subscribe.duluthnewstribune.com Open in urlscan Pro
107.154.76.234 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://link.duluthnewstribune.com/click/30371758.81400/aHR0cHM6Ly9zdWJzY3JpYmUuZHVsdXRobmV3c3RyaWJ1bmUuY29tLz9vZnJncF9pZD04NjIlMkM...
Effective URL:
https://subscribe.duluthnewstribune.com/?ofrgp_id=862%2C863&?utm_market=duluthnewstribune&utm_source=email&utm_medium=promo_send&utm_cam...
Submission: On January 30 via api (January 30th 2023, 4:41:47 pm UTC) from US — Scanned from DE

Summary HTTP 130 Redirects Links 9 Behaviour Indicators

Summary

This website contacted 40 IPs in 5 countries across 28 domains to perform 130 HTTP transactions. The main IP is 107.154.76.234, located in District Heights, United States and belongs to INCAPSULA, US. The main domain is subscribe.duluthnewstribune.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on August 1st 2022. Valid for: a year.

This is the only time subscribe.duluthnewstribune.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	107.20.71.201 107.20.71.201	14618 (AMAZON-AES) (AMAZON-AES)
18	107.154.76.234 107.154.76.234	19551 (INCAPSULA) (INCAPSULA)
2	2a04:4e42:200... 2a04:4e42:200::485	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:400d:802::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:80d::2008	15169 (GOOGLE) (GOOGLE)
3	143.204.207.119 143.204.207.119	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:800::200a	15169 (GOOGLE) (GOOGLE)
4	2606:2800:233... 2606:2800:233:1cb7:261b:1f9c:2074:3c	15133 (EDGECAST) (EDGECAST)
3	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
8	2a00:1450:400... 2a00:1450:400d:806::200e	15169 (GOOGLE) (GOOGLE)
1 2	142.250.185.166 142.250.185.166	15169 (GOOGLE) (GOOGLE)
1	2600:9000:206... 2600:9000:206f:4600:1b:e643:4ac0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2606:4700::68... 2606:4700::6812:116b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:400c:c00::9c	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	54.221.251.148 54.221.251.148	14618 (AMAZON-AES) (AMAZON-AES)
8	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:400d:80e::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	2600:9000:210... 2600:9000:2104:7800:1d:8f09:740:93a1	16509 (AMAZON-02) (AMAZON-02)
3	13.32.110.66 13.32.110.66	16509 (AMAZON-02) (AMAZON-02)
1	18.65.39.24 18.65.39.24	16509 (AMAZON-02) (AMAZON-02)
1	65.9.66.51 65.9.66.51	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:600... 2a04:4e42:600::282	54113 (FASTLY) (FASTLY)
4	2a00:1450:400... 2a00:1450:400d:806::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:804::2002	15169 (GOOGLE) (GOOGLE)
1	2606:2800:133... 2606:2800:133:206e:1315:22a5:2006:24fd	15133 (EDGECAST) (EDGECAST)
7	52.216.129.141 52.216.129.141	16509 (AMAZON-02) (AMAZON-02)
1	104.16.132.24 104.16.132.24	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.130.133 151.101.130.133	54113 (FASTLY) (FASTLY)
1	172.67.75.166 172.67.75.166	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	13.248.139.42 13.248.139.42	16509 (AMAZON-02) (AMAZON-02)
10	18.195.154.142 18.195.154.142	16509 (AMAZON-02) (AMAZON-02)
1	13.225.78.26 13.225.78.26	16509 (AMAZON-02) (AMAZON-02)
3	143.204.215.52 143.204.215.52	16509 (AMAZON-02) (AMAZON-02)
15	192.229.221.25 192.229.221.25	15133 (EDGECAST) (EDGECAST)
1 2	64.4.245.84 64.4.245.84	() ()
130	40

1 107.20.71.201 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-20-71-201.compute-1.amazonaws.com

link.duluthnewstribune.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 107.154.76.234 (District Heights, United States)

ASN19551 (INCAPSULA, US)
PTR: 107.154.76.234.ip.incapdns.net

subscribe.duluthnewstribune.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:200::485 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:802::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:80d::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.207.119 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-207-119.fra53.r.cloudfront.net

cdn.auth0.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:800::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:2800:233:1cb7:261b:1f9c:2074:3c (United States)

ASN15133 (EDGECAST, US)

loader-cdn.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.wgchrrammzv.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.mircheigeshoa.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.godiciardstia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f02d:12:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:400d:806::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.166 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f6.1e100.net

8975227.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:4600:1b:e643:4ac0:93a1 (United States)

ASN16509 (AMAZON-02, US)

scripts.attributionapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:116b (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.confiant-integrations.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400c:c00::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.221.251.148 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-221-251-148.compute-1.amazonaws.com

track.attributionapp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:80e::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2104:7800:1d:8f09:740:93a1 (United States)

ASN16509 (AMAZON-02, US)

login.forumcomm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.32.110.66 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-66.vie50.r.cloudfront.net

js.braintreegateway.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.65.39.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-65-39-24.ams1.r.cloudfront.net

static.forumcomm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.66.51 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-51.fra56.r.cloudfront.net

cdn.us.auth0.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:600::282 (United States)

ASN54113 (FASTLY, US)

polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:806::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:804::2002 (Ireland)

ASN15169 (GOOGLE, US)

pubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:2800:133:206e:1315:22a5:2006:24fd (United States)

ASN15133 (EDGECAST, US)

az416426.vo.msecnd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 52.216.129.141 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.132.24 (None, )

ASN13335 (CLOUDFLARENET, US)

bloximages.chicago2.vip.townnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.130.133 (United States)

ASN54113 (FASTLY, US)

www.paypalobjects.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.67.75.166 (United States)

ASN13335 (CLOUDFLARENET, US)

api-mg2.db-ip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.248.139.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: ae1d37305401c759d.awsglobalaccelerator.com

payments.braintree-api.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 18.195.154.142 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-154-142.eu-central-1.compute.amazonaws.com

client-analytics.braintreegateway.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.225.78.26 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-26.fra2.r.cloudfront.net

checkout.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.215.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-52.fra53.r.cloudfront.net

assets.braintreegateway.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 192.229.221.25 (United States)

ASN15133 (EDGECAST, US)

www.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
t.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c6.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 64.4.245.84 (None, ) 1 redirects

ASN- ()

b.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dub.stats.paypal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
19	duluthnewstribune.com 1 redirects link.duluthnewstribune.com subscribe.duluthnewstribune.com	388 KB
18	paypal.com 1 redirects checkout.paypal.com — Cisco Umbrella Rank: 14523 www.paypal.com — Cisco Umbrella Rank: 2392 t.paypal.com — Cisco Umbrella Rank: 3176 c.paypal.com — Cisco Umbrella Rank: 5826 b.stats.paypal.com dub.stats.paypal.com c6.paypal.com	342 KB
16	braintreegateway.com js.braintreegateway.com — Cisco Umbrella Rank: 7624 client-analytics.braintreegateway.com — Cisco Umbrella Rank: 8525 assets.braintreegateway.com — Cisco Umbrella Rank: 17113	150 KB
10	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 21 region1.google-analytics.com — Cisco Umbrella Rank: 2456	40 KB
9	google.com www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 70	43 KB
7	amazonaws.com s3.amazonaws.com	42 KB
7	doubleclick.net 1 redirects 8975227.fls.doubleclick.net — Cisco Umbrella Rank: 142690 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 pubads.g.doubleclick.net — Cisco Umbrella Rank: 429	3 KB
7	gstatic.com fonts.gstatic.com www.gstatic.com	398 KB
5	google.de www.google.de — Cisco Umbrella Rank: 5986 adservice.google.de — Cisco Umbrella Rank: 8741	1 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34 maps.googleapis.com — Cisco Umbrella Rank: 361	190 KB
4	auth0.com cdn.auth0.com — Cisco Umbrella Rank: 8212 cdn.us.auth0.com — Cisco Umbrella Rank: 275686	272 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 40	205 KB
2	braintree-api.com payments.braintree-api.com — Cisco Umbrella Rank: 9500	2 KB
2	forumcomm.com login.forumcomm.com static.forumcomm.com — Cisco Umbrella Rank: 108862	14 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	239 B
2	confiant-integrations.net cdn.confiant-integrations.net — Cisco Umbrella Rank: 1347	93 KB
2	attributionapp.com scripts.attributionapp.com — Cisco Umbrella Rank: 75341 track.attributionapp.com — Cisco Umbrella Rank: 61406	50 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 146	136 KB
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 359	18 KB
1	db-ip.com api-mg2.db-ip.com — Cisco Umbrella Rank: 22694	769 B
1	paypalobjects.com www.paypalobjects.com — Cisco Umbrella Rank: 2284	2 KB
1	townnews.com bloximages.chicago2.vip.townnews.com — Cisco Umbrella Rank: 18312	2 KB
1	godiciardstia.com cdn.godiciardstia.com — Cisco Umbrella Rank: 48934	48 KB
1	mircheigeshoa.com cdn.mircheigeshoa.com — Cisco Umbrella Rank: 48158	21 KB
1	msecnd.net az416426.vo.msecnd.net — Cisco Umbrella Rank: 2032	22 KB
1	wgchrrammzv.com cdn.wgchrrammzv.com — Cisco Umbrella Rank: 35842	2 KB
1	polyfill.io polyfill.io — Cisco Umbrella Rank: 1353	629 B
1	azureedge.net loader-cdn.azureedge.net — Cisco Umbrella Rank: 25660	12 KB
130	28

	Domain	Requested by
18	subscribe.duluthnewstribune.com	subscribe.duluthnewstribune.com
10	client-analytics.braintreegateway.com	js.braintreegateway.com assets.braintreegateway.com
8	www.paypal.com	js.braintreegateway.com www.paypal.com
8	www.google.com	subscribe.duluthnewstribune.com www.gstatic.com www.google.com
8	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com subscribe.duluthnewstribune.com
7	s3.amazonaws.com	subscribe.duluthnewstribune.com
5	c.paypal.com	www.paypal.com c.paypal.com
4	www.gstatic.com	www.google.com www.gstatic.com
4	www.google.de	subscribe.duluthnewstribune.com
4	stats.g.doubleclick.net	www.google-analytics.com
4	maps.googleapis.com	subscribe.duluthnewstribune.com maps.googleapis.com
3	assets.braintreegateway.com	js.braintreegateway.com
3	js.braintreegateway.com	subscribe.duluthnewstribune.com
3	fonts.gstatic.com	fonts.googleapis.com www.google.com
3	cdn.auth0.com	subscribe.duluthnewstribune.com cdn.auth0.com
3	www.googletagmanager.com	subscribe.duluthnewstribune.com www.googletagmanager.com cdn.godiciardstia.com
2	payments.braintree-api.com	js.braintreegateway.com
2	region1.google-analytics.com	www.googletagmanager.com
2	www.facebook.com	subscribe.duluthnewstribune.com
2	cdn.confiant-integrations.net	www.googletagmanager.com cdn.confiant-integrations.net
2	8975227.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	connect.facebook.net	subscribe.duluthnewstribune.com connect.facebook.net
2	cdn.jsdelivr.net	subscribe.duluthnewstribune.com
1	c6.paypal.com
1	dub.stats.paypal.com	www.paypal.com
1	b.stats.paypal.com	1 redirects
1	t.paypal.com
1	checkout.paypal.com	js.braintreegateway.com
1	api-mg2.db-ip.com	cdn.mircheigeshoa.com
1	www.paypalobjects.com	subscribe.duluthnewstribune.com
1	bloximages.chicago2.vip.townnews.com	subscribe.duluthnewstribune.com
1	cdn.godiciardstia.com	loader-cdn.azureedge.net
1	cdn.mircheigeshoa.com	loader-cdn.azureedge.net
1	az416426.vo.msecnd.net	loader-cdn.azureedge.net
1	cdn.wgchrrammzv.com	loader-cdn.azureedge.net
1	pubads.g.doubleclick.net	subscribe.duluthnewstribune.com
1	polyfill.io	loader-cdn.azureedge.net
1	cdn.us.auth0.com	cdn.auth0.com
1	static.forumcomm.com	subscribe.duluthnewstribune.com
1	login.forumcomm.com	cdn.auth0.com
1	adservice.google.de	adservice.google.com
1	adservice.google.com	8975227.fls.doubleclick.net
1	track.attributionapp.com	scripts.attributionapp.com
1	scripts.attributionapp.com	subscribe.duluthnewstribune.com
1	loader-cdn.azureedge.net	subscribe.duluthnewstribune.com
1	fonts.googleapis.com	subscribe.duluthnewstribune.com
1	link.duluthnewstribune.com	1 redirects
130	47

This site contains links to these domains. Also see Links.

Domain
www.duluthnewstribune.com
www.facebook.com
twitter.com
www.instagram.com
apps.apple.com
play.google.com

Subject Issuer	Validity	Valid
*.inforum.com Go Daddy Secure Certificate Authority - G2	`2022-08-01` - `2023-09-02`	a year	crt.sh
jsdelivr.net GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-23` - `2024-01-24`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.auth0.com Amazon	`2022-03-26` - `2023-04-24`	a year	crt.sh
*.vo.msecnd.net DigiCert SHA2 Secure Server CA	`2022-10-25` - `2023-10-25`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-11-08` - `2023-02-06`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.attributionapp.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-14` - `2023-03-16`	a year	crt.sh
*.confiant-integrations.net GTS CA 1P5	`2023-01-27` - `2023-04-27`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
track.attributionapp.com R3	`2023-01-13` - `2023-04-13`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-01-09` - `2023-04-03`	3 months	crt.sh
*.forumcomm.com Amazon	`2022-11-07` - `2023-12-06`	a year	crt.sh
checkout.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-07-28` - `2023-08-28`	a year	crt.sh
static.forumcomm.com Amazon	`2022-11-15` - `2023-12-13`	a year	crt.sh
*.us.auth0.com Amazon	`2022-04-25` - `2023-05-24`	a year	crt.sh
polyfill.io GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-10` - `2024-01-11`	a year	crt.sh
sni2bf2bgl.wpc.edgecastcdn.net DigiCert TLS RSA SHA256 2020 CA1	`2022-10-31` - `2023-11-02`	a year	crt.sh
sni2bf2fgl.wpc.edgecastcdn.net DigiCert TLS RSA SHA256 2020 CA1	`2022-10-31` - `2023-11-02`	a year	crt.sh
sni2bf2egl.wpc.edgecastcdn.net DigiCert TLS RSA SHA256 2020 CA1	`2022-10-31` - `2023-11-02`	a year	crt.sh
s3.amazonaws.com Amazon RSA 2048 M01	`2022-12-06` - `2023-12-05`	a year	crt.sh
bloximages.chicago2.vip.townnews.com GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1	`2022-03-11` - `2023-04-11`	a year	crt.sh
www.paypalobjects.com DigiCert SHA2 Extended Validation Server CA	`2022-10-13` - `2023-11-13`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-05-17` - `2023-05-17`	a year	crt.sh
payments.braintree-api.com DigiCert SHA2 Extended Validation Server CA	`2022-09-15` - `2023-10-16`	a year	crt.sh
client-analytics.braintreegateway.com DigiCert SHA2 High Assurance Server CA	`2022-03-16` - `2023-04-16`	a year	crt.sh
www.paypal.com DigiCert SHA2 Extended Validation Server CA	`2022-11-09` - `2023-12-10`	a year	crt.sh

This page contains 14 frames:

Primary Page: https://subscribe.duluthnewstribune.com/?ofrgp_id=862%2C863&?utm_market=duluthnewstribune&utm_source=email&utm_medium=promo_send&utm_campaign=2_dollars_for_6_months_jan_23&utm_content=6_months_2_dollar_offer_promo_1_am_01302023&utm_term=duluthnewstribune_promo_nonmember
Frame ID: A8B33B68E1E8BFA9F6DDE01912CD6F88
Requests: 95 HTTP requests in this frame

Frame: https://8975227.fls.doubleclick.net/activityi;dc_pre=COfU653e7_wCFQqXmgoddDIIAw;src=8975227;type=invmedia;cat=dulut0;ord=4804010679696;gtm=2wg1p0;auiddc=1183007041.1675096901;~oref=https%3A%2F%2Fsubscribe.duluthnewstribune.com%2F%3Fofrgp_id%3D862%252C863%26%3Futm_market%3Dduluthnewstribune%26utm_source%3Demail%26utm_medium%3Dpromo_send%26utm_campaign%3D2_dollars_for_6_months_jan_23%26utm_content%3D6_months_2_dollar_offer_promo_1_am_01302023%26utm_term%3Dduluthnewstribune_promo_nonmember
Frame ID: 78F4DA3B2FEFD60F18614962C62793B0
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=COfU653e7_wCFQqXmgoddDIIAw;src=8975227;type=invmedia;cat=dulut0;ord=4804010679696;gtm=2wg1p0;auiddc=1183007041.1675096901;~oref=https%3A%2F%2Fsubscribe.duluthnewstribune.com%2F%3Fofrgp_id%3D862%252C863%26%3Futm_market%3Dduluthnewstribune%26utm_source%3Demail%26utm_medium%3Dpromo_send%26utm_campaign%3D2_dollars_for_6_months_jan_23%26utm_content%3D6_months_2_dollar_offer_promo_1_am_01302023%26utm_term%3Dduluthnewstribune_promo_nonmember
Frame ID: 62EB3A14EC014558370779F2251CCEE7
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=COfU653e7_wCFQqXmgoddDIIAw;src=8975227;type=invmedia;cat=dulut0;ord=4804010679696;gtm=2wg1p0;auiddc=1183007041.1675096901;~oref=https%3A%2F%2Fsubscribe.duluthnewstribune.com%2F%3Fofrgp_id%3D862%252C863%26%3Futm_market%3Dduluthnewstribune%26utm_source%3Demail%26utm_medium%3Dpromo_send%26utm_campaign%3D2_dollars_for_6_months_jan_23%26utm_content%3D6_months_2_dollar_offer_promo_1_am_01302023%26utm_term%3Dduluthnewstribune_promo_nonmember
Frame ID: E438C5540A8C06C5F41745E7476A5790
Requests: 1 HTTP requests in this frame

Frame: https://login.forumcomm.com/authorize?client_id=GO9zp0OgwGlShDT4ahD4DvgXbO7Mv6cJ&response_type=token&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fsubscribe.duluthnewstribune.com&state=y7ZMdCw1Sv-jU.sRFbJPI03AlloI5v6V&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xMS4zIn0%3D
Frame ID: 4123A6FE18F7AB0B1DBDCDB8A6F34A48
Requests: 1 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc_R8QcAAAAANg5O-hZ4xZUc2xGnhxcC4N5w4T0&co=aHR0cHM6Ly9zdWJzY3JpYmUuZHVsdXRobmV3c3RyaWJ1bmUuY29tOjQ0Mw..&hl=de&v=RGRQD9tdxHtnt-Bxkx9pM75S&size=invisible&badge=bottomleft&cb=3gp7u4numzq8
Frame ID: F107AA06F9545479842BE72E04BD8766
Requests: 8 HTTP requests in this frame

Frame: https://checkout.paypal.com/web/3.85.2/html/dispatch-frame.min.html
Frame ID: 6E1A59129F022834970B1350478445BC
Requests: 1 HTTP requests in this frame

Frame: https://assets.braintreegateway.com/web/3.85.2/html/hosted-fields-frame.min.html
Frame ID: E9299402B354CBDDC65FAB19B2F9F4FE
Requests: 2 HTTP requests in this frame

Frame: https://assets.braintreegateway.com/web/3.85.2/html/hosted-fields-frame.min.html
Frame ID: 0D5BEB2CF5AE75FAEB0DA9B3DAE0CDC2
Requests: 1 HTTP requests in this frame

Frame: https://assets.braintreegateway.com/web/3.85.2/html/hosted-fields-frame.min.html
Frame ID: 56BDB49012A9E7F0BB579B5FFEB5F734
Requests: 1 HTTP requests in this frame

Frame: https://www.paypal.com/smart/buttons?fundingSource=paypal&style.label=paypal&style.layout=horizontal&style.color=gold&style.shape=pill&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.350&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMmY3VycmVuY3k9VVNEJnZhdWx0PXRydWUmaW50ZW50PXRva2VuaXplJmNsaWVudC1pZD1BYlpsZlN1YUF3c0VfNG9JR0J2Tlk2YTRLWUZJS3otQXh3d2V1NlVVbGJOdWNtTFhycmFCYzBaZzZxamoybU1CR3F0WHpMcmMtY2l0MHpDRyIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX21hc3V1Z2RwaGJld3pmd2lzZ3hoZmh2Ym13cmpoaiJ9fQ&clientID=AbZlfSuaAwsE_4oIGBvNY6a4KYFIKz-Axwweu6UUlbNucmLXrraBc0Zg6qjj2mMBGqtXzLrc-cit0zCG&sdkCorrelationID=074a9a938a3b2&storageID=uid_31fa114906_mty6nde6ndu&sessionID=uid_74b7d21d31_mty6nde6ndu&buttonSessionID=uid_29157670d3_mty6nde6ndu&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOnRydWUsImluc3RhbGxtZW50cyI6ZmFsc2UsInZlbmRvcnMiOnsidmlzYSI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwibWFzdGVyY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiYW1leCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGlzY292ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJoaXBlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJlbG8iOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJqY2IiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9fSwiZ3Vlc3RFbmFibGVkIjpmYWxzZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOmZhbHNlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ6aW1wbGVyIjp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1heGltYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=billing_setup&currency=USD&intent=tokenize&commit=true&vault=true&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
Frame ID: CE8BB94A1116C5DA07047468B275ECAD
Requests: 6 HTTP requests in this frame

Frame: data://truncated
Frame ID: B048128D42C67627E129F0FA530FCCD5
Requests: 1 HTTP requests in this frame

Frame: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
Frame ID: 4396ABB8052B5F22D1D858F4ECF169EB
Requests: 5 HTTP requests in this frame

Frame: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_74b7d21d31_mty6nde6ndu&s=SMART_PAYMENT_BUTTONS
Frame ID: F8D95E18227CD6538A78F0F9BA17F1A9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Duluth News Tribune

Page URL History Show full URLs

https://link.duluthnewstribune.com/click/30371758.81400/aHR0cHM6Ly9zdWJzY3JpYmUuZHVsdXRobmV3c3RyaWJ1bmUuY29tLz9... HTTP 302
https://subscribe.duluthnewstribune.com/?ofrgp_id=862%2C863&?utm_market=duluthnewstribune&utm_source=email&utm_mediu... Page URL

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Braintree (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.braintreegateway\.com

PayPal (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

paypalobjects\.com

Auth0 (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/auth0(?:-js)?/([\d.]+)/auth0(?:.min)?\.js

Auth0 Lock (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

/lock/([\d.]+)/lock(?:.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Imperva (Security) Expand

Overall confidence: 100%
Detected patterns

/_Incapsula_Resource

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

130
Requests

99 %
HTTPS

55 %
IPv6

28
Domains

47
Subdomains

40
IPs

5
Countries

2495 kB
Transfer

8374 kB
Size

31
Cookies

9 Outgoing links

These are links going to different origins than the main page.

URL: https://www.duluthnewstribune.com/

Search URL Search Domain Scan URL

URL: https://www.duluthnewstribune.com/terms/
Title: Terms and Conditions

Search URL Search Domain Scan URL

URL: https://www.duluthnewstribune.com/newsletter
Title: Sign up for Newsletters

Search URL Search Domain Scan URL

URL: https://www.duluthnewstribune.com/account/e-paper
Title: Read the e-paper

Search URL Search Domain Scan URL

URL: https://www.facebook.com/duluthnews/

Search URL Search Domain Scan URL

URL: https://twitter.com/duluthnews

Search URL Search Domain Scan URL

URL: https://www.instagram.com/duluthnews/

Search URL Search Domain Scan URL

URL: https://apps.apple.com/us/app/duluth-news-tribune/id1494367136

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.whiz.duluthnewstribune

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://link.duluthnewstribune.com/click/30371758.81400/aHR0cHM6Ly9zdWJzY3JpYmUuZHVsdXRobmV3c3RyaWJ1bmUuY29tLz9vZnJncF9pZD04NjIlMkM4NjMmP3V0bV9tYXJrZXQ9ZHVsdXRobmV3c3RyaWJ1bmUmdXRtX3NvdXJjZT1lbWFpbCZ1dG1fbWVkaXVtPXByb21vX3NlbmQmdXRtX2NhbXBhaWduPTJfZG9sbGFyc19mb3JfNl9tb250aHNfamFuXzIzJnV0bV9jb250ZW50PTZfbW9udGhzXzJfZG9sbGFyX29mZmVyX3Byb21vXzFfYW1fMDEzMDIwMjM/6079d208caa652008f559453B15863b42 HTTP 302
https://subscribe.duluthnewstribune.com/?ofrgp_id=862%2C863&?utm_market=duluthnewstribune&utm_source=email&utm_medium=promo_send&utm_campaign=2_dollars_for_6_months_jan_23&utm_content=6_months_2_dollar_offer_promo_1_am_01302023&utm_term=duluthnewstribune_promo_nonmember Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 16

https://8975227.fls.doubleclick.net/activityi;src=8975227;type=invmedia;cat=dulut0;ord=4804010679696;gtm=2wg1p0;auiddc=1183007041.1675096901;~oref=https%3A%2F%2Fsubscribe.duluthnewstribune.com%2F%3Fofrgp_id%3D862%252C863%26%3Futm_market%3Dduluthnewstribune%26utm_source%3Demail%26utm_medium%3Dpromo_send%26utm_campaign%3D2_dollars_for_6_months_jan_23%26utm_content%3D6_months_2_dollar_offer_promo_1_am_01302023%26utm_term%3Dduluthnewstribune_promo_nonmember HTTP 302
https://8975227.fls.doubleclick.net/activityi;dc_pre=COfU653e7_wCFQqXmgoddDIIAw;src=8975227;type=invmedia;cat=dulut0;ord=4804010679696;gtm=2wg1p0;auiddc=1183007041.1675096901;~oref=https%3A%2F%2Fsubscribe.duluthnewstribune.com%2F%3Fofrgp_id%3D862%252C863%26%3Futm_market%3Dduluthnewstribune%26utm_source%3Demail%26utm_medium%3Dpromo_send%26utm_campaign%3D2_dollars_for_6_months_jan_23%26utm_content%3D6_months_2_dollar_offer_promo_1_am_01302023%26utm_term%3Dduluthnewstribune_promo_nonmember

Request Chain 125

https://b.stats.paypal.com/v2/counter.cgi?p=uid_74b7d21d31_mty6nde6ndu&s=SMART_PAYMENT_BUTTONS HTTP 302
https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_74b7d21d31_mty6nde6ndu&s=SMART_PAYMENT_BUTTONS

130 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
subscribe.duluthnewstribune.com/
Redirect Chain

https://link.duluthnewstribune.com/click/30371758.81400/aHR0cHM6Ly9zdWJzY3JpYmUuZHVsdXRobmV3c3RyaWJ1bmUuY29tLz9vZnJncF9pZD04NjIlMkM4NjMmP3V0bV9tYXJrZXQ9ZHVsdXRobmV3c3RyaWJ1bmUmdXRtX3NvdXJjZT1lbWFpb...
https://subscribe.duluthnewstribune.com/?ofrgp_id=862%2C863&?utm_market=duluthnewstribune&utm_source=email&utm_medium=promo_send&utm_campaign=2_dollars_for_6_months_jan_23&utm_content=6_months_2_do...

526 KB
59 KB

648ms
446ms

Document
text/html

107.154.76.234
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL

https://subscribe.duluthnewstribune.com/?ofrgp_id=862%2C863&?utm_market=duluthnewstribune&utm_source=email&utm_medium=promo_send&utm_campaign=2_dollars_for_6_months_jan_23&utm_content=6_months_2_dollar_offer_promo_1_am_01302023&utm_term=duluthnewstribune_promo_nonmember

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

107.154.76.234 District Heights, United States, ASN19551 (INCAPSULA, US),

Reverse DNS

107.154.76.234.ip.incapdns.net

Software

Microsoft-IIS/10.0 / ASP.NET

Resource Hash

7ef953ff524169d26b6573ef24c57500074953bb56cbb3717443867aaccff9ba

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors .subconadmin.com https://.subconadmin.com .mg2cms.com https://.mg2cms.com

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-security-policy: frame-ancestors *.subconadmin.com https://*.subconadmin.com *.mg2cms.com https://*.mg2cms.com
content-type: text/html; charset=utf-8
date: Mon, 30 Jan 2023 16:41:39 GMT
server: Microsoft-IIS/10.0
vary: Accept-Encoding
x-cdn: Imperva
x-host-name: AWSPRDWEB11
x-iinfo: 11-45574557-45574563 NNNN CT(127 193 0) RT(1675096899204 16) q(0 0 3 1) r(4 4) U5
x-powered-by: ASP.NET
x-sp-host-name: AWSPRDWEB11

Redirect headers

connection: close
content-length: 0
content-type: text/html; charset=UTF-8
date: Mon, 30 Jan 2023 16:41:39 GMT
location: https://subscribe.duluthnewstribune.com/?ofrgp_id=862%2C863&?utm_market=duluthnewstribune&utm_source=email&utm_medium=promo_send&utm_campaign=2_dollars_for_6_months_jan_23&utm_content=6_months_2_dollar_offer_promo_1_am_01302023&utm_term=duluthnewstribune_promo_nonmember
server: Sailthru
x-robots-tag: noindex

GET
H2 200 flatpickr.min.css
cdn.jsdelivr.net/npm/flatpickr/dist/ 16 KB
3 KB 64ms
7ms Stylesheet
text/css 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/flatpickr/dist/flatpickr.min.css

Requested by

Host: subscribe.duluthnewstribune.com
URL: https://subscribe.duluthnewstribune.com/?ofrgp_id=862%2C863&?utm_market=duluthnewstribune&utm_source=email&utm_medium=promo_send&utm_campaign=2_dollars_for_6_months_jan_23&utm_content=6_months_2_dollar_offer_promo_1_am_01302023&utm_term=duluthnewstribune_promo_nonmember

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1b34a42552c96f10e4dfaaa4a367276b03868aacff63c1ac42ffe331352bc754

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscribe.duluthnewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 30 Jan 2023 16:41:40 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 11776
x-jsd-version: 4.6.13
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 3035
x-served-by: cache-fra-eddf8230089-FRA
x-jsd-version-type: version
etag: W/"3f26-J8BN8VjBcy9mnostEH/TFP6t00A"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 flatpickr Show response
cdn.jsdelivr.net/npm/ 49 KB
14 KB 65ms
8ms Script
application/javascript 2a04:4e42:200::485
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/flatpickr

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::485 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

1eeab1cb779471a0b0aaa93dd91c2eb1aa537d696f01ab05ea9dabc55e8525a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscribe.duluthnewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Mon, 30 Jan 2023 16:41:40 GMT
x-content-type-options: nosniff
content-encoding: gzip
age: 14506
x-jsd-version: 4.6.13
x-cache: HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 14501
x-served-by: cache-fra-eddf8230089-FRA
x-jsd-version-type: version
etag: W/"c5f7-fVv7+SYe2JucqEJIf3pkZJZHRLk"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 bootstrap.css
subscribe.duluthnewstribune.com/styles/ 118 KB
20 KB 215ms
215ms Stylesheet
text/css 107.154.76.234
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://subscribe.duluthnewstribune.com/styles/bootstrap.css
Requested by: Host: subscribe.duluthnewstribune.com
URL: https://subscribe.duluthnewstribune.com/?ofrgp_id=862%2C863&?utm_market=duluthnewstribune&utm_source=email&utm_medium=promo_send&utm_campaign=2_dollars_for_6_months_jan_23&utm_content=6_months_2_dollar_offer_promo_1_am_01302023&utm_term=duluthnewstribune_promo_nonmember
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.76.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.76.234.ip.incapdns.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 09cff25adf02e25fcdaac9140d0cfcf36060315f16e71031056b5570c6551a03

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscribe.duluthnewstribune.com/?ofrgp_id=862%2C863&?utm_market=duluthnewstribune&utm_source=email&utm_medium=promo_send&utm_campaign=2_dollars_for_6_months_jan_23&utm_content=6_months_2_dollar_offer_promo_1_am_01302023&utm_term=duluthnewstribune_promo_nonmember
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 16:41:40 GMT
content-encoding: gzip
last-modified: Wed, 12 Oct 2022 13:07:32 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
x-sp-host-name: AWSPRDWEB11
etag: W/"1d6c9-183cc4eae20"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
x-iinfo: 11-45574557-45574674 NNNY CT(97 198 0) RT(1675096899204 561) q(0 0 0 -1) r(1 2) U5
cache-control: public, max-age=2592000
x-host-name: AWSPRDWEB11
accept-ranges: bytes

GET
H2 200 alertify.min.css
subscribe.duluthnewstribune.com/styles/ 20 KB
4 KB 120ms
120ms Stylesheet
text/css 107.154.76.234
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://subscribe.duluthnewstribune.com/styles/alertify.min.css
Requested by: Host: subscribe.duluthnewstribune.com
URL: https://subscribe.duluthnewstribune.com/?ofrgp_id=862%2C863&?utm_market=duluthnewstribune&utm_source=email&utm_medium=promo_send&utm_campaign=2_dollars_for_6_months_jan_23&utm_content=6_months_2_dollar_offer_promo_1_am_01302023&utm_term=duluthnewstribune_promo_nonmember
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.76.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.76.234.ip.incapdns.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: b16536ac8f4dc22595142244daba17fd653cbeb18ab213d5e73a07df55f78264

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscribe.duluthnewstribune.com/?ofrgp_id=862%2C863&?utm_market=duluthnewstribune&utm_source=email&utm_medium=promo_send&utm_campaign=2_dollars_for_6_months_jan_23&utm_content=6_months_2_dollar_offer_promo_1_am_01302023&utm_term=duluthnewstribune_promo_nonmember
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 16:41:40 GMT
content-encoding: gzip
last-modified: Wed, 12 Oct 2022 13:07:32 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
x-sp-host-name: AWSPRDWEB11
etag: W/"509f-183cc4eae20"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
x-iinfo: 11-45574557-45574676 NNNY CT(96 196 0) RT(1675096899204 566) q(0 0 0 -1) r(1 1) U5
cache-control: public, max-age=2592000
x-host-name: AWSPRDWEB11
accept-ranges: bytes

GET
H2 200 style_simple.css
subscribe.duluthnewstribune.com/styles/ 135 KB
22 KB 131ms
130ms Stylesheet
text/css 107.154.76.234
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://subscribe.duluthnewstribune.com/styles/style_simple.css?dateStamp=1665593879000
Requested by: Host: subscribe.duluthnewstribune.com
URL: https://subscribe.duluthnewstribune.com/?ofrgp_id=862%2C863&?utm_market=duluthnewstribune&utm_source=email&utm_medium=promo_send&utm_campaign=2_dollars_for_6_months_jan_23&utm_content=6_months_2_dollar_offer_promo_1_am_01302023&utm_term=duluthnewstribune_promo_nonmember
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.76.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.76.234.ip.incapdns.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7b6b21c3940c64005b788c31f0b332e032ee4623155a1706dcf19c1263b5ac8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscribe.duluthnewstribune.com/?ofrgp_id=862%2C863&?utm_market=duluthnewstribune&utm_source=email&utm_medium=promo_send&utm_campaign=2_dollars_for_6_months_jan_23&utm_content=6_months_2_dollar_offer_promo_1_am_01302023&utm_term=duluthnewstribune_promo_nonmember
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 16:41:40 GMT
content-encoding: gzip
last-modified: Wed, 12 Oct 2022 13:07:32 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
x-sp-host-name: AWSPRDWEB11
etag: W/"21d92-183cc4eae20"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
x-iinfo: 11-45574557-45574678 NNNY CT(96 195 0) RT(1675096899204 572) q(0 0 0 -1) r(1 1) U5
cache-control: public, max-age=2592000
x-host-name: AWSPRDWEB11
accept-ranges: bytes

GET
H2 200 css2
fonts.googleapis.com/ 3 KB
920 B 105ms
43ms Stylesheet
text/css 2a00:1450:400d:802::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Rokkitt:wght@400;700;900&display=swap

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7a66f21721f4518d1ff299c661e3b857092b0c38ad9f8bc4a37ecbd15e87dbf3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscribe.duluthnewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Mon, 30 Jan 2023 16:41:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 16:41:40 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 30 Jan 2023 16:41:40 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 221 KB
77 KB 110ms
48ms Script
application/javascript 2a00:1450:400d:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5VHGMKS

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cd2f63b83f84985f79d8539a5f6964a3b4e8843370b86306620869074f1bc816

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscribe.duluthnewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 16:41:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 78778
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 30 Jan 2023 16:41:40 GMT

GET
H2 200 auth0.min.js Show response
cdn.auth0.com/js/auth0/9.11/ 138 KB
37 KB 72ms
10ms Script
application/javascript 143.204.207.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.auth0.com/js/auth0/9.11/auth0.min.js
Requested by: Host: subscribe.duluthnewstribune.com
URL: https://subscribe.duluthnewstribune.com/?ofrgp_id=862%2C863&?utm_market=duluthnewstribune&utm_source=email&utm_medium=promo_send&utm_campaign=2_dollars_for_6_months_jan_23&utm_content=6_months_2_dollar_offer_promo_1_am_01302023&utm_term=duluthnewstribune_promo_nonmember
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-119.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 2ae5aed8aab32ad79a23003eee65fec603ddbeed83b296ba4735ff840e12b005

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscribe.duluthnewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: aSext1FIqk1MhYvH8ktwHiqmr.lxzw4N
content-encoding: gzip
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
date: Mon, 30 Jan 2023 15:02:36 GMT
last-modified: Mon, 05 Aug 2019 03:28:22 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 5944
etag: W/"8aaeb19bcc97ce84037e05d32a8214b1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=10800,public
x-amz-replication-status: COMPLETED
x-amz-cf-id: rK9yDf-0ZJBr80CY4y3UDnJKQ0uwlU5vMWsniGAdVo_FJxAlQhQXPg==

GET
H2 200 lock.min.js Show response
cdn.auth0.com/js/lock/11.25/ 816 KB
230 KB 78ms
17ms Script
application/javascript 143.204.207.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.auth0.com/js/lock/11.25/lock.min.js
Requested by: Host: subscribe.duluthnewstribune.com
URL: https://subscribe.duluthnewstribune.com/?ofrgp_id=862%2C863&?utm_market=duluthnewstribune&utm_source=email&utm_medium=promo_send&utm_campaign=2_dollars_for_6_months_jan_23&utm_content=6_months_2_dollar_offer_promo_1_am_01302023&utm_term=duluthnewstribune_promo_nonmember
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-119.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0c66c855006ab2ae4f702be94152ccc855d729ee985a3676d7e046763430e431

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscribe.duluthnewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: b6t533h85wWWf7_z_bLRmFxvZTyg8KX4
content-encoding: gzip
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
date: Mon, 30 Jan 2023 13:52:12 GMT
last-modified: Tue, 14 Jul 2020 10:52:03 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 10346
etag: W/"787121ba6999ff8d3156411e5d29542c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=10800,public
x-amz-replication-status: COMPLETED
x-amz-cf-id: EILgnUXpgiNCwBUgKx41LRWMLi4jAjQ5xBqkvOJG3fR40nmgCwHcXw==

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 166 KB
55 KB 65ms
40ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyCu2stHA_Wgp5c31U3hCuMMMr0Bw5E6dyo&libraries=places

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

mafe /

Resource Hash

4ae104b640aede82496b9e34d9a59c2e0f33d5d2ca1f264cb0ab23fd3f2372fa

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscribe.duluthnewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 16:41:40 GMT
content-encoding: gzip
server: mafe
vary: Accept-Language
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
server-timing: gfet4t7; dur=31
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 55664
x-xss-protection: 0
expires: Mon, 30 Jan 2023 17:11:40 GMT

GET
H2 200 build.js Show response
subscribe.duluthnewstribune.com/build/ 905 KB
212 KB 137ms
136ms Script
application/javascript 107.154.76.234
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://subscribe.duluthnewstribune.com/build/build.js?dateStamp=1665593879000
Requested by: Host: subscribe.duluthnewstribune.com
URL: https://subscribe.duluthnewstribune.com/?ofrgp_id=862%2C863&?utm_market=duluthnewstribune&utm_source=email&utm_medium=promo_send&utm_campaign=2_dollars_for_6_months_jan_23&utm_content=6_months_2_dollar_offer_promo_1_am_01302023&utm_term=duluthnewstribune_promo_nonmember
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.76.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.76.234.ip.incapdns.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 443ae6d19eccb96c833d38664cc77797a6e37b9c3939c08161aebb02f6138cf2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscribe.duluthnewstribune.com/?ofrgp_id=862%2C863&?utm_market=duluthnewstribune&utm_source=email&utm_medium=promo_send&utm_campaign=2_dollars_for_6_months_jan_23&utm_content=6_months_2_dollar_offer_promo_1_am_01302023&utm_term=duluthnewstribune_promo_nonmember
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 16:41:40 GMT
content-encoding: gzip
last-modified: Wed, 12 Oct 2022 13:07:30 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
x-sp-host-name: AWSPRDWEB11
etag: W/"e25f2-183cc4ea650"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
x-iinfo: 11-45574557-45574563 PNNN RT(1675096899204 856) q(0 0 0 -1) r(1 1) U5
cache-control: public, max-age=2592000
x-host-name: AWSPRDWEB11
accept-ranges: bytes

GET
H2 200 loader.min.js Show response
loader-cdn.azureedge.net/prod/forum/ 42 KB
12 KB 106ms
8ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://loader-cdn.azureedge.net/prod/forum/loader.min.js
Requested by: Host: subscribe.duluthnewstribune.com
URL: https://subscribe.duluthnewstribune.com/?ofrgp_id=862%2C863&?utm_market=duluthnewstribune&utm_source=email&utm_medium=promo_send&utm_campaign=2_dollars_for_6_months_jan_23&utm_content=6_months_2_dollar_offer_promo_1_am_01302023&utm_term=duluthnewstribune_promo_nonmember
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CD4) /
Resource Hash: 9df8b934c46e43688d69296a2d49a0f29ef40a15394ab4be7a48ee800d06e731

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscribe.duluthnewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 30 Jan 2023 16:41:40 GMT
content-encoding: gzip
content-md5: BMw4JDF2Cf21CoeljLr35A==
age: 24492
x-cache: HIT
content-length: 12028
x-ms-lease-status: unlocked
last-modified: Wed, 02 Nov 2022 08:02:08 GMT
server: ECAcc (frc/4CD4)
etag: 0x8DABCA88A64FB44
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 8473f13a-701e-0004-7190-347ab9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 _Incapsula_Resource Show response
subscribe.duluthnewstribune.com/ 143 KB
20 KB 18ms
17ms Script
application/javascript 107.154.76.234
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://subscribe.duluthnewstribune.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=1&cb=310994812
Requested by: Host: subscribe.duluthnewstribune.com
URL: https://subscribe.duluthnewstribune.com/?ofrgp_id=862%2C863&?utm_market=duluthnewstribune&utm_source=email&utm_medium=promo_send&utm_campaign=2_dollars_for_6_months_jan_23&utm_content=6_months_2_dollar_offer_promo_1_am_01302023&utm_term=duluthnewstribune_promo_nonmember
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.76.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.76.234.ip.incapdns.net
Software: /
Resource Hash: c22436bb94427caee97dc2e69b64c8af9cdd5a1b79790cc14a6a2a8b987b2b7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscribe.duluthnewstribune.com/?ofrgp_id=862%2C863&?utm_market=duluthnewstribune&utm_source=email&utm_medium=promo_send&utm_campaign=2_dollars_for_6_months_jan_23&utm_content=6_months_2_dollar_offer_promo_1_am_01302023&utm_term=duluthnewstribune_promo_nonmember
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

cache-control: no-cache, no-store
content-encoding: gzip
x-robots-tag: noindex
content-length: 20544
content-type: application/javascript

GET
H2 200 qFdu35qfgYFjGy5hukqqhw5XeRgdi1ryd_LAMU5fIH2httAyI4R2vGo4.woff2
fonts.gstatic.com/s/rokkitt/v29/ 17 KB
18 KB 30ms
8ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/rokkitt/v29/qFdu35qfgYFjGy5hukqqhw5XeRgdi1ryd_LAMU5fIH2httAyI4R2vGo4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Rokkitt:wght@400;700;900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df29ab7936e6e6ec6f3f2a0a49d712646d7f73c34c95af836ad799fa2233f032

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://subscribe.duluthnewstribune.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Sun, 29 Jan 2023 10:27:04 GMT
x-content-type-options: nosniff
age: 108876
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17840
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:35:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 29 Jan 2024 10:27:04 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 29ms
9ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

39cc6c78632abb08815246e75d23371d17c0106cfb4156297f74366c8404b533

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscribe.duluthnewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 30 Jan 2023 16:41:40 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27815
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: GJ/bgOQga2F8d8nF9YObmO+kwbImVZur20EoEKQgt02a96/M/5KXRAdaduKG0QUPSxXq3LixQttZX9TjWCFsrg==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 82ms
20ms Script
text/javascript 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5VHGMKS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscribe.duluthnewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 30 Jan 2023 16:21:44 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 1196
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Mon, 30 Jan 2023 18:21:44 GMT

GET
H2

200

activityi;dc_pre=COfU653e7_wCFQqXmgoddDIIAw;src=8975227;type=invmedia;cat=dulut0;ord=4804010679696;gtm=2wg1p0;auiddc=1183007041.1675096901;~oref=https%3A%2F%2Fsubscribe.duluthnewstribune.com%2F%3Fo... Show response
8975227.fls.doubleclick.net/ Frame 78F4
Redirect Chain

https://8975227.fls.doubleclick.net/activityi;src=8975227;type=invmedia;cat=dulut0;ord=4804010679696;gtm=2wg1p0;auiddc=1183007041.1675096901;~oref=https%3A%2F%2Fsubscribe.duluthnewstribune.com%2F%3...
https://8975227.fls.doubleclick.net/activityi;dc_pre=COfU653e7_wCFQqXmgoddDIIAw;src=8975227;type=invmedia;cat=dulut0;ord=4804010679696;gtm=2wg1p0;auiddc=1183007041.1675096901;~oref=https%3A%2F%2Fsu...

760 B
575 B

46ms
45ms

Document
text/html

142.250.185.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8975227.fls.doubleclick.net/activityi;dc_pre=COfU653e7_wCFQqXmgoddDIIAw;src=8975227;type=invmedia;cat=dulut0;ord=4804010679696;gtm=2wg1p0;auiddc=1183007041.1675096901;~oref=https%3A%2F%2Fsubscribe.duluthnewstribune.com%2F%3Fofrgp_id%3D862%252C863%26%3Futm_market%3Dduluthnewstribune%26utm_source%3Demail%26utm_medium%3Dpromo_send%26utm_campaign%3D2_dollars_for_6_months_jan_23%26utm_content%3D6_months_2_dollar_offer_promo_1_am_01302023%26utm_term%3Dduluthnewstribune_promo_nonmember?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5VHGMKS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f6.1e100.net

Software

cafe /

Resource Hash

0140fe134afa5d804bf7dc7fbd28b24712bf9b46876a5e24b022a512053a31ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://subscribe.duluthnewstribune.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 399
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 16:41:40 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 16:41:40 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8975227.fls.doubleclick.net/activityi;dc_pre=COfU653e7_wCFQqXmgoddDIIAw;src=8975227;type=invmedia;cat=dulut0;ord=4804010679696;gtm=2wg1p0;auiddc=1183007041.1675096901;~oref=https%3A%2F%2Fsubscribe.duluthnewstribune.com%2F%3Fofrgp_id%3D862%252C863%26%3Futm_market%3Dduluthnewstribune%26utm_source%3Demail%26utm_medium%3Dpromo_send%26utm_campaign%3D2_dollars_for_6_months_jan_23%26utm_content%3D6_months_2_dollar_offer_promo_1_am_01302023%26utm_term%3Dduluthnewstribune_promo_nonmember?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 attribution.js Show response
scripts.attributionapp.com/v2/ 188 KB
49 KB 78ms
7ms Script
text/javascript 2600:9000:206f:4600:1b:e643:4ac0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://scripts.attributionapp.com/v2/attribution.js
Requested by: Host: subscribe.duluthnewstribune.com
URL: https://subscribe.duluthnewstribune.com/?ofrgp_id=862%2C863&?utm_market=duluthnewstribune&utm_source=email&utm_medium=promo_send&utm_campaign=2_dollars_for_6_months_jan_23&utm_content=6_months_2_dollar_offer_promo_1_am_01302023&utm_term=duluthnewstribune_promo_nonmember
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:4600:1b:e643:4ac0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 106fb417f17d07a860ebd1466dd44c0f30c754560e24e4f85ce5b4b560fd6bdc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscribe.duluthnewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Wed, 07 Dec 2022 03:21:52 GMT
content-encoding: gzip
via: 1.1 4f114016fe4d6c05531b0486ec2868be.cloudfront.net (CloudFront)
x-amz-version-id: RQJy8VcmP_6sFxDTdxAdYQVJJmnH7jfb
last-modified: Thu, 13 Jan 2022 13:37:19 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C1
age: 4713588
etag: W/"474a32856b401757baa407bb96ebb13f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=315360000, no-transform, public
x-amz-cf-id: RiWI8WZbI7bMSQJRxI1sqGL9Ac47B6aSKeWyiFe8eI_kwTmiPDwb2w==

GET
H2 200 config.js Show response
cdn.confiant-integrations.net/cUnQ-tYNZ95Jh3EezVQMDpKuEDk/gpt_and_prebid/ 110 KB
25 KB 57ms
21ms Script
text/javascript 2606:4700::6812:116b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/cUnQ-tYNZ95Jh3EezVQMDpKuEDk/gpt_and_prebid/config.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5VHGMKS
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:116b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24b57c02d8670f2a0f99ed9fff32356387a07f56a37bbc62ceba1c1e91712cc2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscribe.duluthnewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 16:41:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 30 Jan 2023 16:27:12 GMT
server: cloudflare
x-amz-request-id: H875MPHZ5Q2SJ2FZ
age: 408
etag: W/"93a1d7f2f5174e45ba94f0f698521a5d"
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900, stale-while-revalidate=3600
cf-ray: 791ba80ceffa2c20-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: S5YTGlufmtk3nZcG6IEimfOnniieESQ+Kflr29JdnXYEp2umqiwElI/MBSFSaNqQjLBHe1gMcsE=

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 215 KB
75 KB 49ms
49ms Script
application/javascript 2a00:1450:400d:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Z15KJQ29H1&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5VHGMKS

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

911e1767c0c621c0c143f26bf344051c53b3d393db9fadc1510a2c0b6a150259

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscribe.duluthnewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 16:41:40 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77172
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 30 Jan 2023 16:41:40 GMT

GET
H2 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
368 B 49ms
24ms XHR
application/json 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCu2stHA_Wgp5c31U3hCuMMMr0Bw5E6dyo&libraries=places

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscribe.duluthnewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 16:41:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://subscribe.duluthnewstribune.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 659058557951167 Show response
connect.facebook.net/signals/config/ 376 KB
108 KB 10ms
9ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/659058557951167?v=2.9.92&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

3725ef48f5d7b22d88fbb28285c411fdd8004795717e9c49a45c849528224190

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscribe.duluthnewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 30 Jan 2023 16:41:40 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 110023
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 5mZ0lSE8+OGUrcLczVzPMiCh0xBzGKlGC55ytpGqO6DvLFekqfYpaDOg6rnDG2jbyKJ+7a8QjtvQNHEiggGcMQ==
x-fb-trip-id: 917726464
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 wrap.js Show response
cdn.confiant-integrations.net/gptprebidnative/202212211045/ 216 KB
68 KB 26ms
25ms Script
application/javascript 2606:4700::6812:116b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.confiant-integrations.net/gptprebidnative/202212211045/wrap.js
Requested by: Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/cUnQ-tYNZ95Jh3EezVQMDpKuEDk/gpt_and_prebid/config.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:116b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b59e31aeaca17f052e5e16fa1713cb48d45997454c26ae2876302420b77751c2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscribe.duluthnewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 16:41:40 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 21 Dec 2022 15:47:15 GMT
server: cloudflare
x-amz-request-id: 3S72HM8Q47JBNX3S
age: 1546185
etag: W/"fa407ba001f2ac06196124f41d523471"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=31536000
cf-ray: 791ba80d28802c20-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: iLribDH3ikz821rt5eVjCdntSsHPHzXpOlpTq2e2TNKaYGy1ewgJXl12LuaVyTTHrSLO+1/mM6Y=

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
158 B 43ms
41ms XHR
text/plain 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1032617132&t=pageview&_s=1&dl=https%3A%2F%2Fsubscribe.duluthnewstribune.com%2F%3Fofrgp_id%3D862%252C863%26%3Futm_market%3Dduluthnewstribune%26utm_source%3Demail%26utm_medium%3Dpromo_send%26utm_campaign%3D2_dollars_for_6_months_jan_23%26utm_content%3D6_months_2_dollar_offer_promo_1_am_01302023%26utm_term%3Dduluthnewstribune_promo_nonmember&ul=en-us&de=UTF-8&dt=Duluth%20News%20Tribune&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=1491896373&gjid=1445029222&cid=476978641.1675096901&tid=UA-778232-77&_gid=2005857382.1675096901&_r=1&_slc=1&gtm=2wg1p05VHGMKS&z=1278863342

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://subscribe.duluthnewstribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 30 Jan 2023 16:41:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://subscribe.duluthnewstribune.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
69 B 42ms
41ms XHR
text/plain 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1032617132&t=pageview&_s=1&dl=https%3A%2F%2Fsubscribe.duluthnewstribune.com%2F%3Fofrgp_id%3D862%252C863%26%3Futm_market%3Dduluthnewstribune%26utm_source%3Demail%26utm_medium%3Dpromo_send%26utm_campaign%3D2_dollars_for_6_months_jan_23%26utm_content%3D6_months_2_dollar_offer_promo_1_am_01302023%26utm_term%3Dduluthnewstribune_promo_nonmember&ul=en-us&de=UTF-8&dt=Duluth%20News%20Tribune&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDACEABBAAAACAAI~&jid=381506536&gjid=1377133815&cid=476978641.1675096901&tid=UA-41542537-2&_gid=2005857382.1675096901&_r=1&_slc=1&gtm=2wg1p05VHGMKS&z=785143121

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://subscribe.duluthnewstribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 30 Jan 2023 16:41:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://subscribe.duluthnewstribune.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
360 B 62ms
20ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-778232-32&cid=476978641.1675096901&jid=1994329148&gjid=32985435&_gid=2005857382.1675096901&_u=YGDAiEABBAAAAGAAI~&z=103988450

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://subscribe.duluthnewstribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 30 Jan 2023 16:41:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://subscribe.duluthnewstribune.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 20ms
19ms Image
image/gif 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1032617132&t=pageview&_s=1&dl=https%3A%2F%2Fsubscribe.duluthnewstribune.com%2F%3Fofrgp_id%3D862%252C863%26%3Futm_market%3Dduluthnewstribune%26utm_source%3Demail%26utm_medium%3Dpromo_send%26utm_campaign%3D2_dollars_for_6_months_jan_23%26utm_content%3D6_months_2_dollar_offer_promo_1_am_01302023%26utm_term%3Dduluthnewstribune_promo_nonmember&ul=en-us&de=UTF-8&dt=Duluth%20News%20Tribune&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDAiEABBAAAACAAI~&jid=1994329148&gjid=32985435&cid=476978641.1675096901&tid=UA-778232-32&_gid=2005857382.1675096901&gtm=2wg1p05VHGMKS&z=1288647730

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscribe.duluthnewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Jan 2023 05:06:00 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 41740
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 36ms
12ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=659058557951167&ev=PageView&dl=https%3A%2F%2Fsubscribe.duluthnewstribune.com%2F%3Fofrgp_id%3D862%252C863%26%3Futm_market%3Dduluthnewstribune%26utm_source%3Demail%26utm_medium%3Dpromo_send%26utm_campaign%3D2_dollars_for_6_months_jan_23%26utm_content%3D6_months_2_dollar_offer_promo_1_am_01302023%26utm_term%3Dduluthnewstribune_promo_nonmember&rl=&if=false&ts=1675096900697&sw=1600&sh=1200&v=2.9.92&r=stable&ec=0&o=30&fbp=fb.1.1675096900696.535371980&it=1675096900637&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscribe.duluthnewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 30 Jan 2023 16:41:40 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 204 collect
region1.google-analytics.com/g/ 0
265 B 55ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Z15KJQ29H1&gtm=2oe1p0&_p=1032617132&cid=476978641.1675096901&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1675096900&sct=1&seg=0&dl=https%3A%2F%2Fsubscribe.duluthnewstribune.com%2F%3Fofrgp_id%3D862%252C863%26%3Futm_market%3Dduluthnewstribune%26utm_source%3Demail%26utm_medium%3Dpromo_send%26utm_campaign%3D2_dollars_for_6_months_jan_23%26utm_content%3D6_months_2_dollar_offer_promo_1_am_01302023%26utm_term%3Dduluthnewstribune_promo_nonmember&dt=Duluth%20News%20Tribune&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z15KJQ29H1&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscribe.duluthnewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Jan 2023 16:41:40 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://subscribe.duluthnewstribune.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 26ms
26ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-778232-77&cid=476978641.1675096901&jid=1491896373&gjid=1445029222&_gid=2005857382.1675096901&_u=YEBAAEAAAAAAACAAI~&z=1569894566

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://subscribe.duluthnewstribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 30 Jan 2023 16:41:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://subscribe.duluthnewstribune.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 24ms
23ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-41542537-2&cid=476978641.1675096901&jid=381506536&gjid=1377133815&_gid=2005857382.1675096901&_u=YGDACEABBAAAACAAI~&z=841228269

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://subscribe.duluthnewstribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 30 Jan 2023 16:41:40 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://subscribe.duluthnewstribune.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK p Show response
track.attributionapp.com/ 0
345 B 402ms
111ms XHR
application/json 54.221.251.148
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://track.attributionapp.com/p

Requested by

Host: scripts.attributionapp.com
URL: https://scripts.attributionapp.com/v2/attribution.js

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_128_GCM

Server

54.221.251.148 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-221-251-148.compute-1.amazonaws.com

Software

Cowboy /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://subscribe.duluthnewstribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 30 Jan 2023 16:41:40 GMT
Via: 1.1 vegur
X-Content-Type-Options: nosniff
Server: Cowboy
Access-Control-Allow-Methods: OPTIONS, GET, POST, DELETE
Content-Type: application/json
Access-Control-Allow-Origin: *
Connection: keep-alive
Access-Control-Allow-Headers: Authorization, Content-Type
Content-Length: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 72ms
46ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-778232-32&cid=476978641.1675096901&jid=1994329148&_u=YGDAiEABBAAAAGAAI~&z=1068253296

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscribe.duluthnewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Jan 2023 16:41:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 122ms
58ms Image
image/gif 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-778232-32&cid=476978641.1675096901&jid=1994329148&_u=YGDAiEABBAAAAGAAI~&z=1068253296

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscribe.duluthnewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Jan 2023 16:41:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 70ms
45ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-778232-77&cid=476978641.1675096901&jid=1491896373&_u=YEBAAEAAAAAAACAAI~&z=1057676393

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscribe.duluthnewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Jan 2023 16:41:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 121ms
58ms Image
image/gif 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-778232-77&cid=476978641.1675096901&jid=1491896373&_u=YEBAAEAAAAAAACAAI~&z=1057676393

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscribe.duluthnewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Jan 2023 16:41:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 47ms
46ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-41542537-2&cid=476978641.1675096901&jid=381506536&_u=YGDACEABBAAAACAAI~&z=1521925748

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscribe.duluthnewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Jan 2023 16:41:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 94ms
57ms Image
image/gif 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-41542537-2&cid=476978641.1675096901&jid=381506536&_u=YGDACEABBAAAACAAI~&z=1521925748

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscribe.duluthnewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Jan 2023 16:41:40 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=COfU653e7_wCFQqXmgoddDIIAw;src=8975227;type=invmedia;cat=dulut0;ord=4804010679696;gtm=2wg1p0;auiddc=1183007041.1675096901;~oref=https%3A%2F%2Fsubscribe.duluthnewstribune.com%2F%3Fofrgp_id%3D... Show response
adservice.google.com/ddm/fls/i/ Frame 62EB 759 B
764 B 91ms
45ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=COfU653e7_wCFQqXmgoddDIIAw;src=8975227;type=invmedia;cat=dulut0;ord=4804010679696;gtm=2wg1p0;auiddc=1183007041.1675096901;~oref=https%3A%2F%2Fsubscribe.duluthnewstribune.com%2F%3Fofrgp_id%3D862%252C863%26%3Futm_market%3Dduluthnewstribune%26utm_source%3Demail%26utm_medium%3Dpromo_send%26utm_campaign%3D2_dollars_for_6_months_jan_23%26utm_content%3D6_months_2_dollar_offer_promo_1_am_01302023%26utm_term%3Dduluthnewstribune_promo_nonmember

Requested by

Host: 8975227.fls.doubleclick.net
URL: https://8975227.fls.doubleclick.net/activityi;dc_pre=COfU653e7_wCFQqXmgoddDIIAw;src=8975227;type=invmedia;cat=dulut0;ord=4804010679696;gtm=2wg1p0;auiddc=1183007041.1675096901;~oref=https%3A%2F%2Fsubscribe.duluthnewstribune.com%2F%3Fofrgp_id%3D862%252C863%26%3Futm_market%3Dduluthnewstribune%26utm_source%3Demail%26utm_medium%3Dpromo_send%26utm_campaign%3D2_dollars_for_6_months_jan_23%26utm_content%3D6_months_2_dollar_offer_promo_1_am_01302023%26utm_term%3Dduluthnewstribune_promo_nonmember?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

589811ead2d643bad35e02b83b5846ab14cf13082a85af3f57357c723e41bf07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8975227.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 389
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 16:41:40 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 dc_pre=COfU653e7_wCFQqXmgoddDIIAw;src=8975227;type=invmedia;cat=dulut0;ord=4804010679696;gtm=2wg1p0;auiddc=1183007041.1675096901;~oref=https%3A%2F%2Fsubscribe.duluthnewstribune.com%2F%3Fofrgp_id%3D... Show response
adservice.google.de/ddm/fls/i/ Frame E438 194 B
515 B 104ms
46ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=COfU653e7_wCFQqXmgoddDIIAw;src=8975227;type=invmedia;cat=dulut0;ord=4804010679696;gtm=2wg1p0;auiddc=1183007041.1675096901;~oref=https%3A%2F%2Fsubscribe.duluthnewstribune.com%2F%3Fofrgp_id%3D862%252C863%26%3Futm_market%3Dduluthnewstribune%26utm_source%3Demail%26utm_medium%3Dpromo_send%26utm_campaign%3D2_dollars_for_6_months_jan_23%26utm_content%3D6_months_2_dollar_offer_promo_1_am_01302023%26utm_term%3Dduluthnewstribune_promo_nonmember

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=COfU653e7_wCFQqXmgoddDIIAw;src=8975227;type=invmedia;cat=dulut0;ord=4804010679696;gtm=2wg1p0;auiddc=1183007041.1675096901;~oref=https%3A%2F%2Fsubscribe.duluthnewstribune.com%2F%3Fofrgp_id%3D862%252C863%26%3Futm_market%3Dduluthnewstribune%26utm_source%3Demail%26utm_medium%3Dpromo_send%26utm_campaign%3D2_dollars_for_6_months_jan_23%26utm_content%3D6_months_2_dollar_offer_promo_1_am_01302023%26utm_term%3Dduluthnewstribune_promo_nonmember

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 85
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 16:41:40 GMT
expires: Mon, 30 Jan 2023 16:41:40 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 9ms
8ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=659058557951167&ev=Microdata&dl=https%3A%2F%2Fsubscribe.duluthnewstribune.com%2F%3Fofrgp_id%3D862%252C863%26%3Futm_market%3Dduluthnewstribune%26utm_source%3Demail%26utm_medium%3Dpromo_send%26utm_campaign%3D2_dollars_for_6_months_jan_23%26utm_content%3D6_months_2_dollar_offer_promo_1_am_01302023%26utm_term%3Dduluthnewstribune_promo_nonmember&rl=&if=false&ts=1675096901199&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Duluth%20News%20Tribune%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fsubscribe.duluthnewstribune.com%2F%3Fofrgp_id%3D862%252C863%26%3Futm_market%3Dduluthnewstribune%26utm_source%3Demail%26utm_medium%3Dpromo_send%26utm_campaign%3D2_dollars_for_6_months_jan_23%26utm_content%3D6_months_2_dollar_offer_promo_1_am_01302023%26utm_term%3Dduluthnewstribune_promo_nonmember%22%2C%22og%3Atitle%22%3A%22Subscribe%20to%20The%20the%20Duluth%20News%20Tribune!%22%2C%22og%3Adescription%22%3A%22Click%20here%20for%20the%20latest%20offers!%22%2C%22og%3Asite_name%22%3A%22the%20Duluth%20News%20Tribune%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.92&r=stable&ec=1&o=30&fbp=fb.1.1675096900696.535371980&it=1675096900637&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscribe.duluthnewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 30 Jan 2023 16:41:41 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 908 B
786 B 17ms
16ms Script
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=recaptchaInit&size=invisible&render=explicit

Requested by

Host: subscribe.duluthnewstribune.com
URL: https://subscribe.duluthnewstribune.com/build/build.js?dateStamp=1665593879000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7a0679f3f5a4488b98ad0911486a5457d9e3fc9a38badc143e749cf7ee735c9f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscribe.duluthnewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 16:41:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 578
x-xss-protection: 1; mode=block
expires: Mon, 30 Jan 2023 16:41:41 GMT

GET
H2 200 authorize Show response
login.forumcomm.com/ Frame 4123 1 KB
2 KB 510ms
374ms Document
text/html 2600:9000:2104:7800:1d:8f09:740:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://login.forumcomm.com/authorize?client_id=GO9zp0OgwGlShDT4ahD4DvgXbO7Mv6cJ&response_type=token&scope=openid%20profile%20email&redirect_uri=https%3A%2F%2Fsubscribe.duluthnewstribune.com&state=y7ZMdCw1Sv-jU.sRFbJPI03AlloI5v6V&response_mode=web_message&prompt=none&auth0Client=eyJuYW1lIjoiYXV0aDAuanMiLCJ2ZXJzaW9uIjoiOS4xMS4zIn0%3D

Requested by

Host: cdn.auth0.com
URL: https://cdn.auth0.com/js/auth0/9.11/auth0.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2104:7800:1d:8f09:740:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f67709d5b91b51b3f1abd3d42bb0bfade31b58b1e8206ca1136979c383eb5853

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

Referer: https://subscribe.duluthnewstribune.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store
cf-cache-status: DYNAMIC
cf-ray: 791ba816b83f9950-FRA
content-encoding: gzip
content-type: text/html;charset=UTF-8
date: Mon, 30 Jan 2023 16:41:42 GMT
ot-baggage-auth0-request-id: 791ba816b83f9950
ot-tracer-sampled: true
ot-tracer-spanid: 0f93222d3347920d
ot-tracer-traceid: 234673cd3a37ea07
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000
traceparent: 00-0000000000000000234673cd3a37ea07-0f93222d3347920d-01
tracestate: auth0-request-id=791ba816b83f9950,auth0=true
vary: Accept-Encoding
via: 1.1 4ce5e5162c2d4fc9022ceb290f794ffe.cloudfront.net (CloudFront)
x-amz-cf-id: hhgBxyRAMZoo1o1AwMVxn6VVLZX5pv5Qg8Kscup-WFe-HTtVpg9ZAQ==
x-amz-cf-pop: AMS1-C1
x-auth0-requestid: a355b11543de0913696c
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-ratelimit-limit: 300
x-ratelimit-remaining: 299
x-ratelimit-reset: 1675096903

GET
H2 200 client.min.js Show response
js.braintreegateway.com/web/3.85.2/js/ 42 KB
13 KB 103ms
13ms Script
application/javascript 13.32.110.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.braintreegateway.com/web/3.85.2/js/client.min.js

Requested by

Host: subscribe.duluthnewstribune.com
URL: https://subscribe.duluthnewstribune.com/build/build.js?dateStamp=1665593879000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-110-66.vie50.r.cloudfront.net

Software

nginx /

Resource Hash

4a3569fc82e8fef2a9125e05232c934b475e8c895e2454de87877d78da71a325

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' .braintreegateway.com .braintree-api.com;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscribe.duluthnewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com;
content-encoding: gzip
via: 1.1 4a5fd700eeb5cfa099084cd70fa5bf54.cloudfront.net (CloudFront)
date: Mon, 30 Jan 2023 13:11:34 GMT
x-amz-cf-pop: VIE50-C2
age: 12608
x-cache: Hit from cloudfront
last-modified: Fri, 20 Jan 2023 21:56:59 GMT
server: nginx
etag: W/"63cb0e2b-a838"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-id: cWq1WWffkBUBPSPl2dVMojmbyNJVKySOnixMPXfpPZ5iDRjN-b37bQ==
expires: Tue, 31 Jan 2023 13:11:34 GMT

GET
H2 200 hosted-fields.min.js Show response
js.braintreegateway.com/web/3.85.2/js/ 63 KB
18 KB 104ms
15ms Script
application/javascript 13.32.110.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.braintreegateway.com/web/3.85.2/js/hosted-fields.min.js

Requested by

Host: subscribe.duluthnewstribune.com
URL: https://subscribe.duluthnewstribune.com/build/build.js?dateStamp=1665593879000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-110-66.vie50.r.cloudfront.net

Software

nginx /

Resource Hash

392c1cfd7dba03273c21a643e0aa17b3374383d575c55e6b23c99f873227ae32

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' .braintreegateway.com .braintree-api.com;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscribe.duluthnewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 13:45:48 GMT
content-security-policy: style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com;
content-encoding: gzip
via: 1.1 4a5fd700eeb5cfa099084cd70fa5bf54.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 10554
x-cache: Hit from cloudfront
last-modified: Fri, 20 Jan 2023 21:57:02 GMT
server: nginx
etag: W/"63cb0e2e-fa56"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-id: qMA5wDoBhDZ_HNDfnZSgDLBSvJZnLc3AL1Xu0PHwRUCQT7MEX8CFlg==
expires: Tue, 31 Jan 2023 13:45:48 GMT

GET
H2 200 paypal-checkout.min.js Show response
js.braintreegateway.com/web/3.85.2/js/ 55 KB
15 KB 114ms
26ms Script
application/javascript 13.32.110.66
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.braintreegateway.com/web/3.85.2/js/paypal-checkout.min.js

Requested by

Host: subscribe.duluthnewstribune.com
URL: https://subscribe.duluthnewstribune.com/build/build.js?dateStamp=1665593879000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.66 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-110-66.vie50.r.cloudfront.net

Software

nginx /

Resource Hash

106cc265f34c25113c1c57a7b606878708cbb4205a66e82f495cd40014b24258

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' .braintreegateway.com .braintree-api.com;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscribe.duluthnewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 14:27:32 GMT
content-security-policy: style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com;
content-encoding: gzip
via: 1.1 4a5fd700eeb5cfa099084cd70fa5bf54.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 8050
x-cache: Hit from cloudfront
last-modified: Fri, 20 Jan 2023 21:57:00 GMT
server: nginx
etag: W/"63cb0e2c-da27"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-id: 2IQKNdXKXj5Bqo2AwuIEbe5HMnFSI4bDw-Fg7o_S7jZqel1ItB280A==
expires: Tue, 31 Jan 2023 14:27:32 GMT

GET
H2 200 US Show response
subscribe.duluthnewstribune.com/address/getStates/ 2 KB
1 KB 157ms
157ms XHR
application/json 107.154.76.234
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://subscribe.duluthnewstribune.com/address/getStates/US
Requested by: Host: subscribe.duluthnewstribune.com
URL: https://subscribe.duluthnewstribune.com/build/build.js?dateStamp=1665593879000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.76.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.76.234.ip.incapdns.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ca1f76f3e333116f0ed5ae78dbce5c9c407d50d21530beb81e9cc0db1fa4cfac

Request headers

Accept: */*
X-TrackingCode: {"utm_medium":"promo_send","utm_source":"email","utm_campaign":"2_dollars_for_6_months_jan_23","utm_content":"6_months_2_dollar_offer_promo_1_am_01302023","utm_term":"duluthnewstribune_promo_nonmember"}
Referer: https://subscribe.duluthnewstribune.com/?ofrgp_id=862%2C863&?utm_market=duluthnewstribune&utm_source=email&utm_medium=promo_send&utm_campaign=2_dollars_for_6_months_jan_23&utm_content=6_months_2_dollar_offer_promo_1_am_01302023&utm_term=duluthnewstribune_promo_nonmember
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-version: 3.16.0
date: Mon, 30 Jan 2023 16:41:42 GMT
content-encoding: gzip
x-sp-host-name: AWSPRDWEB11
server: Microsoft-IIS/10.0
x-cdn: Imperva
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/json; charset=utf-8
x-iinfo: 11-45574557-45574563 PNNN RT(1675096899204 2485) q(0 0 0 -1) r(2 2) U5
cache-control: public, max-age=2592000
x-host-name: AWSPRDWEB11

POST
H2 200 / Show response
subscribe.duluthnewstribune.com/offer/getOffers/ 6 KB
2 KB 248ms
247ms XHR
application/json 107.154.76.234
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://subscribe.duluthnewstribune.com/offer/getOffers/
Requested by: Host: subscribe.duluthnewstribune.com
URL: https://subscribe.duluthnewstribune.com/build/build.js?dateStamp=1665593879000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.76.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.76.234.ip.incapdns.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 7e51ad247ed033aabcf348d5cfb60952c173b5b4e9a72ba18f564cb8a16a48d9

Request headers

Accept: */*
X-TrackingCode: {"utm_medium":"promo_send","utm_source":"email","utm_campaign":"2_dollars_for_6_months_jan_23","utm_content":"6_months_2_dollar_offer_promo_1_am_01302023","utm_term":"duluthnewstribune_promo_nonmember"}
Referer: https://subscribe.duluthnewstribune.com/?ofrgp_id=862%2C863&?utm_market=duluthnewstribune&utm_source=email&utm_medium=promo_send&utm_campaign=2_dollars_for_6_months_jan_23&utm_content=6_months_2_dollar_offer_promo_1_am_01302023&utm_term=duluthnewstribune_promo_nonmember
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

x-version: 3.16.0
date: Mon, 30 Jan 2023 16:41:42 GMT
content-encoding: gzip
x-sp-host-name: AWSPRDWEB11
server: Microsoft-IIS/10.0
x-cdn: Imperva
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/json; charset=utf-8
x-iinfo: 11-45574557-45574678 PNNy RT(1675096899204 2490) q(0 0 0 -1) r(3 3) U5
x-host-name: AWSPRDWEB11

GET
H2 200 duluthnewstribune.png
static.forumcomm.com/images/620x220/ 12 KB
12 KB 87ms
24ms Image
image/png 18.65.39.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.forumcomm.com/images/620x220/duluthnewstribune.png
Requested by: Host: subscribe.duluthnewstribune.com
URL: https://subscribe.duluthnewstribune.com/?ofrgp_id=862%2C863&?utm_market=duluthnewstribune&utm_source=email&utm_medium=promo_send&utm_campaign=2_dollars_for_6_months_jan_23&utm_content=6_months_2_dollar_offer_promo_1_am_01302023&utm_term=duluthnewstribune_promo_nonmember
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.65.39.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-65-39-24.ams1.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 5525155484aef569c783dcb2e9d0de43eadb0a85178d0361c34dd1ef115af43a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscribe.duluthnewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 16:41:42 GMT
via: 1.1 045d55468661252b6be78e701e36b492.cloudfront.net (CloudFront)
last-modified: Mon, 16 Aug 2021 21:25:10 GMT
server: AmazonS3
x-amz-cf-pop: AMS1-P1
age: 197
etag: "ac16c3db3824ab9b3807b1f20a9249dc"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 12199
x-amz-cf-id: jKEbRjPzF-L_lmK2CnMk3N9szauIx5vJNRdfE1lbbtXLNAXtWJSFVA==

GET
H2 200 en.js Show response
cdn.auth0.com/js/lock/11.25.1/ 6 KB
3 KB 221ms
220ms Script
application/javascript 143.204.207.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.auth0.com/js/lock/11.25.1/en.js
Requested by: Host: cdn.auth0.com
URL: https://cdn.auth0.com/js/lock/11.25/lock.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.207.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-207-119.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 70212eacf2b641df77cb7f0b97262908d1f8abde30a8b77b1a7cd8ef7031ab7a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscribe.duluthnewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-amz-version-id: qIAQzzJ.pD93KVstNbm_W.GXOnij8Nlm
content-encoding: gzip
via: 1.1 9d27077cd67d98c0474b05ec9d68df4a.cloudfront.net (CloudFront)
date: Mon, 30 Jan 2023 09:29:32 GMT
last-modified: Tue, 14 Jul 2020 10:52:03 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
age: 25931
etag: W/"572cf148365b46b1764bce1465485227"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=2628000,public
x-amz-replication-status: COMPLETED
x-amz-cf-id: vqoV9HgqIToER5uyz2x_N-QULd-nt0DxvZt09ABWAvMPcZ8xgPoauQ==

GET
H2 200 GO9zp0OgwGlShDT4ahD4DvgXbO7Mv6cJ.js Show response
cdn.us.auth0.com/client/ 688 B
1 KB 620ms
555ms Script
application/x-javascript 65.9.66.51
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.us.auth0.com/client/GO9zp0OgwGlShDT4ahD4DvgXbO7Mv6cJ.js?t1675096902082

Requested by

Host: cdn.auth0.com
URL: https://cdn.auth0.com/js/lock/11.25/lock.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.51 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-51.fra56.r.cloudfront.net

Software

cloudflare /

Resource Hash

7d77b850d78c8ff02a573b154fff90efef82dbdc2d45508be82b1ebb33180cff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscribe.duluthnewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: EXPIRED
tracestate: auth0-request-id=791ba3443d709b8f
x-auth0-requestid: fddbeae4c01c97835ca2
date: Mon, 30 Jan 2023 16:41:42 GMT
via: 1.1 547a50460a0cda7ae3dafb1c0b6d0e1a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-cache: RefreshHit from cloudfront
server: cloudflare
ot-tracer-sampled: true
traceparent: 00-6e668e2e761291ee-000000000000000069e92916112ce419-01
etag: W/"2b0-G9nOolqi3r6RJL7ayymn8f1mIgI"
ot-tracer-traceid: 69e92916112ce419
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=60, stale-while-revalidate=60, stale-if-error=86400
ot-baggage-auth0-request-id: 791ba3443d709b8f
cf-ray: 791ba3443d709b8f-FRA
x-amz-cf-id: alqbE4RDt0OSYgzbrMTZO5ooCX7-sqgOHIcydkinhNBlbznRfsdURA==
ot-tracer-spanid: 6e668e2e761291ee

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ 101 B
629 B 42ms
7ms Script
text/javascript 2a04:4e42:600::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v3/polyfill.min.js?flags=gated&features=es5%2CCustomEvent%2CArray.from%2CArray.isArray%2CArray.prototype.filter%2CArray.prototype.find%2CArray.prototype.findIndex%2CArray.prototype.forEach%2CArray.prototype.indexOf%2CArray.prototype.keys%2CArray.prototype.lastIndexOf%2CArray.prototype.map%2CArray.prototype.reduce%2CDate.prototype.toISOString%2CDocumentFragment%2CDocumentFragment.prototype.append%2CDocumentFragment.prototype.prepend%2CElement%2CElement.prototype.after%2CElement.prototype.append%2CElement.prototype.before%2CElement.prototype.classList%2CElement.prototype.cloneNode%2CElement.prototype.closest%2CElement.prototype.dataset%2CElement.prototype.matches%2CElement.prototype.placeholder%2CElement.prototype.prepend%2CElement.prototype.remove%2CElement.prototype.replaceWith%2CElement.prototype.toggleAttribute%2CEvent%2CJSON%2CMap%2CNumber.parseInt%2CNumber.parseFloat%2CObject.assign%2CObject.create%2CObject.defineProperties%2CObject.defineProperty%2CObject.entries%2CObject.getOwnPropertyDescriptor%2CObject.getOwnPropertyNames%2CObject.is%2CObject.keys%2CObject.values%2CPromise%2CPromise.prototype.finally%2CSet%2CString.prototype.trim%2CXMLHttpRequest%2Cdocument.getElementsByClassName%2Cdocument.currentScript%2Cdocument.querySelector%2Cfetch%2CgetComputedStyle%2ClocalStorage%2CArray.prototype.some%2CDate.now%2CEvent.focusin%2CEventSource%2CFunction.prototype.bind%2CFunction.prototype.name%2CHTMLDocument%2CNodeList.prototype.forEach%2CNodeList.prototype.%40%40iterator%2CNode.prototype.contains%2CObject.getPrototypeOf%2CObject.setPrototypeOf%2CRegExp.prototype.flags%2CString.prototype.%40%40iterator%2CString.prototype.startsWith%2CString.prototype.endsWith%2Cconsole%2Cconsole.debug%2Cconsole.error%2Cconsole.info%2Cconsole.log%2Cdocument%2Cdocument.head%2Cdocument.visibilityState%2Clocation.origin%2CrequestIdleCallback%2Cscreen.orientation%2CmatchMedia%2CURL

Requested by

Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/forum/loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:600::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://subscribe.duluthnewstribune.com/
Origin: https://subscribe.duluthnewstribune.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Mon, 30 Jan 2023 16:41:42 GMT
age: 1180718
detected-user-agent: Chrome/109.0.0
server-timing: HIT, fastly;desc="Edge time";dur=0, HIT, fastly;desc="Edge time";dur=1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 94
referrer-policy: origin-when-cross-origin
last-modified: Mon, 16 Jan 2023 13:35:34 GMT
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript; charset=UTF-8
normalized-user-agent: chrome/109.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 _Incapsula_Resource
subscribe.duluthnewstribune.com/ 1 B
35 B 8ms
8ms Image
text/plain 107.154.76.234
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subscribe.duluthnewstribune.com/_Incapsula_Resource?SWKMTFSR=1&e=0.9202861146397381
Requested by: Host: subscribe.duluthnewstribune.com
URL: https://subscribe.duluthnewstribune.com/?ofrgp_id=862%2C863&?utm_market=duluthnewstribune&utm_source=email&utm_medium=promo_send&utm_campaign=2_dollars_for_6_months_jan_23&utm_content=6_months_2_dollar_offer_promo_1_am_01302023&utm_term=duluthnewstribune_promo_nonmember
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.76.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.76.234.ip.incapdns.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscribe.duluthnewstribune.com/?ofrgp_id=862%2C863&?utm_market=duluthnewstribune&utm_source=email&utm_medium=promo_send&utm_campaign=2_dollars_for_6_months_jan_23&utm_content=6_months_2_dollar_offer_promo_1_am_01302023&utm_term=duluthnewstribune_promo_nonmember
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 1
content-type: text/plain

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/ 405 KB
162 KB 87ms
22ms Script
text/javascript 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=recaptchaInit&size=invisible&render=explicit

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

447256eb31b03e8de245de6feb98fad0a7710874162ab5cd91bd39274eaed7a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://subscribe.duluthnewstribune.com/
Origin: https://subscribe.duluthnewstribune.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 08:04:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31023
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165279
x-xss-protection: 0
last-modified: Mon, 23 Jan 2023 01:02:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 30 Jan 2024 08:04:39 GMT

GET
H2 200 DFPAudiencePixel;ord=8436694884346.59;dc_seg=487073367
pubads.g.doubleclick.net/activity;dc_iu=/7021/ 42 B
669 B 146ms
57ms Image
image/gif 2a00:1450:400d:804::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pubads.g.doubleclick.net/activity;dc_iu=/7021/DFPAudiencePixel;ord=8436694884346.59;dc_seg=487073367?

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscribe.duluthnewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Jan 2023 16:41:42 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 loader-config.json Show response
cdn.wgchrrammzv.com/prod/forum/ 4 KB
2 KB 98ms
8ms Fetch
application/json 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.wgchrrammzv.com/prod/forum/loader-config.json
Requested by: Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/forum/loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4D05) /
Resource Hash: 8b66f48278fb986f0f07a7827e508cdf1228e1f6a3960915ee2f8451112a256b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscribe.duluthnewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 30 Jan 2023 16:41:42 GMT
content-encoding: gzip
content-md5: 7fTtE6xsd7EtSwyK6Rvr1Q==
age: 24493
x-cache: HIT
content-length: 1274
x-ms-lease-status: unlocked
last-modified: Wed, 02 Nov 2022 08:16:24 GMT
server: ECAcc (frc/4D05)
etag: 0x8DABCAA882C7919
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 5830bcb0-f01e-0068-6f90-34912e000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 ai.0.js Show response
az416426.vo.msecnd.net/scripts/a/ 94 KB
22 KB 65ms
10ms Script
application/x-javascript 2606:2800:133:206e:1315:22a5:2006:24fd
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://az416426.vo.msecnd.net/scripts/a/ai.0.js
Requested by: Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/forum/loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:133:206e:1315:22a5:2006:24fd , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CD6) /
Resource Hash: 5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscribe.duluthnewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 30 Jan 2023 16:41:42 GMT
content-encoding: gzip
x-ms-meta-lastmodified: 2020-10-01 19:31:04
content-md5: HdY95yzx9wIyQkVEGES+Ew==
age: 387
x-cache: HIT
content-length: 22495
x-ms-lease-status: unlocked
last-modified: Thu, 11 Mar 2021 07:46:59 GMT
server: ECAcc (frc/4CD6)
etag: 0x8D8E461DA1A5889
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 264ef88f-001e-009a-13c8-3471e9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=1800
x-ms-version: 2009-09-19
expires: Mon, 30 Jan 2023 17:11:42 GMT

GET
H2 200 fp.min.js Show response
cdn.mircheigeshoa.com/prod/forum/ 63 KB
21 KB 108ms
11ms Script
application/javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.mircheigeshoa.com/prod/forum/fp.min.js
Requested by: Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/forum/loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CDA) /
Resource Hash: 0633be0754d8f21391eacd07f177335f08a1daabbba04ddc696283a27b0c005a

Request headers

Referer: https://subscribe.duluthnewstribune.com/
Origin: https://subscribe.duluthnewstribune.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 30 Jan 2023 16:41:42 GMT
content-encoding: gzip
content-md5: K/jSSuKoyjNzEYPSaUOAbA==
age: 25681
x-cache: HIT
content-length: 21209
x-ms-lease-status: unlocked
last-modified: Tue, 21 Jun 2022 08:55:04 GMT
server: ECAcc (frc/4CDA)
etag: 0x8DA5363BBBA9AF9
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: ebd7b81c-201e-00b0-168d-34b677000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H2 200 g2i.min.js Show response
cdn.godiciardstia.com/prod/forum/ 219 KB
48 KB 100ms
9ms Script
application/x-javascript 2606:2800:233:1cb7:261b:1f9c:2074:3c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.godiciardstia.com/prod/forum/g2i.min.js
Requested by: Host: loader-cdn.azureedge.net
URL: https://loader-cdn.azureedge.net/prod/forum/loader.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:233:1cb7:261b:1f9c:2074:3c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (frc/4CEB) /
Resource Hash: 8cd76a979805baeb5eb2686bb5aaeccf8da8eaf8734f9a09da24dc0eecf2a948

Request headers

Referer: https://subscribe.duluthnewstribune.com/
Origin: https://subscribe.duluthnewstribune.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Mon, 30 Jan 2023 16:41:42 GMT
content-encoding: gzip
content-md5: Y4QilDUJklOOm7DMZKvb+A==
age: 4803
x-cache: HIT
content-length: 48952
x-ms-lease-status: unlocked
last-modified: Mon, 03 Oct 2022 08:56:02 GMT
server: ECAcc (frc/4CEB)
etag: 0x8DAA51D196D8514
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 2322480f-c01e-002e-5bbe-34a5a9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Length,Date,Transfer-Encoding
cache-control: max-age=43200
x-ms-version: 2009-09-19

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame F107 42 KB
22 KB 36ms
35ms Document
text/html 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc_R8QcAAAAANg5O-hZ4xZUc2xGnhxcC4N5w4T0&co=aHR0cHM6Ly9zdWJzY3JpYmUuZHVsdXRobmV3c3RyaWJ1bmUuY29tOjQ0Mw..&hl=de&v=RGRQD9tdxHtnt-Bxkx9pM75S&size=invisible&badge=bottomleft&cb=3gp7u4numzq8

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3b8dd7a82c47f7bf109850f1182e54a731b6a95084b6d2b2f743b78d043963fa

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-2hAS_3YUZuUbvjz9xAkV7w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://subscribe.duluthnewstribune.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22604
content-security-policy: script-src 'report-sample' 'nonce-2hAS_3YUZuUbvjz9xAkV7w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Mon, 30 Jan 2023 16:41:42 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 getSubscriptionCost Show response
subscribe.duluthnewstribune.com/subscription/ 93 B
697 B 169ms
169ms XHR
application/json 107.154.76.234
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://subscribe.duluthnewstribune.com/subscription/getSubscriptionCost
Requested by: Host: subscribe.duluthnewstribune.com
URL: https://subscribe.duluthnewstribune.com/build/build.js?dateStamp=1665593879000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.76.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.76.234.ip.incapdns.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 8f9d77c779ee8d0f2d47977d8dde3417d807a02fb9e53855f3d5ba3cfd683402

Request headers

Accept: */*
X-TrackingCode: {"utm_medium":"promo_send","utm_source":"email","utm_campaign":"2_dollars_for_6_months_jan_23","utm_content":"6_months_2_dollar_offer_promo_1_am_01302023","utm_term":"duluthnewstribune_promo_nonmember"}
Referer: https://subscribe.duluthnewstribune.com/?ofrgp_id=862%2C863&?utm_market=duluthnewstribune&utm_source=email&utm_medium=promo_send&utm_campaign=2_dollars_for_6_months_jan_23&utm_content=6_months_2_dollar_offer_promo_1_am_01302023&utm_term=duluthnewstribune_promo_nonmember
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

x-version: 3.16.0
date: Mon, 30 Jan 2023 16:41:42 GMT
content-encoding: gzip
x-sp-host-name: AWSPRDWEB11
server: Microsoft-IIS/10.0
x-cdn: Imperva
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/json; charset=utf-8
x-iinfo: 11-45574557-45574678 PNYy RT(1675096899204 2740) q(0 0 0 -1) r(2 2) U5
x-host-name: AWSPRDWEB11

GET
H/1.1 200
OK NTDUNT_Logo.png
s3.amazonaws.com/cms.forumcomm/ 9 KB
10 KB 346ms
144ms Image
image/png 52.216.129.141
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cms.forumcomm/NTDUNT_Logo.png
Requested by: Host: subscribe.duluthnewstribune.com
URL: https://subscribe.duluthnewstribune.com/?ofrgp_id=862%2C863&?utm_market=duluthnewstribune&utm_source=email&utm_medium=promo_send&utm_campaign=2_dollars_for_6_months_jan_23&utm_content=6_months_2_dollar_offer_promo_1_am_01302023&utm_term=duluthnewstribune_promo_nonmember
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.129.141 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4f4ace5760fd2511c5c9716b6be5bc050dc9b8b16a5ad0f45b2209e05df1e551

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscribe.duluthnewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Mon, 30 Jan 2023 16:41:43 GMT
x-amz-meta-imageid: 123
Last-Modified: Thu, 28 Apr 2022 14:26:29 GMT
Server: AmazonS3
x-amz-request-id: D9F1HA459ANN2W6Y
ETag: "06dcf04364160ecd836aaddf5209820f"
Content-Type: image/png
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 9358
x-amz-id-2: FBtHPZE658DtL1Z49zfCSGqG47hkieIEcCllml/TCa3R6Shrd726fGJaN26KF3BGst9iO02gjXE=

GET
H2 200 5d28f031899f8.image.png
bloximages.chicago2.vip.townnews.com/certification66.bloxcms.com/content/tncms/assets/v3/editorial/3/30/330ad932-a4e5-11e9-863f-f316fdf5f72a/ 2 KB
2 KB 126ms
26ms Image
image/webp 104.16.132.24
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bloximages.chicago2.vip.townnews.com/certification66.bloxcms.com/content/tncms/assets/v3/editorial/3/30/330ad932-a4e5-11e9-863f-f316fdf5f72a/5d28f031899f8.image.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.16.132.24 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c868ec0a6a6feb68b3d764eb0324882539c6ceed96e815ae9a83ea985fab32fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscribe.duluthnewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 16:41:42 GMT
strict-transport-security: max-age=604800
cf-cache-status: HIT
age: 899708
cf-polished: origFmt=png, origSize=3341
cross-origin-resource-policy: cross-origin
content-disposition: inline; filename="5d28f031899f8.webp"
content-length: 1560
cf-bgj: imgq:85,h2pri
last-modified: Fri, 12 Jul 2019 20:40:17 GMT
server: cloudflare
x-vcache: MISS
etag: "5d28f031-d0d"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
x-robots-tag: noarchive
cf-ray: 791ba8188b362c45-FRA
expires: Fri, 19 Jan 2024 19:10:39 GMT

GET
H/1.1 200
OK QuestionMark-22x21.5.png
s3.amazonaws.com/cms.forumcomm/ 616 B
1 KB 317ms
115ms Image
image/png 52.216.129.141
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cms.forumcomm/QuestionMark-22x21.5.png
Requested by: Host: subscribe.duluthnewstribune.com
URL: https://subscribe.duluthnewstribune.com/?ofrgp_id=862%2C863&?utm_market=duluthnewstribune&utm_source=email&utm_medium=promo_send&utm_campaign=2_dollars_for_6_months_jan_23&utm_content=6_months_2_dollar_offer_promo_1_am_01302023&utm_term=duluthnewstribune_promo_nonmember
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.129.141 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6d770303dedbfeb897525ab66c5ca7eaf31da2c805486949898fc542908db53e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscribe.duluthnewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Mon, 30 Jan 2023 16:41:43 GMT
x-amz-meta-imageid: 123
Last-Modified: Mon, 22 Nov 2021 17:24:50 GMT
Server: AmazonS3
x-amz-request-id: D9FBRXNCVCXKBDXE
ETag: "7284c572894c8b8c69ae1c06af78b3e1"
Content-Type: image/png
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 616
x-amz-id-2: aH4EWvSqR8MV7XK5oVSBHpFKO4d17fr/bmnjzOSNsHcMxJ2K8PS6NMMSM2+EgRnQrJQNC83HP4Y=

GET
H2 200 pp-logo-100px.png
www.paypalobjects.com/webstatic/mktg/Logo/ 2 KB
2 KB 80ms
10ms Image
image/png 151.101.130.133
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.paypalobjects.com/webstatic/mktg/Logo/pp-logo-100px.png

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.130.133 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f3c5832c691778a79fe79620991e47f0004d096f937161136f46fdfdad9f1d6f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscribe.duluthnewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 16:41:42 GMT
via: 1.1 varnish, 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=31557600
x-cache: HIT, HIT
fastly-io-info: ifsz=4647 idim=100x26 ifmt=png ofsz=1841 odim=100x26 ofmt=png
paypal-debug-id: 116762a060f84
fastly-stats: io=1
dc: ccg11-origin-www-1.paypal.com
content-length: 1841
x-served-by: cache-sjc10075-SJC, cache-hhn-etou8220048-HHN
traceparent: 00-0000000000000000000116762a060f84-1ee3886451689934-01
x-timer: S1675096902.454489,VS0,VE0
etag: "XLenWAKLSnAXUHbYwLzPnWrn7zsJLzIJTJlE5T8nY3o"
content-type: image/png
cache-control: s-maxage=31536000, public,max-age=3600
accept-ranges: bytes
timing-allow-origin: https://www.paypal.com,https://www.sandbox.paypal.com
x-cache-hits: 252, 1010

GET
H2 200 applepay.png
subscribe.duluthnewstribune.com/img/ 2 KB
3 KB 117ms
113ms Image
image/png 107.154.76.234
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subscribe.duluthnewstribune.com/img/applepay.png
Requested by: Host: subscribe.duluthnewstribune.com
URL: https://subscribe.duluthnewstribune.com/?ofrgp_id=862%2C863&?utm_market=duluthnewstribune&utm_source=email&utm_medium=promo_send&utm_campaign=2_dollars_for_6_months_jan_23&utm_content=6_months_2_dollar_offer_promo_1_am_01302023&utm_term=duluthnewstribune_promo_nonmember
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.76.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.76.234.ip.incapdns.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 34dbe0c9bb6ca6343024f431f136f55315d91db5dfc43be93499652fede431ad

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscribe.duluthnewstribune.com/?ofrgp_id=862%2C863&?utm_market=duluthnewstribune&utm_source=email&utm_medium=promo_send&utm_campaign=2_dollars_for_6_months_jan_23&utm_content=6_months_2_dollar_offer_promo_1_am_01302023&utm_term=duluthnewstribune_promo_nonmember
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 16:41:42 GMT
last-modified: Wed, 12 Oct 2022 13:07:30 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
x-sp-host-name: AWSPRDWEB11
etag: W/"879-183cc4ea650"
x-powered-by: ASP.NET
content-type: image/png
x-iinfo: 11-45574557-45574563 PNNN RT(1675096899204 2817) q(0 0 0 -1) r(1 1) U5
cache-control: public, max-age=2592000
x-host-name: AWSPRDWEB11
accept-ranges: bytes
content-length: 2169

GET
H2 200 googlepay.png
subscribe.duluthnewstribune.com/img/ 33 KB
34 KB 123ms
118ms Image
image/png 107.154.76.234
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subscribe.duluthnewstribune.com/img/googlepay.png
Requested by: Host: subscribe.duluthnewstribune.com
URL: https://subscribe.duluthnewstribune.com/?ofrgp_id=862%2C863&?utm_market=duluthnewstribune&utm_source=email&utm_medium=promo_send&utm_campaign=2_dollars_for_6_months_jan_23&utm_content=6_months_2_dollar_offer_promo_1_am_01302023&utm_term=duluthnewstribune_promo_nonmember
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.76.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.76.234.ip.incapdns.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 510b0d3f2370083584fbfdc0d2978f0858beec21b1311e5d01c80780f207f3cb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscribe.duluthnewstribune.com/?ofrgp_id=862%2C863&?utm_market=duluthnewstribune&utm_source=email&utm_medium=promo_send&utm_campaign=2_dollars_for_6_months_jan_23&utm_content=6_months_2_dollar_offer_promo_1_am_01302023&utm_term=duluthnewstribune_promo_nonmember
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 16:41:42 GMT
last-modified: Wed, 12 Oct 2022 13:07:30 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
x-sp-host-name: AWSPRDWEB11
etag: W/"8562-183cc4ea650"
x-powered-by: ASP.NET
content-type: image/png
x-iinfo: 11-45574557-45574674 PNNy RT(1675096899204 2824) q(0 0 0 -1) r(1 1) U5
cache-control: public, max-age=2592000
x-host-name: AWSPRDWEB11
accept-ranges: bytes
content-length: 34146

GET
H/1.1 200
OK facebook-64x64.jpg
s3.amazonaws.com/cms.forumcomm/ 5 KB
5 KB 345ms
144ms Image
image/jpeg 52.216.129.141
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cms.forumcomm/facebook-64x64.jpg
Requested by: Host: subscribe.duluthnewstribune.com
URL: https://subscribe.duluthnewstribune.com/?ofrgp_id=862%2C863&?utm_market=duluthnewstribune&utm_source=email&utm_medium=promo_send&utm_campaign=2_dollars_for_6_months_jan_23&utm_content=6_months_2_dollar_offer_promo_1_am_01302023&utm_term=duluthnewstribune_promo_nonmember
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.129.141 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: adbafddcae5c63de02cb1f7786956f8f1f5bbfec1fedf98b13224a6995d832f2

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscribe.duluthnewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Mon, 30 Jan 2023 16:41:43 GMT
x-amz-meta-imageid: 123
Last-Modified: Thu, 02 Dec 2021 15:11:54 GMT
Server: AmazonS3
x-amz-request-id: D9FCYGC9GN2PRC2A
ETag: "c6683d35d9ad62d6b35f4b2574582c66"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 4629
x-amz-id-2: 1BGqzcqDaAUm0yiU01ROduBpgrfnO/lCoPPKJKd9UfLte7ZfrGrMdcSDAn+8wVau2l2ikVjbm74=

GET
H/1.1 200
OK twitter-64x64.jpg
s3.amazonaws.com/cms.forumcomm/ 4 KB
5 KB 414ms
213ms Image
image/jpeg 52.216.129.141
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cms.forumcomm/twitter-64x64.jpg
Requested by: Host: subscribe.duluthnewstribune.com
URL: https://subscribe.duluthnewstribune.com/?ofrgp_id=862%2C863&?utm_market=duluthnewstribune&utm_source=email&utm_medium=promo_send&utm_campaign=2_dollars_for_6_months_jan_23&utm_content=6_months_2_dollar_offer_promo_1_am_01302023&utm_term=duluthnewstribune_promo_nonmember
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.129.141 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 0a7cd92c980e820d3064ace1159a3e6be8c160f8d11e299558ab3c3574db8914

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscribe.duluthnewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Mon, 30 Jan 2023 16:41:43 GMT
x-amz-meta-imageid: 123
Last-Modified: Thu, 02 Dec 2021 15:11:39 GMT
Server: AmazonS3
x-amz-request-id: D9FDSBERFWAW95Z1
ETag: "8619bbd818caf65b575c8f23cdd6f1cb"
Content-Type: image/jpeg
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 4583
x-amz-id-2: jgv264pKrINv2Z+D0aiEZSrRd2hhruZGnWrpOt863FoYS9Q6LfvOopqRGtYxkrTnekwwFg4J4HA=

GET
H/1.1 200
OK instagram-logo-64x64.png
s3.amazonaws.com/cms.forumcomm/ 7 KB
7 KB 315ms
115ms Image
image/png 52.216.129.141
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cms.forumcomm/instagram-logo-64x64.png
Requested by: Host: subscribe.duluthnewstribune.com
URL: https://subscribe.duluthnewstribune.com/?ofrgp_id=862%2C863&?utm_market=duluthnewstribune&utm_source=email&utm_medium=promo_send&utm_campaign=2_dollars_for_6_months_jan_23&utm_content=6_months_2_dollar_offer_promo_1_am_01302023&utm_term=duluthnewstribune_promo_nonmember
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.129.141 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 2949750aadafc472d1039eeba65ded9b96ff4da450eabccfb13bcdca1219498a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscribe.duluthnewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Mon, 30 Jan 2023 16:41:43 GMT
x-amz-meta-imageid: 123
Last-Modified: Tue, 01 Feb 2022 22:48:55 GMT
Server: AmazonS3
x-amz-request-id: D9F78F2B8Q8MNEK4
ETag: "03961f9c9b9b08f588792f4621e6131c"
Content-Type: image/png
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 6744
x-amz-id-2: F2Ll82RCLhlynQkidKRJ2WRLglDAfn78nce+b+GahjRmulRioaS1eZR3Dd8BhhJ92x+fVPUgujI=

GET
H/1.1 200
OK apple-app-store-logo-160x60.png
s3.amazonaws.com/cms.forumcomm/ 7 KB
7 KB 412ms
212ms Image
image/png 52.216.129.141
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cms.forumcomm/apple-app-store-logo-160x60.png
Requested by: Host: subscribe.duluthnewstribune.com
URL: https://subscribe.duluthnewstribune.com/?ofrgp_id=862%2C863&?utm_market=duluthnewstribune&utm_source=email&utm_medium=promo_send&utm_campaign=2_dollars_for_6_months_jan_23&utm_content=6_months_2_dollar_offer_promo_1_am_01302023&utm_term=duluthnewstribune_promo_nonmember
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.129.141 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 80962ef1a0f4bc95fc4bac325bbfcc391dc701c2e89c304eb647c256d7d62583

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscribe.duluthnewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Mon, 30 Jan 2023 16:41:43 GMT
x-amz-meta-imageid: 123
Last-Modified: Thu, 02 Dec 2021 15:12:33 GMT
Server: AmazonS3
x-amz-request-id: D9F2VB7M6FCQ62NS
ETag: "cad01681361df35eab189e6bbea45403"
Content-Type: image/png
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 6685
x-amz-id-2: rwwspVqfsU+DuXX4Qj/oz0TiwZR5Uyhmth/mW367PXYbiA2r5bNhCnGjgn0dQtIV5cDchYZQNB4=

GET
H/1.1 200
OK google-app-store-logo-160x60.png
s3.amazonaws.com/cms.forumcomm/ 7 KB
7 KB 106ms
105ms Image
image/png 52.216.129.141
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/cms.forumcomm/google-app-store-logo-160x60.png
Requested by: Host: subscribe.duluthnewstribune.com
URL: https://subscribe.duluthnewstribune.com/?ofrgp_id=862%2C863&?utm_market=duluthnewstribune&utm_source=email&utm_medium=promo_send&utm_campaign=2_dollars_for_6_months_jan_23&utm_content=6_months_2_dollar_offer_promo_1_am_01302023&utm_term=duluthnewstribune_promo_nonmember
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.129.141 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: e9cdf28b62df59bca53a06f6d2afbd81da3045e8f8def1f5ac370497ae59fd30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscribe.duluthnewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Mon, 30 Jan 2023 16:41:43 GMT
x-amz-meta-imageid: 123
Last-Modified: Thu, 02 Dec 2021 15:12:35 GMT
Server: AmazonS3
x-amz-request-id: D9FFE77KM44TMNQP
ETag: "fcd18445b45bf8e4d243b2003c77d96b"
Content-Type: image/png
Cache-Control: max-age=604800
Accept-Ranges: bytes
Content-Length: 7234
x-amz-id-2: UTCLcgdDXyUgMf5dYupu4AqnjNNp57q7e9U9/yNePQi9ZPy1TxrnU6ZZ0A3i5udxtyQIAmXsofY=

GET
H2 200 apple-icon.svg
subscribe.duluthnewstribune.com/img/ 1 KB
1 KB 128ms
125ms Image
image/svg+xml 107.154.76.234
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subscribe.duluthnewstribune.com/img/apple-icon.svg
Requested by: Host: subscribe.duluthnewstribune.com
URL: https://subscribe.duluthnewstribune.com/styles/style_simple.css?dateStamp=1665593879000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.76.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.76.234.ip.incapdns.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 26e79ccb25e9dd44ea28d12a67c5700f39d283f078dac70d287c6625b2fa2c92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscribe.duluthnewstribune.com/styles/style_simple.css?dateStamp=1665593879000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 16:41:42 GMT
content-encoding: gzip
last-modified: Wed, 12 Oct 2022 13:07:30 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
x-sp-host-name: AWSPRDWEB11
etag: W/"4a3-183cc4ea650"
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: image/svg+xml
x-iinfo: 11-45574557-45574676 PNNy RT(1675096899204 2831) q(0 0 0 -1) r(1 1) U5
cache-control: public, max-age=2592000
x-host-name: AWSPRDWEB11
accept-ranges: bytes

GET
H2 200 fbIcon.png
subscribe.duluthnewstribune.com/img/ 1 KB
2 KB 131ms
128ms Image
image/png 107.154.76.234
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subscribe.duluthnewstribune.com/img/fbIcon.png
Requested by: Host: subscribe.duluthnewstribune.com
URL: https://subscribe.duluthnewstribune.com/styles/style_simple.css?dateStamp=1665593879000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.76.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.76.234.ip.incapdns.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 4fd1192135e7bb8f65d1220d492bdf97260eb699b8de3d5b13c32dee76e0eb99

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscribe.duluthnewstribune.com/styles/style_simple.css?dateStamp=1665593879000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 16:41:42 GMT
last-modified: Wed, 12 Oct 2022 13:07:30 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
x-sp-host-name: AWSPRDWEB11
etag: W/"45f-183cc4ea650"
x-powered-by: ASP.NET
content-type: image/png
x-iinfo: 11-45574557-45575023 NNNY CT(94 192 0) RT(1675096899204 2841) q(0 0 0 -1) r(1 1) U5
cache-control: public, max-age=2592000
x-host-name: AWSPRDWEB11
accept-ranges: bytes
content-length: 1119

GET
H2 200 googleIcon.png
subscribe.duluthnewstribune.com/img/ 2 KB
2 KB 429ms
427ms Image
image/png 107.154.76.234
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subscribe.duluthnewstribune.com/img/googleIcon.png
Requested by: Host: subscribe.duluthnewstribune.com
URL: https://subscribe.duluthnewstribune.com/styles/style_simple.css?dateStamp=1665593879000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.76.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.76.234.ip.incapdns.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 30fa2094f726c9e4a2c520398c3fd07868e2c921789ba95bd875695d48f31141

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscribe.duluthnewstribune.com/styles/style_simple.css?dateStamp=1665593879000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 16:41:42 GMT
last-modified: Wed, 12 Oct 2022 13:07:30 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
x-sp-host-name: AWSPRDWEB11
etag: W/"6ad-183cc4ea650"
x-powered-by: ASP.NET
content-type: image/png
x-iinfo: 11-45574557-45575025 NNNN CT(98 196 0) RT(1675096899204 2843) q(0 0 3 -1) r(4 4) U5
cache-control: public, max-age=2592000
x-host-name: AWSPRDWEB11
accept-ranges: bytes
content-length: 1709

GET
H2 200 select_dropdown.png
subscribe.duluthnewstribune.com/img/ 984 B
2 KB 196ms
194ms Image
image/png 107.154.76.234
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://subscribe.duluthnewstribune.com/img/select_dropdown.png
Requested by: Host: subscribe.duluthnewstribune.com
URL: https://subscribe.duluthnewstribune.com/styles/style_simple.css?dateStamp=1665593879000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.76.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.76.234.ip.incapdns.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 5b74726d50ad888710f49a50c91351aee827fa48698bfec35bcf48db8350bef9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscribe.duluthnewstribune.com/styles/style_simple.css?dateStamp=1665593879000
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 16:41:42 GMT
last-modified: Wed, 12 Oct 2022 13:07:30 GMT
server: Microsoft-IIS/10.0
x-cdn: Imperva
x-sp-host-name: AWSPRDWEB11
etag: W/"3d8-183cc4ea650"
x-powered-by: ASP.NET
content-type: image/png
x-iinfo: 11-45574557-45574678 PNNy RT(1675096899204 2845) q(0 1 1 -1) r(2 2) U5
cache-control: public, max-age=2592000
x-host-name: AWSPRDWEB11
accept-ranges: bytes
content-length: 984

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/ Frame F107 55 KB
24 KB 64ms
22ms Stylesheet
text/css 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc_R8QcAAAAANg5O-hZ4xZUc2xGnhxcC4N5w4T0&co=aHR0cHM6Ly9zdWJzY3JpYmUuZHVsdXRobmV3c3RyaWJ1bmUuY29tOjQ0Mw..&hl=de&v=RGRQD9tdxHtnt-Bxkx9pM75S&size=invisible&badge=bottomleft&cb=3gp7u4numzq8

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 10:17:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 23082
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24605
x-xss-protection: 0
last-modified: Mon, 23 Jan 2023 01:02:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 30 Jan 2024 10:17:00 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/ Frame F107 405 KB
161 KB 71ms
30ms Script
text/javascript 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

447256eb31b03e8de245de6feb98fad0a7710874162ab5cd91bd39274eaed7a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 08:04:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 31023
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 165279
x-xss-protection: 0
last-modified: Mon, 23 Jan 2023 01:02:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 30 Jan 2024 08:04:39 GMT

GET
H2 200 self Show response
api-mg2.db-ip.com/v2/p14891b727f063924f0d86d8a8e5063678abd2ac/ 521 B
769 B 265ms
226ms XHR
application/json 172.67.75.166
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://api-mg2.db-ip.com/v2/p14891b727f063924f0d86d8a8e5063678abd2ac/self?_=1675096902434
Requested by: Host: cdn.mircheigeshoa.com
URL: https://cdn.mircheigeshoa.com/prod/forum/fp.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.67.75.166 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 37cbcec40035f5a1a0c4dde6f796f99f63b7220908a7e86885a1a6523d9fbaa5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscribe.duluthnewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 16:41:42 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 30 Jan 2023 16:41:42 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sXlb0XhsXnn9f9cwesSsKwm4QCkgQb3mANv3UcpsMTKDEKxQNhi41IPn7Q6w85Xt3VzQTxkOELx2gZp9w%2BjMzD945cPAlf4Lroq6woxRocBca1w5F0H6aCgwTQRyfqbtMoDr"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=1800
cf-ray: 791ba8187bad926d-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 logo_48.png
www.gstatic.com/recaptcha/api2/ Frame F107 2 KB
2 KB 20ms
20ms Image
image/png 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/recaptcha/api2/logo_48.png

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/styles__ltr.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/styles__ltr.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 15:21:21 GMT
x-content-type-options: nosniff
age: 523221
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2228
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: image/png
cache-control: public, max-age=604800
accept-ranges: bytes
expires: Tue, 31 Jan 2023 15:21:21 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F107 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Tue, 24 Jan 2023 19:21:27 GMT
x-content-type-options: nosniff
age: 508815
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Jan 2024 19:21:27 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v18/ Frame F107 15 KB
15 KB 10ms
10ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.google.com/
Origin: https://www.google.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 20:57:34 GMT
x-content-type-options: nosniff
age: 243848
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15552
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 27 Jan 2024 20:57:34 GMT

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame F107 102 B
134 B 17ms
17ms Other
text/javascript 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=RGRQD9tdxHtnt-Bxkx9pM75S

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

cec2fe6ccfa38f972e79f25c46c812727d1048f7d364d3d5639cb2e9528acf5f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc_R8QcAAAAANg5O-hZ4xZUc2xGnhxcC4N5w4T0&co=aHR0cHM6Ly9zdWJzY3JpYmUuZHVsdXRobmV3c3RyaWJ1bmUuY29tOjQ0Mw..&hl=de&v=RGRQD9tdxHtnt-Bxkx9pM75S&size=invisible&badge=bottomleft&cb=3gp7u4numzq8
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 16:41:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 112
x-xss-protection: 1; mode=block
expires: Mon, 30 Jan 2023 16:41:42 GMT

POST
H3 200 reload Show response
www.google.com/recaptcha/api2/ Frame F107 32 KB
18 KB 49ms
49ms XHR
application/json 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/reload?k=6Lc_R8QcAAAAANg5O-hZ4xZUc2xGnhxcC4N5w4T0

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/RGRQD9tdxHtnt-Bxkx9pM75S/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7654579a9c659e17b0a6ab96aaad669504ae01b4296f2aea54e6d62b14e27f04

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6Lc_R8QcAAAAANg5O-hZ4xZUc2xGnhxcC4N5w4T0&co=aHR0cHM6Ly9zdWJzY3JpYmUuZHVsdXRobmV3c3RyaWJ1bmUuY29tOjQ0Mw..&hl=de&v=RGRQD9tdxHtnt-Bxkx9pM75S&size=invisible&badge=bottomleft&cb=3gp7u4numzq8
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/x-protobuffer

Response headers

date: Mon, 30 Jan 2023 16:41:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
cache-control: private, max-age=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18787
x-xss-protection: 1; mode=block
expires: Mon, 30 Jan 2023 16:41:42 GMT

GET
H2 200 getBrainTreeClientToken Show response
subscribe.duluthnewstribune.com/payment/ 3 KB
2 KB 583ms
582ms XHR
application/json 107.154.76.234
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://subscribe.duluthnewstribune.com/payment/getBrainTreeClientToken?captchaHash=03AFY_a8UuHThqnUTxgwj8cZVPBk6blQbRGTIAK6HG-G3HsDBIfpH6kmu86_31dRxBitlBl3JGOQ5fn8DjF_-_gJqqa-oMbEsI96rHR5vpQwBbIoawl0kIlua9fAYRH0js75-09eTmGUVm3Bg7TpGg-S-kw_zXKBmh1jHOIgIQJkDfoE3l4Q_LDwnTkaxu5XtvN_VBOJG4800Y0h4-q1J7MbVq5WTGXDDuwSb3ABs0ASOz05690vCH6YjIjYuozUSArZfRnjCAopm-LqA_9lEhOi8hR5VdkRbUM0gqYILP7AUdVRV4kMqV-FJt3T3s5qHSlMceFAoU4mP0f-aivPE3KUqjyiTRxnEKyRz9htOBt5N8Wcmff_QYBjHs7sr2mjuhlg5toPbEsS0YpQnoFRKJ1blNbCVTCdGI_LRgTYCcG8NAB8QKiAJpqsb6f8HXVPGlJ9wmf2C3xNTdaRIRjqeV3mJr1exN6hF4SVeESh9B-QMuCSOYjds5wxTQDhotyNk1WPk9bme4gLXZ7YMWKfX1pop1XIQpK8bCFJ1XHrHLGnuPubxBvm5FJr4
Requested by: Host: subscribe.duluthnewstribune.com
URL: https://subscribe.duluthnewstribune.com/build/build.js?dateStamp=1665593879000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.76.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.76.234.ip.incapdns.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 364e2686f137891c2053cf1263ff1d9aa19132253045cd7a70e253a7c32b4617

Request headers

Accept: */*
X-TrackingCode: {"utm_medium":"promo_send","utm_source":"email","utm_campaign":"2_dollars_for_6_months_jan_23","utm_content":"6_months_2_dollar_offer_promo_1_am_01302023","utm_term":"duluthnewstribune_promo_nonmember"}
Referer: https://subscribe.duluthnewstribune.com/?ofrgp_id=862%2C863&?utm_market=duluthnewstribune&utm_source=email&utm_medium=promo_send&utm_campaign=2_dollars_for_6_months_jan_23&utm_content=6_months_2_dollar_offer_promo_1_am_01302023&utm_term=duluthnewstribune_promo_nonmember
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

x-version: 3.16.0
date: Mon, 30 Jan 2023 16:41:43 GMT
content-encoding: gzip
x-sp-host-name: AWSPRDWEB11
server: Microsoft-IIS/10.0
x-cdn: Imperva
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/json; charset=utf-8
x-iinfo: 11-45574557-45574674 PNNy RT(1675096899204 3223) q(0 0 0 -1) r(5 5) U5
x-host-name: AWSPRDWEB11

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 155 KB
52 KB 49ms
49ms Script
application/javascript 2a00:1450:400d:80d::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P7XVL79&l=MG2DL

Requested by

Host: cdn.godiciardstia.com
URL: https://cdn.godiciardstia.com/prod/forum/g2i.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80d::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2101758325eb16502c38807c83e99c13c2d1c103e93c8c6a8da4bba0151395e8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscribe.duluthnewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 16:41:42 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53360
x-xss-protection: 0
last-modified: Mon, 30 Jan 2023 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 30 Jan 2023 16:41:42 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 41ms
41ms XHR
text/plain 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1032617132&t=event&ni=1&_s=1&dl=https%3A%2F%2Fsubscribe.duluthnewstribune.com%2F%3Fofrgp_id%3D862%252C863%26%3Futm_market%3Dduluthnewstribune%26utm_source%3Demail%26utm_medium%3Dpromo_send%26utm_campaign%3D2_dollars_for_6_months_jan_23%26utm_content%3D6_months_2_dollar_offer_promo_1_am_01302023%26utm_term%3Dduluthnewstribune_promo_nonmember&ul=en-us&de=UTF-8&dt=Duluth%20News%20Tribune&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=G2I.SP&ea=OffersPresented&el=%7B%22PresentationName%22%3A%22Default%22%2C%22OfferPlans%22%3A%222567%3AUnlimited%20Digital%20-%20Tier%201%20-%20%242.00%20for%206%20Months%20-%20Additional%20Offers%20-%20Duluth%20News%20Tribune%C2%A0%22%7D&_u=aGDACEABBAAAAGAAI~&jid=2033556543&gjid=1411045217&cid=476978641.1675096901&tid=UA-778232-32&_gid=2005857382.1675096901&_r=1&_slc=1&gtm=2wg1p0P7XVL79&cd3=65b96f0b7807c3288c30641b2a44c072&cd2=1675096903082.ktyx8veu&cd4=Not%20Set&cd5=Not%20Set&cd6=Not%20Set&cd7=Not%20Set&cd8=Not%20Set&cd9=Not%20Set&cd10=Not%20Set&cd11=Not%20Set&cd12=Not%20Set&cd13=Not%20Set&cd14=Not%20Set&cd15=Not%20Set&cd16=Not%20Set&cd17=Not%20Set&cd18=Not%20Set&cd19=Not%20Set&cd20=Not%20Set&cd21=Not%20Set&cd22=Default&cd23=1.0.0.0&cd24=Not%20Set&z=2069488095

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://subscribe.duluthnewstribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 30 Jan 2023 16:41:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://subscribe.duluthnewstribune.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 19ms
19ms Script
text/javascript 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P7XVL79&l=MG2DL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscribe.duluthnewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 30 Jan 2023 16:21:44 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 1199
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Mon, 30 Jan 2023 18:21:44 GMT

POST
H2 200 / Show response
subscribe.duluthnewstribune.com/other/mg2Tracking/ 102 B
673 B 247ms
247ms XHR
application/json 107.154.76.234
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://subscribe.duluthnewstribune.com/other/mg2Tracking/
Requested by: Host: subscribe.duluthnewstribune.com
URL: https://subscribe.duluthnewstribune.com/build/build.js?dateStamp=1665593879000
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.76.234 District Heights, United States, ASN19551 (INCAPSULA, US),
Reverse DNS: 107.154.76.234.ip.incapdns.net
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: c267fbb4ce5ff5b26d7e07d4ce147533bc52871d5aa6626fb48f92c05e708345

Request headers

Accept: */*
X-TrackingCode: {"utm_medium":"promo_send","utm_source":"email","utm_campaign":"2_dollars_for_6_months_jan_23","utm_content":"6_months_2_dollar_offer_promo_1_am_01302023","utm_term":"duluthnewstribune_promo_nonmember"}
Referer: https://subscribe.duluthnewstribune.com/?ofrgp_id=862%2C863&?utm_market=duluthnewstribune&utm_source=email&utm_medium=promo_send&utm_campaign=2_dollars_for_6_months_jan_23&utm_content=6_months_2_dollar_offer_promo_1_am_01302023&utm_term=duluthnewstribune_promo_nonmember
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

x-version: 3.16.0
date: Mon, 30 Jan 2023 16:41:43 GMT
content-encoding: gzip
x-sp-host-name: AWSPRDWEB11
server: Microsoft-IIS/10.0
x-cdn: Imperva
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/json; charset=utf-8
x-iinfo: 11-45574557-45575025 PNYN RT(1675096899204 3533) q(0 0 0 -1) r(2 2) U5
x-host-name: AWSPRDWEB11

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
19ms Image
image/gif 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1032617132&t=event&ni=1&_s=1&dl=https%3A%2F%2Fsubscribe.duluthnewstribune.com%2F%3Fofrgp_id%3D862%252C863%26%3Futm_market%3Dduluthnewstribune%26utm_source%3Demail%26utm_medium%3Dpromo_send%26utm_campaign%3D2_dollars_for_6_months_jan_23%26utm_content%3D6_months_2_dollar_offer_promo_1_am_01302023%26utm_term%3Dduluthnewstribune_promo_nonmember&ul=en-us&de=UTF-8&dt=Duluth%20News%20Tribune&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=G2I.SP&ea=OfferSelected&el=%7B%22PresentationName%22%3A%22Default%22%2C%22OfferPlanId%22%3A%22Not%20Set%22%2C%22OfferName%22%3A%22Unlimited%20Digital%20-%20Tier%201%20-%20%242.00%20for%206%20Months%20-%20Additional%20Offers%20-%20Duluth%20News%20Tribune%C2%A0%22%2C%22OfferType%22%3A%20%22Digital%22%2C%22OfferPrice%22%3A%222%22%7D&_u=aGDACEABBAAAAGAAI~&jid=&gjid=&cid=476978641.1675096901&tid=UA-778232-32&_gid=2005857382.1675096901&gtm=2wg1p0P7XVL79&cd3=65b96f0b7807c3288c30641b2a44c072&cd2=1675096903094.jckkt34&cd4=Not%20Set&cd5=Not%20Set&cd6=Not%20Set&cd7=Not%20Set&cd8=Not%20Set&cd9=Not%20Set&cd10=Not%20Set&cd11=Not%20Set&cd12=Not%20Set&cd13=Not%20Set&cd14=Not%20Set&cd15=Not%20Set&cd16=Not%20Set&cd17=Not%20Set&cd18=Not%20Set&cd19=Not%20Set&cd20=Not%20Set&cd21=Unlimited%20Digital%20-%20Tier%201%20-%20%242.00%20for%206%20Months%20-%20Additional%20Offers%20-%20Duluth%20News%20Tribune%C2%A0&cd22=Default&cd23=1.0.0.0&cd24=Not%20Set&z=19025014

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscribe.duluthnewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Jan 2023 10:08:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 23586
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 20ms
20ms Image
image/gif 2a00:1450:400d:806::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j99&a=1032617132&t=event&ni=1&_s=1&dl=https%3A%2F%2Fsubscribe.duluthnewstribune.com%2F%3Fofrgp_id%3D862%252C863%26%3Futm_market%3Dduluthnewstribune%26utm_source%3Demail%26utm_medium%3Dpromo_send%26utm_campaign%3D2_dollars_for_6_months_jan_23%26utm_content%3D6_months_2_dollar_offer_promo_1_am_01302023%26utm_term%3Dduluthnewstribune_promo_nonmember&ul=en-us&de=UTF-8&dt=Duluth%20News%20Tribune&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=G2I.SP&ea=CheckoutStart&el=%7B%22PresentationName%22%3A%22Default%22%2C%22OfferPlans%22%3A%222567%3AUnlimited%20Digital%20-%20Tier%201%20-%20%242.00%20for%206%20Months%20-%20Additional%20Offers%20-%20Duluth%20News%20Tribune%C2%A0%22%7D&_u=aGDACEABBAAAAGAAI~&jid=&gjid=&cid=476978641.1675096901&tid=UA-778232-32&_gid=2005857382.1675096901&gtm=2wg1p0P7XVL79&cd3=65b96f0b7807c3288c30641b2a44c072&cd2=1675096903098.z792ohy&cd4=Not%20Set&cd5=Not%20Set&cd6=Not%20Set&cd7=Not%20Set&cd8=Not%20Set&cd9=Not%20Set&cd10=Not%20Set&cd11=Not%20Set&cd12=Not%20Set&cd13=Not%20Set&cd14=Not%20Set&cd15=Not%20Set&cd16=Not%20Set&cd17=Not%20Set&cd18=Not%20Set&cd19=Not%20Set&cd20=Not%20Set&cd21=Unlimited%20Digital%20-%20Tier%201%20-%20%242.00%20for%206%20Months%20-%20Additional%20Offers%20-%20Duluth%20News%20Tribune%C2%A0&cd22=Default&cd23=1.0.0.0&cd24=Not%20Set&z=1807094611

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscribe.duluthnewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Jan 2023 10:08:37 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 23586
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 20ms
20ms XHR
text/plain 2a00:1450:400c:c00::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-778232-32&cid=476978641.1675096901&jid=2033556543&gjid=1411045217&_gid=2005857382.1675096901&_u=aGDACEABBAAAAGAAI~&z=354452080

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://subscribe.duluthnewstribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Mon, 30 Jan 2023 16:41:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://subscribe.duluthnewstribune.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 61ms
60ms Image
image/gif 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-778232-32&cid=476978641.1675096901&jid=2033556543&_u=aGDACEABBAAAAGAAI~&z=1992803439

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscribe.duluthnewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Jan 2023 16:41:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 58ms
57ms Image
image/gif 2a00:1450:400d:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-778232-32&cid=476978641.1675096901&jid=2033556543&_u=aGDACEABBAAAAGAAI~&z=1992803439

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80e::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscribe.duluthnewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Jan 2023 16:41:43 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 graphql Show response
payments.braintree-api.com/ 2 KB
2 KB 1028ms
1028ms XHR
application/json 13.248.139.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.braintree-api.com/graphql

Requested by

Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/3.85.2/js/client.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.139.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ae1d37305401c759d.awsglobalaccelerator.com

Software

nginx /

Resource Hash

a1517c9cfb782a38eee949023240430056fb8cf5720b29df9024b77ffd6cf0f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://subscribe.duluthnewstribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Authorization: Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJFUzI1NiIsImtpZCI6IjIwMTgwNDI2MTYtcHJvZHVjdGlvbiIsImlzcyI6Imh0dHBzOi8vYXBpLmJyYWludHJlZWdhdGV3YXkuY29tIn0.eyJleHAiOjE2NzUxODMzMDMsImp0aSI6ImYwZGQxOGM1LWY5MWMtNGExMC05NWE2LTJiY2RlZGQyYjVmMSIsInN1YiI6Ijgza3doenNoeGpxNW50ZHoiLCJpc3MiOiJodHRwczovL2FwaS5icmFpbnRyZWVnYXRld2F5LmNvbSIsIm1lcmNoYW50Ijp7InB1YmxpY19pZCI6Ijgza3doenNoeGpxNW50ZHoiLCJ2ZXJpZnlfY2FyZF9ieV9kZWZhdWx0IjpmYWxzZX0sInJpZ2h0cyI6WyJtYW5hZ2VfdmF1bHQiXSwic2NvcGUiOlsiQnJhaW50cmVlOlZhdWx0Il0sIm9wdGlvbnMiOnsiY3VzdG9tZXJfaWQiOiIwMTU4OTdmYS04NjlmLTQ0YzgtODhlYS1lNzkzNmUxNTlhODIifX0.e1yCkyICiLqH32RbYYceF5mkQSTovI1X2unQXdyvfjm0N54thWL5lcyRjTVO9dp3hFGXBn5FdKKdvF3puJKTXA?customer_id=
Braintree-Version: 2018-05-10
Content-Type: application/json

Response headers

pragma: no-cache
date: Mon, 30 Jan 2023 16:41:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubdomains; preload
server: nginx
vary: Braintree-Version, Accept-Encoding
braintree-version: 2016-10-07
content-type: application/json
access-control-allow-origin: https://subscribe.duluthnewstribune.com
paypal-debug-id: f1d3f0e5fa634
cache-control: no-cache, no-store
x-frame-options: DENY
content-length: 1255

OPTIONS
H2 200 graphql
payments.braintree-api.com/ Frame 0
0 150ms
15ms Preflight 13.248.139.42
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://payments.braintree-api.com/graphql

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

13.248.139.42 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ae1d37305401c759d.awsglobalaccelerator.com

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,braintree-version,content-type
Access-Control-Request-Method: POST
Origin: https://subscribe.duluthnewstribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-headers: authorization,braintree-version,content-type
access-control-allow-methods: GET,DELETE,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://subscribe.duluthnewstribune.com
access-control-max-age: 1800
date: Mon, 30 Jan 2023 16:41:43 GMT
paypal-debug-id: 3a49967409944
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
x-frame-options: DENY

OPTIONS
H/1.1 200
OK 83kwhzshxjq5ntdz
client-analytics.braintreegateway.com/ Frame 0
0 88ms
9ms Preflight 18.195.154.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-analytics.braintreegateway.com/83kwhzshxjq5ntdz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.154.142 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-154-142.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://subscribe.duluthnewstribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://subscribe.duluthnewstribune.com
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Mon, 30 Jan 2023 16:41:44 GMT
Server: nginx

POST
H/1.1 200
OK 83kwhzshxjq5ntdz Show response
client-analytics.braintreegateway.com/ 0
296 B 11ms
10ms XHR
text/plain 18.195.154.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-analytics.braintreegateway.com/83kwhzshxjq5ntdz
Requested by: Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/3.85.2/js/client.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.154.142 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-154-142.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://subscribe.duluthnewstribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

Date: Mon, 30 Jan 2023 16:41:44 GMT
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://subscribe.duluthnewstribune.com
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

POST
H/1.1 200
OK 83kwhzshxjq5ntdz Show response
client-analytics.braintreegateway.com/ 0
296 B 11ms
10ms XHR
text/plain 18.195.154.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-analytics.braintreegateway.com/83kwhzshxjq5ntdz
Requested by: Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/3.85.2/js/client.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.154.142 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-154-142.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://subscribe.duluthnewstribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

Date: Mon, 30 Jan 2023 16:41:44 GMT
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://subscribe.duluthnewstribune.com
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

OPTIONS
H/1.1 200
OK 83kwhzshxjq5ntdz
client-analytics.braintreegateway.com/ Frame 0
0 91ms
12ms Preflight 18.195.154.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-analytics.braintreegateway.com/83kwhzshxjq5ntdz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.154.142 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-154-142.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://subscribe.duluthnewstribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://subscribe.duluthnewstribune.com
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Mon, 30 Jan 2023 16:41:44 GMT
Server: nginx

OPTIONS
H/1.1 200
OK 83kwhzshxjq5ntdz
client-analytics.braintreegateway.com/ Frame 0
0 66ms
9ms Preflight 18.195.154.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-analytics.braintreegateway.com/83kwhzshxjq5ntdz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.154.142 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-154-142.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://subscribe.duluthnewstribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://subscribe.duluthnewstribune.com
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Mon, 30 Jan 2023 16:41:44 GMT
Server: nginx

POST
H/1.1 200
OK 83kwhzshxjq5ntdz Show response
client-analytics.braintreegateway.com/ 0
296 B 11ms
10ms XHR
text/plain 18.195.154.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-analytics.braintreegateway.com/83kwhzshxjq5ntdz
Requested by: Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/3.85.2/js/client.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.154.142 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-154-142.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://subscribe.duluthnewstribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

Date: Mon, 30 Jan 2023 16:41:44 GMT
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://subscribe.duluthnewstribune.com
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

GET
H2 200 dispatch-frame.min.html Show response
checkout.paypal.com/web/3.85.2/html/ Frame 6E1A 10 KB
4 KB 90ms
10ms Document
text/html 13.225.78.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://checkout.paypal.com/web/3.85.2/html/dispatch-frame.min.html

Requested by

Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/3.85.2/js/paypal-checkout.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.26 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-26.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

337b763e64d123c71154131bc82585189c0796a15e6cbe04567f5424ba16e4e0

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' .braintreegateway.com .braintree-api.com;

Request headers

Referer: https://subscribe.duluthnewstribune.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 69569
cache-control: max-age=86400
content-encoding: gzip
content-security-policy: style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com;
content-type: text/html
date: Sun, 29 Jan 2023 21:22:31 GMT
etag: W/"63cb0e2c-261a"
expires: Mon, 30 Jan 2023 21:22:15 GMT
last-modified: Fri, 20 Jan 2023 21:57:00 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 57d93b321db68494cc6755a0d3fb29cc.cloudfront.net (CloudFront)
x-amz-cf-id: MjjX6gQ2XxxUDxeG8ppvb4bcht2ABBSSuNOjsMqDkXdwuupbYfnaUQ==
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront

POST
H/1.1 200
OK 83kwhzshxjq5ntdz Show response
client-analytics.braintreegateway.com/ 0
296 B 13ms
12ms XHR
text/plain 18.195.154.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-analytics.braintreegateway.com/83kwhzshxjq5ntdz
Requested by: Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/3.85.2/js/client.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.154.142 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-154-142.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://subscribe.duluthnewstribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

Date: Mon, 30 Jan 2023 16:41:44 GMT
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://subscribe.duluthnewstribune.com
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

OPTIONS
H/1.1 200
OK 83kwhzshxjq5ntdz
client-analytics.braintreegateway.com/ Frame 0
0 67ms
12ms Preflight 18.195.154.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-analytics.braintreegateway.com/83kwhzshxjq5ntdz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.154.142 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-154-142.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://subscribe.duluthnewstribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://subscribe.duluthnewstribune.com
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Mon, 30 Jan 2023 16:41:44 GMT
Server: nginx

GET
H2 200 hosted-fields-frame.min.html Show response
assets.braintreegateway.com/web/3.85.2/html/ Frame E929 126 KB
34 KB 75ms
9ms Document
text/html 143.204.215.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.braintreegateway.com/web/3.85.2/html/hosted-fields-frame.min.html

Requested by

Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/3.85.2/js/hosted-fields.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-52.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

e6f5ff12991f04401e2b7f7a234cd5eddfe2dfcf95ce3a408c496956ccd311b3

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' .braintreegateway.com .braintree-api.com;

Request headers

Referer: https://subscribe.duluthnewstribune.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 32099
cache-control: max-age=86400
content-encoding: gzip
content-security-policy: style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com;
content-type: text/html
date: Mon, 30 Jan 2023 07:52:58 GMT
etag: W/"63cb0e2b-1f824"
expires: Tue, 31 Jan 2023 07:46:45 GMT
last-modified: Fri, 20 Jan 2023 21:56:59 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 d16428714e022976873ccc980fdc1288.cloudfront.net (CloudFront)
x-amz-cf-id: qIoQAWqyJEUJTVNCByf1BgiY82-T_aZjTqr34sIWIKFmEFwJghF50A==
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront

GET
H2 200 hosted-fields-frame.min.html Show response
assets.braintreegateway.com/web/3.85.2/html/ Frame 0D5B 126 KB
34 KB 74ms
8ms Document
text/html 143.204.215.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.braintreegateway.com/web/3.85.2/html/hosted-fields-frame.min.html

Requested by

Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/3.85.2/js/hosted-fields.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-52.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

e6f5ff12991f04401e2b7f7a234cd5eddfe2dfcf95ce3a408c496956ccd311b3

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' .braintreegateway.com .braintree-api.com;

Request headers

Referer: https://subscribe.duluthnewstribune.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 32099
cache-control: max-age=86400
content-encoding: gzip
content-security-policy: style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com;
content-type: text/html
date: Mon, 30 Jan 2023 07:52:58 GMT
etag: W/"63cb0e2b-1f824"
expires: Tue, 31 Jan 2023 07:46:45 GMT
last-modified: Fri, 20 Jan 2023 21:56:59 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 d16428714e022976873ccc980fdc1288.cloudfront.net (CloudFront)
x-amz-cf-id: 47vxlRL7G6EOzAvrsUZ2iMMVK8N7AZnmjPjNM7rWY1JldOs2xS7qcQ==
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront

GET
H2 200 hosted-fields-frame.min.html Show response
assets.braintreegateway.com/web/3.85.2/html/ Frame 56BD 126 KB
34 KB 76ms
11ms Document
text/html 143.204.215.52
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://assets.braintreegateway.com/web/3.85.2/html/hosted-fields-frame.min.html

Requested by

Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/3.85.2/js/hosted-fields.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.215.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-143-204-215-52.fra53.r.cloudfront.net

Software

nginx /

Resource Hash

e6f5ff12991f04401e2b7f7a234cd5eddfe2dfcf95ce3a408c496956ccd311b3

Security Headers

Name	Value
Content-Security-Policy	style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' .braintreegateway.com .braintree-api.com;

Request headers

Referer: https://subscribe.duluthnewstribune.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
age: 32099
cache-control: max-age=86400
content-encoding: gzip
content-security-policy: style-src 'self' 'unsafe-inline'; script-src 'self' 'unsafe-inline' *.braintreegateway.com *.braintree-api.com;
content-type: text/html
date: Mon, 30 Jan 2023 07:52:58 GMT
etag: W/"63cb0e2b-1f824"
expires: Tue, 31 Jan 2023 07:46:45 GMT
last-modified: Fri, 20 Jan 2023 21:56:59 GMT
server: nginx
vary: Accept-Encoding
via: 1.1 d16428714e022976873ccc980fdc1288.cloudfront.net (CloudFront)
x-amz-cf-id: W7o2YFU6rqer94qPmjgfoc23pkv1PkkMemgxHiJmTQqVC3WiOCGfdA==
x-amz-cf-pop: FRA53-C1
x-cache: Hit from cloudfront

GET
H2 200 js Show response
www.paypal.com/sdk/ 314 KB
94 KB 418ms
366ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?components=buttons&currency=USD&vault=true&intent=tokenize&client-id=AbZlfSuaAwsE_4oIGBvNY6a4KYFIKz-Axwweu6UUlbNucmLXrraBc0Zg6qjj2mMBGqtXzLrc-cit0zCG

Requested by

Host: js.braintreegateway.com
URL: https://js.braintreegateway.com/web/3.85.2/js/paypal-checkout.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CD4) /

Resource Hash

f8ba90dee6579a98a846ba86bdd8467fb6837d31574335256a958e94e8961723

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-WcSr176LKPkbXl/EptUNtoL4Zuq4zXqU934Qlv/P5qj5gWPI' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-WcSr176LKPkbXl/EptUNtoL4Zuq4zXqU934Qlv/P5qj5gWPI' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscribe.duluthnewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-WcSr176LKPkbXl/EptUNtoL4Zuq4zXqU934Qlv/P5qj5gWPI' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-WcSr176LKPkbXl/EptUNtoL4Zuq4zXqU934Qlv/P5qj5gWPI' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 30 Jan 2023 16:41:44 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
p3p: true
paypal-debug-id: 071803b717297
server-timing: traceparent;desc="00-0000000000000000000071803b717297-5d9b73a4419e1f6b-01", content-encoding;desc="", x-cdn;desc="edgecast"
dc: ccg11-origin-www-1.paypal.com
content-length: 94479
x-xss-protection: 1; mode=block
server: ECAcc (frc/4CD4)
traceparent: 00-0000000000000000000071803b717297-70fd9fa2dcb750ac-01
etag: W/"1710f-lKqgcRt3OobwSNWFWy9TYqfTmrU"
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
timing-allow-origin: *

POST
H/1.1 200
OK 83kwhzshxjq5ntdz Show response
client-analytics.braintreegateway.com/ Frame E929 0
292 B 12ms
12ms XHR
text/plain 18.195.154.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-analytics.braintreegateway.com/83kwhzshxjq5ntdz
Requested by: Host: assets.braintreegateway.com
URL: https://assets.braintreegateway.com/web/3.85.2/html/hosted-fields-frame.min.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.154.142 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-154-142.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://assets.braintreegateway.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

Date: Mon, 30 Jan 2023 16:41:44 GMT
Server: nginx
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://assets.braintreegateway.com
Connection: keep-alive
Access-Control-Allow-Headers
Content-Length: 0

OPTIONS
H/1.1 200
OK 83kwhzshxjq5ntdz
client-analytics.braintreegateway.com/ Frame 0
0 9ms
9ms Preflight 18.195.154.142
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://client-analytics.braintreegateway.com/83kwhzshxjq5ntdz
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.195.154.142 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-195-154-142.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://assets.braintreegateway.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Origin: https://assets.braintreegateway.com
Access-Control-Max-Age: 3000
Connection: keep-alive
Content-Length: 0
Date: Mon, 30 Jan 2023 16:41:44 GMT
Server: nginx

GET
H2 200 pptm.js Show response
www.paypal.com/tagmanager/ 12 KB
6 KB 292ms
291ms Script
application/x-javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/tagmanager/pptm.js?id=subscribe.duluthnewstribune.com&t=xo&v=5.0.350&source=payments_sdk&client_id=AbZlfSuaAwsE_4oIGBvNY6a4KYFIKz-Axwweu6UUlbNucmLXrraBc0Zg6qjj2mMBGqtXzLrc-cit0zCG&comp=buttons&vault=true

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/sdk/js?components=buttons&currency=USD&vault=true&intent=tokenize&client-id=AbZlfSuaAwsE_4oIGBvNY6a4KYFIKz-Axwweu6UUlbNucmLXrraBc0Zg6qjj2mMBGqtXzLrc-cit0zCG

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CB9) /

Resource Hash

25376cd52fca883ddcae7106505cb20b4e4f3f0d38bdc4c37fbf60ff49f66655

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; script-src 'nonce-7y4uFsG7cm2NCZ0V/VIjRU16eDpywXB6yNxq05oTLDwc9mnu' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://.paypalobjects.com https://.paypal.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://nexus.ensighten.com https://.google-analytics.com 'unsafe-inline' https://.qualtrics.com; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscribe.duluthnewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; script-src 'nonce-7y4uFsG7cm2NCZ0V/VIjRU16eDpywXB6yNxq05oTLDwc9mnu' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval'; img-src * data:; object-src 'none'; font-src 'self' https://*.paypalobjects.com https://*.paypal.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://nexus.ensighten.com https://*.google-analytics.com 'unsafe-inline' https://*.qualtrics.com; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline' https://*.qualtrics.com;
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 30 Jan 2023 16:41:45 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
paypal-debug-id: 0434233a091a5
server-timing: traceparent;desc="00-00000000000000000000434233a091a5-8496f7aaeb480076-01", content-encoding;desc="", x-cdn;desc="edgecast"
dc: ccg11-origin-www-1.paypal.com
x-xss-protection: 1; mode=block
server: ECAcc (frc/4CB9)
traceparent: 00-00000000000000000000434233a091a5-145a67e1707299ee-01
etag: W/"2f34-zQQ0FVqIlbkbuS4WgpPW/nUPXC4"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600
timing-allow-origin: *

GET
H2 200 buttons Show response
www.paypal.com/smart/ Frame CE8B 380 KB
97 KB 694ms
693ms Document
text/html 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/smart/buttons?fundingSource=paypal&style.label=paypal&style.layout=horizontal&style.color=gold&style.shape=pill&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.350&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMmY3VycmVuY3k9VVNEJnZhdWx0PXRydWUmaW50ZW50PXRva2VuaXplJmNsaWVudC1pZD1BYlpsZlN1YUF3c0VfNG9JR0J2Tlk2YTRLWUZJS3otQXh3d2V1NlVVbGJOdWNtTFhycmFCYzBaZzZxamoybU1CR3F0WHpMcmMtY2l0MHpDRyIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX21hc3V1Z2RwaGJld3pmd2lzZ3hoZmh2Ym13cmpoaiJ9fQ&clientID=AbZlfSuaAwsE_4oIGBvNY6a4KYFIKz-Axwweu6UUlbNucmLXrraBc0Zg6qjj2mMBGqtXzLrc-cit0zCG&sdkCorrelationID=074a9a938a3b2&storageID=uid_31fa114906_mty6nde6ndu&sessionID=uid_74b7d21d31_mty6nde6ndu&buttonSessionID=uid_29157670d3_mty6nde6ndu&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOnRydWUsImluc3RhbGxtZW50cyI6ZmFsc2UsInZlbmRvcnMiOnsidmlzYSI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwibWFzdGVyY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiYW1leCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGlzY292ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJoaXBlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJlbG8iOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJqY2IiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9fSwiZ3Vlc3RFbmFibGVkIjpmYWxzZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOmZhbHNlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ6aW1wbGVyIjp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1heGltYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=billing_setup&currency=USD&intent=tokenize&commit=true&vault=true&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CC3) /

Resource Hash

b9f8516f04c2f3f9465988b06e88a7e9182155e96bcfd362c96720f21fe5c4c8

Security Headers

Name	Value
Content-Security-Policy	form-action 'self' https://.paypal.com https://.cardinalcommerce.com; default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com: https://.paypalobjects.com https://.googleapis.com https://.firebaseio.com wss://.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://.qualtrics.com; frame-src 'self' https://.paypal.com:* https://.paypalobjects.com https://.cardinalcommerce.com https://.firebaseapp.com https://.qualtrics.com; script-src 'self' https://.paypal.com: https://.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://.paypal.com:* https://.paypalobjects.com 'unsafe-inline'; font-src 'self' https://.paypal.com https://.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://subscribe.duluthnewstribune.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-expose-headers: Server-Timing
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-disposition: inline
content-encoding: gzip
content-security-policy: form-action 'self' https://*.paypal.com https://*.cardinalcommerce.com; default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.googleapis.com https://*.firebaseio.com wss://*.firebaseio.com https://api2.amplitude.com http://127.0.0.1:* https://*.qualtrics.com; frame-src 'self' https://*.paypal.com:* https://*.paypalobjects.com https://*.cardinalcommerce.com https://*.firebaseapp.com https://*.qualtrics.com; script-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline' 'unsafe-eval' https://apis.google.com; style-src 'self' https://*.paypal.com:* https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; object-src 'none'; img-src https: data:; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html; charset=utf-8
date: Mon, 30 Jan 2023 16:41:45 GMT
dc: ccg11-origin-www-1.paypal.com
etag: W/"5eea6-Fj4QHRjoEQHNXE5/RUiPrPJ/5Ko"
p3p: true
paypal-debug-id: 0131a80a616b6
server: ECAcc (frc/4CC3)
server-timing: traceparent;desc="00-00000000000000000000131a80a616b6-cb81911ceee2b23a-01" content-encoding;desc="", x-cdn;desc="edgecast"
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-00000000000000000000131a80a616b6-7644ca0dc83a8755-01
vary: Accept-Encoding
x-content-type-options: nosniff
x-csrf-jwt: __blank__
x-xss-protection: 1; mode=block

GET
DATA 200
OK truncated
/ Frame B048 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ 1005 B
2 KB 210ms
209ms XHR
application/json 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CCE) /

Resource Hash

847dacc32b53202f78c11dd1ba283ce0ca479b5f4c14707c0328c4cc5f8f62c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://subscribe.duluthnewstribune.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
content-type: application/json

Response headers

date: Mon, 30 Jan 2023 16:41:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
paypal-debug-id: 092027758b491
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
dc: ccg11-origin-www-1.paypal.com
content-length: 599
server: ECAcc (frc/4CCE)
traceparent: 00-0000000000000000000092027758b491-d5b1b408b25e577b-01
etag: W/"3ed-oVMsclZ8/I3rKVZNztO2fbPUL/M"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://subscribe.duluthnewstribune.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *

OPTIONS
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame 0
0 238ms
214ms Preflight 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CCE) /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://subscribe.duluthnewstribune.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://subscribe.duluthnewstribune.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
date: Mon, 30 Jan 2023 16:41:45 GMT
dc: ccg11-origin-www-1.paypal.com
paypal-debug-id: 0a6753b670474
server: ECAcc (frc/4CCE)
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-00000000000000000000a6753b670474-728d36c19ea14bf8-01
x-content-type-options: nosniff

GET
H2 200 ts
t.paypal.com/ 42 B
600 B 207ms
166ms Image
image/gif 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.paypal.com/ts?pgrp=muse%3Ageneric%3Aanalytics%3A%3Amerchant&page=muse%3Ageneric%3Aanalytics%3A%3Amerchant%3A%3A%3A&tsrce=tagmanagernodeweb&comp=tagmanagernodeweb&sub_component=analytics&s=ci&fltp=analytics-generic&pt=Duluth%20News%20Tribune&dh=1200&dw=1600&bh=1200&bw=1600&cd=24&sh=1200&sw=1600&v=NA&pl=pdf&rosetta_language=en-US%2Cen&e=im&t=1675096905472&g=0&completeurl=https%3A%2F%2Fsubscribe.duluthnewstribune.com%2F%3Fofrgp_id%3D862%252C863%26%3Futm_market%3Dduluthnewstribune%26utm_source%3Demail%26utm_medium%3Dpromo_send%26utm_campaign%3D2_dollars_for_6_months_jan_23%26utm_content%3D6_months_2_dollar_offer_promo_1_am_01302023%26utm_term%3Dduluthnewstribune_promo_nonmember&sinfo=%7B%22partners%22%3A%7B%22ecwid%22%3A%7B%7D%2C%22bigCommerce%22%3A%7B%7D%2C%22shopify%22%3A%7B%7D%2C%22wix%22%3A%7B%7D%2C%22bigCartel%22%3A%7B%7D%7D%7D

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CE2) /

Resource Hash

6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscribe.duluthnewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Jan 2023 16:41:45 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: ECAcc (frc/4CE2)
traceparent: 00-00000000000000000004592dc61357f4-4c834e9ca4157a21-01
content-type: image/gif
paypal-debug-id: 4592dc61357f4
p3p: policyref="https://t.paypal.com/w3c/p3p.xml",CP="CAO IND OUR SAM UNI STA COR COM"
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
timing-allow-origin: *
content-length: 42
expires: Mon, 30 Jan 2023 16:41:45 GMT

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/51/7/intl/de_ALL/ 272 KB
76 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/51/7/intl/de_ALL/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCu2stHA_Wgp5c31U3hCuMMMr0Bw5E6dyo&libraries=places

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b18208c9d118b2a3ef63d789e600229bcc86da65b1ccb37dbefe6cbc50ae11b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscribe.duluthnewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Thu, 26 Jan 2023 20:08:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 333178
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77467
x-xss-protection: 0
last-modified: Mon, 23 Jan 2023 21:48:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 26 Jan 2024 20:08:47 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/51/7/intl/de_ALL/ 158 KB
58 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:800::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/51/7/intl/de_ALL/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCu2stHA_Wgp5c31U3hCuMMMr0Bw5E6dyo&libraries=places

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08ffbe8132934a6bff10ba3ce45c44031ddb3eff98a69d74a118efdcb51775e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscribe.duluthnewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Fri, 27 Jan 2023 18:09:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 253935
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 59508
x-xss-protection: 0
last-modified: Mon, 23 Jan 2023 21:48:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sat, 27 Jan 2024 18:09:30 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 16ms
15ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-Z15KJQ29H1&gtm=2oe1p0&_p=1032617132&cid=476978641.1675096901&ul=en-us&sr=1600x1200&uaW=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&sid=1675096900&sct=1&seg=0&dl=https%3A%2F%2Fsubscribe.duluthnewstribune.com%2F%3Fofrgp_id%3D862%252C863%26%3Futm_market%3Dduluthnewstribune%26utm_source%3Demail%26utm_medium%3Dpromo_send%26utm_campaign%3D2_dollars_for_6_months_jan_23%26utm_content%3D6_months_2_dollar_offer_promo_1_am_01302023%26utm_term%3Dduluthnewstribune_promo_nonmember&dt=Duluth%20News%20Tribune&en=scroll&epn.percent_scrolled=90&_et=6
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Z15KJQ29H1&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://subscribe.duluthnewstribune.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 30 Jan 2023 16:41:45 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://subscribe.duluthnewstribune.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.paypal.com/sdk/ Frame CE8B 314 KB
93 KB 9ms
8ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/sdk/js?components=buttons&currency=USD&vault=true&intent=tokenize&client-id=AbZlfSuaAwsE_4oIGBvNY6a4KYFIKz-Axwweu6UUlbNucmLXrraBc0Zg6qjj2mMBGqtXzLrc-cit0zCG

Requested by

Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?fundingSource=paypal&style.label=paypal&style.layout=horizontal&style.color=gold&style.shape=pill&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.350&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMmY3VycmVuY3k9VVNEJnZhdWx0PXRydWUmaW50ZW50PXRva2VuaXplJmNsaWVudC1pZD1BYlpsZlN1YUF3c0VfNG9JR0J2Tlk2YTRLWUZJS3otQXh3d2V1NlVVbGJOdWNtTFhycmFCYzBaZzZxamoybU1CR3F0WHpMcmMtY2l0MHpDRyIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX21hc3V1Z2RwaGJld3pmd2lzZ3hoZmh2Ym13cmpoaiJ9fQ&clientID=AbZlfSuaAwsE_4oIGBvNY6a4KYFIKz-Axwweu6UUlbNucmLXrraBc0Zg6qjj2mMBGqtXzLrc-cit0zCG&sdkCorrelationID=074a9a938a3b2&storageID=uid_31fa114906_mty6nde6ndu&sessionID=uid_74b7d21d31_mty6nde6ndu&buttonSessionID=uid_29157670d3_mty6nde6ndu&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOnRydWUsImluc3RhbGxtZW50cyI6ZmFsc2UsInZlbmRvcnMiOnsidmlzYSI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwibWFzdGVyY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiYW1leCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGlzY292ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJoaXBlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJlbG8iOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJqY2IiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9fSwiZ3Vlc3RFbmFibGVkIjpmYWxzZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOmZhbHNlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ6aW1wbGVyIjp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1heGltYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=billing_setup&currency=USD&intent=tokenize&commit=true&vault=true&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CD4) /

Resource Hash

f8ba90dee6579a98a846ba86bdd8467fb6837d31574335256a958e94e8961723

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://.paypal.com https://.paypalobjects.com; connect-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; frame-src 'self' https://.paypal.com https://.paypalobjects.com https://.qualtrics.com; script-src 'nonce-WcSr176LKPkbXl/EptUNtoL4Zuq4zXqU934Qlv/P5qj5gWPI' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; style-src 'nonce-WcSr176LKPkbXl/EptUNtoL4Zuq4zXqU934Qlv/P5qj5gWPI' 'self' https://.paypal.com https://.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://.paypal.com; base-uri 'self' https://.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/smart/buttons?fundingSource=paypal&style.label=paypal&style.layout=horizontal&style.color=gold&style.shape=pill&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.350&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMmY3VycmVuY3k9VVNEJnZhdWx0PXRydWUmaW50ZW50PXRva2VuaXplJmNsaWVudC1pZD1BYlpsZlN1YUF3c0VfNG9JR0J2Tlk2YTRLWUZJS3otQXh3d2V1NlVVbGJOdWNtTFhycmFCYzBaZzZxamoybU1CR3F0WHpMcmMtY2l0MHpDRyIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX21hc3V1Z2RwaGJld3pmd2lzZ3hoZmh2Ym13cmpoaiJ9fQ&clientID=AbZlfSuaAwsE_4oIGBvNY6a4KYFIKz-Axwweu6UUlbNucmLXrraBc0Zg6qjj2mMBGqtXzLrc-cit0zCG&sdkCorrelationID=074a9a938a3b2&storageID=uid_31fa114906_mty6nde6ndu&sessionID=uid_74b7d21d31_mty6nde6ndu&buttonSessionID=uid_29157670d3_mty6nde6ndu&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOnRydWUsImluc3RhbGxtZW50cyI6ZmFsc2UsInZlbmRvcnMiOnsidmlzYSI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwibWFzdGVyY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiYW1leCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGlzY292ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJoaXBlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJlbG8iOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJqY2IiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9fSwiZ3Vlc3RFbmFibGVkIjpmYWxzZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOmZhbHNlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ6aW1wbGVyIjp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1heGltYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=billing_setup&currency=USD&intent=tokenize&commit=true&vault=true&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

content-security-policy: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; connect-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; frame-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.qualtrics.com; script-src 'nonce-WcSr176LKPkbXl/EptUNtoL4Zuq4zXqU934Qlv/P5qj5gWPI' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; style-src 'nonce-WcSr176LKPkbXl/EptUNtoL4Zuq4zXqU934Qlv/P5qj5gWPI' 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; object-src 'none'; img-src https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; upgrade-insecure-requests;; report-uri https://www.paypal.com/csplog/api/log/csp
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 30 Jan 2023 16:41:45 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 1
x-cache: HIT
p3p: true
paypal-debug-id: 071803b717297
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
dc: ccg11-origin-www-1.paypal.com
content-length: 94479
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Jan 2023 16:41:44 GMT
server: ECAcc (frc/4CD4)
traceparent: 00-0000000000000000000071803b717297-70fd9fa2dcb750ac-01
etag: W/"1710f-lKqgcRt3OobwSNWFWy9TYqfTmrU"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: Server-Timing
cache-control: public, max-age=3600, s-maxage=10800
accept-ranges: bytes
timing-allow-origin: *

GET
DATA 200
OK truncated
/ Frame CE8B 3 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ Frame CE8B 58 KB
20 KB 116ms
9ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CF6) /

Resource Hash

def7e4d139a8615c2721b3a2f0aee56e08052118029fa0bc8101fc0daea957d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 16:41:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 936839
x-cache: HIT
paypal-debug-id: 889c997ccf330
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
dc: ccg11-origin-www-1.paypal.com
content-length: 20336
last-modified: Tue, 20 Dec 2022 17:16:51 GMT
server: ECAcc (frc/4CF6)
traceparent: 00-0000000000000000000889c997ccf330-c1df794a2284d28b-01
etag: "63a1ee03-e9eb"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: false
vary: Accept-Encoding
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Jan 2023 16:41:46 GMT

POST
H2 200 logger
www.paypal.com/xoplatform/logger/api/ Frame CE8B 1 KB
2 KB 183ms
182ms Ping
application/json 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CC3) /

Resource Hash

7e4cf736d933d3b1c3187b46b92e23440989c73a5a2c156f3fb07b3656140452

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.paypal.com/smart/buttons?fundingSource=paypal&style.label=paypal&style.layout=horizontal&style.color=gold&style.shape=pill&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.350&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMmY3VycmVuY3k9VVNEJnZhdWx0PXRydWUmaW50ZW50PXRva2VuaXplJmNsaWVudC1pZD1BYlpsZlN1YUF3c0VfNG9JR0J2Tlk2YTRLWUZJS3otQXh3d2V1NlVVbGJOdWNtTFhycmFCYzBaZzZxamoybU1CR3F0WHpMcmMtY2l0MHpDRyIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX21hc3V1Z2RwaGJld3pmd2lzZ3hoZmh2Ym13cmpoaiJ9fQ&clientID=AbZlfSuaAwsE_4oIGBvNY6a4KYFIKz-Axwweu6UUlbNucmLXrraBc0Zg6qjj2mMBGqtXzLrc-cit0zCG&sdkCorrelationID=074a9a938a3b2&storageID=uid_31fa114906_mty6nde6ndu&sessionID=uid_74b7d21d31_mty6nde6ndu&buttonSessionID=uid_29157670d3_mty6nde6ndu&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOnRydWUsImluc3RhbGxtZW50cyI6ZmFsc2UsInZlbmRvcnMiOnsidmlzYSI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwibWFzdGVyY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiYW1leCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGlzY292ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJoaXBlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJlbG8iOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJqY2IiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9fSwiZ3Vlc3RFbmFibGVkIjpmYWxzZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOmZhbHNlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ6aW1wbGVyIjp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1heGltYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=billing_setup&currency=USD&intent=tokenize&commit=true&vault=true&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 30 Jan 2023 16:41:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
paypal-debug-id: 01904725a7321
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
dc: ccg11-origin-www-1.paypal.com
content-length: 617
server: ECAcc (frc/4CC3)
traceparent: 00-000000000000000000001904725a7321-624c35c8a68745b0-01
etag: W/"400-Pxt/bDGQZfSkTCtgxq8wH/AzQmc"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *

GET
H2 200 i Show response
c.paypal.com/v1/r/d/ Frame 4396 160 B
1 KB 155ms
155ms Document
text/html 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CC3) /

Resource Hash

9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.paypal.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Platform, Sec-CH-UA, Sec-CH-UA-Full
cache-control: max-age=0, no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 141
content-security-policy-report-only: default-src 'self' https://*.paypal.com https://*.paypalobjects.com; script-src 'self' https://*.paypal.com https://*.paypalobjects.com https://*.paypalinc.com https://www.facebook.com 'unsafe-eval' 'unsafe-inline' blob:; connect-src 'self' https://*.paypal.com; style-src 'self' https://*.paypal.com https://*.paypalobjects.com 'unsafe-inline'; font-src 'self' https://*.paypal.com https://*.paypalobjects.com data:; img-src 'self' https: data:; form-action 'self' https://*.paypal.com; base-uri 'self' https://*.paypal.com; object-src 'self' https://*.paypal.com https://*.paypalobjects.com; report-uri https://www.paypal.com/csplog/api/log/csp
content-type: text/html;charset=UTF-8
correlation-id: a861958b144be
date: Mon, 30 Jan 2023 16:41:45 GMT
origin-trial: A+THamRrv1ypMR6JeaJx7Wmo8rytLELMAeCL0XGhTihfUtp+dVqcCNYiWxOzySlH2Xk7lzRrFY3mxv6viKT1qggAAACKeyJvcmlnaW4iOiJodHRwczovL3BheXBhbC5jb206NDQzIiwiZmVhdHVyZSI6IlNlbmRGdWxsVXNlckFnZW50QWZ0ZXJSZWR1Y3Rpb24iLCJleHBpcnkiOjE2ODQ4ODYzOTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9
paypal-debug-id: a861958b144be
server: ECAcc (frc/4CC3)
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
strict-transport-security: max-age=63072000; includeSubDomains; preload
timing-allow-origin: *
traceparent: 00-0000000000000000000a861958b144be-6030abe6512a2a56-01
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

counter2.cgi
dub.stats.paypal.com/v2/ Frame F8D9
Redirect Chain

https://b.stats.paypal.com/v2/counter.cgi?p=uid_74b7d21d31_mty6nde6ndu&s=SMART_PAYMENT_BUTTONS
https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_74b7d21d31_mty6nde6ndu&s=SMART_PAYMENT_BUTTONS

42 B
299 B

186ms
43ms

Image
image/jpeg

64.4.245.84

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_74b7d21d31_mty6nde6ndu&s=SMART_PAYMENT_BUTTONS
Requested by: Host: www.paypal.com
URL: https://www.paypal.com/smart/buttons?fundingSource=paypal&style.label=paypal&style.layout=horizontal&style.color=gold&style.shape=pill&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.350&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMmY3VycmVuY3k9VVNEJnZhdWx0PXRydWUmaW50ZW50PXRva2VuaXplJmNsaWVudC1pZD1BYlpsZlN1YUF3c0VfNG9JR0J2Tlk2YTRLWUZJS3otQXh3d2V1NlVVbGJOdWNtTFhycmFCYzBaZzZxamoybU1CR3F0WHpMcmMtY2l0MHpDRyIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX21hc3V1Z2RwaGJld3pmd2lzZ3hoZmh2Ym13cmpoaiJ9fQ&clientID=AbZlfSuaAwsE_4oIGBvNY6a4KYFIKz-Axwweu6UUlbNucmLXrraBc0Zg6qjj2mMBGqtXzLrc-cit0zCG&sdkCorrelationID=074a9a938a3b2&storageID=uid_31fa114906_mty6nde6ndu&sessionID=uid_74b7d21d31_mty6nde6ndu&buttonSessionID=uid_29157670d3_mty6nde6ndu&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOnRydWUsImluc3RhbGxtZW50cyI6ZmFsc2UsInZlbmRvcnMiOnsidmlzYSI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwibWFzdGVyY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiYW1leCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGlzY292ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJoaXBlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJlbG8iOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJqY2IiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9fSwiZ3Vlc3RFbmFibGVkIjpmYWxzZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOmZhbHNlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ6aW1wbGVyIjp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1heGltYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=billing_setup&currency=USD&intent=tokenize&commit=true&vault=true&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
Protocol: HTTP/1.1
Server: 64.4.245.84 -, , ASN (),
Reverse DNS
Software: PayPal-B.Stats/1.0 /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date: Mon, 30 Jan 2023 16:41:46 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 42
Content-Type: image/jpeg

Redirect headers

Location: https://dub.stats.paypal.com/v2/counter2.cgi?p=uid_74b7d21d31_mty6nde6ndu&s=SMART_PAYMENT_BUTTONS
Date: Mon, 30 Jan 2023 16:41:46 GMT
Server: PayPal-B.Stats/1.0
Connection: close
Content-Length: 0
Content-Type: application/octet-stream

GET
H2 200 fb.js Show response
c.paypal.com/da/r/ Frame 4396 58 KB
20 KB 10ms
9ms Script
application/javascript 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/da/r/fb.js

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CBA) /

Resource Hash

def7e4d139a8615c2721b3a2f0aee56e08052118029fa0bc8101fc0daea957d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 16:41:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
age: 936839
x-cache: HIT
paypal-debug-id: 889c997ccf330
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
dc: ccg11-origin-www-1.paypal.com
content-length: 20336
last-modified: Tue, 20 Dec 2022 17:16:51 GMT
server: ECAcc (frc/4CBA)
traceparent: 00-0000000000000000000889c997ccf330-c1df794a2284d28b-01
etag: "63a1ee03-e9eb"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
access-control-allow-credentials: false
vary: Accept-Encoding
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 31 Jan 2023 16:41:46 GMT

POST
H2 200 p1 Show response
c.paypal.com/v1/r/d/b/ Frame 4396 125 B
736 B 189ms
188ms XHR
application/json 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/p1

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CC3) /

Resource Hash

5bc1a085b5a152beb8d76e1eb2015840387d8d6c49491f81e20c2a0d9c57a8cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 30 Jan 2023 16:41:46 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
correlation-id: 61ef84e1eb147
server: ECAcc (frc/4CC3)
traceparent: 00-000000000000000000061ef84e1eb147-772ad7c491a49ac7-01
p3p: policyref="/w3c/p3p.xml", CP="NON DSP COR ADM OUR IND COM"
paypal-debug-id: 61ef84e1eb147
content-type: application/json
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
timing-allow-origin: *
content-length: 125

POST
H2 204 e Show response
c.paypal.com/v1/r/d/b/ Frame 4396 0
195 B 196ms
196ms XHR
text/plain 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://c.paypal.com/v1/r/d/b/e

Requested by

Host: c.paypal.com
URL: https://c.paypal.com/da/r/fb.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4C8D) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://c.paypal.com/v1/r/d/i?js_src=https://c.paypal.com/da/r/fb.js
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 30 Jan 2023 16:41:46 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
correlation-id: f2b3292b273c5
server: ECAcc (frc/4C8D)
traceparent: 00-0000000000000000000f2b3292b273c5-b78a8d82ac73eeb2-01
paypal-debug-id: f2b3292b273c5
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
timing-allow-origin: *

GET
H2 200 p3
c6.paypal.com/v1/r/d/b/ Frame 4396 0
130 B 244ms
190ms Image
text/plain 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c6.paypal.com/v1/r/d/b/p3?f=uid_74b7d21d31_mty6nde6ndu&s=SMART_PAYMENT_BUTTONS

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CC0) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://c.paypal.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date: Mon, 30 Jan 2023 16:41:46 GMT
content-encoding: gzip
correlation-id: 495e257d73a5
strict-transport-security: max-age=63072000; includeSubDomains; preload
server: ECAcc (frc/4CC0)
traceparent: 00-00000000000000000000495e257d73a5-0f6c516c305223de-01
vary: Accept-Encoding
paypal-debug-id: 495e257d73a5
cache-control: max-age=0, no-cache, no-store, must-revalidate
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
timing-allow-origin: *
content-length: 20

POST
H2 200 logger Show response
www.paypal.com/xoplatform/logger/api/ Frame CE8B 1018 B
1 KB 188ms
188ms XHR
application/json 192.229.221.25
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL

https://www.paypal.com/xoplatform/logger/api/logger

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.221.25 , United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECAcc (frc/4CC3) /

Resource Hash

048a6896455dc416f090511470f8144a5a184d0232db7daef48218c643c5744e

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept: application/json
Referer: https://www.paypal.com/smart/buttons?fundingSource=paypal&style.label=paypal&style.layout=horizontal&style.color=gold&style.shape=pill&style.tagline=false&style.menuPlacement=below&sdkVersion=5.0.350&components.0=buttons&locale.country=US&locale.lang=en&sdkMeta=eyJ1cmwiOiJodHRwczovL3d3dy5wYXlwYWwuY29tL3Nkay9qcz9jb21wb25lbnRzPWJ1dHRvbnMmY3VycmVuY3k9VVNEJnZhdWx0PXRydWUmaW50ZW50PXRva2VuaXplJmNsaWVudC1pZD1BYlpsZlN1YUF3c0VfNG9JR0J2Tlk2YTRLWUZJS3otQXh3d2V1NlVVbGJOdWNtTFhycmFCYzBaZzZxamoybU1CR3F0WHpMcmMtY2l0MHpDRyIsImF0dHJzIjp7ImRhdGEtdWlkIjoidWlkX21hc3V1Z2RwaGJld3pmd2lzZ3hoZmh2Ym13cmpoaiJ9fQ&clientID=AbZlfSuaAwsE_4oIGBvNY6a4KYFIKz-Axwweu6UUlbNucmLXrraBc0Zg6qjj2mMBGqtXzLrc-cit0zCG&sdkCorrelationID=074a9a938a3b2&storageID=uid_31fa114906_mty6nde6ndu&sessionID=uid_74b7d21d31_mty6nde6ndu&buttonSessionID=uid_29157670d3_mty6nde6ndu&env=production&fundingEligibility=eyJwYXlwYWwiOnsiZWxpZ2libGUiOnRydWUsInZhdWx0YWJsZSI6dHJ1ZX0sInBheWxhdGVyIjp7ImVsaWdpYmxlIjpmYWxzZSwicHJvZHVjdHMiOnsicGF5SW4zIjp7ImVsaWdpYmxlIjpmYWxzZSwidmFyaWFudCI6bnVsbH0sInBheUluNCI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9LCJwYXlsYXRlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhcmlhbnQiOm51bGx9fX0sImNhcmQiOnsiZWxpZ2libGUiOnRydWUsImJyYW5kZWQiOnRydWUsImluc3RhbGxtZW50cyI6ZmFsc2UsInZlbmRvcnMiOnsidmlzYSI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwibWFzdGVyY2FyZCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiYW1leCI6eyJlbGlnaWJsZSI6dHJ1ZSwidmF1bHRhYmxlIjp0cnVlfSwiZGlzY292ZXIiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJoaXBlciI6eyJlbGlnaWJsZSI6ZmFsc2UsInZhdWx0YWJsZSI6ZmFsc2V9LCJlbG8iOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9LCJqY2IiOnsiZWxpZ2libGUiOmZhbHNlLCJ2YXVsdGFibGUiOnRydWV9fSwiZ3Vlc3RFbmFibGVkIjpmYWxzZX0sInZlbm1vIjp7ImVsaWdpYmxlIjpmYWxzZX0sIml0YXUiOnsiZWxpZ2libGUiOmZhbHNlfSwiY3JlZGl0Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImFwcGxlcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sInNlcGEiOnsiZWxpZ2libGUiOmZhbHNlfSwiaWRlYWwiOnsiZWxpZ2libGUiOmZhbHNlfSwiYmFuY29udGFjdCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJnaXJvcGF5Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImVwcyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzb2ZvcnQiOnsiZWxpZ2libGUiOmZhbHNlfSwibXliYW5rIjp7ImVsaWdpYmxlIjpmYWxzZX0sInAyNCI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJ6aW1wbGVyIjp7ImVsaWdpYmxlIjpmYWxzZX0sIndlY2hhdHBheSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJwYXl1Ijp7ImVsaWdpYmxlIjpmYWxzZX0sImJsaWsiOnsiZWxpZ2libGUiOmZhbHNlfSwidHJ1c3RseSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJveHhvIjp7ImVsaWdpYmxlIjpmYWxzZX0sIm1heGltYSI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJib2xldG8iOnsiZWxpZ2libGUiOmZhbHNlfSwiYm9sZXRvYmFuY2FyaW8iOnsiZWxpZ2libGUiOmZhbHNlfSwibWVyY2Fkb3BhZ28iOnsiZWxpZ2libGUiOmZhbHNlfSwibXVsdGliYW5jbyI6eyJlbGlnaWJsZSI6ZmFsc2V9LCJzYXRpc3BheSI6eyJlbGlnaWJsZSI6ZmFsc2V9fQ&platform=desktop&experiment.enableVenmo=false&experiment.enableVenmoAppLabel=false&flow=billing_setup&currency=USD&intent=tokenize&commit=true&vault=true&renderedButtons.0=paypal&debug=false&applePaySupport=false&supportsPopups=true&supportedNativeBrowser=false&experience=&allowBillingPayments=true
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
content-type: application/json

Response headers

date: Mon, 30 Jan 2023 16:41:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
paypal-debug-id: 0967643814a11
server-timing: content-encoding;desc="", x-cdn;desc="edgecast"
dc: ccg11-origin-www-1.paypal.com
content-length: 608
server: ECAcc (frc/4CC3)
traceparent: 00-00000000000000000000967643814a11-0272b42a0ef2e689-01
etag: W/"3fa-glYcZYKU3Fm2V4FXX6WcvN/tCho"
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.paypal.com
cache-control: max-age=0, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *

Verdicts & Comments Add Verdict or Comment

112 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.google.com/recaptcha	1970-01-20 13:37:28	Name: _GRECAPTCHA Value: 09AOOcfwszwiWERmzb3EQ1MhVEmnCK9EHM5Uq4lcErPBCuFVmXbmNyQaGBpRp_R4q0vHQpLIa4dFWY7HsIdEn6Tzg
.duluthnewstribune.com/	1970-01-20 18:04:13	Name: sailthru_hid Value: 2f9d418e7c976574d92014248608b3516079d208caa652008f559453b56886473a97f6a9613a811680b7775b
.duluthnewstribune.com/	1970-01-20 09:18:27	Name: sailthru_bid Value: 30371758.81400
subscribe.duluthnewstribune.com/	1970-01-20 09:18:18	Name: connect.sid Value: s%3ADlnhpSHdhi4LaBDQwDx8BQAign2N1G6t.7XkPx8ZHhMfEp%2BTjPU%2BD3xgyLVBqNYUsMqGXeGTHzqg
.duluthnewstribune.com/	1970-01-20 18:02:49	Name: visid_incap_2844791 Value: oHFPpOG1T4Cenfd4Ir++hUPz12MAAAAAQUIPAAAAAADT7E3rcyV6LnHuJGPXn9p7
.duluthnewstribune.com/	1969-12-31 23:59:59	Name: nlbi_2844791 Value: 55CPYdQurzgHjJ+Yn9yu7AAAAAAAmLWy66oBmTY2M9/Q2wn5
.duluthnewstribune.com/	1969-12-31 23:59:59	Name: incap_ses_8077_2844791 Value: 3yb0JwI9bDkidXR7TkUXcEPz12MAAAAAK1lP2Tw/bZ7u2VdwmbgL4g==
.duluthnewstribune.com/	1970-01-20 11:27:52	Name: _gcl_au Value: 1.1.1183007041.1675096901
.duluthnewstribune.com/	1970-01-20 09:19:43	Name: _gid Value: GA1.2.2005857382.1675096901
.duluthnewstribune.com/	1970-01-20 09:18:16	Name: _gat_UA-778232-77 Value: 1
.duluthnewstribune.com/	1970-01-20 09:18:16	Name: _gat_UA-41542537-2 Value: 1
.duluthnewstribune.com/	1970-01-20 09:18:16	Name: _dc_gtm_UA-778232-32 Value: 1
.duluthnewstribune.com/	1970-01-20 11:27:52	Name: _fbp Value: fb.1.1675096900696.535371980
.duluthnewstribune.com/	1970-01-20 18:54:16	Name: _ga_Z15KJQ29H1 Value: GS1.1.1675096900.1.0.1675096900.0.0.0
.duluthnewstribune.com/	1970-01-20 18:03:52	Name: _attrb Value: %226fe7cd97-ae7c-4cc5-825a-5e91b81a55af%22
.doubleclick.net/	1970-01-20 18:39:52	Name: IDE Value: AHWqTUkMRmEXaaoz1Ia_MP13jgKxiec8wZIMOmGqNbdLrc2X4fUXX61GX7ATMOnJ3Vk
subscribe.duluthnewstribune.com/	1970-01-20 18:03:52	Name: ai_user Value: C4Gw5\|2023-01-30T16:41:42.304Z
login.forumcomm.com/	1970-01-20 18:04:14	Name: did Value: s%3Av0%3Af9db2d60-a0bc-11ed-b1ee-7d887a406ca4.P4%2FapRMVq7xPIbxQ%2Bnl6yo80G4WgG4jlcGq5IczAEYg
.duluthnewstribune.com/	1970-01-20 18:54:16	Name: anonDeviceId Value: 65b96f0b7807c3288c30641b2a44c072
.duluthnewstribune.com/	1970-01-20 18:54:16	Name: _ga Value: GA1.2.476978641.1675096901
.duluthnewstribune.com/	1970-01-20 09:18:16	Name: _gat_UA-778232-32 Value: 1
subscribe.duluthnewstribune.com/	1970-01-20 09:28:21	Name: AWSALB Value: t084oeTx/upNmG+/lU0pI95tpP3nKMQdeNj1W28Xc+pFHKd20w65ZIYISPvk95Q9EMfyWxpYrJKi7P/UjyIiB+561omNEIGNA8z1nTH6wmcseaXYadX8zHubiivE
subscribe.duluthnewstribune.com/	1970-01-20 09:28:21	Name: AWSALBCORS Value: t084oeTx/upNmG+/lU0pI95tpP3nKMQdeNj1W28Xc+pFHKd20w65ZIYISPvk95Q9EMfyWxpYrJKi7P/UjyIiB+561omNEIGNA8z1nTH6wmcseaXYadX8zHubiivE
.paypal.com/	1970-01-20 09:18:18	Name: l7_az Value: dcg15.slc
.paypal.com/	1970-01-20 18:54:16	Name: ts_c Value: vr%3D038e54131860a1d518550d15fd9088d4%26vt%3D038e54131860a1d518550d15fd9088d3
.paypal.com/	1970-01-20 18:03:52	Name: enforce_policy Value: gdpr_v2.1
.paypal.com/	1970-01-20 09:18:48	Name: LANG Value: de_DE%3BDE
www.paypal.com/	1969-12-31 23:59:59	Name: nsid Value: s%3AteuaRHdVnkfGfMPVd4lWt4VAsMJJjx0l.ARZvlTujrJC6yExwTFf66CReKJPJRzbyKdfrwYC4CCE
.paypal.com/	1970-01-20 09:22:36	Name: tsrce Value: loggernodeweb
.paypal.com/	1969-12-31 23:59:59	Name: x-pp-s Value: eyJ0IjoiMTY3NTA5NjkwNjY0NSIsImwiOiIwIiwibSI6IjAifQ
.paypal.com/	1970-01-20 18:54:16	Name: ts Value: vreXpYrS%3D1769791306%26vteXpYrS%3D1675098706%26vr%3D038e54131860a1d518550d15fd9088d4%26vt%3D038e54131860a1d518550d15fd9088d3%26vtyp%3Dnew

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors .subconadmin.com https://.subconadmin.com .mg2cms.com https://.mg2cms.com

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8975227.fls.doubleclick.net
adservice.google.com
adservice.google.de
api-mg2.db-ip.com
assets.braintreegateway.com
az416426.vo.msecnd.net
b.stats.paypal.com
bloximages.chicago2.vip.townnews.com
c.paypal.com
c6.paypal.com
cdn.auth0.com
cdn.confiant-integrations.net
cdn.godiciardstia.com
cdn.jsdelivr.net
cdn.mircheigeshoa.com
cdn.us.auth0.com
cdn.wgchrrammzv.com
checkout.paypal.com
client-analytics.braintreegateway.com
connect.facebook.net
dub.stats.paypal.com
fonts.googleapis.com
fonts.gstatic.com
js.braintreegateway.com
link.duluthnewstribune.com
loader-cdn.azureedge.net
login.forumcomm.com
maps.googleapis.com
payments.braintree-api.com
polyfill.io
pubads.g.doubleclick.net
region1.google-analytics.com
s3.amazonaws.com
scripts.attributionapp.com
static.forumcomm.com
stats.g.doubleclick.net
subscribe.duluthnewstribune.com
t.paypal.com
track.attributionapp.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.paypal.com
www.paypalobjects.com
104.16.132.24
107.154.76.234
107.20.71.201
13.225.78.26
13.248.139.42
13.32.110.66
142.250.185.166
143.204.207.119
143.204.215.52
151.101.130.133
172.67.75.166
18.195.154.142
18.65.39.24
192.229.221.25
2001:4860:4802:32::36
2600:9000:206f:4600:1b:e643:4ac0:93a1
2600:9000:2104:7800:1d:8f09:740:93a1
2606:2800:133:206e:1315:22a5:2006:24fd
2606:2800:233:1cb7:261b:1f9c:2074:3c
2606:4700::6812:116b
2a00:1450:4001:800::200a
2a00:1450:4001:802::2002
2a00:1450:4001:813::2004
2a00:1450:4001:82f::2002
2a00:1450:4001:82f::2003
2a00:1450:400c:c00::9c
2a00:1450:400d:802::200a
2a00:1450:400d:804::2002
2a00:1450:400d:806::2003
2a00:1450:400d:806::200e
2a00:1450:400d:80d::2008
2a00:1450:400d:80e::2003
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
2a04:4e42:200::485
2a04:4e42:600::282
52.216.129.141
54.221.251.148
64.4.245.84
65.9.66.51
0140fe134afa5d804bf7dc7fbd28b24712bf9b46876a5e24b022a512053a31ea
048a6896455dc416f090511470f8144a5a184d0232db7daef48218c643c5744e
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
0633be0754d8f21391eacd07f177335f08a1daabbba04ddc696283a27b0c005a
08ffbe8132934a6bff10ba3ce45c44031ddb3eff98a69d74a118efdcb51775e2
09cff25adf02e25fcdaac9140d0cfcf36060315f16e71031056b5570c6551a03
0a7cd92c980e820d3064ace1159a3e6be8c160f8d11e299558ab3c3574db8914
0c66c855006ab2ae4f702be94152ccc855d729ee985a3676d7e046763430e431
106cc265f34c25113c1c57a7b606878708cbb4205a66e82f495cd40014b24258
106fb417f17d07a860ebd1466dd44c0f30c754560e24e4f85ce5b4b560fd6bdc
1b34a42552c96f10e4dfaaa4a367276b03868aacff63c1ac42ffe331352bc754
1b9efb22c938500971aac2b2130a475fa23684dd69e43103894968df83145b8a
1eeab1cb779471a0b0aaa93dd91c2eb1aa537d696f01ab05ea9dabc55e8525a1
2101758325eb16502c38807c83e99c13c2d1c103e93c8c6a8da4bba0151395e8
24b57c02d8670f2a0f99ed9fff32356387a07f56a37bbc62ceba1c1e91712cc2
25376cd52fca883ddcae7106505cb20b4e4f3f0d38bdc4c37fbf60ff49f66655
25b02175cc0a4e36fda24db4b7de40009feb7b31f18fe3c77423a2169929b94b
26e79ccb25e9dd44ea28d12a67c5700f39d283f078dac70d287c6625b2fa2c92
2949750aadafc472d1039eeba65ded9b96ff4da450eabccfb13bcdca1219498a
2ae5aed8aab32ad79a23003eee65fec603ddbeed83b296ba4735ff840e12b005
30fa2094f726c9e4a2c520398c3fd07868e2c921789ba95bd875695d48f31141
337b763e64d123c71154131bc82585189c0796a15e6cbe04567f5424ba16e4e0
34dbe0c9bb6ca6343024f431f136f55315d91db5dfc43be93499652fede431ad
364e2686f137891c2053cf1263ff1d9aa19132253045cd7a70e253a7c32b4617
3725ef48f5d7b22d88fbb28285c411fdd8004795717e9c49a45c849528224190
37cbcec40035f5a1a0c4dde6f796f99f63b7220908a7e86885a1a6523d9fbaa5
392c1cfd7dba03273c21a643e0aa17b3374383d575c55e6b23c99f873227ae32
39cc6c78632abb08815246e75d23371d17c0106cfb4156297f74366c8404b533
3b8dd7a82c47f7bf109850f1182e54a731b6a95084b6d2b2f743b78d043963fa
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
443ae6d19eccb96c833d38664cc77797a6e37b9c3939c08161aebb02f6138cf2
447256eb31b03e8de245de6feb98fad0a7710874162ab5cd91bd39274eaed7a7
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
4a3569fc82e8fef2a9125e05232c934b475e8c895e2454de87877d78da71a325
4ae104b640aede82496b9e34d9a59c2e0f33d5d2ca1f264cb0ab23fd3f2372fa
4f4ace5760fd2511c5c9716b6be5bc050dc9b8b16a5ad0f45b2209e05df1e551
4fd1192135e7bb8f65d1220d492bdf97260eb699b8de3d5b13c32dee76e0eb99
510b0d3f2370083584fbfdc0d2978f0858beec21b1311e5d01c80780f207f3cb
5201c813c37a4168cc5c20c701d4391fd0a55625f97eb9f263a74fb52b52fd0e
5525155484aef569c783dcb2e9d0de43eadb0a85178d0361c34dd1ef115af43a
589811ead2d643bad35e02b83b5846ab14cf13082a85af3f57357c723e41bf07
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
5b74726d50ad888710f49a50c91351aee827fa48698bfec35bcf48db8350bef9
5bc1a085b5a152beb8d76e1eb2015840387d8d6c49491f81e20c2a0d9c57a8cf
6d770303dedbfeb897525ab66c5ca7eaf31da2c805486949898fc542908db53e
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
70212eacf2b641df77cb7f0b97262908d1f8abde30a8b77b1a7cd8ef7031ab7a
7654579a9c659e17b0a6ab96aaad669504ae01b4296f2aea54e6d62b14e27f04
7a0679f3f5a4488b98ad0911486a5457d9e3fc9a38badc143e749cf7ee735c9f
7a66f21721f4518d1ff299c661e3b857092b0c38ad9f8bc4a37ecbd15e87dbf3
7b6b21c3940c64005b788c31f0b332e032ee4623155a1706dcf19c1263b5ac8b
7d77b850d78c8ff02a573b154fff90efef82dbdc2d45508be82b1ebb33180cff
7e4cf736d933d3b1c3187b46b92e23440989c73a5a2c156f3fb07b3656140452
7e51ad247ed033aabcf348d5cfb60952c173b5b4e9a72ba18f564cb8a16a48d9
7ef953ff524169d26b6573ef24c57500074953bb56cbb3717443867aaccff9ba
80962ef1a0f4bc95fc4bac325bbfcc391dc701c2e89c304eb647c256d7d62583
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
847dacc32b53202f78c11dd1ba283ce0ca479b5f4c14707c0328c4cc5f8f62c3
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8b66f48278fb986f0f07a7827e508cdf1228e1f6a3960915ee2f8451112a256b
8cd76a979805baeb5eb2686bb5aaeccf8da8eaf8734f9a09da24dc0eecf2a948
8f9d77c779ee8d0f2d47977d8dde3417d807a02fb9e53855f3d5ba3cfd683402
911e1767c0c621c0c143f26bf344051c53b3d393db9fadc1510a2c0b6a150259
9321bc63a75b3ac6d384b411665b6e77a8b326a4b176ca2049872d3b5d4974f5
952833e41ba7a4b64c31a2d7b07dde81bf5bbacf5cbb967821cfe459d0c4a0d8
9df8b934c46e43688d69296a2d49a0f29ef40a15394ab4be7a48ee800d06e731
a1517c9cfb782a38eee949023240430056fb8cf5720b29df9024b77ffd6cf0f4
adbafddcae5c63de02cb1f7786956f8f1f5bbfec1fedf98b13224a6995d832f2
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b16536ac8f4dc22595142244daba17fd653cbeb18ab213d5e73a07df55f78264
b18208c9d118b2a3ef63d789e600229bcc86da65b1ccb37dbefe6cbc50ae11b0
b59e31aeaca17f052e5e16fa1713cb48d45997454c26ae2876302420b77751c2
b9f8516f04c2f3f9465988b06e88a7e9182155e96bcfd362c96720f21fe5c4c8
c22436bb94427caee97dc2e69b64c8af9cdd5a1b79790cc14a6a2a8b987b2b7a
c267fbb4ce5ff5b26d7e07d4ce147533bc52871d5aa6626fb48f92c05e708345
c868ec0a6a6feb68b3d764eb0324882539c6ceed96e815ae9a83ea985fab32fe
ca1f76f3e333116f0ed5ae78dbce5c9c407d50d21530beb81e9cc0db1fa4cfac
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cd2f63b83f84985f79d8539a5f6964a3b4e8843370b86306620869074f1bc816
cec2fe6ccfa38f972e79f25c46c812727d1048f7d364d3d5639cb2e9528acf5f
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
def7e4d139a8615c2721b3a2f0aee56e08052118029fa0bc8101fc0daea957d6
df29ab7936e6e6ec6f3f2a0a49d712646d7f73c34c95af836ad799fa2233f032
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6f5ff12991f04401e2b7f7a234cd5eddfe2dfcf95ce3a408c496956ccd311b3
e9cdf28b62df59bca53a06f6d2afbd81da3045e8f8def1f5ac370497ae59fd30
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f3c5832c691778a79fe79620991e47f0004d096f937161136f46fdfdad9f1d6f
f67709d5b91b51b3f1abd3d42bb0bfade31b58b1e8206ca1136979c383eb5853
f8ba90dee6579a98a846ba86bdd8467fb6837d31574335256a958e94e8961723

subscribe.duluthnewstribune.com Open in urlscan Pro 107.154.76.234 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

130 Requests

99 %HTTPS

55 %IPv6

28 Domains

47 Subdomains

40 IPs

5 Countries

2495 kBTransfer

8374 kBSize

31 Cookies

9 Outgoing links

Page URL History

Redirected requests

130 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

subscribe.duluthnewstribune.com Open in urlscan Pro
107.154.76.234 Public Scan

Screenshot
Live screenshot

Full Image

130
Requests

99 %
HTTPS

55 %
IPv6

28
Domains

47
Subdomains

40
IPs

5
Countries

2495 kB
Transfer

8374 kB
Size

31
Cookies

130 HTTP transactions
2 data transactions