2&crt=4893&s=0&aty=vid&tty=ac&rol=mid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.65.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:29 GMT
last-modified: Wed, 30 Dec 2020 14:34:46 GMT
server: nginx
accept-ranges: bytes
etag: "5fec9006-23"
content-length: 35
content-type: image/gif

GET
H3-29 200 bridge3.453.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame EBB5 570 KB
186 KB 6ms
6ms Document
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03fa924099182c607c33fb7877f50e7de0ae3522e1bcff8f7247ae5e88a2b25b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.453.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 190793
date: Thu, 22 Apr 2021 15:44:13 GMT
expires: Fri, 22 Apr 2022 15:44:13 GMT
last-modified: Wed, 21 Apr 2021 20:50:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 365236
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 p-7ccbedljiLMl2.gif
pixel.quantserve.com/pixel/ Frame 54DC 35 B
210 B 9ms
8ms Image
image/gif 2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-7ccbedljiLMl2.gif

Requested by

Host: serv-vdo.pixfuture.com
URL: https://serv-vdo.pixfuture.com/vpaid/ads-iframe.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 21:11:29 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK internel_req_demand.php
serv-vdo.pixfuture.com/www/delivery/ Frame 54DC 0
579 B 114ms
114ms Image
text/html 204.48.28.205
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serv-vdo.pixfuture.com/www/delivery/internel_req_demand.php?script=videoAds:&bidderCode=open_int&zoneid=11
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.48.28.205 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 21:11:29 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Wed, 28 Apr 2021 21:11:29 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 529B 36 KB
12 KB 21ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:01:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 622
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Mon, 26 Apr 2021 22:01:07 GMT

GET
H2 200 / Show response
lreprx-server.anyclip.com/ Frame FD7A 1 KB
2 KB 119ms
119ms XHR
text/xml 35.174.89.216
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://lreprx-server.anyclip.com/?ad=https%3A%2F%2Fvid.springserve.com%2Fvast%2F630417%3Fima%3D4%26w%3D780%26h%3D439%26url%3Dhttps%253A%252F%252Fbangordailynews.com%252F2021%252F04%252F23%252Fnews%252Fbangor%252Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%252F%26cb%3D308359162%26widgetid%3D0011r00002SRK6m_6242%26lob%3D%26clipid%3Di5lwowrnnztueuzummzwmzcdku2w443f%26key_custom1%3D%5Ew%3D0011r00002SRK6m_6242%5Ec%3Di5lwowrnnztueuzummzwmzcdku2w443f%5Ei%3D1%5Eab%3D%5Ev%3D0%5Ep%3Dbangordailynewscom%26key_custom2%3D%5Ed%3Dbangordailynews.com%5Eu%3D%5Edv%3D1%5Eco%3DAT%5Epl%3Da%26gdpr%3D%26consent%3D%26viewability%3D0%26schain%3D1.0%2C1%21anyclip.com%2C0011r00002SRK6mAAH%2C1%2C%2C%2C%2C%26us_privacy%3D1---%26domain%3Dbangordailynews.com&mavs=0&rqcm=1&m=1&ast=-1&smb=1&sid=wegb4rEJFhNbEzXdMh0WvgKTG3yDTusU&imaw=0&amd=1&sf=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.174.89.216 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: / Express
Resource Hash: 1aa314547ce42a841114244d202e9e2ffe8b62593034414b9cfc88b26a6f7876

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://imasdk.googleapis.com
date: Mon, 26 Apr 2021 21:11:29 GMT
access-control-allow-credentials: true
x-powered-by: Express
content-length: 1414
etag: W/"586-Ikk8t/9uOsuoTtvV7ujBiCFln0U"
content-type: text/xml; charset=utf-8

GET
H2

200

av Show response
pixfuture2-d.openx.net/v/1.0/ Frame EBB5
Redirect Chain

https://pixfuture2-d.openx.net/v/1.0/av?auid=540453114&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-t...
https://pixfuture2-d.openx.net/v/1.0/av?cc=1&auid=540453114&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-l...

48 B
249 B

58ms
58ms

XHR
text/xml

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pixfuture2-d.openx.net/v/1.0/av?cc=1&auid=540453114&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&vht=360&vwd=640&cb=cd9bf2faf8&us_privacy=1---&schain=1.0,1!pixfuture.com,231,1,MTEyMDIxLTA0LTI2IDA5MDk6MTExMToyMDIw
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.205.4 /
Resource Hash: a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 21:11:30 GMT
content-encoding: gzip
server: OXGW/16.205.4
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: text/xml
alt-svc: clear
content-length: 56
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Mon, 26 Apr 2021 21:11:29 GMT
via: 1.1 google
server: OXGW/16.205.4
location: https://pixfuture2-d.openx.net/v/1.0/av?cc=1&auid=540453114&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&vht=360&vwd=640&cb=cd9bf2faf8&us_privacy=1---&schain=1.0,1!pixfuture.com,231,1,MTEyMDIxLTA0LTI2IDA5MDk6MTExMToyMDIw
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://imasdk.googleapis.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

GET
H3-29 200 bridge3.453.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame F0A8 570 KB
186 KB 7ms
6ms Document
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03fa924099182c607c33fb7877f50e7de0ae3522e1bcff8f7247ae5e88a2b25b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.453.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 190793
date: Thu, 22 Apr 2021 15:44:13 GMT
expires: Fri, 22 Apr 2022 15:44:13 GMT
last-modified: Wed, 21 Apr 2021 20:50:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 365237
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 p-7ccbedljiLMl2.gif
pixel.quantserve.com/pixel/ Frame 54DC 35 B
210 B 9ms
9ms Image
image/gif 2620:116:800d:21:36a9:ecb:e518:b308
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-7ccbedljiLMl2.gif

Requested by

Host: serv-vdo.pixfuture.com
URL: https://serv-vdo.pixfuture.com/vpaid/ads-iframe.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:36a9:ecb:e518:b308 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 21:11:30 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK internel_req_demand.php
serv-vdo.pixfuture.com/www/delivery/ Frame 54DC 0
579 B 117ms
114ms Image
text/html 204.48.28.205
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serv-vdo.pixfuture.com/www/delivery/internel_req_demand.php?script=videoAds:&bidderCode=synacor_cs_int&zoneid=11
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.48.28.205 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 21:11:30 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Wed, 28 Apr 2021 21:11:30 GMT

POST
H3-29 204 csi
csi.gstatic.com/ Frame FD7A 0
17 B 27ms
26ms Ping
image/gif 2a00:1450:400e:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~knz3i8q9&c=1237164597814&slotId=618582298907&fb=ima-html5&sdkv=h.3.453.0&mrd=4&aab=1&itv=1&met.4=err.knz3iaqh&aec=901
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400e:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 21:11:30 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 loader.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 64D4 50 KB
18 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/loader.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

733f87f07bd9fe3cb01564f66523fbbcc3bb54614363eda52236e5cd32ca3d5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:10:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 21 Apr 2021 20:57:11 GMT
server: sffe
age: 71
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18070
x-xss-protection: 0
expires: Mon, 26 Apr 2021 21:25:19 GMT

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 117ms
117ms Image
image/gif 54.174.65.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=i5lwowrnnztueuzummzwmzcdku2w443f&inx=0&rt=10600&val=&wnx=1&abc=&ty=alo&v=0&ext=0&ta=1&lnx=0&sid=wegb4rEJFhNbEzXdMh0WvgKTG3yDTusU&pid=bangordailynewscom&wid=0011r00002SRK6m_6242&pt=a&anx=2&arx=2&crt=5547&s=0&aty=vid&tty=ac&rol=mid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.65.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:30 GMT
last-modified: Wed, 30 Dec 2020 14:34:46 GMT
server: nginx
accept-ranges: bytes
etag: "5fec9006-23"
content-length: 35
content-type: image/gif

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 39E2 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:01:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 623
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Mon, 26 Apr 2021 22:01:07 GMT

GET
H/1.1 200
OK lreprx.js Show response
player.anyclip.com/lreprx/js/v1/src/ Frame 64D4 33 KB
10 KB 32ms
32ms Script
application/javascript 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://player.anyclip.com/lreprx/js/v1/src/lreprx.js?ad_tag=https%3A%2F%2Fvid.springserve.com%2Fvast%2F630417%3Fima%3D4%26w%3D780%26h%3D439%26url%3Dhttps%253A%252F%252Fbangordailynews.com%252F2021%252F04%252F23%252Fnews%252Fbangor%252Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%252F%26cb%3D308359162%26widgetid%3D0011r00002SRK6m_6242%26lob%3D%26clipid%3Di5lwowrnnztueuzummzwmzcdku2w443f%26key_custom1%3D%5Ew%3D0011r00002SRK6m_6242%5Ec%3Di5lwowrnnztueuzummzwmzcdku2w443f%5Ei%3D1%5Eab%3D%5Ev%3D0%5Ep%3Dbangordailynewscom%26key_custom2%3D%5Ed%3Dbangordailynews.com%5Eu%3D%5Edv%3D1%5Eco%3DAT%5Epl%3Da%26gdpr%3D%26consent%3D%26viewability%3D0%26schain%3D1.0%2C1!anyclip.com%2C0011r00002SRK6mAAH%2C1%2C%2C%2C%2C%26us_privacy%3D1---%26domain%3Dbangordailynews.com&sid=wegb4rEJFhNbEzXdMh0WvgKTG3yDTusU&imaw=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/loader.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash: b71963704e136edf961e62f8293a52e71ec294d069270d5108d41001a1aeea79

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 21:11:30 GMT
Content-Encoding: gzip
Age: 47073
Connection: keep-alive
Content-Length: 9324
x-amz-id-2: MvnKdu9HLNmuAOS6H9bV+ty3WcpDMJXgtwreNyioAibEuA1OxzR/5cnaw1nbFohcyQKUnARpFsw=
Last-Modified: Sun, 07 Mar 2021 09:26:06 GMT
Server: AmazonS3
Vary: Accept-Encoding
x-amz-request-id: 29JF1Q0DH5B7ECSG
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=60
x-amz-version-id: FaPWwIbbXX6vU3u1YrO_6kI7ChoCX9Rb
Accept-Ranges: bytes
Content-Type: application/javascript
X-LLID: 30f5fe67d9d1d6a928702c2aa9eb6de8
Expires: Mon, 26 Apr 2021 08:07:57 GMT

GET
H2 200 630417 Show response
vid.springserve.com/vast/ Frame 64D4 3 KB
2 KB 55ms
54ms Fetch
application/xml 52.210.137.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/630417?ima=4&w=780&h=439&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&cb=308359162&widgetid=0011r00002SRK6m_6242&lob=&clipid=i5lwowrnnztueuzummzwmzcdku2w443f&key_custom1=^w=0011r00002SRK6m_6242^c=i5lwowrnnztueuzummzwmzcdku2w443f^i=1^ab=^v=0^p=bangordailynewscom&key_custom2=^d=bangordailynews.com^u=^dv=1^co=AT^pl=a&gdpr=&consent=&viewability=0&schain=1.0,1!anyclip.com,0011r00002SRK6mAAH,1,,,,&us_privacy=1---&domain=bangordailynews.com
Requested by: Host: player.anyclip.com
URL: https://player.anyclip.com/lreprx/js/v1/src/lreprx.js?ad_tag=https%3A%2F%2Fvid.springserve.com%2Fvast%2F630417%3Fima%3D4%26w%3D780%26h%3D439%26url%3Dhttps%253A%252F%252Fbangordailynews.com%252F2021%252F04%252F23%252Fnews%252Fbangor%252Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%252F%26cb%3D308359162%26widgetid%3D0011r00002SRK6m_6242%26lob%3D%26clipid%3Di5lwowrnnztueuzummzwmzcdku2w443f%26key_custom1%3D%5Ew%3D0011r00002SRK6m_6242%5Ec%3Di5lwowrnnztueuzummzwmzcdku2w443f%5Ei%3D1%5Eab%3D%5Ev%3D0%5Ep%3Dbangordailynewscom%26key_custom2%3D%5Ed%3Dbangordailynews.com%5Eu%3D%5Edv%3D1%5Eco%3DAT%5Epl%3Da%26gdpr%3D%26consent%3D%26viewability%3D0%26schain%3D1.0%2C1!anyclip.com%2C0011r00002SRK6mAAH%2C1%2C%2C%2C%2C%26us_privacy%3D1---%26domain%3Dbangordailynews.com&sid=wegb4rEJFhNbEzXdMh0WvgKTG3yDTusU&imaw=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.137.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 1ed5713de0feed728849b01e0bdbbfb9574edd0aa49aef145c52fd477f7826e5

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://bangordailynews.com
date: Mon, 26 Apr 2021 21:11:30 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-encoding: gzip
content-type: application/xml;charset=UTF-8

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 117ms
117ms Image
image/gif 54.174.65.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=i5lwowrnnztueuzummzwmzcdku2w443f&inx=0&rt=10664&val=1.1.11_183_prod&wnx=1&abc=&ty=xlo&v=0&ext=0&ta=1&lnx=0&sid=wegb4rEJFhNbEzXdMh0WvgKTG3yDTusU&pid=bangordailynewscom&wid=0011r00002SRK6m_6242&pt=a
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.65.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:30 GMT
last-modified: Wed, 30 Dec 2020 14:34:46 GMT
server: nginx
accept-ranges: bytes
etag: "5fec9006-23"
content-length: 35
content-type: image/gif

GET
H2 200 vpaid_982cce59.js Show response
vpaid.springserve.com/production/ Frame 64D4 483 KB
86 KB 41ms
40ms Script
application/javascript 2600:9000:20c8:a400:15:6f6c:b180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_982cce59.js
Requested by: Host: player.anyclip.com
URL: https://player.anyclip.com/lreprx/js/v1/src/lreprx.js?ad_tag=https%3A%2F%2Fvid.springserve.com%2Fvast%2F630417%3Fima%3D4%26w%3D780%26h%3D439%26url%3Dhttps%253A%252F%252Fbangordailynews.com%252F2021%252F04%252F23%252Fnews%252Fbangor%252Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%252F%26cb%3D308359162%26widgetid%3D0011r00002SRK6m_6242%26lob%3D%26clipid%3Di5lwowrnnztueuzummzwmzcdku2w443f%26key_custom1%3D%5Ew%3D0011r00002SRK6m_6242%5Ec%3Di5lwowrnnztueuzummzwmzcdku2w443f%5Ei%3D1%5Eab%3D%5Ev%3D0%5Ep%3Dbangordailynewscom%26key_custom2%3D%5Ed%3Dbangordailynews.com%5Eu%3D%5Edv%3D1%5Eco%3DAT%5Epl%3Da%26gdpr%3D%26consent%3D%26viewability%3D0%26schain%3D1.0%2C1!anyclip.com%2C0011r00002SRK6mAAH%2C1%2C%2C%2C%2C%26us_privacy%3D1---%26domain%3Dbangordailynews.com&sid=wegb4rEJFhNbEzXdMh0WvgKTG3yDTusU&imaw=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c8:a400:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 917a243df62d59505a727f26b2d8c554c02ba074e678fb4f0386a3e58f6df1a2

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 18:42:00 GMT
content-encoding: br
last-modified: Tue, 20 Apr 2021 18:40:58 GMT
server: AmazonS3
age: 527371
etag: W/"f71e7ede41bd33d400f47552243c4827"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 bd86a70de12d26e8fcde971fee50512c.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD50-C1
x-amz-cf-id: m_PVFasYBAqvC6X1b_e4p5D9e7uv0IYBtk6SMJVWEGnuc54By9aokw==

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 64D4 0
63 B 73ms
73ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_982cce59.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://bangordailynews.com
date: Mon, 26 Apr 2021 21:11:28 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
245 B 117ms
117ms Image
image/gif 54.166.210.103
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=pe&tv=js-3.0.109&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=-120&lang=en-US&cs=UTF-8&navt=link&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&tvltm=12&f_privb=0&tid=f9a07e55-3729-457a-98b1-254a12d9839a&pid=896500d5-2653-4022-8473-ae8a49b1a2fb&dtm=1619471490313&qnm=_matherq&visible=1&tabid=944e02b7-f4ff-416d-97f0-0ea3424c929c&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&vp=1600x1200&ds=1600x5938&tofa=1619471490&vid=1&lvidt=1619471490&duid=1d3f9634f098a580&fp=1072425006&cid=ma63069&mrk=92760912&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTYxOTQ3MTQ3Nzg1NSIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIzNS4xbWIiLCJoZWFwVCI6IjM5LjZtYiIsImZzdFBhaW50IjoiMTU0MCIsImZldGNoUyI6IjE3OSIsImRvbWFpblMiOiIxODAiLCJkb21haW5FIjoiMTg2IiwiY29ublMiOiIxODYiLCJjb25uRSI6IjIzMCIsInNzbFMiOiIyMDUiLCJyZXF1UyI6IjIzMCIsInJlc3BTIjoiOTE3IiwicmVzcEUiOiIxMDAxIiwiZG9tTG9hZCI6IjkyMCIsImRvbUludGVyIjoiMTc5NiIsImRvbUxvYWRTIjoiMTgyOCIsImRvbUxvYWRFIjoiMTgzNSIsImRvbUNtcGx0IjoiNDIwMiIsImxvYWRTIjoiNDIwMiIsImxvYWRFIjoiNDIwNCJ9fQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.166.210.103 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 21:11:30 GMT
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length: 43
Content-Type: image/gif

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 64D4 334 KB
114 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_982cce59.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d25942b7da85bc7cdb258cdb436227b1de7e3a2b50c61f7d7050eff911f88f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117044
x-xss-protection: 0
expires: Mon, 26 Apr 2021 21:11:30 GMT

GET
H3-29 200 bridge3.453.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 7616 570 KB
186 KB 6ms
6ms Document
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03fa924099182c607c33fb7877f50e7de0ae3522e1bcff8f7247ae5e88a2b25b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.453.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bangordailynews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://bangordailynews.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 190793
date: Thu, 22 Apr 2021 15:44:13 GMT
expires: Fri, 22 Apr 2022 15:44:13 GMT
last-modified: Wed, 21 Apr 2021 20:50:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 365237
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 64D4 44 KB
17 KB 35ms
16ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Mon, 26 Apr 2021 21:11:30 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame FB43 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:01:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 623
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Mon, 26 Apr 2021 22:01:07 GMT

GET
H2 200 vast.xml Show response
reflex.media.syn-cdn.com/vpaid/ Frame F0A8 794 B
858 B 112ms
21ms XHR
application/xml 152.199.22.185
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://reflex.media.syn-cdn.com/vpaid/vast.xml?publisher=82378&placement=89209&us_privacy=1---&schain=1.0,1!pixfuture.com,231,1,MTEyMDIxLTA0LTI2IDA5MDk6MTExMToyMDIw
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (via/F366) /
Resource Hash: 6a7bc1677070853b10c19bf5c3789139b38b3024a943e366f207699f70a61dbf

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:30 GMT
content-encoding: gzip
age: 85
x-cache: HIT
p3p: CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length: 507
access-control-allow-origin: https://imasdk.googleapis.com
last-modified: Thu, 08 Apr 2021 17:30:51 GMT
server: ECAcc (via/F366)
etag: "a31-5bf7968a2c8c0"
vary: Accept-Encoding
x-varnish: 1043813804 1043752272
via: 1.1 varnish
cache-control: public, max-age=3600, immutable
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/xml
expires: Mon, 26 Apr 2021 22:11:18 GMT

POST
H3-29 204 csi
csi.gstatic.com/ Frame F0A8 0
17 B 27ms
26ms Ping
image/gif 2a00:1450:400e:80d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~knz3if5o&c=1237164597814&slotId=618582298907&fb=ima-html5&sdkv=h.3.453.0&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&vmfc=1&vhc=0&ghmsh_eids=44739826
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:400e:80d::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 21:11:30 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 loader.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame F195 50 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/loader.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

733f87f07bd9fe3cb01564f66523fbbcc3bb54614363eda52236e5cd32ca3d5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:10:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 21 Apr 2021 20:57:11 GMT
server: sffe
age: 71
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18070
x-xss-protection: 0
expires: Mon, 26 Apr 2021 21:25:19 GMT

GET
H/1.1 200
OK vpaid.1.0.6.js Show response
synacor.autoplay-plugins.static-origin.syn-cdn.com/vpaid/ Frame F195 306 KB
92 KB 654ms
220ms Script
text/javascript 69.168.106.81
SYNACOR-CLUSTER

General

Check archive.org

Show headers Download Go to

Full URL: https://synacor.autoplay-plugins.static-origin.syn-cdn.com/vpaid/vpaid.1.0.6.js
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/loader.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.168.106.81 , United States, ASN36271 (SYNACOR-CLUSTER, US),
Reverse DNS
Software: nginx /
Resource Hash: c9caf66159cb30ccddae214c368c7c0333ac63a039c7b847d9a02a61681c8ce9

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 21:11:31 GMT
Content-Encoding: gzip
Age: 4299681
P3P: CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
Connection: keep-alive
Content-Length: 93702
Access-Control-Allow-Origin: *
Last-Modified: Mon, 01 Mar 2021 15:58:41 GMT
Server: nginx
ETag: "4c659-5bc7bb10d6e40"
Vary: Accept-Encoding
X-Varnish: 419265312 1048677
Via: 1.1 varnish
Cache-Control: public, max-age=31536000, immutable
Accept-Ranges: bytes
Content-Type: text/javascript
Expires: Tue, 08 Mar 2022 02:50:09 GMT

GET
H2 200 ads Show response
pagead2.googlesyndication.com/gampad/ Frame 7616 0
51 B 32ms
19ms XHR
text/html 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?iu=%2F127641337%2Fbangordailynews.com875242&description_url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&env=vp&correlator=2646650224867193&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=640x480&unviewed_position_start=1&vpmute=0&vpa=auto&cust_params=domainname%3Dbangordailynews.comA%26viewability%3D0&gdpr_consent=_755&gdpr=1&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&sdkv=h.3.453.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70%2C728x90&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&us_privacy=1---&sdki=44d&adk=2408233548&sdk_apis=2%2C8&sid=DB048904-4851-4458-9185-16AA62910FDE&eid=44731467%2C44739826&dlt=1619471490052&idt=395&dt=1619471490902&scor=1955038582747619&ged=ve4_td1_tt1_pd1_la1000_er3475.200.3634.500_vi0.0.1200.1600_vp0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:30 GMT
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-creative-id: -2
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK abt Show response
capi.connatix.com/tr/ Frame E98A 0
300 B 129ms
128ms XHR
multipart/form-data 3.23.122.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/abt?v=115064
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.23.122.187 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Mon, 26 Apr 2021 21:11:30 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://bangordailynews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H2 200 i Show response
vid-io-dub.springserve.com/vd/ Frame 64D4 0
119 B 56ms
56ms XHR
text/plain 52.16.123.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io-dub.springserve.com/vd/i?suuid=16f6ef16&ps_id=630417&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_982cce59.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.123.27 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://bangordailynews.com
date: Mon, 26 Apr 2021 21:11:30 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0

GET
H2

200

usersync Show response
usync.proper.io/v1/
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3Ddac3b70f-69b7-4d2e-8adf-d0a5a988ec5b%26uid%3D%24%7BBSW_UUID%7D?gdpr=true&us_priv...
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3Ddac3b70f-69b7-4d2e-8adf-d0a5a988ec5b%26uid%3D%24%7BBSW_UUID%7D?gdpr=true&u...
https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=dac3b70f-69b7-4d2e-8adf-d0a5a988ec5b&uid=ef2f4444-c0b2-4692-9ac8-7ae5e7d7b33e

183 B
386 B

619ms
200ms

Script
text/javascript

35.164.25.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=dac3b70f-69b7-4d2e-8adf-d0a5a988ec5b&uid=ef2f4444-c0b2-4692-9ac8-7ae5e7d7b33e
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.164.25.130 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 6554330651c357e589d170f25f5d5ff98edb0c81f8f22b91b7ddb960c676b011

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 26 Apr 2021 21:11:31 GMT
server: nginx/1.18.0
content-length: 183
content-type: text/javascript

Redirect headers

location: https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=dac3b70f-69b7-4d2e-8adf-d0a5a988ec5b&uid=ef2f4444-c0b2-4692-9ac8-7ae5e7d7b33e
date: Mon, 26 Apr 2021 21:11:31 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

usersync Show response
usync.proper.io/v1/
Redirect Chain

https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_481a8a9d_19c7e078_2
https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_481a8a9d_19c7e078_2&verify=true
https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-fvGfkghE2uH9fx7wpkZ8DnGhuqyFBHRD~A

155 B
368 B

508ms
200ms

Script
text/javascript

35.164.25.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-fvGfkghE2uH9fx7wpkZ8DnGhuqyFBHRD~A
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.164.25.130 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 3e759ec047415d8f03587eb97d4026aeadeeeb5bf305495ff308f4053f5d3bb7

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 26 Apr 2021 21:11:31 GMT
server: nginx/1.18.0
content-length: 155
content-type: text/javascript

Redirect headers

Date: Mon, 26 Apr 2021 21:11:31 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-fvGfkghE2uH9fx7wpkZ8DnGhuqyFBHRD~A
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200
OK bidding Show response
bids.proper.io/api/ 0
171 B 806ms
198ms XHR
application/octet-stream 44.238.170.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bids.proper.io/api/bidding
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.238.170.237 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 26 Apr 2021 21:11:31 GMT
Connection: keep-alive
Content-Length: 0
Content-Type: application/octet-stream

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 3EAE 62 KB
21 KB 44ms
44ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

831cb0eead43f007ccc83bfbb5335762875256f25bc8b39e5f029270ee8c1adf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "854 / 712 of 1000 / last-modified: 1619435394"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21141
x-xss-protection: 0
expires: Mon, 26 Apr 2021 21:11:31 GMT

GET
H2 200 arj Show response
propermedia-d.openx.net/w/1.0/ 189 B
393 B 86ms
79ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://propermedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&aus=300x250&auid=543987690&aumfs=100&dddid=30a83382-4bd7-4661-8e98-59d3dad4ca1c&divIds=openx-892ca9b7-a910-4f05-9f32-111f3a348edc&be=1&bc=hb_pb_3.0.1&nocache=1619471491023&schain=1.0%2C1!proper.io%2Ce5961d07-eb92-11e9-a488-69e3386c7506%2C1&gdpr=1&x_gdpr_f=1&us_privacy=1---
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.205.4 /
Resource Hash: 816c5b546084b1a44578a6de2be6e3caf32adf0a9ab817ebf40e50988e471837

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 21:11:31 GMT
content-encoding: gzip
server: OXGW/16.205.4
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://bangordailynews.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 175
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 136 B
839 B 85ms
85ms XHR
application/json 185.33.221.88
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.88 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

151e849dff3509ad5554d96d721071102da4750c110a31ca93d45475bd921643

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 21:11:31 GMT
X-Proxy-Origin: 89.187.168.226; 89.187.168.226; 726.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.221.45:80
AN-X-Request-Uuid: 87e92d45-8a0b-4f1d-a607-80b717ccbb00
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://bangordailynews.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 136
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
429 B 133ms
41ms XHR
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 26 Apr 2021 21:11:31 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://bangordailynews.com
access-control-allow-credentials: true
cf-ray: 6462cdd3999b0742-FRA
access-control-allow-headers: Content-Type, Origin
cf-request-id: 09b19ef83c000007423ea7a000000001

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 87 B
661 B 353ms
118ms XHR
application/json 52.4.152.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.4.152.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: / 33Across
Resource Hash: 4fbc31b119278663b986595feceebff2c4e9f41d7b1a7b532777996773a93756

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 26 Apr 2021 21:11:31 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bangordailynews.com
access-control-allow-credentials: true

POST
H2 204 mvo Show response
tag.1rx.io/rmp/227583/0/ 0
175 B 140ms
49ms XHR
text/plain 213.19.147.42
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/227583/0/mvo?z=1r&hbv=3.26,2.1
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://bangordailynews.com
pragma: no-cache
date: Mon, 26 Apr 2021 21:11:31 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
117 B 170ms
79ms XHR
text/plain 35.156.13.167
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=VRocGdvPjMoAvAZb5Hd7q3fB&bidId=VRocGdvPjMoAvAZb5Hd7q3fB&bidfloor=0.1&consent_required=true&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&us_privacy=1---&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5961d07-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.13.167 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://bangordailynews.com
date: Mon, 26 Apr 2021 21:11:31 GMT
access-control-allow-credentials: true
vary: Origin

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 115 B
778 B 213ms
123ms XHR
application/json 216.52.2.39
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_3.26.0
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx /
Resource Hash: 6d433a9596b8e3b793485bfd211cd4a521004d18ec776ae8e31d1ce39ddb7158

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 26 Apr 2021 21:11:31 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://bangordailynews.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap7ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 111

GET
H/1.1 200
OK headertag Show response
as-sec.casalemedia.com/ 4 KB
2 KB 101ms
100ms Script
text/javascript 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headertag?v=9&s=161112&r=%7B%22id%22%3A%2266311471%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F%22%2C%22ref%22%3A%22%22%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22300x250-1-QmkP7%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22300x250-1-QmkP7%22%2C%22siteID%22%3A641802%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5961d07-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%2C%22us_privacy%22%3A%221---%22%7D%7D%7D&t=300&fn=window.proper_39b7d776_2fff1f12_3
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 46da0c003d7870ed675d43c21b29b31fa9ec3993d2740568f75f60497ffcf546

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 21:11:31 GMT
Content-Encoding: gzip
Server: Apache
Vary: Is-Traffic-Invalid,Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 1461
Expires: Mon, 26 Apr 2021 21:11:31 GMT

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ 205 B
557 B 150ms
61ms XHR
application/json 185.255.84.151
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?CanonicalUrl=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F

Requested by

Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.151 Paris, France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

9b221b234d916f51657b6da277ddc8dc151dc0eecd13a72e8478d8b9f3653f77

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 21:11:30 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bangordailynews.com
access-control-max-age: 3600
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 18
access-control-allow-headers: Accept-Encoding, Content-Type
content-length: 205
expires: 0

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 100 B
743 B 198ms
74ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2299d6280bbd529ba354ec%22%3A%2299d6280bbd529ba354ec%7C300x250%7C0.1%22%7D&ref=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&s=b20f292f-62b4-4577-8e1a-f601146824d3&pv=5f20719c-12aa-4a31-b829-0652d794a465&vp=desktop&lib_name=prebid&lib_v=3.26.0&us=1&ius=1&userid=dac3b70f-69b7-4d2e-8adf-d0a5a988ec5b&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5961d07-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D&gdpr=true&us_privacy=1---

Requested by

Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

Software

sonobi-go /

Resource Hash

7762146cd755caa19fbdf9abcc49139c50b8c78e01f5bdfebcb2d029eabee8af

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 21:11:31 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://bangordailynews.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 125
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
63 B 78ms
78ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://bangordailynews.com
date: Mon, 26 Apr 2021 21:11:31 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 / Show response
hb.emxdgt.com/ 0
162 B 153ms
66ms XHR
text/plain 18.196.230.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=1000&ts=1619471491031
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.230.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://bangordailynews.com
date: Mon, 26 Apr 2021 21:11:31 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ 184 B
372 B 103ms
12ms XHR
application/json 2a02:fa8:8806:12::1460
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:12::1460 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: 1562c64c3757fb3eb6af1c4f1797d5d86519a4b85ce3920ca4c1298c66d5a9cf

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 21:11:31 GMT
server: nginx
content-type: application/json
access-control-allow-origin: https://bangordailynews.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 184
expires: 0

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 117ms
116ms Image
image/gif 54.174.65.254
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=i5lwowrnnztueuzummzwmzcdku2w443f&inx=0&rt=11601&val=An+unexpected+error+occurred+within+the+VPAID+creative.+Refer+to+the+inner+error+for+more+info.+%7C%7C+Error%3A+NO_FILL&wnx=1&abc=&ty=aer&v=0&ext=0&ta=1&lnx=0&sid=wegb4rEJFhNbEzXdMh0WvgKTG3yDTusU&pid=bangordailynewscom&wid=0011r00002SRK6m_6242&pt=a&anx=2&arx=2&crt=6548&s=0&aty=vid&tty=ac&rol=mid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.174.65.254 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:31 GMT
last-modified: Wed, 30 Dec 2020 14:34:46 GMT
server: nginx
accept-ranges: bytes
etag: "5fec9006-23"
content-length: 35
content-type: image/gif

GET
H3-29 200 pubads_impl_2021042101.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 3EAE 301 KB
106 KB 50ms
50ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042101.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

59c35f54d601301c5ad4ac4d92d0d60f8c09e264cafe2e61a756c059889b6da9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 21 Apr 2021 08:38:12 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108325
x-xss-protection: 0
expires: Mon, 26 Apr 2021 21:11:31 GMT

GET
H2 200 sellers.json Show response
contango-cdn.technoratimedia.com/ Frame F195 16 KB
3 KB 93ms
23ms Fetch
application/json 152.199.22.191
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://contango-cdn.technoratimedia.com/sellers.json
Requested by: Host: synacor.autoplay-plugins.static-origin.syn-cdn.com
URL: https://synacor.autoplay-plugins.static-origin.syn-cdn.com/vpaid/vpaid.1.0.6.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.191 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (via/F30A) / Express
Resource Hash: 149427d1e2fd50d4b32620d1a4e8b0e583fc8fb521c39c763c053c055cf0b83c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:11:31 GMT
content-encoding: gzip
etag: W/"3fb7-cwp67UcanPz01TchkJaDZBXNtVY"
last-modified: Mon, 26 Apr 2021 21:02:41 GMT
server: ECAcc (via/F30A)
age: 531
x-powered-by: Express
vary: Accept-Encoding
x-cache: HIT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=86400
content-length: 3299

POST
H/1.1 200
OK g Show response
capi.connatix.com/rtb/ Frame E98A 117 B
404 B 154ms
153ms XHR
multipart/form-data 3.23.122.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/rtb/g?v=115064
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.23.122.187 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: c4de6303dd67dd974fed52872ff034dbbb3d3ff2b4657817548bee0410d986dc

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Mon, 26 Apr 2021 21:11:31 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://bangordailynews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 123

GET
H2 200 1553 Show response
vid.springserve.com/rt/ Frame F195 2 KB
1 KB 56ms
56ms Fetch
application/xml 52.210.137.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/rt/1553?w=640&h=360&cb=9262585101595309&ap=1&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&crossdomain=0&testbucket=75&ud=0&bt=0&sec=1&nc=0&domain=bangordailynews.com&sid=82378%2F89209&adunit=82378%2F89209&client=82378&payid=e108f11b2cdf7d5b&is_inview=1&inview=1&avs=1&vp=100&vw=1&sizebucket=large&mute=1&schain=1.0%2C0!synacor.com%2C82378%2C1&usp=1---&us_privacy=1---
Requested by: Host: synacor.autoplay-plugins.static-origin.syn-cdn.com
URL: https://synacor.autoplay-plugins.static-origin.syn-cdn.com/vpaid/vpaid.1.0.6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.137.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 20fea3d720e927708d1355102dc8f4b24b1875d5e375ea19c2b76bc39063ec6e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://bangordailynews.com
date: Mon, 26 Apr 2021 21:11:31 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-encoding: gzip
content-type: application/xml;charset=UTF-8

GET
H2 200 vpaid_982cce59.js Show response
vpaid.springserve.com/production/ Frame 9D1F 483 KB
86 KB 40ms
40ms Script
application/javascript 2600:9000:20c8:a400:15:6f6c:b180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_982cce59.js
Requested by: Host: synacor.autoplay-plugins.static-origin.syn-cdn.com
URL: https://synacor.autoplay-plugins.static-origin.syn-cdn.com/vpaid/vpaid.1.0.6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c8:a400:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 917a243df62d59505a727f26b2d8c554c02ba074e678fb4f0386a3e58f6df1a2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 18:42:00 GMT
content-encoding: br
last-modified: Tue, 20 Apr 2021 18:40:58 GMT
server: AmazonS3
age: 527372
etag: W/"f71e7ede41bd33d400f47552243c4827"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 bd86a70de12d26e8fcde971fee50512c.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD50-C1
x-amz-cf-id: 5evjmm2nIqdI-UNU3BP1LbsMoTOFeY9tWgV0-RNg7b5csU8OJlcHcQ==

POST
H2 200 s2s Show response
eb.proper.io/ 199 B
695 B 259ms
249ms XHR
application/json 2606:4700::6811:4e22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eb.proper.io/s2s?proper_uid=dac3b70f-69b7-4d2e-8adf-d0a5a988ec5b
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4e22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 956858d5eb4ca6dc377007bf3dfbbe19da8ebf8d613ba3ade89ab50cf585bd82

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 21:11:32 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://bangordailynews.com
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6462cdd7fc054eeb-FRA
cf-request-id: 09b19efafa00004eebe60f3000000001
expires: -1

POST
H2 204 springserve Show response
uat-net.technoratimedia.com/openrtb/bids/ Frame 9D1F 0
296 B 451ms
125ms XHR
text/plain 150.136.26.45
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://uat-net.technoratimedia.com/openrtb/bids/springserve
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_982cce59.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 150.136.26.45 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 26 Apr 2021 21:11:32 GMT
via: 1.1 varnish
server: nginx
age: 0
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 370725194
access-control-allow-origin: https://bangordailynews.com
access-control-allow-credentials: true

POST
H2 200 i
vid-io-dub.springserve.com/vd/ Frame 9D1F 0
0 57ms
56ms XHR
text/plain 52.16.123.27
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io-dub.springserve.com/vd/i?suuid=9bb73e96&ps_id=623440&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_982cce59.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.16.123.27 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://bangordailynews.com
date: Mon, 26 Apr 2021 21:11:32 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0

POST csi
csi.gstatic.com/ Frame F0A8 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: trk.vidible.tv
URL: https://trk.vidible.tv/trk/ad-engine-response.gif?bcid=59b6c8917cdce075232fe0e3&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.63&r=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&s=true&sid=b25053ae-5c53-4bb5-bd77-7fb167f33f7b&vvuid=594ab662-fce1-45e7-9234-3efdb41d28a9&orgId=24140&plcid=1003583&vrid=24df4d77-8c94-42a1-8e57-73b62bcc8976&at=preroll&adIdx=-1&pbl=true&ps=html5-vpaid&seq=-1&spaceid=793604934&v=593fb311c214e33ec50202f0&w=0&aert=168&ar=no&fo=0&ft=0&h=0&cb=0.6571714942089599

Domain: csi.gstatic.com
URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~knz3id0i&c=1237164597814&slotId=618582298907&fb=ima-html5&sdkv=h.3.453.0&mrd=4&aab=1&itv=1&uet=2&met.4=err.knz3idiv&aec=901&rec=loaded-1%7Cshow_ad-1%7Cerror-1

Domain: csi.gstatic.com
URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~knz3idyp&c=1237164597814&slotId=618582298907&fb=ima-html5&sdkv=h.3.453.0&mrd=4&aab=1&itv=1&uet=2&met.4=err.knz3ie51&aec=901&rec=loaded-1%7Cshow_ad-1%7Cerror-1

Domain: csi.gstatic.com
URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~knz3ifl2&c=1237164597814&slotId=618582298907&fb=ima-html5&sdkv=h.3.453.0&mrd=4&aab=1&itv=1&uet=2&met.4=err.knz3ih0h&aec=901&rec=loaded-1%7Cshow_ad-1%7Cerror-1

Verdicts & Comments Add Verdict or Comment

341 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

39 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tinypass.com/	1970-01-21 05:51:11	Name: LANG Value: en_US
.bangordailynews.com/	1970-01-20 11:22:23	Name: _ml_id Value: 85f106e94802ff6b.1619471480.1.1619471482.1619471480
bangordailynews.com/	1970-01-20 03:12:54	Name: cto_bidid Value: PXbU5l9vOFNRSndyJTJCaWsxMERRS2N4ZDUxVWRCTnNlYzg2NVclMkJyRUtmeXpkJTJCWXUwRkNxd2JlRk9iZTI5QlBMTXRuJTJGZmUzcER5TlhCTiUyRkdmWXVsbXVBcjNGOGclM0QlM0Q
.tinypass.com/	1970-01-19 17:51:15	Name: ch_sid Value: a8GwJCAEDD2bPOA
bangordailynews.com/	1970-01-20 02:36:47	Name: pnespsdk_visitor Value: 1vx95z1jy68vn05s
bangordailynews.com/	1969-12-31 23:59:59	Name: pnespsdk_ssn Value: %7B%22%24s%22%3A1619471480791%2C%22visitNumber%22%3A1%7D
.bangordailynews.com/	1970-01-19 18:34:23	Name: __pat Value: -14400000
.bangordailynews.com/	1970-01-20 11:22:23	Name: __tbc Value: %7Bjzx%7D8jDEHxOqpL8qr2PEo4tolIFrq3vhMQo0SmusEvbwCBdJQf1ecxw-D0Y4NQT0o8gAiKND2r8uxuLQ96hLHGk-Kz_KjmHDe_cCw78w2Ty9zDKOjIIkH6gmZw9EthoDnEgaT7yOLjkew0vrrlYWyqoNDA
bangordailynews.com/	1970-01-19 18:34:23	Name: ac_user_id Value: ac2s08vwpegt304587855b9affe7f90dd2a12679432f64ce59038c557cee3e9da11852caf5b1b82
bangordailynews.com/	1970-01-19 20:00:47	Name: __pnahc Value: 0
.bangordailynews.com/	1970-01-19 20:00:47	Name: _fbp Value: fb.1.1619471480368.1268646807
.bangordailynews.com/	1970-01-19 17:51:13	Name: _ml_ses Value: *
bangordailynews.com/	1970-01-19 18:34:23	Name: _pbjs_userid_consent_data Value: 3524755945110770
.bangordailynews.com/	1970-01-19 17:52:37	Name: _gid Value: GA1.2.2137732637.1619471480
.bangordailynews.com/	1970-01-20 11:22:23	Name: xbc Value: %7Bjzx%7D5p57FlIFfzaOwf3XfYE4azmHzx9SSwv798mOqrWt7a2v0o7IrU-ZCEkIkl1DeiLK7b7eXesWLD0yLzQE9uGzI7p8hegr93wu9OP7AMmnptJnpxUUTRbs1xo0lFjnDrvzl2Ya6gjWqx7w6hCbwkbNkb3gtRRstBBn7HMG2-sE_Cdxkr28SlfHx3Ob2eK8UmLBzgPkxbJzp0uQJ0AkO2Qk_Xf96BR8jT_9X9GJXzuV8a16p3SEsWJjQu37IKq5NXOi95Dmnyrg_1wRKtqABhZlfvEqipW4Nz2c82YLAaEc37i9oWbbh0iyl9PXyw93EevCwFYo4taA8LYWgO1Cd1tPWjyC5rab-2ALkgl7CbVvkf1fs71Lc4eVEhqZL7QCzzm3RfAJNaZBVejpP6J0DHNccA
bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft	1970-01-23 09:27:11	Name: ls___tp-metricsGAAccount Value: disabled
bangordailynews.com/	1970-01-20 03:19:59	Name: _chartbeat2 Value: .1619471480225.1619471480225.1.DFZWtlBpkOsxB5i3gI3kN1eDGQBIS.1
bangordailynews.com/	1970-01-20 03:19:59	Name: _cb Value: BmU1n3DIOXwXCZMh2s
.bangordailynews.com/	1970-01-19 22:10:23	Name: _pubcid Value: dac3b70f-69b7-4d2e-8adf-d0a5a988ec5b
.bangordailynews.com/	1970-01-19 17:51:11	Name: _dc_gtm_UA-5329647-52 Value: 1
bangordailynews.com/	1970-01-20 02:36:47	Name: ntv_as_us_privacy Value: 1---
.bangordailynews.com/	1970-01-19 17:51:15	Name: AMP_TOKEN Value: %24NOT_FOUND
bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft	1969-12-31 23:59:59	Name: Value: test
bangordailynews.com/	1970-01-20 03:12:54	Name: cto_bundle Value: DJIIfF9xWmglMkZ1T1lwZ1NLNkRrbGZldVZoQUFSZWoyUXlGaGZaUlNUUGdFbzY3cVA5ZEMlMkJGZCUyRjlGanVwNFlGTHB0c0lIeVc1RzFvZHJYOTR2VE82SmtyMU8lMkJFcnZWVHEwZTJKbVdjcllNVkNDNmFDVWRPV1JOSmJ5ZVgzR1Fza2pZamhw
.bangordailynews.com/	1970-01-19 17:51:54	Name: FCCDCF Value: [null,null,["[[],[],[],[],null,null,true]",1619471479726]]
bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft	1970-01-23 09:27:11	Name: ls___tp-trackOnlyAids-expiration Value: 1619557881
.bangordailynews.com/	1970-01-20 03:20:35	Name: _parsely_visitor Value: {%22id%22:%22pid=06d89b9957dc6263508f366e43a5a47a%22%2C%22session_count%22:1%2C%22last_session_ts%22:1619471479601}
bangordailynews.com/	1970-01-20 02:36:47	Name: _pubcid Value: dac3b70f-69b7-4d2e-8adf-d0a5a988ec5b
bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft	1969-12-31 23:59:59	Name: ntvSession Value: {}
bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft	1970-01-23 09:27:11	Name: ls___tp-metricsGAAccount-expiration Value: 1619557881
.bangordailynews.com/	1970-01-20 11:22:23	Name: _ga Value: GA1.2.971043729.1619471480
.tinypass.com/	1970-01-19 17:52:37	Name: LANG_CHANGED Value: en_US
bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft	1970-01-23 09:27:11	Name: ls___tp-trackOnlyAids Value: %5B%5D
.bangordailynews.com/	1970-01-19 18:34:23	Name: __pil Value: en_US
.bangordailynews.com/	1970-01-19 17:52:37	Name: __pvi Value: %7B%22id%22%3A%22v-2021-04-26-23-11-20-032-SnA2Uty21IPt6amN-d2ad19a1efd03d0e145f58606f9b778c%22%2C%22domain%22%3A%22.bangordailynews.com%22%2C%22time%22%3A1619471480750%7D
bangordailynews.com/	1970-01-20 03:19:59	Name: _cb_ls Value: 1
.bangordailynews.com/	1970-01-19 17:51:13	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/%22%2C%22sref%22:%22%22%2C%22sts%22:1619471479601%2C%22slts%22:0}
bangordailynews.com/	1970-01-19 17:51:13	Name: _cb_svref Value: null
bangordailynews.com/	1970-01-19 17:51:11	Name: __adblocker Value: false

21 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://hubspot.fedscoop.com/e2t/tc/VVtbbF268JrwW42vy7Q5XWCP5W99f7mw4qLW2MN5_C1nX2-G_BV1-WJV7CgY8sW4C0j0Q5DBg--N8nfYJ8NR4FxW65CZwB3TD_ZgW6lKmPq8k81xyW3qvRnr35zBHzW6jMv_n1HTk8FW7wGZQb6S6Dy0W1y8LK43tXyxzW70Xypj9fywsRW2ZZSql1bvwZXW7V1RFz4lvpzcW56rK7L3h_HC0W5-rG0P3K7j62W6gcfw75kd4QRW6wyN7t4JM843N7VqDX54BHcqW7S-gj52nDkMTW2z_3dT13pcDfN7--9lSzFPcxW4SN5XV1GjFWdMgTYNSfTsBzW1P39RX3Y_flkW5BTl6v80kDXdW6S7s467lPRsMW2w82sk6H2zLYW1hRGG72Z_zsjW4rPGkB154XtFW9k94HV1W3lVfW2Pj5bQ3jRrHkW6Cxggd5_0f0y37gk1(Line 13) Message: toS
console-api	log	URL: https://c0.wp.com/c/5.7.1/wp-includes/js/jquery/jquery-migrate.min.js(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2
console-api	log	(Line 1) Message: undefined
console-api	log	URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/(Line 2075) Message: Remove cookie
console-api	warning	URL: https://ads.pubmatic.com/AdServer/js/pwt/158127/2642/pwt.js(Line 1) Message: fun-hooks: referenced 'registerAdserver' but it was never created
console-api	warning	URL: https://serv-vdo.pixfuture.com/vpaid/vast_prebid_init.php?zoneid=11&siteid=231&keywords=holden,brothers,sue,northern,light,over,data,breach,they,claim,left,them,vulnerable,identity,theft&url=https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/&ads_counter=not_started(Line 241) Message: CMP had been found
console-api	log	URL: https://global.proper.io/payloads/latest.js(Line 1) Message: Received a response from CMP [object Object]
console-api	log	URL: https://global.proper.io/payloads/latest.js(Line 1) Message: USP CMP found.
console-api	log	URL: https://global.proper.io/payloads/latest.js(Line 1) Message: Detected CMP API is directly accessible, calling it now...
console-api	log	URL: https://global.proper.io/payloads/latest.js(Line 1) Message: Received a response from CMP [object Object] true
console-api	log	URL: https://global.proper.io/payloads/latest.js(Line 1) Message: USPAPI workflow exceeded timeout threshold.
console-api	warning	URL: https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3ISQrAIAwAwA_VBD31N8Ul2NgQoYn0-715GwY_bp0cG5tjvak-czkO24aytAmBcL_9QOFimLUvyW-IkCAl5HjqPpk1C12kYRkM-wFw5y1kYAAAAA?compressed=true&v=12.167.0(Line 1) Message: Can't configure errorHandler: TypeError: Cannot read property 'getItem' of null
console-api	log	URL: https://serv-vdo.pixfuture.com/vpaid/push_player.js(Line 4) Message: Pushing Player
console-api	log	URL: https://serv-vdo.pixfuture.com/vpaid/ads-iframe.js(Line 857) Message: Plays ads
console-api	error	URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/0.js(Line 52) Message: 23:11:27.989 [ERROR] EventBus: TypeError: Cannot read property 'length' of undefined event [object Object]
console-api	error	URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/0.js(Line 52) Message: 23:11:27.989 [ERROR] EventBus: TypeError: Cannot read property 'length' of undefined event [object Object]
console-api	log	URL: https://serv-vdo.pixfuture.com/vpaid/ads-iframe.js(Line 857) Message: Plays ads
console-api	error	URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/0.js(Line 52) Message: 23:11:28.747 [ERROR] EventBus: TypeError: Cannot read property 'length' of undefined event [object Object]
console-api	error	URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/0.js(Line 52) Message: 23:11:28.747 [ERROR] EventBus: TypeError: Cannot read property 'length' of undefined event [object Object]
console-api	log	URL: https://serv-vdo.pixfuture.com/vpaid/ads-iframe.js(Line 857) Message: Plays ads
console-api	log	URL: https://global.proper.io/payloads/latest.js(Line 1) Message: CMP workflow exceeded timeout threshold.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acds.prod.vidible.tv
ads.adaptv.advertising.com
ads.pubmatic.com
ampcid.google.com
ampcid.google.de
anyclip-d.openx.net
ap.lijit.com
apex.go.sonobi.com
api-esp.piano.io
api.rlcdn.com
as-sec.casalemedia.com
assets.anyclip.com
assets.revcontent.com
bangordailynews.com
bangordailynews.coral.coralproject.net
bc-ssb-dub.springserve.com
bdn-data.s3.amazonaws.com
bids.proper.io
btlr.sharethrough.com
buy.tinypass.com
c.amazon-adsystem.com
c0.wp.com
capi.connatix.com
cd.connatix.com
cdn-ssl.vidible.tv
cdn.parsely.com
cdn.pixfuture.com
cdn.revcontent.com
cdn5.anyclip.com
cds.connatix.com
config.anyclip.com
connect.facebook.net
contango-cdn.technoratimedia.com
csi.gstatic.com
d25dfknw9ghxs6.cloudfront.net
d2s8wlbatk24s7.cloudfront.net
dmx.districtm.io
eb.proper.io
experience.tinypass.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
global.proper.io
graph.facebook.com
gum.criteo.com
hb-api.omnitagjs.com
hb.emxdgt.com
hbopenbid.pubmatic.com
hubspot.fedscoop.com
i.piano.io
i0.wp.com
i1.wp.com
i2.wp.com
ib.adnxs.com
id.tinypass.com
images.revcontent.com
imasdk.googleapis.com
img.connatix.com
img.revcontent.com
jadserve.postrelease.com
js.matheranalytics.com
lreprx-server.anyclip.com
match.adsrvr.org
mug.criteo.com
p1.parsely.com
pagead2.googlesyndication.com
ping.chartbeat.net
pixel.anyclip.com
pixel.quantserve.com
pixel.wp.com
pixfuture2-d.openx.net
player.anyclip.com
propermedia-d.openx.net
px.moatads.com
reflex.media.syn-cdn.com
rules.quantcount.com
s.ntv.io
s0.2mdn.net
search.spotxchange.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
serv-vdo.pixfuture.com
ssc.33across.com
static.chartbeat.com
stats.g.doubleclick.net
stats.wp.com
synacor.autoplay-plugins.static-origin.syn-cdn.com
tag.1rx.io
trafficmanager.anyclip.com
trends.revcontent.com
trk.vidible.tv
uat-net.technoratimedia.com
ups.analytics.yahoo.com
usync.proper.io
vid-io-dub.springserve.com
vid.connatix.com
vid.springserve.com
vpaid.springserve.com
web.hb.ad.cpe.dotomi.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.i.matheranalytics.com
www.npttech.com
x.bidswitch.net
z.moatads.com
csi.gstatic.com
trk.vidible.tv
104.16.190.66
107.178.250.234
13.224.105.229
13.224.112.38
142.250.185.98
150.136.26.45
151.101.114.137
151.139.128.11
152.199.22.185
152.199.22.191
178.162.133.150
178.250.2.146
178.79.242.139
18.196.230.57
185.255.84.151
185.33.221.88
185.33.221.91
185.64.189.112
185.94.180.123
192.0.76.3
192.0.77.2
192.0.77.37
192.0.78.146
199.60.103.225
2.18.233.180
2.18.234.163
2.18.234.21
2.18.235.40
204.48.28.205
213.19.147.42
216.52.2.39
2600:9000:20c8:a400:15:6f6c:b180:93a1
2600:9000:20c8:b400:18:1fcd:34e:d2a1
2600:9000:20c8:c00:6:44e3:f8c0:93a1
2600:9000:20eb:8c00:9:4c16:5180:21
2600:9000:21f3:f200:d:77c3:2dc0:21
2606:4700:20::ac43:4671
2606:4700:3037::6815:e6f
2606:4700::6810:2a41
2606:4700::6811:4e22
2606:4700::6811:b6b1
2620:116:800d:21:36a9:ecb:e518:b308
2a00:1288:80:800::7000
2a00:1450:4001:803::2006
2a00:1450:4001:803::200e
2a00:1450:4001:808::2003
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80e::2004
2a00:1450:4001:810::2002
2a00:1450:4001:810::200e
2a00:1450:4001:813::2008
2a00:1450:4001:827::200a
2a00:1450:4001:828::200e
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::200a
2a00:1450:400c:c0d::9a
2a00:1450:400c:c0d::9b
2a00:1450:400e:80d::2003
2a02:2638::1c
2a02:fa8:8806:12::1460
2a03:2880:f01c:800e:face:b00c:0:2
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.120.52.76
3.122.87.145
3.123.45.128
3.126.56.137
3.23.122.187
34.120.133.55
34.248.121.96
34.252.21.138
34.96.85.105
35.156.13.167
35.164.25.130
35.174.89.216
35.244.159.8
44.238.170.237
52.16.123.27
52.203.28.84
52.210.137.162
52.216.176.227
52.30.186.230
52.4.152.106
52.4.50.244
52.52.166.208
54.144.144.142
54.166.210.103
54.174.65.254
54.195.94.143
69.168.106.81
01a8d3f4c7e0263845c2480b92812b0c50b72123c8e2bdeb5ac594ffb9a6679c
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
03fa924099182c607c33fb7877f50e7de0ae3522e1bcff8f7247ae5e88a2b25b
04b25bf1bce048c6c1ee2b85818b0c335193bef7bfcc62a2bb9a58c021de28b8
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0595e7d433e3e142736ce98a4df9b8193ee226f392dcb7d8ed6291def1bd970a
05b4aeada635e360f83307e47f81ed9f16d40c629fc2f8f8680d29594cfe022f
064f4bac94e9ff6a1a83ad14389745dfdb762132ffd6fb21cea533c72abb6f24
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
0730dcdcc5c4da68d88294b596ef4049ff1c75cc0de96e1684dd269e5bf0f615
074e983a3f30d6842f672e0bfb8f30b3fdb2847c856b39bfec3fe0fe06e5b6ab
08d19de9a8d2d436a8f65e2cfe40c15937761b17d76e77b8edc29529f15b6b2c
0ae5ed57dc48abbee125d5f915e37110c9f2bb6a95d1aa5ccf3c141f8fe10db3
0b7b74a139779fba8e1d17d597aa7cbffa27bd33d2b5c43d8039264c2a627412
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0e15782517f2a5d7cbf2d88e2e861b518ee4794e3bf7a09cfc72ff420c8e5d06
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
0f2aa0b48a55e5bada7d08c3a536a9c3d33cf0b4a6cd600a9b3a9aa743dd9ff1
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
115c7b67d5ef5d6fac8f12989a63efc39f2ccc39855b33e031a2a65519040e0b
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
1441bff79eb18764087ec481fa0018adb219abe2bf3178ece73aa8e0d35f12f3
144bc702fd7d0201a22691d071e63a96f65412ed61b2bc30eb6c1a5d481e2ad0
1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc
149427d1e2fd50d4b32620d1a4e8b0e583fc8fb521c39c763c053c055cf0b83c
151e849dff3509ad5554d96d721071102da4750c110a31ca93d45475bd921643
1550346cc4acb90924ac38fd0a7157a20e8750c2df0fa0cfab411980c9bc1cfe
15545d12a24bc9e8a8f459860336b85734f18632692e5bbc1b79982a4a28bdb3
1562c64c3757fb3eb6af1c4f1797d5d86519a4b85ce3920ca4c1298c66d5a9cf
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1711edcf9f24fffab7f631a0f721dd91bccc3d72217d13b67e01de9245481ecb
18bd9979ced86ec37946bfd5d2d1ba858d261aca517a54948a33b0fbda732e92
19cff09123b7c8f052b5fcf83f97eda885abeceac7abac7d9f6e1a286a2f40dc
1a2f415894088c48d895ce6549090ee756a6f1b3e05699bbf0547b005b3b68d3
1aa314547ce42a841114244d202e9e2ffe8b62593034414b9cfc88b26a6f7876
1b3f47c88cda76867aaf6d622b230307763d73eb759601b447b2c4deb912904f
1eab91f81bf81819c8832c3a70044b09fc8a6c73fd75df3eda4b0decda03da4f
1ed5713de0feed728849b01e0bdbbfb9574edd0aa49aef145c52fd477f7826e5
20fea3d720e927708d1355102dc8f4b24b1875d5e375ea19c2b76bc39063ec6e
2197820c8ec59d71befa274a43dd7b5d573d59bd720313e83610c997316d3d6c
22397b41dbe5333180c07d20dbc2d3dac3742e1e1cd2cbeb9fc3126d9a249b51
22e700a34535e7c4198bfc1becd6af81613deff15f98a63f02f40af444687939
22f33d9c97ff6f997646879b8859e8f7613938db6d57268412c75e9830ba8900
2391cc30306861b59fcdb16b83a8f427ee342e5f5d6e8299a91d586687e8bef2
24c0e9f44162bbae5a0426d68c0c36368f3c945a96043cc6cb1ccfe8ec12f8cd
25234bf0138f056ab8b0706a3f5d76bcee06a5bfa500f3bb04e715c252476c6c
265a9021a7dab4a38e6f910cebc316b99f48a3f526ce54a1d3b880fd6461a72c
26a8833b3f616d42ce16ba186e2283f43aaca6b97ce2231d38e8789bfc6f0798
2bf4b5202559dbe01d8188a3adb26d68755a69064f233ef63f284b08efaed6ad
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
3160d60bd35ec46668de0789dd5566aff8a9182ef7896e68ef98550d24211426
326d0bda74e1b897845728260dafccd9ec8847ce2180eb0cae0255097308f688
3284132fdb7ccdd0ccc87aa0b7651fea00583f9900d25915b834567b6afae59b
32b24176630969394e10f1ce73fb23aed0d4dd274323b281dbbad12b493fa5c3
34a076e639ab3a82f7aabf481baea42f28f323dd18176be527f7a64e8f528ade
35093baf103e71966e4a720b9f6785024df6ac9be544e6411c696b438957b74b
3755d95c7e731819ba231813d9f769b66e091cb4896c01e776043b41460caf1e
37b3fcaac2fff52fcc1a8fd979c1fe36f23477f9800b4a6474f37b8bbcaa74da
3aaf702c0f3b57c8d8ae99a8c98336e838c9fe4a6fa33cb4bbe5b268f4200963
3cc9389c9cfdbc0fb7c282c3026c3cd9c11894913f4cf60cf9d1140a1415ad0a
3d9d4096684439db1f8f6abe77c14d6bf45e21c93e011cc067f08d699e772a55
3e759ec047415d8f03587eb97d4026aeadeeeb5bf305495ff308f4053f5d3bb7
3ebd30a29a8df5a32c81526db897a1a34fd567a6f6743fef70a02171e911c2c9
3ee638689e343730a82027d03714f274b6c665cf7e3bf60b5208a3a0cdb3581d
3fa54e29f88aee644eaaac38e11681ea07858eb1ea76b1baae12597aae83fe82
408d8d61e635a2823dcb815d944a122d0f1c90fe33ac6467bf40c16ddec1602b
453e9cc6fc295196d8914da9858a388ce58a1dcb9b033aab9037aa2badbbc0d9
46da0c003d7870ed675d43c21b29b31fa9ec3993d2740568f75f60497ffcf546
4818ee6ad6d1167b02d5d560cbcebabbe23414debce3ee661c661f5fc7f0d87c
4d8c0efbdf5e45fa5383d08d690203d0d499e7a8279600f5aec0e264d7134ea3
4fbc31b119278663b986595feceebff2c4e9f41d7b1a7b532777996773a93756
51e78e904c795ed5b0154a9995d1ab0b7e3667f5aede719bda86ba38236c5989
55255cb11b3ec899f616cf39ebdb309a4af82996918d9324a539f97b22f6693e
55775baf70d2f1d40bac3a60de82e8e42b7e34687802f73671f25f2f60fdc6d4
56e08d9805d2273ad1d88eccd2a9ab07d98a2df54936d049bb73483ceb2ad398
573a89ca120aefa174231f8ac23a259f089f0ef0304a7f23b7cd05d3c1187e2e
57f83c06cedade6f7f939dd10d4eaf36923b631578205a859792898506d3d7a7
5882cd9b82d02334e5c37abdf7d4e21382f218b094cbb08479ea22c5c83162c2
59c35f54d601301c5ad4ac4d92d0d60f8c09e264cafe2e61a756c059889b6da9
59de2e9362cad9588726543deb9863ba7a6fa4cadf678f3814097a78ee3cb032
5a4e707bf57a8ff7474bf343837e5b2123ccf8d63245e9e29cc0a21788440d1d
5bb1dbff0830b6ff798a95ceb6d01d9c04ead26188e18da619699bc3135a1e47
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5d25942b7da85bc7cdb258cdb436227b1de7e3a2b50c61f7d7050eff911f88f1
5e1b5c70fbdc192fb65d3d904ba88264d1d0c2597d3dc86e2483de94fda7b8c8
5fe68142c54c445608347635bf9501e0dc95e3b774659bf900a3acd2c1cff5d6
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
607e9c3cd7cb12c02b763d658b5fa6064c12571584c23c1c3c862909f985d663
61c08be466a49ad1612b95a5d57048744ba6490a0a0a4ff0bafe302ef51dd3a8
63212c3f7b2974ad304272eae4a980c5913ac2c220d0bb47f396f46544b0e128
6554330651c357e589d170f25f5d5ff98edb0c81f8f22b91b7ddb960c676b011
66e0312cb1c8f068831abec6de6c5c6e8e7b6134881cc245c3fd99744619aec1
67386f7f6c11079518c59fdca44b5a6c5b17f4b8cda8ead4e993f3b2dfda0e5d
6967e76dda8a91ef00d9999741ea147446fa952edb4c0ed5522f2453693a25fc
6a7bc1677070853b10c19bf5c3789139b38b3024a943e366f207699f70a61dbf
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b59ddfb5e523c6ba40ed6fb7b912da7aef494812b9ae95767df2aef6a42a26b
6bb02f4b3e234d03c30f0a6c214ea2a851709f607db2edbb7cf4ad66a35561a3
6bd40ddeee3347941e62e54a12e1534a71c45517a8c5f61be6790feb1be4fee9
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
6c73cf3d94d29e498f66facb6891a9be80ef4f5caee6c9b09e6128b167b3c966
6d433a9596b8e3b793485bfd211cd4a521004d18ec776ae8e31d1ce39ddb7158
6d8673cdf4ca9648f88a93ef5e7286ba32b6f777ccb7a82eae62b6a95af3d51b
6dc5c9f36a861e185f9cf18b37141d6994018dc1049951ee5f0ec657bf4cb789
719d8b1d77fd1f103d9d3a46e4b96e5122d0edeb80b85565b5a6882f0b50d573
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
733f87f07bd9fe3cb01564f66523fbbcc3bb54614363eda52236e5cd32ca3d5e
737786f290221d12ae8613dadd87f7189d417e282c05c0c3d389f889ed1f978c
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b
7762146cd755caa19fbdf9abcc49139c50b8c78e01f5bdfebcb2d029eabee8af
778b1557f57ddb55a1ccc0b1dd882cd4199a0d80bc67d583c8ca43a661759361
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d
7c1d63e26285cc21e133de0ecdb2364c797317e45fd3405ddd49930a1e949a11
7cd95461f1915f7955a9fa168745fdff91b4c30058495667bc2429a60d2ccbab
8000d797097e74bfff377d2f3fca7e046ee4490ea4edb70c2c0b189575847629
80ee2d8ce5d2a3f78fc3b8eaa67bc266645c58b96d8a804556f1e6cb8737d0cf
816c5b546084b1a44578a6de2be6e3caf32adf0a9ab817ebf40e50988e471837
831cb0eead43f007ccc83bfbb5335762875256f25bc8b39e5f029270ee8c1adf
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84a81507549904bca8c739183162c261a1e499b8d7ae0645ae63eddb4903fd36
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
872454cbfd47b444a3fa6cfa9a74b0f57e5f6b3a47b9870108d2b0e5ce4aace5
88264adf3d3193fb56c229f0b92e2a6096770eb76996d1fedc95f5bcb208ccda
89b3c6b189f589bf3a4184c5be65e838779a825219c191f13e31c091adc25f89
8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7
8e73a30d35c83ea6a597c3343324d2b7df097ad26e67b62efb5266ee12d317b5
8f0ee98246498b18687e070bf26c82321a6d6a5096768ae64a831dbfb1c687da
8f958dca7921982c0e587c0606cf48887865fea588a623bdab97a33211c74726
90542f9de6cab010087ab4bcab0e3b0a2ec1e449e445434dc1bb5c852033f046
90a6c1119e64439672d3060b7a67c8387a236515704fdae29ed9ea534e2eeedf
9120fc5e7b83f3083c39b6ee71d2cd0322451890f95440289b32dca28294e68f
917a243df62d59505a727f26b2d8c554c02ba074e678fb4f0386a3e58f6df1a2
9451b6a3cdd0cdb92edab30292bd02e5a841fc9f27133ba127ee9717db70cff4
94958abd56157210ca8817aae604e1b23ab21f05aca5e38449a75181fe73d6c1
956858d5eb4ca6dc377007bf3dfbbe19da8ebf8d613ba3ade89ab50cf585bd82
9612c93d0a8f6c4d11b62d22658e36367025dad4fe1e154738cccc61ca741414
989f8d4c8cb3c69644f338fd1c860ad92300a155472c096619befde19f6adc96
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
992224de1fc2af7964f26e6f191525d0a844fcb391707631d058c86105dfe329
9b221b234d916f51657b6da277ddc8dc151dc0eecd13a72e8478d8b9f3653f77
9c183d21b8c2f33ee64aa01946495a4b240585d84054862fed3c6165a17e5bc9
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
9e5a3984c873d9f7009795b85f0d9bfa38e8f9dddc2309d83556aea4d7ee41a0
9ee528fae3270a18f9ef02e08baa054b2a428d449190346a68afefeb047fa6a6
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a10e468908f0836c577b2231649534f718e802fb941221bf488a6f8fcef5d186
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a15b1de9ebd27e92c9b23c0cd3651eb03fc0fb4e6989c007657d0a83b33a64d6
a24cc1d44b3023d00ab2d32622623c7dbf0b87727974904107b30bcbd3933d79
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
a76c8b8ecd594c086cc4849151090ad114d1688e039d33f0a6df1cb67b6ee277
a81ac9c01d11b5ff2ba40cf04af8ed6a38c341044b9bfc659d93211454ba9380
a9face165b5af8cc8cd1aef61858dc946c4296ee34ef63790747394d4f25c38b
ae2e6561ced3a7de5d3d9e66dddbffd15b8d0e6fc676f1b018916992755c8332
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
b13c2450599935398fcf77d05daaecbe1d1fc0df3ff2cbdf532d689701d16536
b17a1dde76cbfa8f7e19a7121ecde1ad3d2cc9fca6bbd795042d3f484b53d2a3
b2662757e77781a39210c37b7a5abc104e460d682416f70584b6eb19dfbdea67
b47ea457146a75df3b104a01ca95875cefeac7088fc7d262ea19e045ff7c9399
b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad
b71963704e136edf961e62f8293a52e71ec294d069270d5108d41001a1aeea79
b958e0f47861dde13a175cc69494bdb54f08e2b5e78cecf6abd16470d2085257
ba57c404a232b9810837dc515c6ec41d10b7d4558ecf62d5bab8c4435a72bd26
baac72a1bfa929ed13fe7e4ad64195bc0f9015c467c190eab6b06d67110e00df
bb0a3dda5577b7e9c474c62306eafef201802ea9498e3a23ebc9a43c67b16340
bb705299f61aeec4baf4a54ed4621c97f86270f9fccc894e23e260285c4613aa
bc8e9b883ae6b1e1ff73a54c0f4b25b4b21b45d6b7b94e1660d3b14048c18170
bf8a3d71354828a837da5f234fdeab608b2e535b11b4851e89d75b1686686635
c1c45358e23710e17cc8f7efdc30edfa2ab217cbb843f445b39921eaa1ae530e
c1d5e21849004e9801d70b2704762bba11a321bf7f6b07b4f84f9a6ed689db49
c280a532f1bfe942302340b698487d9fc32c8f5f0916fb27b3dc528d43226802
c340f2fc9103b3a383daf2262c4c58829e4acd29f2e18e02675a823f89eef33b
c4de6303dd67dd974fed52872ff034dbbb3d3ff2b4657817548bee0410d986dc
c842ab9a59af3f3d62511fdb5488ad527d2193c3371b5561ade4a2a19a8e7062
c8e4a27e6f793df7f0d93f11973224c9bdc0a6b182276ee211c2c140e87ff0db
c9caf66159cb30ccddae214c368c7c0333ac63a039c7b847d9a02a61681c8ce9
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caceb5c6afee7548a5281cfe5be7af62aee13db7652c5425af34a7d2661dd9fd
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cd1c57063478b82f0dbf91525785d7dd35115da8a1cee2aba6472bab7e069c7a
cdf3f88beb166e98d2656e957b247c886d1702027559a290e74a02d58d950c8c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d16d5e3a0aff3f3b11fb37c313e172797ff9e25f4298537beb8bb58038f81424
d225211fdc556dd164992c9b3fc91e398f326ff6fe42159a04291bb45f475b42
d2ab45aba734c6f2bd5cf4b106d5890152b22011f063358e0fa2dac3aa4145d6
d3154353d46d52fb4f4b3ca5832d8f0d30ca387dc03d1d754b8dc3404facde06
d38c017481e8cec527a67de72c5efc0855a694c6803f997a5bad66d409096c5a
d46cdf5cd6827461ac61fcff2768bfff82203c047c7c93e1c82091f1232610fb
d544eae637d61ee786c0a45bb0a7f250f9280bcd2ea1576655a761f1d397b8df
d5b949958171ec2adc2c5b926aa13d7a8db03067efe7a65844aabdac707074f0
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
d8503c041e7f21942aa95fcd5992a29989cb49116d3cb3bf096455658498417a
d9d56ba371a99b5c76a73f85319718e8ac8c0bbac5fcc5eccd52656061f02e6d
db4b253272b2002cec9f281c1444d5c0efea44dfaceb3dde7df26259f1ab96c1
dbdf77316101cc3b934e7f5499baa34d0ffb4aeefc00003327cc339e8ecdd23a
dd1be805fb7b6b55ba270703ce9e23cf5ba35bc271a2bcb7a65b321facf4ab9c
dd209c8b96b55de842b9a2ea39c082ed2fd84b2999cf71d90d9e3afbb2cb1746
df0abe41e3bc0c498565c24ec5a1d5ec36ba777fc75996fa6586fdf9211442d4
e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4c6fdab9a48f0a27f4bd33993a1b824c68d26ef992eace91e0650833c059e33
e5b874cb5c9f3a822335797b9ce5ef7a08fc29ec8e14d84c5662d41745e24b12
e6f388e9eae391c1de0edd3510f4df5cef223a0d4cae535a460ca4738e076cae
e8f1356fc872c07c400d3c261fc3a667e08f019eb2448626caa01a14d1417308
e98e8d723dd2eaca28bade949628d27e81e6cf8c9b3e0fd8091fe4b3843f78ce
eb20b25bccd61ce9602de4ea1a9ceb31f6f65a945ba5da6ed9e91c88486288bd
ebb072f8da4eb66f646b547ac6951e7de18e63c9165871d100a96f69327b38d2
ec8609274aad9ab0f68b806f4c736b84e6e8fc3bad2a3e2bb0f8389d2342d1d0
ec93813683cccb74a7896a34a2ed1b2163288620f6959ae06de3ded30cf518b9
ece8d21fc724b18df3d459e6932c68f067eedeea76f65e6e3c575173eb4e332e
ee5cf9111ad49f7f2de82277cfb3f825a54444269d7bc7724292582efbff6265
eeab69fe0fb6bd777609e74ee6e777f6f2aadef3cd2a3e11f5177e04a09eca5a
ef0b6e589e662ef1b9c44e23acea2320db067ebaf821d262febe0e4d576013f1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0af9a636e59c63d91b6c28c4d7af19bb4a4aadb0ffa66997f17736acef1d633
f14fdd346b1ec64d40a6a03c7cfb4561f784e8249c1fde667bf018ccff66c238
f1c022aff023cba27a95c593e440595dfb6f16413a18483866e74a56e2563db5
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f592bf3e47093c56c97793b1b58902d2a38495f5bb48f4fba1715b7080721fb6
f5ad06b3c530987c2dd5c6120fa353e676a7d30639156a8631b90ddb255f905f
f6ab38c80589bb5c0c5a3019da49047c6d1aadcb9feac43450f2d7769d662ace
f6e71ec6525b66bb5a9452265ee7a24e627f91697b7e341f6d69a6d06758b788
f83993e9f4eebf9e0e6041fec8768042b9ae0761e683b39e5c6bf3c3406c2e6a
fa180e0c5c49d672e65b866e3f0809042cc76209788f323267ab5e51ca386b3b
fba5dff2f0020535b59ad09fead980cd1e14159b4086713aada48c30d6f01a61
fc2e4fd761c3a7833d11973c14ace3a38828e52a56f1be8c5ba3ab7fe0376bcc
fd39aa74e7a2f67013146c1fee313d0095d43c06fda1355616a58634514351c4
fdd12761bc6e5a46c20a2e0053e3b53c7df5efae0e2aebd0eeb70b41bdfa75f8

bangordailynews.com Open in urlscan Pro 192.0.78.146 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

416 Requests

99 %HTTPS

36 %IPv6

60 Domains

110 Subdomains

89 IPs

7 Countries

11377 kBTransfer

31963 kBSize

39 Cookies

28 Outgoing links

Page URL History

Redirected requests

416 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

bangordailynews.com Open in urlscan Pro
192.0.78.146 Public Scan

Screenshot
Live screenshot

Full Image

416
Requests

99 %
HTTPS

36 %
IPv6

60
Domains

110
Subdomains

89
IPs

7
Countries

11377 kB
Transfer

31963 kB
Size

39
Cookies

416 HTTP transactions
9 data transactions