urlscan.io logo urlscan.io
SecurityTrails logo

napavalleyregister.com Open in urlscan Pro
192.104.182.209  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://click1.email.napavalleyregister.com/upcvywffpfzschnysgqwwscpdcskdvcpcymbhmfggmmnhcy_ehbypdstbtfrhysyrsddd.html
Effective URL: https://napavalleyregister.com/news/local/
Submission: On September 22 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 39 IPs in 5 countries across 26 domains to perform 123 HTTP transactions. The main IP is 192.104.182.209, located in United States and belongs to LEE-ASN, US. The main domain is napavalleyregister.com.
TLS certificate: Issued by ZeroSSL ECC Domain Secure Site CA on September 7th 2021. Valid for: 3 months.
This is the only time napavalleyregister.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 74.214.203.11 14618 (AMAZON-AES)
7 192.104.182.209 10668 (LEE-ASN)
40 104.18.130.43 13335 (CLOUDFLAR...)
1 13.225.78.97 16509 (AMAZON-02)
1 2600:9000:21f... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
3 13.225.78.59 16509 (AMAZON-02)
15 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
2 2a03:2880:f01... 32934 (FACEBOOK)
1 2600:9000:20e... 16509 (AMAZON-02)
1 2 107.178.250.234 15169 (GOOGLE)
1 3 13.225.78.42 16509 (AMAZON-02)
1 2600:9000:20e... 16509 (AMAZON-02)
1 2 54.76.126.16 16509 (AMAZON-02)
1 13.225.83.200 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
2 34.102.205.239 15169 (GOOGLE)
1 2600:9000:21f... 16509 (AMAZON-02)
1 52.22.56.164 14618 (AMAZON-AES)
1 2a00:1450:400... 15169 (GOOGLE)
2 2600:9000:20e... 16509 (AMAZON-02)
1 1 2600:1f18:730... 14618 (AMAZON-AES)
1 34.206.124.188 14618 (AMAZON-AES)
2 54.154.228.217 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a03:2880:f11... 32934 (FACEBOOK)
1 3 52.19.22.209 16509 (AMAZON-02)
1 2.16.186.163 20940 (AKAMAI-ASN1)
2 2 142.250.74.194 15169 (GOOGLE)
1 52.0.73.248 14618 (AMAZON-AES)
1 3.127.52.31 16509 (AMAZON-02)
1 104.111.215.191 16625 (AKAMAI-AS)
1 34.247.104.176 16509 (AMAZON-02)
1 76.223.111.131 16509 (AMAZON-02)
123 39
1    74.214.203.11 (United States)

ASN14618 (AMAZON-AES, US)
click1.email.napavalleyregister.com
7    192.104.182.209 (United States)

ASN10668 (LEE-ASN, US)
PTR: cms.chicago2.vip.townnews.com
napavalleyregister.com
40    104.18.130.43 (None, )

ASN13335 (CLOUDFLARENET, US)
bloximages.chicago2.vip.townnews.com
1    13.225.78.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-97.fra2.r.cloudfront.net
tags.crwdcntrl.net
1    2600:9000:21f3:b400:3:b7e:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)
cmp.osano.com
2    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
5    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
3    13.225.78.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-59.fra2.r.cloudfront.net
tagan.adlightning.com
15    2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
contributor.google.com
fundingchoicesmessages.google.com
ampcid.google.de
analytics.google.com
3    2a00:1450:4001:812::2011 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
survey.g.doubleclick.net
6    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
1    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ampcid.google.com
3    2a00:1450:400c:c02::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2a00:1450:4001:80f::2010 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
storage.googleapis.com
2    2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
1    2600:9000:20eb:d200:2:36a1:2f40:21 (United States)

ASN16509 (AMAZON-02, US)
d81mfvml8p5ml.cloudfront.net
2    107.178.250.234 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 234.250.178.107.bc.googleusercontent.com
js.matheranalytics.com
3    13.225.78.42 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-42.fra2.r.cloudfront.net
sb.scorecardresearch.com
1    2600:9000:20eb:ec00:8:8845:1500:93a1 (United States)

ASN16509 (AMAZON-02, US)
b-code.liadm.com
2    54.76.126.16 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-126-16.eu-west-1.compute.amazonaws.com
insight.adsrvr.org
1    13.225.83.200 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-83-200.fra2.r.cloudfront.net
d1eoo1tco6rr5e.cloudfront.net
2    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
2    34.102.205.239 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 239.205.102.34.bc.googleusercontent.com
a.leetemplates.com
1    2600:9000:21f3:ae00:7:5031:dc0:21 (United States)

ASN16509 (AMAZON-02, US)
dn1i8v75r669j.cloudfront.net
1    52.22.56.164 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-22-56-164.compute-1.amazonaws.com
www.i.matheranalytics.com
1    2a00:1450:4001:80f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2600:9000:20eb:b800:e:98bf:5f00:21 (United States)

ASN16509 (AMAZON-02, US)
dkpklk99llpj0.cloudfront.net
1    2600:1f18:730:b140:3161:8a8b:ea8c:5d8b (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
rp.liadm.com
1    34.206.124.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-124-188.compute-1.amazonaws.com
rp4.liadm.com
2    54.154.228.217 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-154-228-217.eu-west-1.compute.amazonaws.com
am.freshrelevance.com
1    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    2a03:2880:f11c:8083:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
3    52.19.22.209 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-22-209.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
1    2.16.186.163 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-163.deploy.static.akamaitechnologies.com
sli.napavalleyregister.com
2    142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
cm.g.doubleclick.net
1    52.0.73.248 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-73-248.compute-1.amazonaws.com
thrtle.com
1    3.127.52.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-127-52-31.eu-central-1.compute.amazonaws.com
aa.agkn.com
1    104.111.215.191 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com
tags.bluekai.com
1    34.247.104.176 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-247-104-176.eu-west-1.compute.amazonaws.com
ml314.com
1    76.223.111.131 (United States)

ASN16509 (AMAZON-02, US)
PTR: a97adde81b00f2ca4.awsglobalaccelerator.com
match.adsrvr.org
Apex Domain
Subdomains		 Transfer
40 townnews.com
bloximages.chicago2.vip.townnews.com
737 KB
16 google.com
contributor.google.com
fundingchoicesmessages.google.com
ampcid.google.com
analytics.google.com
www.google.com
98 KB
9 napavalleyregister.com
click1.email.napavalleyregister.com
napavalleyregister.com
sli.napavalleyregister.com
59 KB
8 doubleclick.net
survey.g.doubleclick.net
stats.g.doubleclick.net
cm.g.doubleclick.net
407 KB
6 google-analytics.com
www.google-analytics.com
60 KB
5 cloudfront.net
d81mfvml8p5ml.cloudfront.net
d1eoo1tco6rr5e.cloudfront.net
dn1i8v75r669j.cloudfront.net
dkpklk99llpj0.cloudfront.net
22 KB
5 googletagmanager.com
www.googletagmanager.com
303 KB
4 google.de
adservice.google.de
ampcid.google.de
www.google.de
2 KB
4 crwdcntrl.net
tags.crwdcntrl.net
bcp.crwdcntrl.net
14 KB
3 facebook.com
www.facebook.com
503 B
3 adsrvr.org
insight.adsrvr.org
match.adsrvr.org
673 B
3 liadm.com
b-code.liadm.com
rp.liadm.com
rp4.liadm.com
11 KB
3 scorecardresearch.com
sb.scorecardresearch.com
2 KB
3 matheranalytics.com
js.matheranalytics.com
www.i.matheranalytics.com
43 KB
3 adlightning.com
tagan.adlightning.com
72 KB
2 freshrelevance.com
am.freshrelevance.com
5 KB
2 leetemplates.com
a.leetemplates.com
343 B
2 facebook.net
connect.facebook.net
114 KB
2 gstatic.com
www.gstatic.com
13 KB
1 ml314.com
ml314.com
422 B
1 bluekai.com
tags.bluekai.com
304 B
1 agkn.com
aa.agkn.com
415 B
1 thrtle.com
thrtle.com
1 googlesyndication.com
pagead2.googlesyndication.com
28 KB
1 googleapis.com
storage.googleapis.com
27 KB
1 osano.com
cmp.osano.com
60 KB
123 26
Domain Requested by
40 bloximages.chicago2.vip.townnews.com napavalleyregister.com
bloximages.chicago2.vip.townnews.com
12 fundingchoicesmessages.google.com napavalleyregister.com
tagan.adlightning.com
7 napavalleyregister.com napavalleyregister.com
6 www.google-analytics.com www.googletagmanager.com
napavalleyregister.com
www.google-analytics.com
5 www.googletagmanager.com napavalleyregister.com
www.googletagmanager.com
3 bcp.crwdcntrl.net 1 redirects tagan.adlightning.com
bcp.crwdcntrl.net
3 www.facebook.com napavalleyregister.com
3 sb.scorecardresearch.com 1 redirects napavalleyregister.com
3 stats.g.doubleclick.net www.google-analytics.com
www.googletagmanager.com
3 survey.g.doubleclick.net napavalleyregister.com
survey.g.doubleclick.net
3 tagan.adlightning.com napavalleyregister.com
tagan.adlightning.com
2 cm.g.doubleclick.net 2 redirects
2 am.freshrelevance.com tagan.adlightning.com
dkpklk99llpj0.cloudfront.net
2 dkpklk99llpj0.cloudfront.net d81mfvml8p5ml.cloudfront.net
2 a.leetemplates.com storage.googleapis.com
2 www.google.de napavalleyregister.com
2 insight.adsrvr.org 1 redirects d1eoo1tco6rr5e.cloudfront.net
2 js.matheranalytics.com 1 redirects napavalleyregister.com
2 connect.facebook.net napavalleyregister.com
connect.facebook.net
2 www.gstatic.com napavalleyregister.com
1 match.adsrvr.org bcp.crwdcntrl.net
1 ml314.com bcp.crwdcntrl.net
1 tags.bluekai.com bcp.crwdcntrl.net
1 aa.agkn.com bcp.crwdcntrl.net
1 thrtle.com bcp.crwdcntrl.net
1 sli.napavalleyregister.com
1 pagead2.googlesyndication.com tagan.adlightning.com
1 rp4.liadm.com napavalleyregister.com
1 rp.liadm.com 1 redirects
1 www.google.com napavalleyregister.com
1 www.i.matheranalytics.com napavalleyregister.com
1 dn1i8v75r669j.cloudfront.net d81mfvml8p5ml.cloudfront.net
1 analytics.google.com www.googletagmanager.com
1 d1eoo1tco6rr5e.cloudfront.net www.googletagmanager.com
1 b-code.liadm.com www.googletagmanager.com
1 d81mfvml8p5ml.cloudfront.net www.googletagmanager.com
1 storage.googleapis.com www.googletagmanager.com
1 ampcid.google.de www.google-analytics.com
1 ampcid.google.com www.google-analytics.com
1 adservice.google.de survey.g.doubleclick.net
1 contributor.google.com napavalleyregister.com
1 cmp.osano.com napavalleyregister.com
1 tags.crwdcntrl.net napavalleyregister.com
1 click1.email.napavalleyregister.com 1 redirects
123 44

This site contains links to these domains. Also see Links.

Domain
napawinetaste.com
www.napavalleyregister.com
lee.net
bloxcms.com
townnews.com
Subject Issuer Validity Valid
napavalleyregister.com
ZeroSSL ECC Domain Secure Site CA		 2021-09-07 -
2021-12-06		 3 months crt.sh
bloximages.chicago2.vip.townnews.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-09 -
2022-04-09		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
cmp.osano.com
Amazon		 2021-09-17 -
2022-10-16		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.adlightning.com
Amazon		 2021-06-24 -
2022-07-23		 a year crt.sh
*.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.storage.googleapis.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-09-09 -
2021-12-08		 3 months crt.sh
*.cloudfront.net
Amazon		 2021-03-19 -
2022-03-17		 a year crt.sh
js.matheranalytics.com
Sectigo RSA Domain Validation Secure Server CA		 2021-03-19 -
2022-04-19		 a year crt.sh
*.scorecardresearch.com
Amazon		 2021-02-28 -
2022-03-29		 a year crt.sh
*.liadm.com
Amazon		 2021-03-02 -
2022-03-31		 a year crt.sh
www.google.de
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
a.leetemplates.com
GTS CA 1D4		 2021-08-23 -
2021-11-21		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
www.i.matheranalytics.com
Sectigo RSA Domain Validation Secure Server CA		 2020-01-28 -
2022-01-27		 2 years crt.sh
www.google.com
GTS CA 1C3		 2021-08-30 -
2021-11-22		 3 months crt.sh
*.freshrelevance.com
Amazon		 2021-06-16 -
2022-07-15		 a year crt.sh
sli.buffalo.com
R3		 2021-09-22 -
2021-12-21		 3 months crt.sh
*.thrtle.com
Go Daddy Secure Certificate Authority - G2		 2021-03-22 -
2022-04-23		 a year crt.sh
*.agkn.com
RapidSSL RSA CA 2018		 2020-07-25 -
2022-09-18		 2 years crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2021-04-25 -
2022-04-26		 a year crt.sh
*.ml314.com
Amazon		 2021-01-17 -
2022-02-14		 a year crt.sh

This page contains 5 frames:

Primary Page: https://napavalleyregister.com/news/local/
Frame ID: 13EC70A5DEA242F3FFD8D6CE836898EA
Requests: 113 HTTP requests in this frame

Frame: https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe
Frame ID: 26BCABDAFB99B682626C03CB48F94F3F
Requests: 2 HTTP requests in this frame

Frame: https://am.freshrelevance.com/tpc/
Frame ID: 58FA4AD90CA8B6E9ECEA7AB5BE292E32
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 144173D302FC00B200C49872B4762FC5
Requests: 1 HTTP requests in this frame

Frame: https://bcp.crwdcntrl.net/5/ct=y/c=6894/rand=636752140/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20napavalleyregister%20%3A%20Total%20Site%20Traffic/int=%23OpR%2372332%23Site%20Section%20%3A%20news/med=%23OpR%2372333%23Keyword%20%3A%20napa%20valley%20register/rb=%7B%22meta_tag%22%3A%22napa%20valley%20register%22%7D/rt=ifr
Frame ID: F178C5EA97744444883A1E2E0E96CE64
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Local News | napavalleyregister.comPDF display adPDF display adPDF display adPDF display adPDF display adPDF display adPDF display adPDF display adPDF display adPDF display adPDF display adPDF display adPDF display adPDF display ad

Page URL History Show full URLs

  1. http://click1.email.napavalleyregister.com/upcvywffpfzschnysgqwwscpdcskdvcpcymbhmfggmmnhcy_ehbypdstbtfrhysyrsddd.html HTTP 302
    https://napavalleyregister.com/news/local/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /firebasejs/([\d.]+)/firebase
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/ns\.html[^>]+></iframe>
  • <!-- (?:End )?Google Tag Manager -->
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • tracker\.js
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

123
Requests

99 %
HTTPS

49 %
IPv6

26
Domains

44
Subdomains

39
IPs

5
Countries

2077 kB
Transfer

4785 kB
Size

30
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://click1.email.napavalleyregister.com/upcvywffpfzschnysgqwwscpdcskdvcpcymbhmfggmmnhcy_ehbypdstbtfrhysyrsddd.html HTTP 302
    https://napavalleyregister.com/news/local/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 68
  • https://js.matheranalytics.com/s/ma1527/725149331/lee/ml.js?cb=1574 HTTP 301
  • https://js.matheranalytics.com/static/ltm/ma1527/lee/5/ml.br.js
Request Chain 71
  • https://insight.adsrvr.org/tags/nebsjkp/21usqg2/iframe HTTP 303
  • https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe
Request Chain 75
  • https://sb.scorecardresearch.com/b?c1=2&c2=10345586&ns__t=1632338719265&ns_c=UTF-8&cv=3.5&c8=Local%20News%20%7C%20napavalleyregister.com&c7=https%3A%2F%2Fnapavalleyregister.com%2Fnews%2Flocal%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=10345586&ns__t=1632338719265&ns_c=UTF-8&cv=3.5&c8=Local%20News%20%7C%20napavalleyregister.com&c7=https%3A%2F%2Fnapavalleyregister.com%2Fnews%2Flocal%2F&c9=
Request Chain 99
  • https://rp.liadm.com/j?tna=v2.0.1&aid=a-019p&wpn=lc-bundle&pu=https%3A%2F%2Fnapavalleyregister.com%2Fnews%2Flocal%2F&duid=449232a86859--01fg7fgcjb85dmkvf439wdqy9b&se=e30&dtstmp=1632338719426 HTTP 302
  • https://rp4.liadm.com/j?tna=v2.0.1&aid=a-019p&wpn=lc-bundle&pu=https%3A%2F%2Fnapavalleyregister.com%2Fnews%2Flocal%2F&duid=449232a86859--01fg7fgcjb85dmkvf439wdqy9b&se=e30&dtstmp=1632338719426&i6=MmEwMTo0Zjg6YTE6MWExOjgyOjox&n3pc=true
Request Chain 115
  • https://bcp.crwdcntrl.net/5/c=6894/rand=636752140/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20napavalleyregister%20%3A%20Total%20Site%20Traffic/int=%23OpR%2372332%23Site%20Section%20%3A%20news/med=%23OpR%2372333%23Keyword%20%3A%20napa%20valley%20register/rb=%7B%22meta_tag%22%3A%22napa%20valley%20register%22%7D/rt=ifr HTTP 302
  • https://bcp.crwdcntrl.net/5/ct=y/c=6894/rand=636752140/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20napavalleyregister%20%3A%20Total%20Site%20Traffic/int=%23OpR%2372332%23Site%20Section%20%3A%20news/med=%23OpR%2372333%23Keyword%20%3A%20napa%20valley%20register/rb=%7B%22meta_tag%22%3A%22napa%20valley%20register%22%7D/rt=ifr
Request Chain 117
  • https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=YWY3MTI2OTRmZjIzYmUzMTk5OWRmYTM2Mzc2ODc3ZTM HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=YWY3MTI2OTRmZjIzYmUzMTk5OWRmYTM2Mzc2ODc3ZTM&google_tc= HTTP 302
  • https://bcp.crwdcntrl.net/gmap/?tp=GDMP&google_error=3

123 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
napavalleyregister.com/news/local/
Redirect Chain
  • http://click1.email.napavalleyregister.com/upcvywffpfzschnysgqwwscpdcskdvcpcymbhmfggmmnhcy_ehbypdstbtfrhysyrsddd.html
  • https://napavalleyregister.com/news/local/
339 KB
48 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://napavalleyregister.com/news/local/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
b9f8c3e05942ae2318ad24f9a9827faecab676916f560fc2a418ce4615feba36
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
napavalleyregister.com
:scheme
https
:path
/news/local/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Wed, 22 Sep 2021 19:21:17 GMT
content-type
text/html; charset=UTF-8
x-loop
1
referrer-policy
strict-origin-when-cross-origin
last-modified
Wed, 22 Sep 2021 19:21:16 GMT
x-robots-tag
noarchive
x-ua-compatible
IE=edge
link
<https://bloximages.chicago2.vip.townnews.com>; rel=preconnect dns-prefetch; crossorigin <https://bloximages.chicago2.vip.townnews.com/napavalleyregister.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js>; rel=preload; as=script </shared-content/art/tncms/user/user.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/napavalleyregister.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/napavalleyregister.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/napavalleyregister.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.440cdcae2c3272df39c09befc9eb3dd6.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/napavalleyregister.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.cb897187c4718280fd69d2e6d6c3909d.js>; rel=preload; as=script <https://bloximages.chicago2.vip.townnews.com/napavalleyregister.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js>; rel=preload; as=script
x-tncms
1.59.3; app1; 0.8s; 8.4M
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
x-xss-protection
1; mode=block
cache-control
public, max-age=60, s-maxage=30, must-revalidate, proxy-revalidate
etag
W/44ab23d3a662a4d72fe6d1882e9f67b4
content-encoding
gzip
vary
X-IPCountry, X-Townnews-Now-API-Version, Accept-Encoding
age
240
x-vcache
HIT
accept-ranges
bytes
content-length
47301

Redirect headers

Server
Apache-Coyote/1.1
Connection
Keep-Alive
Keep-Alive
timeout=60
Set-Cookie
JSESSIONID=94538A28FA657A33EB433BB466CA3212; Path=/; HttpOnly
Location
https://napavalleyregister.com/news/local/
Content-Type
text/html;charset=utf-8
Content-Length
0
Date
Wed, 22 Sep 2021 19:25:16 GMT
jquery.min.d6d18fcf88750a16d256e72626e676a6.js
bloximages.chicago2.vip.townnews.com/napavalleyregister.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/ 		98 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/napavalleyregister.com/shared-content/art/tncms/templates/libraries/flex/components/jquery/resources/scripts/jquery.min.d6d18fcf88750a16d256e72626e676a6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 19:25:18 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1900157
cf-ray
692deb1c2ca34dd6-FRA
last-modified
Wed, 07 Jul 2021 20:09:22 GMT
x-vcache
HIT
server
cloudflare
etag
W/"60e609f2-1882c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Wed, 31 Aug 2022 19:01:35 GMT
user.js
napavalleyregister.com/shared-content/art/tncms/user/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://napavalleyregister.com/shared-content/art/tncms/user/user.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
0bd4bf1ae6486cfafef2d68fa19256bf5f9e2c5ec095a974e57722ef1696164c

Request headers

:path
/shared-content/art/tncms/user/user.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
napavalleyregister.com
referer
https://napavalleyregister.com/news/local/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/news/local/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 19:22:34 GMT
content-encoding
gzip
last-modified
Wed, 25 Aug 2021 22:07:06 GMT
age
163
etag
W/"6126bf0a-29a2"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=600
x-vcache
HIT
accept-ranges
bytes
content-length
3909
service-worker-allowed
/
bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js
bloximages.chicago2.vip.townnews.com/napavalleyregister.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/ 		39 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/napavalleyregister.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/scripts/bootstrap.min.d457560d3dfbf1d56a225eb99d7b0702.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 19:25:18 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
837236
cf-ray
692deb1c2cb04dd6-FRA
last-modified
Fri, 06 Sep 2019 14:16:03 GMT
x-vcache
MISS
server
cloudflare
etag
W/"5d726a23-9bd8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Sat, 23 Apr 2022 01:25:05 GMT
common.08a61544f369cc43bf02e71b2d10d49f.js
bloximages.chicago2.vip.townnews.com/napavalleyregister.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 		32 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/napavalleyregister.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/common.08a61544f369cc43bf02e71b2d10d49f.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ddd1991e3d8ce67431989f8cca95743706d110f064ed2b3609041a3f20e50d2c
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 19:25:18 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
11578916
cf-ray
692deb1c2cb14dd6-FRA
last-modified
Wed, 05 May 2021 20:06:42 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6092fad2-8154"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Wed, 11 May 2022 19:01:10 GMT
tnt.440cdcae2c3272df39c09befc9eb3dd6.js
bloximages.chicago2.vip.townnews.com/napavalleyregister.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/napavalleyregister.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.440cdcae2c3272df39c09befc9eb3dd6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
39b3f4ea7da5be033ccad2fbabd47e7fc1aeb7ef44651b4c1e08a216aabbef8d
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 19:25:18 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
6736017
cf-ray
692deb1c2ca54dd6-FRA
last-modified
Tue, 06 Jul 2021 13:05:13 GMT
x-vcache
MISS
server
cloudflare
etag
W/"60e45509-23b6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Wed, 06 Jul 2022 19:01:13 GMT
application.cb897187c4718280fd69d2e6d6c3909d.js
bloximages.chicago2.vip.townnews.com/napavalleyregister.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/napavalleyregister.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/application.cb897187c4718280fd69d2e6d6c3909d.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
165f2224fdb220f295f4c441bad7dfc35fd9ef57cb56af722285137944f598a7
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 19:25:18 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
13183665
cf-ray
692deb1c2cac4dd6-FRA
last-modified
Fri, 16 Apr 2021 14:03:19 GMT
x-vcache
HIT
server
cloudflare
etag
W/"60799927-104a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Thu, 21 Apr 2022 19:01:19 GMT
tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js
bloximages.chicago2.vip.townnews.com/napavalleyregister.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		2 KB
946 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/napavalleyregister.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.navigation.accessibility.7a9170240d21440159b9bd59db72933b.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
75845ddd51e5f375f7b7aa868937566eb92118d0ee118cd3154db1a95d7b8dd0
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 19:25:18 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
2568630
cf-ray
692deb1c2cae4dd6-FRA
last-modified
Tue, 06 Jul 2021 13:05:12 GMT
x-vcache
MISS
server
cloudflare
etag
W/"60e45508-9ae"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Wed, 06 Jul 2022 19:01:13 GMT
bootstrap.min.44f4ed00052aeaf66307fd409db0d101.css
bloximages.chicago2.vip.townnews.com/napavalleyregister.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/ 		107 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/napavalleyregister.com/shared-content/art/tncms/templates/libraries/flex/components/bootstrap/resources/styles/bootstrap.min.44f4ed00052aeaf66307fd409db0d101.css
Requested by
Host: napavalleyregister.com
URL: https://napavalleyregister.com/news/local/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1d584af3d0a8ad98207995400856e5e8c608551e080e252ed413e82c19ffd04f
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 19:25:18 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
837236
cf-ray
692deb1c2c974dd6-FRA
last-modified
Fri, 16 Apr 2021 14:03:10 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6079991e-1ab8e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Sat, 23 Apr 2022 01:25:05 GMT
layout.ad27c9f77605d024db8c365716c30e23.css
bloximages.chicago2.vip.townnews.com/napavalleyregister.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/ 		138 KB
25 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/napavalleyregister.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/styles/layout.ad27c9f77605d024db8c365716c30e23.css
Requested by
Host: napavalleyregister.com
URL: https://napavalleyregister.com/news/local/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c8bd9b846c0afbbbe8b440a5a38bf5e8bfe94236ae439e7fe2f93ddf15bcee96
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 19:25:18 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1900157
cf-ray
692deb1c2c9a4dd6-FRA
last-modified
Wed, 25 Aug 2021 16:37:28 GMT
x-vcache
HIT
server
cloudflare
etag
W/"612671c8-2268b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Wed, 31 Aug 2022 19:01:35 GMT
lee.ds.css
bloximages.chicago2.vip.townnews.com/napavalleyregister.com/content/tncms/live/libraries/flex/components/lee_ds_v2/resources/styles/ 		63 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/napavalleyregister.com/content/tncms/live/libraries/flex/components/lee_ds_v2/resources/styles/lee.ds.css?_dc=1631862113
Requested by
Host: napavalleyregister.com
URL: https://napavalleyregister.com/news/local/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d6bc5ccc0d04e6ccfbecd2bd5775b3604995e5196b4e08c179d0885e7e94925
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 19:25:18 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
476008
cf-ray
692deb1c2c9d4dd6-FRA
last-modified
Fri, 17 Sep 2021 07:01:53 GMT
x-vcache
MISS
server
cloudflare
etag
W/"61443d61-fc8d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Sat, 17 Sep 2022 07:07:10 GMT
flex-notification-controls.e115619c5ab5d4eb38fbd29cc0d2ea9b.css
bloximages.chicago2.vip.townnews.com/napavalleyregister.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/ 		6 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/napavalleyregister.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/styles/flex-notification-controls.e115619c5ab5d4eb38fbd29cc0d2ea9b.css
Requested by
Host: napavalleyregister.com
URL: https://napavalleyregister.com/news/local/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4ef0cb2e94b5b79911d8647651823f8c4a39b0f1192bf85b2caa9ce9db3fd7e1
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 19:25:18 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
13273536
cf-ray
692deb1c2c9f4dd6-FRA
last-modified
Fri, 23 Oct 2020 13:10:04 GMT
x-vcache
MISS
server
cloudflare
etag
W/"5f92d62c-189c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Fri, 05 Nov 2021 06:51:43 GMT
owl.carousel.d631cca58a0d014854c4a6c1815f1da3.css
bloximages.chicago2.vip.townnews.com/napavalleyregister.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/styles/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/napavalleyregister.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/styles/owl.carousel.d631cca58a0d014854c4a6c1815f1da3.css
Requested by
Host: napavalleyregister.com
URL: https://napavalleyregister.com/news/local/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f43f4ee69c1e53622d634119250c9ecc2b189983c3e9dcf6bca4c59523b2b4e
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 19:25:18 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
510793
cf-ray
692deb1c2ca14dd6-FRA
last-modified
Wed, 05 May 2021 20:07:33 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6092fb05-12b0"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
text/css
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Wed, 25 May 2022 05:50:34 GMT
cc.js
tags.crwdcntrl.net/c/6894/ 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/c/6894/cc.js?ns=_cc6894
Requested by
Host: napavalleyregister.com
URL: https://napavalleyregister.com/news/local/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-97.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5a2f10e09cd6e81eb686dbca9e6056ed485e87d3869bac347455547c294cb036

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Wed, 22 Sep 2021 09:57:30 GMT
content-encoding
gzip
last-modified
Tue, 15 Dec 2020 16:50:47 GMT
server
AmazonS3
age
35087
etag
W/"8cd042d9f203fe2e01747c7444f95498"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
application/json
via
1.1 edfd22ec6695cdc9d7ac634220af1315.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
AQreodEJDnyZ45bXImkTY_zj-Cn56JVHKjmqyJh8Qp20TKxdnlC9NA==
osano.js
cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/ 		285 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.osano.com/16CVqQSid6k3038vU/fef0f8b2-698d-45ee-89c5-d8fbf51fbfb7/osano.js
Requested by
Host: napavalleyregister.com
URL: https://napavalleyregister.com/news/local/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:b400:3:b7e:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
c43747103a0c5861f11bac8f5d66cf149d70214756861656bccf7faea4f541be
Security Headers
Name Value
Strict-Transport-Security max-age=2592000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 11:45:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
27597
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
content-length
60648
x-xss-protection
mode=block
last-modified
Wed, 15 Sep 2021 13:50:51 GMT
server
CloudFront
x-frame-options
SAMEORIGIN
etag
"5cd742aa07341341da18d60e6f18c083"
strict-transport-security
max-age=2592000
content-type
application/javascript; charset=utf-8
via
1.1 32e3b86ae254a231182567c0124af893.cloudfront.net (CloudFront)
cache-control
public, max-age=86400, s-maxage=86400, must-revalidate, proxy-revalidate, no-transform
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
lnpBa8nC2XwixXpkta3Sk3xLP6OGlVwKLmHusO5602YgZyiUbP5o5A==
user-controls.578df3df79d812af55ab13bae47f9857.js
bloximages.chicago2.vip.townnews.com/napavalleyregister.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/ 		532 B
476 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/napavalleyregister.com/shared-content/art/tncms/templates/libraries/flex/components/block/resources/scripts/user-controls.578df3df79d812af55ab13bae47f9857.js
Requested by
Host: napavalleyregister.com
URL: https://napavalleyregister.com/news/local/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
321fb426ca5f214a70f2faf9f9ded0e9332a1d134c0279983cb821d50c94b7f2
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 19:25:18 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
5317566
cf-ray
692deb1cdde84dd6-FRA
last-modified
Wed, 05 May 2021 20:06:25 GMT
x-vcache
MISS
server
cloudflare
etag
W/"6092fac1-214"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Wed, 25 May 2022 06:05:07 GMT
owl.carousel.66c591eb93f177b0f59892f361c3b1b4.js
bloximages.chicago2.vip.townnews.com/napavalleyregister.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 		40 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/napavalleyregister.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/owl.carousel.66c591eb93f177b0f59892f361c3b1b4.js
Requested by
Host: napavalleyregister.com
URL: https://napavalleyregister.com/news/local/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
372942d78c26534b977fdcd8ab0969e899bd5b12482acb12f6062547bbed6afe
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 19:25:18 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
13401541
cf-ray
692deb1cddf44dd6-FRA
last-modified
Fri, 23 Oct 2020 13:08:45 GMT
x-vcache
MISS
server
cloudflare
etag
W/"5f92d5dd-9fc4"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Fri, 05 Nov 2021 04:59:39 GMT
tnt.notify.a814fe612f2dcba9061edc229aeaf90b.js
bloximages.chicago2.vip.townnews.com/napavalleyregister.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/napavalleyregister.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.notify.a814fe612f2dcba9061edc229aeaf90b.js
Requested by
Host: napavalleyregister.com
URL: https://napavalleyregister.com/news/local/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
15c5217bab15791da899bebeec1b32e57bcd02d20f8847c6440f47ededcdf625
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 19:25:18 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
6736014
cf-ray
692deb1cddf54dd6-FRA
last-modified
Tue, 06 Jul 2021 13:05:11 GMT
x-vcache
MISS
server
cloudflare
etag
W/"60e45507-db8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Wed, 06 Jul 2022 19:01:13 GMT
tnt.notify.panel.d7dc4795339f38cc067ead9f2f5ef1fb.js
bloximages.chicago2.vip.townnews.com/napavalleyregister.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/napavalleyregister.com/shared-content/art/tncms/templates/libraries/flex/components/template/resources/scripts/tnt.notify.panel.d7dc4795339f38cc067ead9f2f5ef1fb.js
Requested by
Host: napavalleyregister.com
URL: https://napavalleyregister.com/news/local/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2ff30298cb08600b21e18d99439aab14c6616c4436c5183aeeb1b47f68994448
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 19:25:18 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
6736014
cf-ray
692deb1cddf64dd6-FRA
last-modified
Tue, 06 Jul 2021 13:05:12 GMT
x-vcache
MISS
server
cloudflare
etag
W/"60e45508-19d8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Wed, 06 Jul 2022 19:01:13 GMT
firebase-app.js
www.gstatic.com/firebasejs/6.6.2/ 		11 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/6.6.2/firebase-app.js
Requested by
Host: napavalleyregister.com
URL: https://napavalleyregister.com/news/local/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b10a075758097bb0578287af03c76a9fcd82fa4607587109ae41fe2d24756600
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sun, 19 Sep 2021 07:01:31 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
303827
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3945
x-xss-protection
0
last-modified
Thu, 19 Sep 2019 21:11:52 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"firebase-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/firebase-js"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="firebase-js"
expires
Mon, 19 Sep 2022 07:01:31 GMT
firebase-messaging.js
www.gstatic.com/firebasejs/6.6.2/ 		31 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/firebasejs/6.6.2/firebase-messaging.js
Requested by
Host: napavalleyregister.com
URL: https://napavalleyregister.com/news/local/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5e55a21dfa3a20ceb298737c8f4c517a83d7960468c7f53b3f33c567bacff3c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Fri, 17 Sep 2021 07:46:00 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
473958
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/firebase-js
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8653
x-xss-protection
0
last-modified
Thu, 19 Sep 2019 21:11:54 GMT
server
sffe
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 17 Sep 2022 07:46:00 GMT
messaging.js
napavalleyregister.com/shared-content/art/tncms/api/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://napavalleyregister.com/shared-content/art/tncms/api/messaging.js
Requested by
Host: napavalleyregister.com
URL: https://napavalleyregister.com/news/local/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
fe5d23d415187d71dfa026db8852418f98513ef7f7a1c3e1321bc95d6d6a0f5f

Request headers

:path
/shared-content/art/tncms/api/messaging.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
napavalleyregister.com
referer
https://napavalleyregister.com/news/local/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/news/local/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 19:23:19 GMT
content-encoding
gzip
last-modified
Wed, 25 Aug 2021 22:07:06 GMT
age
118
etag
W/"6126bf0a-11aa"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=600
x-vcache
HIT
accept-ranges
bytes
content-length
1259
service-worker-allowed
/
tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js
bloximages.chicago2.vip.townnews.com/napavalleyregister.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/ 		198 B
268 B 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/napavalleyregister.com/shared-content/art/tncms/templates/libraries/flex/components/ads/resources/scripts/tnt.ads.adverts.66a3812a7b5c12fde8cd998fd691ad7d.js
Requested by
Host: napavalleyregister.com
URL: https://napavalleyregister.com/news/local/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8416f8febc369c76d3fc82e78d0c49c84bf1dd1904b73cee557fccdbbb5b9005
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 19:25:18 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
13273536
cf-ray
692deb1c2ca84dd6-FRA
last-modified
Fri, 23 Oct 2020 13:09:55 GMT
x-vcache
MISS
server
cloudflare
etag
W/"5f92d623-c6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Wed, 03 Nov 2021 07:17:07 GMT
tracking.js
napavalleyregister.com/shared-content/art/tncms/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://napavalleyregister.com/shared-content/art/tncms/tracking.js
Requested by
Host: napavalleyregister.com
URL: https://napavalleyregister.com/news/local/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
18eadbed616a1c6d3afcf2750befa4c653869688479efbfdb0020c7c836d718b

Request headers

:path
/shared-content/art/tncms/tracking.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
napavalleyregister.com
referer
https://napavalleyregister.com/news/local/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/news/local/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 19:21:53 GMT
content-encoding
gzip
last-modified
Wed, 25 Aug 2021 22:07:06 GMT
age
204
etag
W/"6126bf0a-a4b"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=600
x-vcache
HIT
accept-ranges
bytes
content-length
1149
service-worker-allowed
/
fontawesome.3aa64d478db9cdd63e9d4b159e0c9334.js
bloximages.chicago2.vip.townnews.com/napavalleyregister.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/ 		253 KB
91 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/napavalleyregister.com/shared-content/art/tncms/templates/libraries/flex/components/plugins/resources/scripts/fontawesome.3aa64d478db9cdd63e9d4b159e0c9334.js
Requested by
Host: napavalleyregister.com
URL: https://napavalleyregister.com/news/local/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b3a9a6006e4c01d6d84a49eecf07cf36a818779ff4e99bbff22850f02de9c7a8
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 19:25:18 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
1900157
cf-ray
692deb1cddf74dd6-FRA
last-modified
Wed, 25 Aug 2021 16:36:45 GMT
x-vcache
HIT
server
cloudflare
etag
W/"6126719d-3f553"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Wed, 31 Aug 2022 19:01:35 GMT
tracker.js
napavalleyregister.com/shared-content/art/stats/common/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://napavalleyregister.com/shared-content/art/stats/common/tracker.js
Requested by
Host: napavalleyregister.com
URL: https://napavalleyregister.com/news/local/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f

Request headers

:path
/shared-content/art/stats/common/tracker.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
napavalleyregister.com
referer
https://napavalleyregister.com/news/local/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/news/local/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 19:22:07 GMT
content-encoding
gzip
last-modified
Thu, 03 Jun 2021 19:09:11 GMT
age
190
etag
W/"60b928d7-2200"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=600
x-vcache
HIT
accept-ranges
bytes
content-length
3224
service-worker-allowed
/
napavalleyregister.com.png
bloximages.chicago2.vip.townnews.com/central.leetemplates.com/content/tncms/live/global/resources/images/logos/ds/400/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/central.leetemplates.com/content/tncms/live/global/resources/images/logos/ds/400/napavalleyregister.com.png?_dc=Sep.Wed.2021
Requested by
Host: napavalleyregister.com
URL: https://napavalleyregister.com/news/local/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2e6b587f22b7539ce069930acbc0e235321f672f247832f04675ab8d9dee415
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 19:25:18 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
40481
last-modified
Wed, 25 Sep 2019 23:13:11 GMT
content-length
10521
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"5d8bf487-2919"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
692deb1cddf84dd6-FRA
expires
Thu, 22 Sep 2022 07:00:28 GMT
c2e90b3a-4de8-11ea-b290-03e978da448c.png
bloximages.chicago2.vip.townnews.com/napavalleyregister.com/content/tncms/custom/image/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/napavalleyregister.com/content/tncms/custom/image/c2e90b3a-4de8-11ea-b290-03e978da448c.png
Requested by
Host: napavalleyregister.com
URL: https://napavalleyregister.com/news/local/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3212f7405cbfcef2392b003dfcd30704bd7330cdcf686a04e0446ddd77a30edc
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 19:25:18 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
13182648
last-modified
Wed, 12 Feb 2020 22:41:08 GMT
content-length
1917
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"5e447f04-77d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
692deb1cddf94dd6-FRA
expires
Fri, 25 Feb 2022 20:04:26 GMT
8006605a-4de4-11ea-b290-830d517685ed.png
bloximages.chicago2.vip.townnews.com/napavalleyregister.com/content/tncms/custom/image/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/napavalleyregister.com/content/tncms/custom/image/8006605a-4de4-11ea-b290-830d517685ed.png
Requested by
Host: napavalleyregister.com
URL: https://napavalleyregister.com/news/local/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2cb7a069e7fca9907b032c95173d6c819d4a52f92ca869117e0fae18c038982a
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 19:25:18 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
13180048
last-modified
Wed, 12 Feb 2020 22:10:38 GMT
content-length
4108
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"5e4477de-100c"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
692deb1cddfb4dd6-FRA
expires
Fri, 25 Feb 2022 07:03:53 GMT
gtm.js
www.googletagmanager.com/ 		184 KB
63 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Requested by
Host: napavalleyregister.com
URL: https://napavalleyregister.com/news/local/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
962f3870e9f7381b1f27f0c57a5faa33ce7b3749e5fd166de4e7c025f48a7579
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 19:25:18 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63587
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 18:14:07 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 22 Sep 2021 19:25:18 GMT
5a599a28-4de6-11ea-b290-cf76c53a31c0.png
bloximages.chicago2.vip.townnews.com/napavalleyregister.com/content/tncms/custom/image/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/napavalleyregister.com/content/tncms/custom/image/5a599a28-4de6-11ea-b290-cf76c53a31c0.png?resize=400%2C102
Requested by
Host: napavalleyregister.com
URL: https://napavalleyregister.com/news/local/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3ea5aaa321b6db46636e2589abb34162f817a1040ebcfadbfdfe6e75b7e0a6c1
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 19:25:18 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
5316854
last-modified
Wed, 12 Feb 2020 22:23:54 GMT
content-length
5021
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"e28c6f47b1efd4ac51caccb69c6984ac"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
692deb1cddfe4dd6-FRA
expires
Wed, 25 May 2022 06:32:57 GMT
op.js
tagan.adlightning.com/leeenterprises/ 		44 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/leeenterprises/op.js
Requested by
Host: napavalleyregister.com
URL: https://napavalleyregister.com/news/local/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-59.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
7a137eb707a598c8e2b37ebbda2f392300d42df11701338857809d57e69a0adc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

x-amz-version-id
IgCTV1xwJrOsSSfgdwPyPF_JNv4r2qxL
content-encoding
gzip
etag
"2291843556e17540a82a6498b9e8886c"
age
63
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
content-length
18401
x-amz-meta-git_commit
7b120a5
last-modified
Tue, 21 Sep 2021 21:34:52 GMT
server
AmazonS3
date
Wed, 22 Sep 2021 19:24:58 GMT
content-type
application/javascript
via
1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
x-amz-cf-id
2EMQActRFJ-215VZdL88T-J0JXJt8T24Z9Dkht2O-LZoji1NAZV5Rw==
f98ed0c3-91c5-47cb-8884-9f7be90471d3
https://napavalleyregister.com/ 		419 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://napavalleyregister.com/f98ed0c3-91c5-47cb-8884-9f7be90471d3
Requested by
Host: napavalleyregister.com
URL: https://napavalleyregister.com/news/local/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0feed76d752929bb586de606efaf6a920f49452499ebeb463c84c8610556449

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Length
419
Content-Type
text/javascript
loader.js
contributor.google.com/scripts/b765fd5c002b8ec/ 		0
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contributor.google.com/scripts/b765fd5c002b8ec/loader.js
Requested by
Host: napavalleyregister.com
URL: https://napavalleyregister.com/news/local/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-1WfZCi7UFYKwMdrmMmE0Ow' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorTargetingHttp/cspreport;worker-src 'self', script-src 'nonce-1WfZCi7UFYKwMdrmMmE0Ow' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorTargetingHttp/cspreport
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 19:25:18 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorTargetingHttp/cspreport
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorTargetingHttp"
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=31536000
report-to
{"group":"ContributorTargetingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorTargetingHttp/external"}]}
content-type
application/javascript; charset=utf-8
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
cache-control
private, max-age=3600
content-security-policy
script-src 'report-sample' 'nonce-1WfZCi7UFYKwMdrmMmE0Ow' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorTargetingHttp/cspreport;worker-src 'self', script-src 'nonce-1WfZCi7UFYKwMdrmMmE0Ow' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorTargetingHttp/cspreport
expires
Wed, 22 Sep 2021 19:25:18 GMT
AGSKWxWx7yQUhe008vdbx7qOwWhCKmR-osSuFC3DDyvCm_K_nNMTjE2EGmV28JFHdjHcINdbHwRu0oRU4n5mb0jEyQ==
fundingchoicesmessages.google.com/f/ 		92 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWx7yQUhe008vdbx7qOwWhCKmR-osSuFC3DDyvCm_K_nNMTjE2EGmV28JFHdjHcINdbHwRu0oRU4n5mb0jEyQ==
Requested by
Host: napavalleyregister.com
URL: https://napavalleyregister.com/news/local/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
d09a1cbec72fcd36623e97a32d538a5969b8d5efdb691818b7c3dff9c43ec57f
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-gUQyzyZn4pYlC81WS9b4BA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-gUQyzyZn4pYlC81WS9b4BA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 19:25:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options
SAMEORIGIN
report-to
{"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-security-policy
script-src 'report-sample' 'nonce-gUQyzyZn4pYlC81WS9b4BA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-gUQyzyZn4pYlC81WS9b4BA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
tracker.gif
napavalleyregister.com/shared-content/art/stats/common/ 		0
48 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://napavalleyregister.com/shared-content/art/stats/common/tracker.gif?tnms_rs=1600x1200x24&tnms_vtum=1&tnms_vt=1&tnms_vid=163233871821116001200990388114737&tnms_dt=Local%20News%20%7C%20napavalleyregister.com&tnms_upage=1&tnms_do=napavalleyregister.com&tnms_uri=/news/local/&tnms_ref=&rt=1632338718214
Requested by
Host: napavalleyregister.com
URL: https://napavalleyregister.com/news/local/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path
/shared-content/art/stats/common/tracker.gif?tnms_rs=1600x1200x24&tnms_vtum=1&tnms_vt=1&tnms_vid=163233871821116001200990388114737&tnms_dt=Local%20News%20%7C%20napavalleyregister.com&tnms_upage=1&tnms_do=napavalleyregister.com&tnms_uri=/news/local/&tnms_ref=&rt=1632338718214
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
napavalleyregister.com
referer
https://napavalleyregister.com/news/local/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/news/local/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 19:25:18 GMT
content-length
0
survey
survey.g.doubleclick.net/ 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://survey.g.doubleclick.net/survey?site=_z5zxl2mrnaqn64afv7ltk6emqi&url=https%3A%2F%2Fnapavalleyregister.com%2Fnews%2Flocal%2F&cid=everything&random=1632338718215
Requested by
Host: napavalleyregister.com
URL: https://napavalleyregister.com/news/local/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
30f62e62973c17b57be850de0ffbd8d77182f7d45e2374b3645740b91953e1e9
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://napavalleyregister.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 19:25:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cache-control
private, no-cache, must-revalidate, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
vary
*
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 11 Aug 2021 00:32:57 GMT
server
Golfe2
age
1998
date
Wed, 22 Sep 2021 18:52:00 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Wed, 22 Sep 2021 20:52:00 GMT
gtm.js
www.googletagmanager.com/ 		98 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-5MTD44X&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PDQV3N
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
54bfe2c6bd1a37452b5151455f620ac88b8bf616104fb353ca23a245d203d971
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 19:25:18 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37588
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 18:14:07 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 22 Sep 2021 19:25:18 GMT
AGSKWxWjkStduVQxfxR2G3YOS1p_2waFburZEX1FVfeGsCByTwCZX2N6FJcQQwr1pFfWjIVFFEZk-ZbPwCoT6faMCA==
fundingchoicesmessages.google.com/el/ 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWjkStduVQxfxR2G3YOS1p_2waFburZEX1FVfeGsCByTwCZX2N6FJcQQwr1pFfWjIVFFEZk-ZbPwCoT6faMCA==?pvid=E02E439E-91A6-4421-837D-DA429909394F&anonid=3C91AE1D-6A61-460E-B6BE-E608DA456828
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.de.Wsg_BJu831I.es5.O/d=1/rs=AJlcJMyF_MonYpsnewGdAPPGL03Uk7stiQ/m=loader_js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-DMHEh+q7Kg+1VRJEBap7Tw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-DMHEh+q7Kg+1VRJEBap7Tw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://napavalleyregister.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 22 Sep 2021 19:25:18 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
x-frame-options
SAMEORIGIN
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type
text/html; charset=utf-8
access-control-allow-origin
https://napavalleyregister.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-DMHEh+q7Kg+1VRJEBap7Tw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-DMHEh+q7Kg+1VRJEBap7Tw' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWVzT7MPgWYeM7eQjU2ZDNElSyy1l1C0SG4kNIpBcXmN0i-4N2e3X5U8wdJpiU26QHBNAPGqUv-n2p0H_-jrQ==
fundingchoicesmessages.google.com/f/ 		84 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWVzT7MPgWYeM7eQjU2ZDNElSyy1l1C0SG4kNIpBcXmN0i-4N2e3X5U8wdJpiU26QHBNAPGqUv-n2p0H_-jrQ==?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCwyLFsxNjMyMzM4NzE4LDM1MTAwMDAwMF0sIkUwMkU0MzlFLTkxQTYtNDQyMS04MzdELURBNDI5OTA5Mzk0RiIsIjNDOTFBRTFELTZBNjEtNDYwRS1CNkJFLUU2MDhEQTQ1NjgyOCIsbnVsbCxbbnVsbCxbN11dLCJodHRwczovL25hcGF2YWxsZXlyZWdpc3Rlci5jb20vbmV3cy9sb2NhbC8iXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.de.Wsg_BJu831I.es5.O/d=1/rs=AJlcJMyF_MonYpsnewGdAPPGL03Uk7stiQ/m=loader_js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
00ccb505ceabaf01946aff3584017bbb6de299c446ae5922aa5bfcb6702112dd
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-06lyeFockhbIx7/SjSbD+Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-06lyeFockhbIx7/SjSbD+Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 19:25:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-06lyeFockhbIx7/SjSbD+Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-06lyeFockhbIx7/SjSbD+Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
prompt_embed_static__de.js
survey.g.doubleclick.net/insights/consumersurveys/static/438036761283989205/ 		401 KB
401 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://survey.g.doubleclick.net/insights/consumersurveys/static/438036761283989205/prompt_embed_static__de.js
Requested by
Host: survey.g.doubleclick.net
URL: https://survey.g.doubleclick.net/survey?site=_z5zxl2mrnaqn64afv7ltk6emqi&url=https%3A%2F%2Fnapavalleyregister.com%2Fnews%2Flocal%2F&cid=everything&random=1632338718215
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Frontend /
Resource Hash
5ba4ea8c8cc539d637c034dde8990903e67d03f2fd61b64f64d0c970b61da99a

Request headers

Referer
https://napavalleyregister.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Tue, 21 Sep 2021 07:54:16 GMT
last-modified
Thu, 16 Sep 2021 17:20:23 GMT
server
Google Frontend
age
127862
content-type
application/javascript
x-cloud-trace-context
10ed566cfb959835d2334675b870ff2d
cache-control
public, max-age=2592000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
410609
integrator.sync.js
adservice.google.de/adsid/ 		111 B
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.sync.js?domain=napavalleyregister.com
Requested by
Host: survey.g.doubleclick.net
URL: https://survey.g.doubleclick.net/survey?site=_z5zxl2mrnaqn64afv7ltk6emqi&url=https%3A%2F%2Fnapavalleyregister.com%2Fnews%2Flocal%2F&cid=everything&random=1632338718215
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
da46bc766028c67f94e34c39ecf0c36513fd5ffffe1e126ce09908ebcd671eb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 22 Sep 2021 19:25:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
104
x-xss-protection
0
publisher:getClientId
ampcid.google.com/v1/ 		74 B
558 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://napavalleyregister.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 22 Sep 2021 19:25:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://napavalleyregister.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
94
x-xss-protection
0
prompt
survey.g.doubleclick.net/gk/ 		0
160 B 		Script
General
Check archive.org
Download Go to
Full URL
https://survey.g.doubleclick.net/gk/prompt?site=_z5zxl2mrnaqn64afv7ltk6emqi&t=1&url=https%3A%2F%2Fnapavalleyregister.com%2Fnews%2Flocal%2F&cid=everything&random=1632338718354&ref=&token=
Requested by
Host: survey.g.doubleclick.net
URL: https://survey.g.doubleclick.net/survey?site=_z5zxl2mrnaqn64afv7ltk6emqi&url=https%3A%2F%2Fnapavalleyregister.com%2Fnews%2Flocal%2F&cid=everything&random=1632338718215
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2011 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://napavalleyregister.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

x-why
UserPrivacyInfo does not meet requirements to be served (LAT and/or OPT_OUT modifier).
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 22 Sep 2021 19:25:18 GMT
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=utf-8
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
23
x-xss-protection
0
publisher:getClientId
ampcid.google.de/v1/ 		3 B
259 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://napavalleyregister.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 22 Sep 2021 19:25:18 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
x-frame-options
SAMEORIGIN
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://napavalleyregister.com
access-control-expose-headers
vary,vary,vary,content-encoding,date,server,content-length
cache-control
private
access-control-allow-credentials
true
vary
Origin, X-Origin, Referer
content-length
23
x-xss-protection
0
js
www.googletagmanager.com/gtag/ 		121 KB
48 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-NFTGWT90ER&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MTD44X&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
e623c5f82b25fcf65a7e81c57fff477387e7caca5ad8a0eed291dd2e9e5eb36d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 19:25:18 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
48815
x-xss-protection
0
expires
Wed, 22 Sep 2021 19:25:18 GMT
gtm.js
www.googletagmanager.com/ 		398 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TDWDC2
Requested by
Host: napavalleyregister.com
URL: https://napavalleyregister.com/news/local/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6b7e9d318e58c01413eaecfa9cb3a2e55d42222e0c5c189f05afabb681a06e86
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 19:25:18 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
96940
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 18:14:07 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Wed, 22 Sep 2021 19:25:18 GMT
truncated
/ 		73 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ 		75 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e31c42447e764b1195ff393437950867800ce2465dd3724c95640f4f5b34487c

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Content-Type
image/png
serif-ds.woff2
bloximages.chicago2.vip.townnews.com/napavalleyregister.com/content/tncms/live/libraries/flex/components/lee_ds_v2/resources/images/ 		26 KB
26 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://bloximages.chicago2.vip.townnews.com/napavalleyregister.com/content/tncms/live/libraries/flex/components/lee_ds_v2/resources/images/serif-ds.woff2
Requested by
Host: bloximages.chicago2.vip.townnews.com
URL: https://bloximages.chicago2.vip.townnews.com/napavalleyregister.com/content/tncms/live/libraries/flex/components/lee_ds_v2/resources/styles/lee.ds.css?_dc=1631862113
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f98e8196d88bff2a006872a05d79c2d695f6dda36e0aecdd0ace020207809f40
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Referer
https://bloximages.chicago2.vip.townnews.com/napavalleyregister.com/content/tncms/live/libraries/flex/components/lee_ds_v2/resources/styles/lee.ds.css?_dc=1631862113
Origin
https://napavalleyregister.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 19:25:18 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
13183445
last-modified
Mon, 02 Nov 2020 19:42:07 GMT
content-length
26164
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"5fa0610f-6634"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
application/font-woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
692deb1eae8dc2fe-FRA
expires
Sun, 07 Nov 2021 08:12:41 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
465 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-54716522-7&cid=704446114.1632338719&jid=2094205901&gjid=1283994264&_gid=1708887127.1632338719&_u=YGBAgUABAAQCAE~&z=83996779
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c02::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://napavalleyregister.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 22 Sep 2021 19:25:18 GMT
content-type
text/plain
access-control-allow-origin
https://napavalleyregister.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&aip=1&a=2086945376&t=pageview&_s=1&dl=https%3A%2F%2Fnapavalleyregister.com%2Fnews%2Flocal%2F&ul=en-us&de=UTF-8&dt=Local%20News%20%7C%20napavalleyregister.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgUABAAQC~&jid=2094205901&gjid=1283994264&cid=704446114.1632338719&tid=UA-54716522-7&_gid=1708887127.1632338719&gtm=2wg9k0PDQV3N&cd2=editorial&cd3=flex&cd4=flex-editorial&cd5=no&cd6=Large%3A%20Desktop%20computers.&cd8=200&cd9=No&cd10=No&cd12=No&cd13=https%3A%2F%2Fnapavalleyregister.com%2Fnews%2Flocal%2F&cd16=No&cd17=Page%20View&cm1=796&z=924874830
Requested by
Host: napavalleyregister.com
URL: https://napavalleyregister.com/news/local/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 16:05:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
11999
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
b-7b120a5-9b73d8fb.js
tagan.adlightning.com/leeenterprises/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/leeenterprises/b-7b120a5-9b73d8fb.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-59.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
d9af544bca7998f6fbb9e9fcff9cef9d9f69881812cda8fe6ee4edfafd1b8cbb

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 01 Sep 2021 12:36:33 GMT
content-encoding
gzip
age
1838926
x-cache
Hit from cloudfront
content-length
28059
x-amz-meta-git_commit
7b120a5
last-modified
Tue, 03 Aug 2021 17:19:43 GMT
server
AmazonS3
etag
"afbaa3aad41d7158588b073852555441"
x-amz-version-id
UwnBm7ykwrNr0B_E7_LAdvuY6BfIaOeW
via
1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
6kNSbA_soNS9uD_TruSAOvU9u8gG7iahxfGhQODWyTWeDSZt9ObRsQ==
bl-79dc637-4b9531a8.js
tagan.adlightning.com/leeenterprises/ 		59 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/leeenterprises/bl-79dc637-4b9531a8.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.59 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-59.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f3ac0531a31762cc3168b9903ecd84aa040ef70af17b44803d977da207c7e599

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 21 Sep 2021 21:55:50 GMT
content-encoding
gzip
age
77369
x-edge-origin-shield-skipped
0
x-cache
Hit from cloudfront
content-length
25663
x-amz-meta-git_commit
79dc637
last-modified
Tue, 21 Sep 2021 21:34:01 GMT
server
AmazonS3
etag
"04ac5144716d2dd010948d3a52075bf2"
x-amz-version-id
VQVhC.vyy9bVvoe_03gqjRqt9y846VeI
via
1.1 d6b9c7bad28b271f1e800a50d49ab8a4.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C2
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
Wwx9y8aIRxm6gm6lGsBFkCMN0RdIZHKV1_PomYy3bCTnzWUwszEKAw==
collect
www.google-analytics.com/g/ 		0
137 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-NFTGWT90ER&gtm=2oe9k0&_p=2086945376&sr=1600x1200&ul=en-us&cid=704446114.1632338719&_s=1&dl=https%3A%2F%2Fnapavalleyregister.com%2Fnews%2Flocal%2F&dt=Local%20News%20%7C%20napavalleyregister.com&sid=1632338718&sct=1&seg=0&en=page_view&_fv=1&_ss=1&ep.application=editorial&ep.theme=flex&ep.skin_name=flex-editorial&ep.subscription_required=No&epn.blox_render_time=796&up.logged_in=No
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-NFTGWT90ER&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://napavalleyregister.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 19:25:18 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://napavalleyregister.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
614aca8414521.preview-620.jpg
bloximages.chicago2.vip.townnews.com/napavalleyregister.com/content/tncms/assets/v3/eedition/5/4b/54b7340b-2fe7-51b8-8f43-be6e5ef6043e/ 		161 KB
161 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/napavalleyregister.com/content/tncms/assets/v3/eedition/5/4b/54b7340b-2fe7-51b8-8f43-be6e5ef6043e/614aca8414521.preview-620.jpg?resize=620%2C1268
Requested by
Host: napavalleyregister.com
URL: https://napavalleyregister.com/news/local/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c3ce2d96ebd4a12ea6c88bbada843d0c1803fade312e1719889e1eb63d3a24c4
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 19:25:18 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
39591
last-modified
Wed, 22 Sep 2021 06:17:40 GMT
cf-bgj
h2pri
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"24c8684ce30e7b55b2117389f589a69a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
692deb208e074dd6-FRA
expires
Thu, 22 Sep 2022 07:01:31 GMT
6149fabb7cbd5.preview.png
bloximages.chicago2.vip.townnews.com/napavalleyregister.com/content/tncms/assets/v3/editorial/9/2f/92fc48e8-e660-5fc8-b7a2-938cd3d72684/ 		28 KB
28 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/napavalleyregister.com/content/tncms/assets/v3/editorial/9/2f/92fc48e8-e660-5fc8-b7a2-938cd3d72684/6149fabb7cbd5.preview.png?resize=150%2C84
Requested by
Host: napavalleyregister.com
URL: https://napavalleyregister.com/news/local/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1e21d5b207d77e6718f7c92c679d496a6fe7f2331ae7dab78f635805c41232ac
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 19:25:18 GMT
cf-cache-status
HIT
last-modified
Tue, 21 Sep 2021 15:31:08 GMT
server
cloudflare
etag
"377ad677451d48b82c67880ecd9bc427"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-vcache
MISS
strict-transport-security
max-age=604800
cf-ray
692deb208e104dd6-FRA
x-robots-tag
noarchive
expires
Wed, 21 Sep 2022 16:22:28 GMT
6130650750bb6.image.jpg
bloximages.chicago2.vip.townnews.com/napavalleyregister.com/content/tncms/assets/v3/editorial/0/24/024cc1ce-12dc-59cb-8b84-8aff6ac13079/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/napavalleyregister.com/content/tncms/assets/v3/editorial/0/24/024cc1ce-12dc-59cb-8b84-8aff6ac13079/6130650750bb6.image.jpg?crop=728%2C410%2C0%2C155&resize=150%2C84&order=crop%2Cresize
Requested by
Host: napavalleyregister.com
URL: https://napavalleyregister.com/news/local/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3968a98801a543546eb18f3f58a29b140d371c59ab6eafb76ef64528133bd43b
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 19:25:18 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
562843
last-modified
Thu, 02 Sep 2021 05:45:43 GMT
cf-bgj
h2pri
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"5b954c2d09bba2f7feb9ff45847cabaa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
692deb208e134dd6-FRA
expires
Fri, 02 Sep 2022 06:17:17 GMT
6130650721892.image.jpg
bloximages.chicago2.vip.townnews.com/napavalleyregister.com/content/tncms/assets/v3/editorial/3/7c/37ca1ac7-4ded-5f68-a2d8-e4e39d601a18/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/napavalleyregister.com/content/tncms/assets/v3/editorial/3/7c/37ca1ac7-4ded-5f68-a2d8-e4e39d601a18/6130650721892.image.jpg?crop=600%2C338%2C0%2C13&resize=150%2C84&order=crop%2Cresize
Requested by
Host: napavalleyregister.com
URL: https://napavalleyregister.com/news/local/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f3ed7caa8c5cd3c49197eecdd4080ddeb192bc8a5cec039d2e49bdb4b461bf45
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 19:25:18 GMT
cf-cache-status
HIT
age
303441
last-modified
Thu, 02 Sep 2021 05:45:43 GMT
strict-transport-security
max-age=604800
content-length
2889
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"1dd5472871e1888d01c53784714b8b9e"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
expires
Fri, 02 Sep 2022 05:59:05 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
692deb208e144dd6-FRA
cf-bgj
h2pri
614b532fef240.preview.png
bloximages.chicago2.vip.townnews.com/napavalleyregister.com/content/tncms/assets/v3/editorial/a/b0/ab011dc7-7f97-51f0-ae22-41d813a30c89/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/napavalleyregister.com/content/tncms/assets/v3/editorial/a/b0/ab011dc7-7f97-51f0-ae22-41d813a30c89/614b532fef240.preview.png?resize=150%2C84
Requested by
Host: napavalleyregister.com
URL: https://napavalleyregister.com/news/local/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a007cbf5aaad9838bd75d808715579d93ea60b285a95b0e5bcf68f8e499fbb83
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 19:25:18 GMT
vary
Accept-Encoding
cf-cache-status
HIT
last-modified
Wed, 22 Sep 2021 16:00:48 GMT
content-length
19689
x-robots-tag
noarchive
x-vcache
HIT
server
cloudflare
etag
"b8563327db991cee439454fc47b67bdc"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
692deb208e184dd6-FRA
expires
Thu, 22 Sep 2022 17:15:42 GMT
614abc20a3039.preview.png
bloximages.chicago2.vip.townnews.com/napavalleyregister.com/content/tncms/assets/v3/editorial/4/24/424f711e-6cc7-50bd-9c86-a931561645fb/ 		122 KB
122 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/napavalleyregister.com/content/tncms/assets/v3/editorial/4/24/424f711e-6cc7-50bd-9c86-a931561645fb/614abc20a3039.preview.png?crop=620%2C349%2C0%2C0&resize=540%2C304&order=crop%2Cresize
Requested by
Host: napavalleyregister.com
URL: https://napavalleyregister.com/news/local/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9a2e1c0eaa710faee6a13d3bdf9df0150d0344114b69974d3e3a19cd810d601
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 19:25:18 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
7075
cf-ray
692deb208e194dd6-FRA
last-modified
Wed, 22 Sep 2021 05:16:16 GMT
x-vcache
MISS
server
cloudflare
etag
"0b338f7c1497da4df76e5a582ce4e193"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Thu, 22 Sep 2022 11:36:52 GMT
614a48c4097eb.image.jpg
bloximages.chicago2.vip.townnews.com/napavalleyregister.com/content/tncms/assets/v3/editorial/8/1e/81e98426-b1dc-5801-9ced-b55eb402e393/ 		14 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/napavalleyregister.com/content/tncms/assets/v3/editorial/8/1e/81e98426-b1dc-5801-9ced-b55eb402e393/614a48c4097eb.image.jpg?crop=1763%2C992%2C0%2C91&resize=540%2C304&order=crop%2Cresize
Requested by
Host: napavalleyregister.com
URL: https://napavalleyregister.com/news/local/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
717035449ba02888f3a591aa246bc897269ce70496aad7e88d235b7472df04f0
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 19:25:18 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
46237
last-modified
Tue, 21 Sep 2021 21:04:04 GMT
cf-bgj
h2pri
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"99e14629007a023bb62976b81552a083"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
692deb208e1c4dd6-FRA
expires
Wed, 21 Sep 2022 23:03:12 GMT
614a48c4097eb.image.jpg
bloximages.chicago2.vip.townnews.com/napavalleyregister.com/content/tncms/assets/v3/editorial/8/1e/81e98426-b1dc-5801-9ced-b55eb402e393/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/napavalleyregister.com/content/tncms/assets/v3/editorial/8/1e/81e98426-b1dc-5801-9ced-b55eb402e393/614a48c4097eb.image.jpg?crop=1763%2C992%2C0%2C91&resize=200%2C113&order=crop%2Cresize
Requested by
Host: napavalleyregister.com
URL: https://napavalleyregister.com/news/local/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
81b72a589333f8d9cb50123a5f8ebaba023d8cf25b75fe5485c120804041ed3e
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 19:25:18 GMT
cf-cache-status
HIT
age
64074
last-modified
Tue, 21 Sep 2021 21:04:04 GMT
strict-transport-security
max-age=604800
content-length
4388
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"c6f7c1869b11dfae95b827b26924dfe8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
expires
Wed, 21 Sep 2022 23:04:37 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
692deb208e244dd6-FRA
cf-bgj
h2pri
js
www.googletagmanager.com/gtag/ 		164 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-F8FFLLVDEZ&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5MTD44X&l=dataLayer
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
5a237a8e57b640b31bcdb2571b5c30e1d98c3074a10791e782ef4f1eed8cd68b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 19:25:18 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
62455
x-xss-protection
0
expires
Wed, 22 Sep 2021 19:25:18 GMT
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 18:27:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3464
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Wed, 22 Sep 2021 19:27:34 GMT
sp-gzip-2-17-3.js
storage.googleapis.com/lee-snowplow/static/ 		77 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://storage.googleapis.com/lee-snowplow/static/sp-gzip-2-17-3.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDWDC2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2010 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
UploadServer /
Resource Hash
7169b20ff9116852953e326ad3776ac06c0f14a5a21a3e07f3fb8b5c46418a61

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 18:43:14 GMT
content-encoding
gzip
age
2524
x-guploader-uploadid
ADPycdsSglH2VSAIN98A2rQXthDmkoLb_XimJQ20KX1rUuf8dmz7nOlVbkhT01qN4LWXX0OngKnKV8yKgoWP-PI0Efc
x-goog-storage-class
STANDARD
x-goog-custom-time
1970-01-01T00:00:00Z
x-goog-metageneration
4
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
26950
x-goog-meta-
last-modified
Thu, 18 Feb 2021 15:16:40 GMT
server
UploadServer
etag
"d3142accd3f370a95f561f0fbfb3114b"
vary
Accept-Encoding
x-goog-hash
crc32c=C/nZJQ==, md5=0xQqzNPzcKlfVh8Pv7MRSw==
x-goog-generation
1613661400000346
cache-control
max-age=31536000
x-goog-stored-content-length
26950
accept-ranges
bytes
content-type
text/javascript
expires
Thu, 22 Sep 2022 18:43:14 GMT
fbevents.js
connect.facebook.net/en_US/ 		98 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: napavalleyregister.com
URL: https://napavalleyregister.com/news/local/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
ab43cf929d649dba8ce38c92dec4849c8049b678fec9942ae08df5ca57757280
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
25969
x-xss-protection
0
pragma
public
x-fb-debug
lOIur9PUyL4cdcNjGaBIUuQLCs/ZVjzGL2YDO1EusWy78rqdRNig/fTU4bem5l2+JOrTlJ3XfRTm2kVozR7RrQ==
x-fb-trip-id
686109401
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
DENY
date
Wed, 22 Sep 2021 19:25:18 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
priority
u=3,i
expires
Sat, 01 Jan 2000 00:00:00 GMT
i99g3gee.js
d81mfvml8p5ml.cloudfront.net/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d81mfvml8p5ml.cloudfront.net/i99g3gee.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDWDC2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:d200:2:36a1:2f40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3c9a2d086d47148ae23b40fb16fa13a5bd578e40aa7ee5acabd1ad9d3c958ecf

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 19:23:21 GMT
content-encoding
br
last-modified
Thu, 29 Jul 2021 19:07:57 GMT
server
AmazonS3
age
487
etag
W/"d5439e10177501ec79fe34fba97cb263"
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
application/javascript; charset=utf-8
via
1.1 d8eef512ab23f23f549b4cd25ac5328d.cloudfront.net (CloudFront)
cache-control
max-age=600
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
MLS1ndxwRGvG_AHGDwNPdhPBeoCQBsCTh8-yjqMT9a8TfavBHmexBw==
ml.br.js
js.matheranalytics.com/static/ltm/ma1527/lee/5/
Redirect Chain
  • https://js.matheranalytics.com/s/ma1527/725149331/lee/ml.js?cb=1574
  • https://js.matheranalytics.com/static/ltm/ma1527/lee/5/ml.br.js
145 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.matheranalytics.com/static/ltm/ma1527/lee/5/ml.br.js
Requested by
Host: napavalleyregister.com
URL: https://napavalleyregister.com/news/local/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.178.250.234 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
234.250.178.107.bc.googleusercontent.com
Software
nginx /
Resource Hash
8e69c64655718315422d63e22bc7dddaacd2fe1e1ceb20a6758287a76b9c6f66

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 01:25:29 GMT
content-encoding
br
last-modified
Wed, 04 Aug 2021 03:52:13 GMT
server
nginx
age
64790
etag
"96d23de5d1ede166c2abc188adf1ebd7"
vary
Accept-Encoding
x-cache
HIT Wed, 04 Aug 2021 04:04:18 GMT
content-type
application/x-javascript
via
1.1 google
cache-control
public,max-age=3600
alt-svc
clear
content-length
43093

Redirect headers

date
Wed, 22 Sep 2021 19:25:18 GMT
via
1.1 google
server
nginx
vary
Accept-Encoding
location
https://js.matheranalytics.com/static/ltm/ma1527/lee/5/ml.br.js
cache-control
public, max-age=269200
alt-svc
clear
x-served-by
3-gc-euw1-10921
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: napavalleyregister.com
URL: https://napavalleyregister.com/news/local/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-42.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 05:46:39 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
49123
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
application/javascript
via
1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
Qm4JnLzH4MyIQF0Bf2T2RcUZyqZeaxt_pVJx0rMZTFmIPLEzWJ8PvA==
a-019p.min.js
b-code.liadm.com/ 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://b-code.liadm.com/a-019p.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDWDC2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:ec00:8:8845:1500:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ZIO-Http /
Resource Hash
44ceb655dc840965b9d1a5f680c569af9935a6cc7bc82135622d1fa137b41e02

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 19:03:23 GMT
content-encoding
gzip
server
ZIO-Http
age
1315
vary
Accept-Encoding
x-edge-origin-shield-skipped
0
content-type
application/javascript
via
1.1 5a5b94c62ea85e0c0d78b169589b08b5.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
OzOcIhnES_5TLw_uAdMseMX_PtAKdb30CbUhXtorHrUD8NTXvHuWpA==
iframe
d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/ Frame 26BC
Redirect Chain
  • https://insight.adsrvr.org/tags/nebsjkp/21usqg2/iframe
  • https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe
138 B
662 B 		Document
General
Check archive.org
Download Go to
Full URL
https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TDWDC2
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
13.225.83.200 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-83-200.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3f7d4fce911e0a58ed4224b9f65d90a98d8bb7b76d25ad2610485b9baaa1d447

Request headers

Host
d1eoo1tco6rr5e.cloudfront.net
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://napavalleyregister.com/
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/

Response headers

Content-Type
text/html
Content-Length
138
Connection
keep-alive
Last-Modified
Fri, 09 Jul 2021 12:42:12 GMT
Accept-Ranges
bytes
Server
AmazonS3
X-Edge-Origin-Shield-Skipped
0
Date
Wed, 22 Sep 2021 09:36:38 GMT
Cache-Control
max-age=86400
ETag
"50351b1f6590b5c4886c111874e016a0"
X-Cache
Hit from cloudfront
Via
1.1 7158aa4ac648947d564b98d9769b5b2b.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
FRA2-C2
X-Amz-Cf-Id
hzjTIjHfqfy9vCwuaB57mjQSh6BlzWfbNP58h2Ly8cb-4Tj2YbM34Q==
Age
36958

Redirect headers

date
Wed, 22 Sep 2021 19:25:18 GMT
content-type
text/html; charset=UTF-8
content-length
183
location
https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe
server
Microsoft-IIS/10.0
x-powered-by
ASP.NET
collect
analytics.google.com/g/ 		0
119 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://analytics.google.com/g/collect?v=2&tid=G-F8FFLLVDEZ&gtm=2oe9k0&_p=2086945376&sr=1600x1200&_gaz=1&ul=en-us&cid=704446114.1632338719&_s=1&dl=https%3A%2F%2Fnapavalleyregister.com%2Fnews%2Flocal%2F&dt=Local%20News%20%7C%20napavalleyregister.com&sid=1632338718&sct=1&seg=0&en=page_view&_fv=1&_ss=2&ep.asset_flag_array=false&ep.asset_tag_array=false&ep.domain=napavalleyregister.com&ep.page_type=index&up.user_status=anonymous&up.user_subscription=No
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-F8FFLLVDEZ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://napavalleyregister.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 19:25:19 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://napavalleyregister.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
56 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-F8FFLLVDEZ&cid=704446114.1632338719&gtm=2oe9k0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-F8FFLLVDEZ&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c02::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://napavalleyregister.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 19:25:19 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://napavalleyregister.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-F8FFLLVDEZ&cid=704446114.1632338719&gtm=2oe9k0&aip=1&z=1853628781
Requested by
Host: napavalleyregister.com
URL: https://napavalleyregister.com/news/local/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 19:25:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=10345586&ns__t=1632338719265&ns_c=UTF-8&cv=3.5&c8=Local%20News%20%7C%20napavalleyregister.com&c7=https%3A%2F%2Fnapavalleyregister.com%2Fnews%2Flocal%2F&c9=
  • https://sb.scorecardresearch.com/b2?c1=2&c2=10345586&ns__t=1632338719265&ns_c=UTF-8&cv=3.5&c8=Local%20News%20%7C%20napavalleyregister.com&c7=https%3A%2F%2Fnapavalleyregister.com%2Fnews%2Flocal%2F&c9=
64 B
328 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=10345586&ns__t=1632338719265&ns_c=UTF-8&cv=3.5&c8=Local%20News%20%7C%20napavalleyregister.com&c7=https%3A%2F%2Fnapavalleyregister.com%2Fnews%2Flocal%2F&c9=
Requested by
Host: napavalleyregister.com
URL: https://napavalleyregister.com/news/local/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.78.42 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-78-42.fra2.r.cloudfront.net
Software
/
Resource Hash
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 19:25:19 GMT
via
1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
etag
W/"40-jHLN3x5dWpBzaQm4lkBmDWvrjrg"
x-cache
Miss from cloudfront
content-type
image/gif; charset=utf-8
content-length
64
x-amz-cf-id
6gA4np-8CRtSGEwGc5DE_w-FvAGwcNDZWhzNQoy4dA_wDpd6E25ycw==

Redirect headers

date
Wed, 22 Sep 2021 19:25:19 GMT
via
1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA2-C2
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=10345586&ns__t=1632338719265&ns_c=UTF-8&cv=3.5&c8=Local%20News%20%7C%20napavalleyregister.com&c7=https%3A%2F%2Fnapavalleyregister.com%2Fnews%2Flocal%2F&c9=
content-length
221
x-amz-cf-id
IjkYixwIMb_vj1mynChbfgNx_N7tgHn3f1V04g5gCWa1hfZQUQc5ew==
yy2
a.leetemplates.com/lee/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://a.leetemplates.com/lee/yy2
Protocol
H2
Server
34.102.205.239 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
239.205.102.34.bc.googleusercontent.com
Software
akka-http/10.1.12 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://napavalleyregister.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

access-control-allow-origin
https://napavalleyregister.com
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, SP-Anonymous
access-control-max-age
5
server
akka-http/10.1.12
date
Wed, 22 Sep 2021 19:25:19 GMT
content-length
0
via
1.1 google
alt-svc
clear
yy2
a.leetemplates.com/lee/ 		2 B
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.leetemplates.com/lee/yy2
Requested by
Host: storage.googleapis.com
URL: https://storage.googleapis.com/lee-snowplow/static/sp-gzip-2-17-3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.205.239 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
239.205.102.34.bc.googleusercontent.com
Software
akka-http/10.1.12 /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
https://napavalleyregister.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/json; charset=UTF-8

Response headers

date
Wed, 22 Sep 2021 19:25:19 GMT
via
1.1 google
server
akka-http/10.1.12
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
access-control-allow-origin
https://napavalleyregister.com
access-control-allow-credentials
true
content-type
text/plain; charset=UTF-8
alt-svc
clear
content-length
2
961211893969940
connect.facebook.net/signals/config/ 		309 KB
88 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/961211893969940?v=2.9.46&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
25f56d9e94165984a700ecf44b0e220ebb59f1c35770169d6dfb2d31725b2a40
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-xss-protection
0
pragma
public
x-fb-debug
v/+Pu/+vUxlILkgq9AP8ojGt6UkaKcWVaPKq2GRMiAWxxs7teZ+L7DO9HSunfdUpRT2Rdvazh30znzUjpEYKYg==
x-fb-trip-id
686109401
x-frame-options
DENY
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Wed, 22 Sep 2021 19:25:19 GMT
strict-transport-security
max-age=31536000; preload; includeSubDomains
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
vary
Accept-Encoding
cache-control
public, max-age=1200
x-fb-rlafr
0
expires
Sat, 01 Jan 2000 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
72 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-54716522-2&cid=704446114.1632338719&jid=260574444&gjid=1639335730&_gid=1708887127.1632338719&_u=aHDAiUAjRAQCAE~&z=342974196
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c02::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://napavalleyregister.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Wed, 22 Sep 2021 19:25:19 GMT
content-type
text/plain
access-control-allow-origin
https://napavalleyregister.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
js
www.google-analytics.com/gtm/ 		100 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/gtm/js?id=GTM-TQ9PK73&t=gtm263&cid=704446114.1632338719
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6445720c343bb3d351768c8fcffb41f8928b1750a04028225fbf8fdff70d4787
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 19:25:19 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
39793
x-xss-protection
0
expires
Wed, 22 Sep 2021 19:25:19 GMT
collect
www.google-analytics.com/ 		35 B
96 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j93&a=2086945376&t=pageview&_s=1&dl=https%3A%2F%2Fnapavalleyregister.com%2Fnews%2Flocal%2F&ul=en-us&de=UTF-8&dt=Local%20News%20%7C%20napavalleyregister.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aHDAiUAjRAQCAE~&jid=260574444&gjid=1639335730&cid=704446114.1632338719&tid=UA-54716522-2&_gid=1708887127.1632338719&gtm=2wg9k0TDWDC2&cd1=desktop&cd2=napavalleyregister.com&cd3=editorial&cd4=index&cd6=news&cd14=Undefined&cd17=null&cd20=anonymous&cd23=news%2Clocal&cg1=news&cd7=local&cd21=Napa&cd22=flex-editorial&cd30=85&cd31=Sunny&cd51=Napa&cd52=2&cd75=0&cd76=%20%20%20%20%20%20%20%20%20&cd79=&cd80=&cd81=No&cd82=&cd85=yes&cd86=no&cd102=mozilla%2F5.0%20(windows%20nt%2010.0%3B%20win64%3B%20x64)%20applewebkit%2F537.36%20(khtml%2C%20like%20gecko)%20chrome%2F93.0.4577.63%20safari%2F537.36&cd103=Undefined&cd104=Undefined%2C%20Undefined&cd105=3&cd106=Page%20View&cd107=0&cd111=undefined&cd115=notset&cd116=No&cd117=No&cd89=704446114.1632338719&z=458296856
Requested by
Host: napavalleyregister.com
URL: https://napavalleyregister.com/news/local/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 16:05:19 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
12000
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
614a457aa077c.preview.jpg
bloximages.chicago2.vip.townnews.com/napavalleyregister.com/content/tncms/assets/v3/editorial/e/4d/e4dbd752-18e0-54d1-83e9-80aad7d55272/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/napavalleyregister.com/content/tncms/assets/v3/editorial/e/4d/e4dbd752-18e0-54d1-83e9-80aad7d55272/614a457aa077c.preview.jpg?crop=852%2C479%2C0%2C0&resize=200%2C113&order=crop%2Cresize
Requested by
Host: napavalleyregister.com
URL: https://napavalleyregister.com/news/local/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6d17017f426cd12df76f77e8c2bbd026f35dcb3b0f1e48061349bd570a689dd
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 19:25:19 GMT
cf-cache-status
HIT
age
241
last-modified
Tue, 21 Sep 2021 20:50:03 GMT
strict-transport-security
max-age=604800
content-length
3324
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"4d061c82533c1d48b7971deedfaa96f8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
expires
Wed, 21 Sep 2022 22:46:53 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
692deb23bd064dd6-FRA
cf-bgj
h2pri
60dd180839b2f.image.jpg
bloximages.chicago2.vip.townnews.com/napavalleyregister.com/content/tncms/assets/v3/editorial/a/b8/ab868621-25c1-5c6e-960f-84e0ee548b2b/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/napavalleyregister.com/content/tncms/assets/v3/editorial/a/b8/ab868621-25c1-5c6e-960f-84e0ee548b2b/60dd180839b2f.image.jpg?crop=1763%2C992%2C0%2C91&resize=200%2C113&order=crop%2Cresize
Requested by
Host: napavalleyregister.com
URL: https://napavalleyregister.com/news/local/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e9b6463c71c1e641ecf5e98573c2e96fff708ff385b54419bc2d0b481384f99
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 19:25:19 GMT
cf-cache-status
HIT
age
152350
last-modified
Thu, 01 Jul 2021 01:19:04 GMT
strict-transport-security
max-age=604800
content-length
3721
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"b9c10f34efa391efb59ef42b27d69f0d"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
expires
Tue, 20 Sep 2022 21:07:08 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
692deb23bd084dd6-FRA
cf-bgj
h2pri
614a43d79ece8.preview.jpg
bloximages.chicago2.vip.townnews.com/napavalleyregister.com/content/tncms/assets/v3/editorial/e/c3/ec38e2dc-fb8e-5905-9c51-75bb56d0d6e3/ 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/napavalleyregister.com/content/tncms/assets/v3/editorial/e/c3/ec38e2dc-fb8e-5905-9c51-75bb56d0d6e3/614a43d79ece8.preview.jpg?crop=1280%2C720%2C0%2C120&resize=200%2C113&order=crop%2Cresize
Requested by
Host: napavalleyregister.com
URL: https://napavalleyregister.com/news/local/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d415e766b9d4f5de23d312cb525a19730fc7f8250d93b46bd7299630d6b0741a
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 19:25:19 GMT
cf-cache-status
HIT
age
64074
last-modified
Tue, 21 Sep 2021 20:43:04 GMT
strict-transport-security
max-age=604800
content-length
5395
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"fc138d56e37f8b9bd45db3374af2d5a1"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
expires
Wed, 21 Sep 2022 21:00:55 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
692deb23bd0a4dd6-FRA
cf-bgj
h2pri
60bfcc7f357c5.image.jpg
bloximages.chicago2.vip.townnews.com/napavalleyregister.com/content/tncms/assets/v3/editorial/9/a4/9a47c479-9f6e-5d9b-a802-eccc1902453b/ 		6 KB
6 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/napavalleyregister.com/content/tncms/assets/v3/editorial/9/a4/9a47c479-9f6e-5d9b-a802-eccc1902453b/60bfcc7f357c5.image.jpg?crop=1765%2C993%2C0%2C90&resize=200%2C113&order=crop%2Cresize
Requested by
Host: napavalleyregister.com
URL: https://napavalleyregister.com/news/local/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
230af95eb0e9d637600593f1b608fdae9ea4a62f44a169c81d92c5cec760b014
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 19:25:19 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
7076
last-modified
Tue, 08 Jun 2021 20:01:03 GMT
cf-bgj
h2pri
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"48798fce9fe2ad49828ad72ae2714fce"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
692deb23bd0c4dd6-FRA
expires
Wed, 21 Sep 2022 20:06:09 GMT
5d7954253e32b.preview.jpg
bloximages.chicago2.vip.townnews.com/napavalleyregister.com/content/tncms/assets/v3/editorial/6/de/6de25886-f1c7-52c8-9a30-9e33c41d9724/ 		18 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/napavalleyregister.com/content/tncms/assets/v3/editorial/6/de/6de25886-f1c7-52c8-9a30-9e33c41d9724/5d7954253e32b.preview.jpg?crop=833%2C469%2C0%2C0&resize=540%2C304&order=crop%2Cresize
Requested by
Host: napavalleyregister.com
URL: https://napavalleyregister.com/news/local/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
624f98255aa0d282bd355c73ad6da3e871fce95fcf70cbed39ff215563649370
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 19:25:19 GMT
cf-cache-status
HIT
age
45037
last-modified
Wed, 11 Sep 2019 20:08:05 GMT
strict-transport-security
max-age=604800
content-length
18133
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"bf16697beb4d02c51157d74b427f8bbd"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
expires
Wed, 21 Sep 2022 15:55:21 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
692deb23bd0f4dd6-FRA
cf-bgj
h2pri
5f163b436fb7e.image.jpg
bloximages.chicago2.vip.townnews.com/napavalleyregister.com/content/tncms/assets/v3/editorial/8/2c/82c16939-e59f-5273-ac83-0732e23679c0/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/napavalleyregister.com/content/tncms/assets/v3/editorial/8/2c/82c16939-e59f-5273-ac83-0732e23679c0/5f163b436fb7e.image.jpg?crop=1762%2C991%2C0%2C92&resize=200%2C113&order=crop%2Cresize
Requested by
Host: napavalleyregister.com
URL: https://napavalleyregister.com/news/local/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c2c98e36537b792b0b73d7b88d3cbf2c59a8c06a2fab88739418cbc1902ee3c1
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 19:25:19 GMT
cf-cache-status
HIT
age
67276
last-modified
Tue, 21 Jul 2020 00:48:03 GMT
strict-transport-security
max-age=604800
content-length
4085
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"98d62f986ae0d842b25484ca59e5eb38"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
expires
Wed, 21 Sep 2022 17:44:30 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
692deb23bd104dd6-FRA
cf-bgj
h2pri
/
insight.adsrvr.org/track/pxl/ Frame 26BC 		70 B
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://insight.adsrvr.org/track/pxl/?adv=nebsjkp&ct=0:21usqg2&fmt=3
Requested by
Host: d1eoo1tco6rr5e.cloudfront.net
URL: https://d1eoo1tco6rr5e.cloudfront.net/nebsjkp/21usqg2/iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.76.126.16 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-76-126-16.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://d1eoo1tco6rr5e.cloudfront.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 19:25:19 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
/
dn1i8v75r669j.cloudfront.net/v/ 		67 B
365 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dn1i8v75r669j.cloudfront.net/v/?w=i99g3gee
Requested by
Host: d81mfvml8p5ml.cloudfront.net
URL: https://d81mfvml8p5ml.cloudfront.net/i99g3gee.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:21f3:ae00:7:5031:dc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
0aae37caeb1c5064881f16534e735f299658ad15ebe527cb1969e75d9ceb1c40

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 19:23:21 GMT
via
1.1 2afacc6ad96dbba3f0b477cd95f16459.cloudfront.net (CloudFront)
age
118
x-edge-origin-shield-skipped
0
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=300
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA2-C2
x-amz-cf-id
s4Na2v0mdEmWx9jxzAqb5A5y4BHiwhE17UDDF-pRcrHRiGa5PDF76A==
i
www.i.matheranalytics.com/ 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.i.matheranalytics.com/i?e=pv&page=Local%20News%20%7C%20napavalleyregister.com&sec=news&pubname=Napa%20Valley%20Register&ptype=index&metered=0%7C3&hier=news%7Clocal&cms=townnews%2Fblox&arttype=editorial&tv=js-3.0.136&tna=Mather&aid=v1&p=web&tz=Etc%2FUnknown&tzoff=0&lang=en-US&cs=UTF-8&navt=link&f_pdf=1&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_es6=1&f_gears=2&tvltm=5&tvcfg=lee&tid=4560c97c-2425-45bf-af07-0e56fcb2c89b&pid=2d919f09-afae-4085-8262-bf0a9ea49bbe&dtm=1632338719335&qnm=_matherq&visible=1&tabid=5637ed7c-feb8-47cd-90fa-f26f7ca0bb81&url=https%3A%2F%2Fnapavalleyregister.com%2Fnews%2Flocal%2F&vp=1600x1200&ds=1600x4146&tofa=1632338719&vid=1&lvidt=1632338719&duid=f32a76509a4881d7&fp=560948675&cid=ma1527&mrk=725149331&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTYzMjMzODcxNzMxMCIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIyOS40bWIiLCJoZWFwVCI6IjM5LjZtYiIsImZzdFBhaW50IjoiMTMwNyIsImZldGNoUyI6IjIxMyIsImRvbWFpblMiOiIyMTQiLCJkb21haW5FIjoiMzQ4IiwiY29ublMiOiIzNDgiLCJjb25uRSI6IjU1MSIsInNzbFMiOiIzNTEiLCJyZXF1UyI6IjU1MSIsInJlc3BTIjoiNzQ3IiwicmVzcEUiOiI4NDMiLCJkb21Mb2FkIjoiNzUxIiwiZG9tSW50ZXIiOiIxNDAyIiwiZG9tTG9hZFMiOiIxNDA1IiwiZG9tTG9hZEUiOiIxNDA4In0sImtleXdvcmRzIjpbIm5hcGEiLCJ2YWxsZXkiLCJyZWdpc3RlciJdLCJpZGVudGl0aWVzIjpbeyJ0eXBlIjoiZ2EiLCJpZCI6IjcwNDQ0NjExNCIsInJlZlRpbWUiOiIxNjMyMzM4NzE5MzM0In1dfQ
Requested by
Host: napavalleyregister.com
URL: https://napavalleyregister.com/news/local/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.22.56.164 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-22-56-164.compute-1.amazonaws.com
Software
/
Resource Hash
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 22 Sep 2021 19:25:19 GMT
Connection
keep-alive
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length
43
Content-Type
image/gif
ga-audiences
www.google.com/ads/ 		42 B
522 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-54716522-2&cid=704446114.1632338719&jid=260574444&_u=aHDAiUAjRAQCAE~&z=1379696975
Requested by
Host: napavalleyregister.com
URL: https://napavalleyregister.com/news/local/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 19:25:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-54716522-2&cid=704446114.1632338719&jid=260574444&_u=aHDAiUAjRAQCAE~&z=1379696975
Requested by
Host: napavalleyregister.com
URL: https://napavalleyregister.com/news/local/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 19:25:19 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
i99g3gee_content_config_1627585676199.js
dkpklk99llpj0.cloudfront.net/ 		845 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dkpklk99llpj0.cloudfront.net/i99g3gee_content_config_1627585676199.js
Requested by
Host: d81mfvml8p5ml.cloudfront.net
URL: https://d81mfvml8p5ml.cloudfront.net/i99g3gee.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:b800:e:98bf:5f00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0c564ab82eab3ab608280194eefcee40765ab7872e8ed349e806e3c3170c4631

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Thu, 29 Jul 2021 19:12:01 GMT
via
1.1 2ec3090d74e200e4acdb2780da3c3c44.cloudfront.net (CloudFront)
last-modified
Thu, 29 Jul 2021 19:07:57 GMT
server
AmazonS3
age
4752799
etag
"139043e0f27d6df6fda9a9005cd5c871"
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
accept-ranges
bytes
content-length
845
x-amz-cf-id
aUUvVSmLsQw4BwKg62WVCnpmJiNxckaj3GdDdJda0mfqVg7q7_eaLA==
i99g3gee_1606137453919.js
dkpklk99llpj0.cloudfront.net/ 		48 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dkpklk99llpj0.cloudfront.net/i99g3gee_1606137453919.js
Requested by
Host: d81mfvml8p5ml.cloudfront.net
URL: https://d81mfvml8p5ml.cloudfront.net/i99g3gee.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:b800:e:98bf:5f00:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
19ee3ded1fe83e848e9b5cb0831689460e07c7d3d867fc692c84dc1106086293

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Sat, 24 Jul 2021 12:51:13 GMT
content-encoding
gzip
last-modified
Mon, 23 Nov 2020 13:17:46 GMT
server
AmazonS3
age
5207647
etag
W/"c1157a2d0ff0aa862fb2fbffb06ab4d1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=utf-8
via
1.1 2ec3090d74e200e4acdb2780da3c3c44.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA2-C1
x-amz-cf-id
dKoL14aazZ21T3h_MC_QS4Q8IyP6uddyDdM4VmVpXGiCBshVKf9otw==
6141815c411c2.image.jpg
bloximages.chicago2.vip.townnews.com/napavalleyregister.com/content/tncms/assets/v3/editorial/3/be/3be78c8f-4b39-5487-be3e-f535f066ce67/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/napavalleyregister.com/content/tncms/assets/v3/editorial/3/be/3be78c8f-4b39-5487-be3e-f535f066ce67/6141815c411c2.image.jpg?crop=1500%2C844%2C0%2C78&resize=540%2C304&order=crop%2Cresize
Requested by
Host: napavalleyregister.com
URL: https://napavalleyregister.com/news/local/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4bc0f70e20282ec0793117956396a1020e0ba94d7ca45f4b2f6e0d786dda8c82
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 19:25:19 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
45037
last-modified
Wed, 15 Sep 2021 05:15:08 GMT
cf-bgj
h2pri
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"5036048e740182078309c5ea71f1d2af"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
cf-ray
692deb246e774dd6-FRA
expires
Wed, 21 Sep 2022 21:27:55 GMT
61496a7859102.image.jpg
bloximages.chicago2.vip.townnews.com/napavalleyregister.com/content/tncms/assets/v3/editorial/e/f8/ef82666a-664e-5197-8dd3-b43a76286230/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/napavalleyregister.com/content/tncms/assets/v3/editorial/e/f8/ef82666a-664e-5197-8dd3-b43a76286230/61496a7859102.image.jpg?crop=1500%2C844%2C0%2C78&resize=200%2C113&order=crop%2Cresize
Requested by
Host: napavalleyregister.com
URL: https://napavalleyregister.com/news/local/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ef83a8cf0dffca7ff8b953318e55f5698ec626adcd8f4fde49e7899c532771f9
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 19:25:19 GMT
cf-cache-status
HIT
age
67275
last-modified
Tue, 21 Sep 2021 05:15:36 GMT
strict-transport-security
max-age=604800
content-length
6645
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"9c0edc2a4baf9f2ddbd96fe3ef7e311b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
expires
Wed, 21 Sep 2022 21:05:40 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
692deb246e7c4dd6-FRA
cf-bgj
h2pri
61496a8cbef02.preview.png
bloximages.chicago2.vip.townnews.com/napavalleyregister.com/content/tncms/assets/v3/editorial/b/06/b06192b8-e8c9-5cea-b49b-5b92366eb13c/ 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/napavalleyregister.com/content/tncms/assets/v3/editorial/b/06/b06192b8-e8c9-5cea-b49b-5b92366eb13c/61496a8cbef02.preview.png?crop=620%2C349%2C0%2C0&resize=200%2C113&order=crop%2Cresize
Requested by
Host: napavalleyregister.com
URL: https://napavalleyregister.com/news/local/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ac7f93546dcd6a61894fa38cf3c506290cf5889d194df2a3feba7b561633d5b4
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 19:25:19 GMT
vary
Accept-Encoding
cf-cache-status
HIT
age
241
cf-ray
692deb246e7e4dd6-FRA
last-modified
Tue, 21 Sep 2021 05:15:57 GMT
x-vcache
MISS
server
cloudflare
etag
"3350229c0f9be5bd825c6132d46f58b9"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=604800
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-robots-tag
noarchive
expires
Wed, 21 Sep 2022 11:38:27 GMT
6148f5a1c60b1.preview.jpg
bloximages.chicago2.vip.townnews.com/napavalleyregister.com/content/tncms/assets/v3/editorial/e/6a/e6a5dfd8-fa02-5122-a0a7-32316df3d424/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bloximages.chicago2.vip.townnews.com/napavalleyregister.com/content/tncms/assets/v3/editorial/e/6a/e6a5dfd8-fa02-5122-a0a7-32316df3d424/6148f5a1c60b1.preview.jpg?crop=1765%2C993%2C0%2C90&resize=200%2C113&order=crop%2Cresize
Requested by
Host: napavalleyregister.com
URL: https://napavalleyregister.com/news/local/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.130.43 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6236af00b7e7f82512641d52c272722215bc876a563d6d8a7fbbdfe95fa53c5b
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 19:25:19 GMT
cf-cache-status
HIT
age
241
last-modified
Mon, 20 Sep 2021 20:57:06 GMT
strict-transport-security
max-age=604800
content-length
6709
x-robots-tag
noarchive
x-vcache
MISS
server
cloudflare
etag
"a1c0f6c43391125a822136fbdd3e289b"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
image/jpeg
access-control-allow-origin
*
expires
Tue, 20 Sep 2022 22:46:04 GMT
cache-control
public, max-age=31536000
accept-ranges
bytes
cf-ray
692deb246e804dd6-FRA
cf-bgj
h2pri
j
rp4.liadm.com/
Redirect Chain
  • https://rp.liadm.com/j?tna=v2.0.1&aid=a-019p&wpn=lc-bundle&pu=https%3A%2F%2Fnapavalleyregister.com%2Fnews%2Flocal%2F&duid=449232a86859--01fg7fgcjb85dmkvf439wdqy9b&se=e30&dtstmp=1632338719426
  • https://rp4.liadm.com/j?tna=v2.0.1&aid=a-019p&wpn=lc-bundle&pu=https%3A%2F%2Fnapavalleyregister.com%2Fnews%2Flocal%2F&duid=449232a86859--01fg7fgcjb85dmkvf439wdqy9b&se=e30&dtstmp=1632338719426&i6=Mm...
55 B
611 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rp4.liadm.com/j?tna=v2.0.1&aid=a-019p&wpn=lc-bundle&pu=https%3A%2F%2Fnapavalleyregister.com%2Fnews%2Flocal%2F&duid=449232a86859--01fg7fgcjb85dmkvf439wdqy9b&se=e30&dtstmp=1632338719426&i6=MmEwMTo0Zjg6YTE6MWExOjgyOjox&n3pc=true
Requested by
Host: napavalleyregister.com
URL: https://napavalleyregister.com/news/local/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.206.124.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-206-124-188.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
4d75a3f73883a2e89eba326597e734d2bd1fb8e641b6b89bc29cb243498be156
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 19:25:20 GMT
x-pixel-event-id
d61dfd19-e727-4f25-b64e-25742ff7110a
x-content-type-options
nosniff
x-permitted-cross-domain-policies
master-only
request-time
5
vary
Origin
content-length
55
x-xss-protection
1; mode=block
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
server
nginx/1.18.0
x-frame-options
DENY
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/json
access-control-allow-origin
null
access-control-allow-credentials
true
trace-id
a0c927d893c89df6

Redirect headers

date
Wed, 22 Sep 2021 19:25:19 GMT
referrer-policy
origin-when-cross-origin, strict-origin-when-cross-origin
server
nginx/1.18.0
vary
Origin
location
https://rp4.liadm.com/j?tna=v2.0.1&aid=a-019p&wpn=lc-bundle&pu=https%3A%2F%2Fnapavalleyregister.com%2Fnews%2Flocal%2F&duid=449232a86859--01fg7fgcjb85dmkvf439wdqy9b&se=e30&dtstmp=1632338719426&i6=MmEwMTo0Zjg6YTE6MWExOjgyOjox&n3pc=true
x-frame-options
DENY
access-control-allow-origin
https://napavalleyregister.com
x-xss-protection
1; mode=block
x-permitted-cross-domain-policies
master-only
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
trace-id
a8a18ca6eb00d8a1
request-time
0
content-length
0
x-content-type-options
nosniff
/
am.freshrelevance.com/tpc/ Frame 58FA 		5 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://am.freshrelevance.com/tpc/
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.228.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-228-217.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
cddc0f42fefc4f8f49ead3f1898713f85b54b7e48b8de8293c0028fc40fb3631

Request headers

:method
GET
:authority
am.freshrelevance.com
:scheme
https
:path
/tpc/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://napavalleyregister.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/

Response headers

date
Wed, 22 Sep 2021 19:25:19 GMT
content-length
4662
access-control-allow-origin
*
cache-control
no-cache, no-store, max-age=0, must-revalidate
dfpsds.
fundingchoicesmessages.google.com/f/AGSKWxVVqFeJ5wyU8eDT6nyfLrJ_h6rF9ThkG_ofn-4KUlX7Y4Akhb_3wqeniTJ7z7aRTokTGljVur9HF0CdHFZLxn2uKUtonbW3Fi8wY08nkDyYbKz4DsKv-tjo24DVyJuixE6TWHnCZvFcOJTjVq1EgsrT1vFcs... 		54 B
463 B 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxVVqFeJ5wyU8eDT6nyfLrJ_h6rF9ThkG_ofn-4KUlX7Y4Akhb_3wqeniTJ7z7aRTokTGljVur9HF0CdHFZLxn2uKUtonbW3Fi8wY08nkDyYbKz4DsKv-tjo24DVyJuixE6TWHnCZvFcOJTjVq1EgsrT1vFcsWJKm0W65YHuBS1ko_crIrO1dIaDmW5cklXYkvLmWTDZFaZy1y8G6C-fGJb_X8XF-0GgtnsDC046lYZZmA==/__tile_ad_=akiba_ads_/propadbl./waframedia16./dfpsds.
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0c497dd0b346ce5a635251128b66a927ecb8aa9f64e3d9927afe1005f712ea05
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-LNrr5nKbsf2sRYy/e/5f8g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-LNrr5nKbsf2sRYy/e/5f8g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 19:25:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-LNrr5nKbsf2sRYy/e/5f8g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-LNrr5nKbsf2sRYy/e/5f8g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
lidar.js
pagead2.googlesyndication.com/pagead/js/ 		76 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/lidar.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
975723923ecc93e0f4086b37e8fa829a347c45d2309dd90574c643eedd3047ab
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 18:29:55 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3324
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28392
x-xss-protection
0
server
cafe
etag
9811280006749476258
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Wed, 22 Sep 2021 19:29:55 GMT
AGSKWxU1BDAQiCCKELT6lnK4d_YZ74SgBfyVJKtg3rEMvslhdG8KoRW_RMKbkVYTJb8QecZ7LbaUulPswyZBIiC3Mh4ajEg4uMfmgWwQ8cj9Zl9AvJU0wmNU8vStf139T3m_4H8LdELtx6LrLGoeH8WcSMKcTz0isBseu4PH-2oJ8J2POWujaDD64ticOW8=
fundingchoicesmessages.google.com/el/ 		0
375 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxU1BDAQiCCKELT6lnK4d_YZ74SgBfyVJKtg3rEMvslhdG8KoRW_RMKbkVYTJb8QecZ7LbaUulPswyZBIiC3Mh4ajEg4uMfmgWwQ8cj9Zl9AvJU0wmNU8vStf139T3m_4H8LdELtx6LrLGoeH8WcSMKcTz0isBseu4PH-2oJ8J2POWujaDD64ticOW8=
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.DcZcq6RkV-k.es5.O/d=1/rs=AJlcJMxHZJsUhvXQ5DQ16WtHsmT6BQ9kPg/m=detection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-+H9Snm1wNmZvmmx53JEd/g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-+H9Snm1wNmZvmmx53JEd/g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://napavalleyregister.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 22 Sep 2021 19:25:19 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://napavalleyregister.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-+H9Snm1wNmZvmmx53JEd/g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-+H9Snm1wNmZvmmx53JEd/g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxU1BDAQiCCKELT6lnK4d_YZ74SgBfyVJKtg3rEMvslhdG8KoRW_RMKbkVYTJb8QecZ7LbaUulPswyZBIiC3Mh4ajEg4uMfmgWwQ8cj9Zl9AvJU0wmNU8vStf139T3m_4H8LdELtx6LrLGoeH8WcSMKcTz0isBseu4PH-2oJ8J2POWujaDD64ticOW8=
fundingchoicesmessages.google.com/el/ 		0
365 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxU1BDAQiCCKELT6lnK4d_YZ74SgBfyVJKtg3rEMvslhdG8KoRW_RMKbkVYTJb8QecZ7LbaUulPswyZBIiC3Mh4ajEg4uMfmgWwQ8cj9Zl9AvJU0wmNU8vStf139T3m_4H8LdELtx6LrLGoeH8WcSMKcTz0isBseu4PH-2oJ8J2POWujaDD64ticOW8=
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.DcZcq6RkV-k.es5.O/d=1/rs=AJlcJMxHZJsUhvXQ5DQ16WtHsmT6BQ9kPg/m=detection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-gzItgYQZyCWjSsVrLF5REQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-gzItgYQZyCWjSsVrLF5REQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://napavalleyregister.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 22 Sep 2021 19:25:19 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
x-frame-options
SAMEORIGIN
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type
text/html; charset=utf-8
access-control-allow-origin
https://napavalleyregister.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-gzItgYQZyCWjSsVrLF5REQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-gzItgYQZyCWjSsVrLF5REQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
get
am.freshrelevance.com/ 		1 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am.freshrelevance.com/get?data=%7B%22type%22%3A%22heartbeat%22%2C%22data%22%3A%7B%22c%22%3A%22q51xmwbsui%22%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F93.0.4577.63%20Safari%2F537.36%22%2C%22w%22%3A%22i99g3gee%22%7D%7D
Requested by
Host: dkpklk99llpj0.cloudfront.net
URL: https://dkpklk99llpj0.cloudfront.net/i99g3gee_1606137453919.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.154.228.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-154-228-217.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

access-control-allow-origin
*
date
Wed, 22 Sep 2021 19:25:19 GMT
content-type
text/plain; charset=utf-8
/
napavalleyregister.com/tncms/tracking/classifieds/featured/ 		0
48 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://napavalleyregister.com/tncms/tracking/classifieds/featured/?i=0d3a5c83-5e99-53bc-95b8-1061b429d48e,
Requested by
Host: napavalleyregister.com
URL: https://napavalleyregister.com/shared-content/art/tncms/tracking.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
192.104.182.209 , United States, ASN10668 (LEE-ASN, US),
Reverse DNS
cms.chicago2.vip.townnews.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-fetch-mode
no-cors
origin
https://napavalleyregister.com
accept-encoding
gzip, deflate, br
accept-language
de-DE,de;q=0.9
sec-fetch-dest
empty
cookie
FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1632338718334]]; AMP_TOKEN=%24NOT_FOUND; _gid=GA1.2.1708887127.1632338719; _dc_gtm_UA-54716522-7=1; _ga_NFTGWT90ER=GS1.1.1632338718.1.0.1632338718.0; _ga_F8FFLLVDEZ=GS1.1.1632338718.1.0.1632338718.60; spses.f729=*; spid.f729=188e6bc5-84a1-4964-89dd-7b6d005b1ae2.1632338719.1.1632338719.1632338719.684458cd-651e-440b-ad00-f5f6ca43970c; _dc_gtm_UA-54716522-2=1; _ga=GA1.2.704446114.1632338719; _li_dcdm_c=.napavalleyregister.com; _lc2_fpi=449232a86859--01fg7fgcjb85dmkvf439wdqy9b; _ml_id=f32a76509a4881d7.1632338719.1.1632338719.1632338719; _ml_ses=*; tms_VisitorID=q51xmwbsui; tms_SessionID=TP4X9WBSXM; tms_wsip=1
content-length
0
:path
/tncms/tracking/classifieds/featured/?i=0d3a5c83-5e99-53bc-95b8-1061b429d48e,
pragma
no-cache
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
content-type
text/plain;charset=UTF-8
accept
*/*
cache-control
no-cache
:authority
napavalleyregister.com
referer
https://napavalleyregister.com/news/local/
:scheme
https
sec-fetch-site
same-origin
:method
POST
Referer
https://napavalleyregister.com/news/local/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 22 Sep 2021 19:25:19 GMT
content-length
0
AGSKWxU1BDAQiCCKELT6lnK4d_YZ74SgBfyVJKtg3rEMvslhdG8KoRW_RMKbkVYTJb8QecZ7LbaUulPswyZBIiC3Mh4ajEg4uMfmgWwQ8cj9Zl9AvJU0wmNU8vStf139T3m_4H8LdELtx6LrLGoeH8WcSMKcTz0isBseu4PH-2oJ8J2POWujaDD64ticOW8=
fundingchoicesmessages.google.com/el/ 		0
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxU1BDAQiCCKELT6lnK4d_YZ74SgBfyVJKtg3rEMvslhdG8KoRW_RMKbkVYTJb8QecZ7LbaUulPswyZBIiC3Mh4ajEg4uMfmgWwQ8cj9Zl9AvJU0wmNU8vStf139T3m_4H8LdELtx6LrLGoeH8WcSMKcTz0isBseu4PH-2oJ8J2POWujaDD64ticOW8=
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.DcZcq6RkV-k.es5.O/d=1/rs=AJlcJMxHZJsUhvXQ5DQ16WtHsmT6BQ9kPg/m=detection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-7NXWlGd1txNNozCF1K8g3A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-7NXWlGd1txNNozCF1K8g3A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://napavalleyregister.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 22 Sep 2021 19:25:19 GMT
access-control-allow-methods
POST, GET, OPTIONS
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin; report-to="ContributorLoggingHttp"
x-frame-options
SAMEORIGIN
report-to
{"group":"ContributorLoggingHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorLoggingHttp/external"}]}
content-type
text/html; charset=utf-8
access-control-allow-origin
https://napavalleyregister.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-7NXWlGd1txNNozCF1K8g3A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-7NXWlGd1txNNozCF1K8g3A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWAsSoU58gdSK_XBN4dhPayUq-vkbxuGaGGl1tNzS1lacxm1b-AMj9AgVlaut4AIG-vWmIKO-1R1sh6Oe2EU0N9gUFy0U2ys5-gMWy-HD8hKFl0TXYe-T6ySIniKVCM1JoRCJ_hwJnh-B-oyllCMQLSff2rXYIaqIQafqURvqxzfXDnNpb0LYDzAlc=
fundingchoicesmessages.google.com/f/ 		66 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxWAsSoU58gdSK_XBN4dhPayUq-vkbxuGaGGl1tNzS1lacxm1b-AMj9AgVlaut4AIG-vWmIKO-1R1sh6Oe2EU0N9gUFy0U2ys5-gMWy-HD8hKFl0TXYe-T6ySIniKVCM1JoRCJ_hwJnh-B-oyllCMQLSff2rXYIaqIQafqURvqxzfXDnNpb0LYDzAlc=?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCwyLFsxNjMyMzM4NzE5LDg2MTAwMDAwMF0sbnVsbCxudWxsLG51bGwsWzEsWzcsNl1dLCJodHRwczovL25hcGF2YWxsZXlyZWdpc3Rlci5jb20vbmV3cy9sb2NhbC8iXQ
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8df96c07d95691116aa2b3c60780d28934525e75051ec50924013454d5afad2d
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-uYzahQLL6jcn5T60IAfMww' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-uYzahQLL6jcn5T60IAfMww' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 19:25:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy
cross-origin
content-security-policy
script-src 'report-sample' 'nonce-uYzahQLL6jcn5T60IAfMww' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-uYzahQLL6jcn5T60IAfMww' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
x-xss-protection
0
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxU1BDAQiCCKELT6lnK4d_YZ74SgBfyVJKtg3rEMvslhdG8KoRW_RMKbkVYTJb8QecZ7LbaUulPswyZBIiC3Mh4ajEg4uMfmgWwQ8cj9Zl9AvJU0wmNU8vStf139T3m_4H8LdELtx6LrLGoeH8WcSMKcTz0isBseu4PH-2oJ8J2POWujaDD64ticOW8=
fundingchoicesmessages.google.com/el/ 		0
364 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxU1BDAQiCCKELT6lnK4d_YZ74SgBfyVJKtg3rEMvslhdG8KoRW_RMKbkVYTJb8QecZ7LbaUulPswyZBIiC3Mh4ajEg4uMfmgWwQ8cj9Zl9AvJU0wmNU8vStf139T3m_4H8LdELtx6LrLGoeH8WcSMKcTz0isBseu4PH-2oJ8J2POWujaDD64ticOW8=
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingDetectionClientJs.de.DcZcq6RkV-k.es5.O/d=1/rs=AJlcJMxHZJsUhvXQ5DQ16WtHsmT6BQ9kPg/m=detection
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-Py754GgZUjgQZqMNjHspBQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-Py754GgZUjgQZqMNjHspBQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://napavalleyregister.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 22 Sep 2021 19:25:19 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://napavalleyregister.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-Py754GgZUjgQZqMNjHspBQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-Py754GgZUjgQZqMNjHspBQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWbJg_mJndU8kIQ8guz4Api9Z0Mp9eGHJQy8Pqehw9ulfvXVrqR29M0xkC6NKkcqfWefaFicUIrDs7pPYdCvvF52w6PlyLZechSGyfye8UGrfSEfD0DTDNIQdV_TbWUneHuZqcLxP47oeH3JzXoh0gd1x28gHqcBHhqdOyigIprnTaIuR3bPFxeMVo=
fundingchoicesmessages.google.com/el/ 		0
362 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWbJg_mJndU8kIQ8guz4Api9Z0Mp9eGHJQy8Pqehw9ulfvXVrqR29M0xkC6NKkcqfWefaFicUIrDs7pPYdCvvF52w6PlyLZechSGyfye8UGrfSEfD0DTDNIQdV_TbWUneHuZqcLxP47oeH3JzXoh0gd1x28gHqcBHhqdOyigIprnTaIuR3bPFxeMVo=
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingCookieRefreshClientJs.de.ZDIwWUgBB7g.es5.O/d=1/rs=AJlcJMxZJAd4Q9BQ58ABojA0ahRT6mnqLA/m=cookie_refresh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-ACYAMcDGmMij5S1v7y49EA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-ACYAMcDGmMij5S1v7y49EA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://napavalleyregister.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 22 Sep 2021 19:25:19 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://napavalleyregister.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-ACYAMcDGmMij5S1v7y49EA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-ACYAMcDGmMij5S1v7y49EA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWbJg_mJndU8kIQ8guz4Api9Z0Mp9eGHJQy8Pqehw9ulfvXVrqR29M0xkC6NKkcqfWefaFicUIrDs7pPYdCvvF52w6PlyLZechSGyfye8UGrfSEfD0DTDNIQdV_TbWUneHuZqcLxP47oeH3JzXoh0gd1x28gHqcBHhqdOyigIprnTaIuR3bPFxeMVo=
fundingchoicesmessages.google.com/el/ 		0
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWbJg_mJndU8kIQ8guz4Api9Z0Mp9eGHJQy8Pqehw9ulfvXVrqR29M0xkC6NKkcqfWefaFicUIrDs7pPYdCvvF52w6PlyLZechSGyfye8UGrfSEfD0DTDNIQdV_TbWUneHuZqcLxP47oeH3JzXoh0gd1x28gHqcBHhqdOyigIprnTaIuR3bPFxeMVo=
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingCookieRefreshClientJs.de.ZDIwWUgBB7g.es5.O/d=1/rs=AJlcJMxZJAd4Q9BQ58ABojA0ahRT6mnqLA/m=cookie_refresh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-o2njmOXbf2RE220cA1Fzzg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-o2njmOXbf2RE220cA1Fzzg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://napavalleyregister.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 22 Sep 2021 19:25:19 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://napavalleyregister.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-o2njmOXbf2RE220cA1Fzzg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-o2njmOXbf2RE220cA1Fzzg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
AGSKWxWbJg_mJndU8kIQ8guz4Api9Z0Mp9eGHJQy8Pqehw9ulfvXVrqR29M0xkC6NKkcqfWefaFicUIrDs7pPYdCvvF52w6PlyLZechSGyfye8UGrfSEfD0DTDNIQdV_TbWUneHuZqcLxP47oeH3JzXoh0gd1x28gHqcBHhqdOyigIprnTaIuR3bPFxeMVo=
fundingchoicesmessages.google.com/el/ 		0
363 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/el/AGSKWxWbJg_mJndU8kIQ8guz4Api9Z0Mp9eGHJQy8Pqehw9ulfvXVrqR29M0xkC6NKkcqfWefaFicUIrDs7pPYdCvvF52w6PlyLZechSGyfye8UGrfSEfD0DTDNIQdV_TbWUneHuZqcLxP47oeH3JzXoh0gd1x28gHqcBHhqdOyigIprnTaIuR3bPFxeMVo=
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingCookieRefreshClientJs.de.ZDIwWUgBB7g.es5.O/d=1/rs=AJlcJMxZJAd4Q9BQ58ABojA0ahRT6mnqLA/m=cookie_refresh
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-YAtSZ9SkZdMrl/88EGbMKg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-YAtSZ9SkZdMrl/88EGbMKg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Referer
https://napavalleyregister.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

date
Wed, 22 Sep 2021 19:25:19 GMT
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport
access-control-max-age
86400
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
pragma
no-cache
server
ESF
cross-origin-opener-policy
same-origin
x-frame-options
SAMEORIGIN
access-control-allow-methods
POST, GET, OPTIONS
content-type
text/html; charset=utf-8
access-control-allow-origin
https://napavalleyregister.com
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-security-policy
script-src 'report-sample' 'nonce-YAtSZ9SkZdMrl/88EGbMKg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-YAtSZ9SkZdMrl/88EGbMKg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires
Mon, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		44 B
159 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=961211893969940&ev=Domain&dl=https%3A%2F%2Fnapavalleyregister.com%2Fnews%2Flocal%2F&rl=&if=false&ts=1632338720032&cd[custom_param]=napavalleyregister.com&sw=1600&sh=1200&v=2.9.46&r=stable&ec=1&o=30&fbp=fb.1.1632338720009.1321520899&it=1632338719284&coo=false&exp=p0&rqm=GET
Requested by
Host: napavalleyregister.com
URL: https://napavalleyregister.com/news/local/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 19:25:20 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Wed, 22 Sep 2021 19:25:20 GMT
/
www.facebook.com/tr/ Frame 1441 		0
243 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: napavalleyregister.com
URL: https://napavalleyregister.com/news/local/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

:method
POST
:authority
www.facebook.com
:scheme
https
:path
/tr/
content-length
2270
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
origin
https://napavalleyregister.com
content-type
application/x-www-form-urlencoded
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://napavalleyregister.com/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
Origin
https://napavalleyregister.com
Content-Type
application/x-www-form-urlencoded
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/

Response headers

content-type
text/plain
access-control-allow-origin
https://napavalleyregister.com
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
content-length
0
server
proxygen-bolt
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
date
Wed, 22 Sep 2021 19:25:20 GMT
rt=ifr
bcp.crwdcntrl.net/5/ct=y/c=6894/rand=636752140/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20napavalleyregister%20%3A%20T... Frame F178
Redirect Chain
  • https://bcp.crwdcntrl.net/5/c=6894/rand=636752140/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20napavalleyregister%20%3A%...
  • https://bcp.crwdcntrl.net/5/ct=y/c=6894/rand=636752140/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20napavalleyregister%2...
1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/5/ct=y/c=6894/rand=636752140/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20napavalleyregister%20%3A%20Total%20Site%20Traffic/int=%23OpR%2372332%23Site%20Section%20%3A%20news/med=%23OpR%2372333%23Keyword%20%3A%20napa%20valley%20register/rb=%7B%22meta_tag%22%3A%22napa%20valley%20register%22%7D/rt=ifr
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/leeenterprises/op.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.22.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-22-209.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
26a498d968f80be5aed94d0713c1c3628b8e4b777cb78e61fa4785496f3dc403

Request headers

:method
GET
:authority
bcp.crwdcntrl.net
:scheme
https
:path
/5/ct=y/c=6894/rand=636752140/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20napavalleyregister%20%3A%20Total%20Site%20Traffic/int=%23OpR%2372332%23Site%20Section%20%3A%20news/med=%23OpR%2372333%23Keyword%20%3A%20napa%20valley%20register/rb=%7B%22meta_tag%22%3A%22napa%20valley%20register%22%7D/rt=ifr
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://napavalleyregister.com/
accept-encoding
gzip, deflate, br
cookie
_cc_cc=ctst
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/

Response headers

date
Wed, 22 Sep 2021 19:25:20 GMT
content-type
text/html;charset=utf-8
content-length
1375
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control
no-cache
pragma
no-cache
expires
0
x-server
10.45.9.103
set-cookie
_cc_dc=1;Path=/;Domain=crwdcntrl.net;Expires=Sun, 19-Jun-2022 19:06:00 GMT;SameSite=None;Secure _cc_id=af712694ff23be31999dfa36376877e3;Path=/;Domain=crwdcntrl.net;Expires=Sun, 19-Jun-2022 19:06:00 GMT;SameSite=None;Secure _cc_cc="ACZ4XmNQSEwzNzQyszRJSzMyTko1NrS0tExJSzQ2MzY3szA3TzVmAIJE72YFEA0BgpPW7eFmfGfK8J%2BRkeH8EgS7ccMZfpj4j88fBGDs6z2H4OpnvbohChM%2FvmkKC4z98bMljPls8Ry48PGjh5hh4rv3XYYbeRhJzfQT6jAl75YgtE78OEEbJj57w1O4Cz403IcbAwATgVPl";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Sun, 19-Jun-2022 19:06:00 GMT;Max-Age=23328000;SameSite=None;Secure _cc_aud="ABR4XmNgYGBI9G5WAFIQwMLAuG4WiMmssQtEMW4QB1Pr5gNJAHYyBZg%3D";Version=1;Path=/;Domain=crwdcntrl.net;Expires=Sun, 19-Jun-2022 19:06:00 GMT;Max-Age=23328000;SameSite=None;Secure
access-control-allow-origin
*
server
Jetty(9.4.38.v20210224)

Redirect headers

date
Wed, 22 Sep 2021 19:25:20 GMT
content-length
0
location
https://bcp.crwdcntrl.net/5/ct=y/c=6894/rand=636752140/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20napavalleyregister%20%3A%20Total%20Site%20Traffic/int=%23OpR%2372332%23Site%20Section%20%3A%20news/med=%23OpR%2372333%23Keyword%20%3A%20napa%20valley%20register/rb=%7B%22meta_tag%22%3A%22napa%20valley%20register%22%7D/rt=ifr
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
cache-control
no-cache
pragma
no-cache
expires
0
x-server
10.45.3.146
set-cookie
_cc_cc=ctst;Path=/;Domain=crwdcntrl.net;SameSite=None;Secure
server
Jetty(9.4.38.v20210224)
baker
sli.napavalleyregister.com/ 		19 B
375 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sli.napavalleyregister.com/baker?dtstmp=1632338720118
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.163 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-163.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
2d199b9d8dc7886837cbfd12c9e8ddae7e28f5c375d564b31bf732a320921435

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Sep 2021 19:25:20 GMT
Cache-Control
max-age=0, no-cache, no-store
Expires
Wed, 22 Sep 2021 19:25:20 GMT
Connection
keep-alive
Content-Length
19
Content-Type
image/gif
/
bcp.crwdcntrl.net/gmap/ Frame F178
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=YWY3MTI2OTRmZjIzYmUzMTk5OWRmYTM2Mzc2ODc3ZTM
  • https://cm.g.doubleclick.net/pixel?google_nid=lotame_dmp&google_hm=YWY3MTI2OTRmZjIzYmUzMTk5OWRmYTM2Mzc2ODc3ZTM&google_tc=
  • https://bcp.crwdcntrl.net/gmap/?tp=GDMP&google_error=3
0
135 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bcp.crwdcntrl.net/gmap/?tp=GDMP&google_error=3
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=6894/rand=636752140/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20napavalleyregister%20%3A%20Total%20Site%20Traffic/int=%23OpR%2372332%23Site%20Section%20%3A%20news/med=%23OpR%2372333%23Keyword%20%3A%20napa%20valley%20register/rb=%7B%22meta_tag%22%3A%22napa%20valley%20register%22%7D/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.19.22.209 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-19-22-209.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 19:25:20 GMT
x-server
10.45.22.255
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV

Redirect headers

pragma
no-cache
date
Wed, 22 Sep 2021 19:25:20 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://bcp.crwdcntrl.net/gmap/?tp=GDMP&google_error=3
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
255
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
insync
thrtle.com/ Frame F178 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thrtle.com/insync?vxii_pid=10014&vxii_pdid=af712694ff23be31999dfa36376877e3
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=6894/rand=636752140/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20napavalleyregister%20%3A%20Total%20Site%20Traffic/int=%23OpR%2372332%23Site%20Section%20%3A%20news/med=%23OpR%2372333%23Keyword%20%3A%20napa%20valley%20register/rb=%7B%22meta_tag%22%3A%22napa%20valley%20register%22%7D/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.0.73.248 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-0-73-248.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
g.json
aa.agkn.com/adscores/ Frame F178 		103 B
415 B 		Script
General
Check archive.org
Download Go to
Full URL
https://aa.agkn.com/adscores/g.json?sid=9202507693
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=6894/rand=636752140/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20napavalleyregister%20%3A%20Total%20Site%20Traffic/int=%23OpR%2372332%23Site%20Section%20%3A%20news/med=%23OpR%2372333%23Keyword%20%3A%20napa%20valley%20register/rb=%7B%22meta_tag%22%3A%22napa%20valley%20register%22%7D/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.127.52.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-127-52-31.eu-central-1.compute.amazonaws.com
Software
AAWebServer /
Resource Hash
e1ce17fd79478fbb0830c687ff4046c86993acb5fd14fc35b4fd29bed00ce94a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 19:25:20 GMT
server
AAWebServer
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
cache-control
no-cache, no-store, must-revalidate
content-type
application/json
content-length
103
expires
0
5907
tags.bluekai.com/site/ Frame F178 		62 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/5907?limit=0&id=9bd64e9b8d04aa1efccc0c45ad961c08
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=6894/rand=636752140/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20napavalleyregister%20%3A%20Total%20Site%20Traffic/int=%23OpR%2372332%23Site%20Section%20%3A%20news/med=%23OpR%2372333%23Keyword%20%3A%20napa%20valley%20register/rb=%7B%22meta_tag%22%3A%22napa%20valley%20register%22%7D/rt=ifr
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.111.215.191 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-111-215-191.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Wed, 22 Sep 2021 19:25:20 GMT
Connection
keep-alive
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length
62
Content-Type
image/gif
utsync.ashx
ml314.com/ Frame F178 		43 B
422 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ml314.com/utsync.ashx?eid=50146&et=0&fp=af712694ff23be31999dfa36376877e3&gdpr=1
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=6894/rand=636752140/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20napavalleyregister%20%3A%20Total%20Site%20Traffic/int=%23OpR%2372332%23Site%20Section%20%3A%20news/med=%23OpR%2372333%23Keyword%20%3A%20napa%20valley%20register/rb=%7B%22meta_tag%22%3A%22napa%20valley%20register%22%7D/rt=ifr
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.247.104.176 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-247-104-176.eu-west-1.compute.amazonaws.com
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 22 Sep 2021 19:25:20 GMT
Server
Microsoft-IIS/10.0
X-AspNet-Version
4.0.30319
X-Powered-By
ASP.NET
p3P
CP="NON DSP COR ADMo PSAo DEVo BUS COM UNI NAV DEM STA"
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
0,Thu, 23 Sep 2021 15:25:20 GMT
generic
match.adsrvr.org/track/cmf/ Frame F178 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=lotame&ttd_tpi=1&gdpr=1
Requested by
Host: bcp.crwdcntrl.net
URL: https://bcp.crwdcntrl.net/5/ct=y/c=6894/rand=636752140/pv=y/int=%23OpR%2363948%23Lee%20Enterprises%20%3A%20Total%20Site%20Traffic/int=%23OpR%2363949%23Lee%20Enterprises%20%3A%20napavalleyregister%20%3A%20Total%20Site%20Traffic/int=%23OpR%2372332%23Site%20Section%20%3A%20news/med=%23OpR%2372333%23Keyword%20%3A%20napa%20valley%20register/rb=%7B%22meta_tag%22%3A%22napa%20valley%20register%22%7D/rt=ifr
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.131 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a97adde81b00f2ca4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://bcp.crwdcntrl.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 22 Sep 2021 19:25:20 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
/
www.facebook.com/tr/ 		44 B
101 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=961211893969940&ev=Microdata&dl=https%3A%2F%2Fnapavalleyregister.com%2Fnews%2Flocal%2F&rl=&if=false&ts=1632338720532&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Local%20News%20%7C%20napavalleyregister.com%22%2C%22meta%3Akeywords%22%3A%22napa%20valley%20register%22%2C%22meta%3Adescription%22%3A%22Breaking%20news%2C%20politics%2C%20education%2C%20business%2C%20health%2C%20and%20more%20from%20the%20Napa%20Valley%20Register.%22%7D&cd[OpenGraph]=%7B%22og%3Atype%22%3A%22website%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fnapavalleyregister.com%2Fnews%2Flocal%2F%22%2C%22og%3Aimage%22%3A%22https%3A%2F%2Fbloximages.chicago2.vip.townnews.com%2Fnapavalleyregister.com%2Fcontent%2Ftncms%2Fcustom%2Fimage%2Ff675bdee-c549-11ea-98b6-631770e8cea7.jpg%22%2C%22og%3Aimage%3Awidth%22%3A%221200%22%2C%22og%3Aimage%3Aheight%22%3A%22630%22%2C%22og%3Atitle%22%3A%22Local%20News%22%2C%22og%3Adescription%22%3A%22Breaking%20news%2C%20politics%2C%20education%2C%20business%2C%20health%2C%20and%20more%20from%20the%20Napa%20Valley%20Register.%22%2C%22og%3Asite_name%22%3A%22Napa%20Valley%20Register%22%2C%22og%3Asection%22%3A%22News%20in%20Napa%20Valley%22%2C%22article%3Apublisher%22%3A%22https%3A%2F%2Fwww.facebook.com%2FNapaValleyRegister%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22https%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Organization%22%2C%22url%22%3A%22http%3A%2F%2Fnapavalleyregister.com%22%2C%22sameAs%22%3A%5B%22%2Ffacebook%22%2C%22%2Ftwitter%22%2C%22%2Fyoutube%22%5D%7D%2C%7B%22%40context%22%3A%22https%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Organization%22%2C%22url%22%3A%22http%3A%2F%2Fnapavalleyregister.com%22%2C%22sameAs%22%3A%5B%22%2Ffacebook%22%2C%22%2Ftwitter%22%2C%22%2Fyoutube%22%5D%7D%5D&sw=1600&sh=1200&v=2.9.46&r=stable&ec=2&o=30&fbp=fb.1.1632338720009.1321520899&it=1632338719284&coo=false&es=automatic&tm=3&exp=p0&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://napavalleyregister.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Wed, 22 Sep 2021 19:25:20 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
cache-control
no-cache, must-revalidate, max-age=0
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length
44
expires
Wed, 22 Sep 2021 19:25:20 GMT

Verdicts & Comments Add Verdict or Comment

112 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| onbeforexrselect boolean| originAgentCluster object| dataLayer object| _cc6894 object| LOTCC undefined| __CSP_NONCE object| litHtmlVersions boolean| LEE_DS function| $ function| jQuery object| TNCMS function| originalLeave function| objectFitImages function| Cookies object| picturefillCFG function| picturefill object| lazySizesConfig object| lazySizes function| onYouTubeIframeAPIReady object| __tnt object| obj object| eb.platform object| o function| __d3lUW8vwsKlB__ function| TNStats_Tracker object| TNTracker object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| default_ContributorServingLoaderClientJs object| googlefc function| __Y9uNstf385Zx__ object| __fcInternalApiManager object| Yjc2NWZkNWMwMDJiOGVjbG9hZGVyX2pz string| Yjc2NWZkNWMwMDJiOGVjY2FjaGVkX2pz string| __fcInvoked string| __fcexpdef boolean| __fcInternalApiPostMessageReady object| googletag object| _402 function| _402_Show object| googleToken object| googleIMState function| processGoogleTokenSync object| gaplugins object| webmonitoring object| paidtasksshim object| default_ContributorServingDetectionClientJs function| __45zy51t9ik3m__ undefined| falcon_sub_name undefined| lee_clus undefined| lee_ulli undefined| lee_ulld_iso8601 object| lee_glus undefined| lee_glusIE object| sub_last_login_iso8601 object| gaGlobal object| gaData object| agP15G2 function| agP15G3 object| xop function| messagingCallback object| firebase object| ___FONT_AWESOME___ object| FontAwesomeConfig object| FontAwesome boolean| $sNavScroll object| card_carousel_1779241 function| postscribe object| google_tag_manager_external object| _snowplow_trackers object| GlobalSnowplowNamespace function| snowplow function| fbq function| _fbq object| _comscore object| h2h2Lb function| h2h2Ln object| xblacklist object| JGJ3lM2 function| JGJ3lM3 function| xblocker function| udm_ object| ns_p object| COMSCORE object| Snowplow object| $FR_LAB object| LI object| __li__evt_bus object| liQ object| _mather object| _matherq object| tid object| google_optimize function| $TM_VR function| $TM_CC object| $TB function| nrlskOnEvent boolean| cf5f3403-1ab1-4222-8928-9f42e3d3d5c4 object| google_js_reporting_queue number| __google_lidar_ function| __google_lidar_radf_ object| default_ContributorServingCookieRefreshClientJs function| __8v31i8woen1z__ undefined| dl

30 Cookies

Domain/Path Name / Value
click1.email.napavalleyregister.com/ Name: JSESSIONID
Value: 94538A28FA657A33EB433BB466CA3212
.google.com/ Name: NID
Value: 224=ymwXx5XHfy5XWZ6sCHTqTeerxHT2fjCqstS24BG57m98Itnf5F-U-ggwOd90na8uH2rCRaJMn3ZBXnezuxRJBNchcdXxQzVXfmrPKjB9Ccpyl2_JAFlBbluKPMn04NBg9rxLfwum-Gs4-CJZkzEOKIxSBwJ7UixKBMnKefGZXOU
.napavalleyregister.com/ Name: AMP_TOKEN
Value: %24NOT_FOUND
.napavalleyregister.com/ Name: _gid
Value: GA1.2.1708887127.1632338719
.napavalleyregister.com/ Name: _dc_gtm_UA-54716522-7
Value: 1
.napavalleyregister.com/ Name: _ga_NFTGWT90ER
Value: GS1.1.1632338718.1.0.1632338718.0
.napavalleyregister.com/ Name: _ga_F8FFLLVDEZ
Value: GS1.1.1632338718.1.0.1632338718.60
.scorecardresearch.com/ Name: UID
Value: 1IJKYIXWIMBVJ1MYNCHBFGg1632338719
.napavalleyregister.com/ Name: spses.f729
Value: *
.napavalleyregister.com/ Name: spid.f729
Value: 188e6bc5-84a1-4964-89dd-7b6d005b1ae2.1632338719.1.1632338719.1632338719.684458cd-651e-440b-ad00-f5f6ca43970c
.napavalleyregister.com/ Name: _dc_gtm_UA-54716522-2
Value: 1
.napavalleyregister.com/ Name: _ga
Value: GA1.2.704446114.1632338719
.napavalleyregister.com/ Name: _li_dcdm_c
Value: .napavalleyregister.com
.napavalleyregister.com/ Name: _lc2_fpi
Value: 449232a86859--01fg7fgcjb85dmkvf439wdqy9b
.napavalleyregister.com/ Name: _ml_id
Value: f32a76509a4881d7.1632338719.1.1632338719.1632338719
.napavalleyregister.com/ Name: _ml_ses
Value: *
napavalleyregister.com/ Name: tms_VisitorID
Value: q51xmwbsui
am.freshrelevance.com/ Name: tms_SessionID
Value: TP4X9WBSXM
napavalleyregister.com/ Name: tms_SessionID
Value: TP4X9WBSXM
napavalleyregister.com/ Name: tms_wsip
Value: 1
.leetemplates.com/ Name: sp
Value: fda5bd8a-596d-48ca-91d3-ad096d279a71
.liadm.com/ Name: lidid
Value: efdf6cb6-7f64-42a4-a015-62f2d1827139
.napavalleyregister.com/ Name: FCNEC
Value: [["AKsRol9jZs4bbW1Hj4xOu7P6z5FmynzyP0ZzLuHgjTZbUIujWsXS5-oG_gwKs-qTmq5Ln4OaHb93Bd0O48EPZQwWPM34oiFqhqXtqfur6aOQHEq65BJ3-bQgTB7_wfius8UGHKsjl098sDgBlExVXZ3DlQXTURT_mQ=="]]
.napavalleyregister.com/ Name: FCCDCF
Value: [["AKsRol9jZs4bbW1Hj4xOu7P6z5FmynzyP0ZzLuHgjTZbUIujWsXS5-oG_gwKs-qTmq5Ln4OaHb93Bd0O48EPZQwWPM34oiFqhqXtqfur6aOQHEq65BJ3-bQgTB7_wfius8UGHKsjl098sDgBlExVXZ3DlQXTURT_mQ=="],null,["[[],[],[],[],null,null,true]",1632338719934]]
.napavalleyregister.com/ Name: _fbp
Value: fb.1.1632338720009.1321520899
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: af712694ff23be31999dfa36376877e3
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQSEwzNzQyszRJSzMyTko1NrS0tExJSzQ2MzY3szA3TzVmAIJE72YFEA0BgpPW7eFmfGfK8J%2BRkeH8EgS7ccMZfpj4j88fBGDs6z2H4OpnvbohChM%2FvmkKC4z98bMljPls8Ry48PGjh5hh4rv3XYYbeRhJzfQT6jAl75YgtE78OEEbJj57w1O4Cz403IcbAwATgVPl"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBI9G5WAFIQwMLAuG4WiMmssQtEMW4QB1Pr5gNJAHYyBZg%3D"
.agkn.com/ Name: ab
Value: 0001%3Al9OFoIWl%2B3x3e%2BalTkxkV7lMPhH5FBEP

10 Console Messages

Source Level URL
Text
javascript warning URL: https://napavalleyregister.com/news/local/(Line 136)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://survey.g.doubleclick.net/survey?site=_z5zxl2mrnaqn64afv7ltk6emqi&url=https%3A%2F%2Fnapavalleyregister.com%2Fnews%2Flocal%2F&cid=everything&random=1632338718215, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://napavalleyregister.com/news/local/(Line 136)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://survey.g.doubleclick.net/survey?site=_z5zxl2mrnaqn64afv7ltk6emqi&url=https%3A%2F%2Fnapavalleyregister.com%2Fnews%2Flocal%2F&cid=everything&random=1632338718215, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://napavalleyregister.com/shared-content/art/stats/common/tracker.gif?tnms_rs=1600x1200x24&tnms_vtum=1&tnms_vt=1&tnms_vid=163233871821116001200990388114737&tnms_dt=Local%20News%20%7C%20napavalleyregister.com&tnms_upage=1&tnms_do=napavalleyregister.com&tnms_uri=/news/local/&tnms_ref=&rt=1632338718214
Message:
Failed to load resource: the server responded with a status of 403 ()
javascript warning URL: https://survey.g.doubleclick.net/survey?site=_z5zxl2mrnaqn64afv7ltk6emqi&url=https%3A%2F%2Fnapavalleyregister.com%2Fnews%2Flocal%2F&cid=everything&random=1632338718215(Line 24)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://survey.g.doubleclick.net/insights/consumersurveys/static/438036761283989205/prompt_embed_static__de.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://survey.g.doubleclick.net/survey?site=_z5zxl2mrnaqn64afv7ltk6emqi&url=https%3A%2F%2Fnapavalleyregister.com%2Fnews%2Flocal%2F&cid=everything&random=1632338718215(Line 24)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://survey.g.doubleclick.net/insights/consumersurveys/static/438036761283989205/prompt_embed_static__de.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://survey.g.doubleclick.net/survey?site=_z5zxl2mrnaqn64afv7ltk6emqi&url=https%3A%2F%2Fnapavalleyregister.com%2Fnews%2Flocal%2F&cid=everything&random=1632338718215(Line 17)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://adservice.google.de/adsid/integrator.sync.js?domain=napavalleyregister.com, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://survey.g.doubleclick.net/survey?site=_z5zxl2mrnaqn64afv7ltk6emqi&url=https%3A%2F%2Fnapavalleyregister.com%2Fnews%2Flocal%2F&cid=everything&random=1632338718215(Line 25)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://survey.g.doubleclick.net/gk/prompt?site=_z5zxl2mrnaqn64afv7ltk6emqi&t=1&url=https%3A%2F%2Fnapavalleyregister.com%2Fnews%2Flocal%2F&cid=everything&random=1632338718354&ref=&token=, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://survey.g.doubleclick.net/survey?site=_z5zxl2mrnaqn64afv7ltk6emqi&url=https%3A%2F%2Fnapavalleyregister.com%2Fnews%2Flocal%2F&cid=everything&random=1632338718215(Line 25)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://survey.g.doubleclick.net/gk/prompt?site=_z5zxl2mrnaqn64afv7ltk6emqi&t=1&url=https%3A%2F%2Fnapavalleyregister.com%2Fnews%2Flocal%2F&cid=everything&random=1632338718354&ref=&token=, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://napavalleyregister.com/tncms/tracking/classifieds/featured/?i=0d3a5c83-5e99-53bc-95b8-1061b429d48e,
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://thrtle.com/insync?vxii_pid=10014&vxii_pdid=af712694ff23be31999dfa36376877e3
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.leetemplates.com
aa.agkn.com
adservice.google.de
am.freshrelevance.com
ampcid.google.com
ampcid.google.de
analytics.google.com
b-code.liadm.com
bcp.crwdcntrl.net
bloximages.chicago2.vip.townnews.com
click1.email.napavalleyregister.com
cm.g.doubleclick.net
cmp.osano.com
connect.facebook.net
contributor.google.com
d1eoo1tco6rr5e.cloudfront.net
d81mfvml8p5ml.cloudfront.net
dkpklk99llpj0.cloudfront.net
dn1i8v75r669j.cloudfront.net
fundingchoicesmessages.google.com
insight.adsrvr.org
js.matheranalytics.com
match.adsrvr.org
ml314.com
napavalleyregister.com
pagead2.googlesyndication.com
rp.liadm.com
rp4.liadm.com
sb.scorecardresearch.com
sli.napavalleyregister.com
stats.g.doubleclick.net
storage.googleapis.com
survey.g.doubleclick.net
tagan.adlightning.com
tags.bluekai.com
tags.crwdcntrl.net
thrtle.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
www.i.matheranalytics.com
104.111.215.191
104.18.130.43
107.178.250.234
13.225.78.42
13.225.78.59
13.225.78.97
13.225.83.200
142.250.74.194
192.104.182.209
2.16.186.163
2600:1f18:730:b140:3161:8a8b:ea8c:5d8b
2600:9000:20eb:b800:e:98bf:5f00:21
2600:9000:20eb:d200:2:36a1:2f40:21
2600:9000:20eb:ec00:8:8845:1500:93a1
2600:9000:21f3:ae00:7:5031:dc0:21
2600:9000:21f3:b400:3:b7e:8940:93a1
2a00:1450:4001:80f::2004
2a00:1450:4001:80f::2010
2a00:1450:4001:811::200e
2a00:1450:4001:812::200e
2a00:1450:4001:812::2011
2a00:1450:4001:827::2002
2a00:1450:4001:828::2003
2a00:1450:4001:828::2008
2a00:1450:4001:828::200e
2a00:1450:4001:830::2002
2a00:1450:4001:830::2003
2a00:1450:400c:c02::9a
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f11c:8083:face:b00c:0:25de
3.127.52.31
34.102.205.239
34.206.124.188
34.247.104.176
52.0.73.248
52.19.22.209
52.22.56.164
54.154.228.217
54.76.126.16
74.214.203.11
76.223.111.131
00ccb505ceabaf01946aff3584017bbb6de299c446ae5922aa5bfcb6702112dd
0aae37caeb1c5064881f16534e735f299658ad15ebe527cb1969e75d9ceb1c40
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0bd4bf1ae6486cfafef2d68fa19256bf5f9e2c5ec095a974e57722ef1696164c
0c497dd0b346ce5a635251128b66a927ecb8aa9f64e3d9927afe1005f712ea05
0c564ab82eab3ab608280194eefcee40765ab7872e8ed349e806e3c3170c4631
0f43f4ee69c1e53622d634119250c9ecc2b189983c3e9dcf6bca4c59523b2b4e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
15c5217bab15791da899bebeec1b32e57bcd02d20f8847c6440f47ededcdf625
165f2224fdb220f295f4c441bad7dfc35fd9ef57cb56af722285137944f598a7
18eadbed616a1c6d3afcf2750befa4c653869688479efbfdb0020c7c836d718b
19ee3ded1fe83e848e9b5cb0831689460e07c7d3d867fc692c84dc1106086293
1d584af3d0a8ad98207995400856e5e8c608551e080e252ed413e82c19ffd04f
1e21d5b207d77e6718f7c92c679d496a6fe7f2331ae7dab78f635805c41232ac
230af95eb0e9d637600593f1b608fdae9ea4a62f44a169c81d92c5cec760b014
25f56d9e94165984a700ecf44b0e220ebb59f1c35770169d6dfb2d31725b2a40
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
26a498d968f80be5aed94d0713c1c3628b8e4b777cb78e61fa4785496f3dc403
2cb7a069e7fca9907b032c95173d6c819d4a52f92ca869117e0fae18c038982a
2d199b9d8dc7886837cbfd12c9e8ddae7e28f5c375d564b31bf732a320921435
2ff30298cb08600b21e18d99439aab14c6616c4436c5183aeeb1b47f68994448
30f62e62973c17b57be850de0ffbd8d77182f7d45e2374b3645740b91953e1e9
3212f7405cbfcef2392b003dfcd30704bd7330cdcf686a04e0446ddd77a30edc
321fb426ca5f214a70f2faf9f9ded0e9332a1d134c0279983cb821d50c94b7f2
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
372942d78c26534b977fdcd8ab0969e899bd5b12482acb12f6062547bbed6afe
3968a98801a543546eb18f3f58a29b140d371c59ab6eafb76ef64528133bd43b
39b3f4ea7da5be033ccad2fbabd47e7fc1aeb7ef44651b4c1e08a216aabbef8d
3c9a2d086d47148ae23b40fb16fa13a5bd578e40aa7ee5acabd1ad9d3c958ecf
3ea5aaa321b6db46636e2589abb34162f817a1040ebcfadbfdfe6e75b7e0a6c1
3f7d4fce911e0a58ed4224b9f65d90a98d8bb7b76d25ad2610485b9baaa1d447
44ceb655dc840965b9d1a5f680c569af9935a6cc7bc82135622d1fa137b41e02
4bc0f70e20282ec0793117956396a1020e0ba94d7ca45f4b2f6e0d786dda8c82
4d75a3f73883a2e89eba326597e734d2bd1fb8e641b6b89bc29cb243498be156
4ef0cb2e94b5b79911d8647651823f8c4a39b0f1192bf85b2caa9ce9db3fd7e1
54bfe2c6bd1a37452b5151455f620ac88b8bf616104fb353ca23a245d203d971
5a237a8e57b640b31bcdb2571b5c30e1d98c3074a10791e782ef4f1eed8cd68b
5a2f10e09cd6e81eb686dbca9e6056ed485e87d3869bac347455547c294cb036
5ba4ea8c8cc539d637c034dde8990903e67d03f2fd61b64f64d0c970b61da99a
6236af00b7e7f82512641d52c272722215bc876a563d6d8a7fbbdfe95fa53c5b
624f98255aa0d282bd355c73ad6da3e871fce95fcf70cbed39ff215563649370
6445720c343bb3d351768c8fcffb41f8928b1750a04028225fbf8fdff70d4787
6b7e9d318e58c01413eaecfa9cb3a2e55d42222e0c5c189f05afabb681a06e86
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7169b20ff9116852953e326ad3776ac06c0f14a5a21a3e07f3fb8b5c46418a61
717035449ba02888f3a591aa246bc897269ce70496aad7e88d235b7472df04f0
75845ddd51e5f375f7b7aa868937566eb92118d0ee118cd3154db1a95d7b8dd0
7a137eb707a598c8e2b37ebbda2f392300d42df11701338857809d57e69a0adc
7d6bc5ccc0d04e6ccfbecd2bd5775b3604995e5196b4e08c179d0885e7e94925
81b72a589333f8d9cb50123a5f8ebaba023d8cf25b75fe5485c120804041ed3e
831b0d6cde4541d363bb7a67eb49010fc5fd717dda4b9c3187dd3207b1da56cd
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8416f8febc369c76d3fc82e78d0c49c84bf1dd1904b73cee557fccdbbb5b9005
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8df96c07d95691116aa2b3c60780d28934525e75051ec50924013454d5afad2d
8e69c64655718315422d63e22bc7dddaacd2fe1e1ceb20a6758287a76b9c6f66
8e9b6463c71c1e641ecf5e98573c2e96fff708ff385b54419bc2d0b481384f99
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
93eac8b1fb14d0863561633dfdf563013c023393aabfb122e3be7256629d9235
962f3870e9f7381b1f27f0c57a5faa33ce7b3749e5fd166de4e7c025f48a7579
975723923ecc93e0f4086b37e8fa829a347c45d2309dd90574c643eedd3047ab
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
a007cbf5aaad9838bd75d808715579d93ea60b285a95b0e5bcf68f8e499fbb83
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
ab43cf929d649dba8ce38c92dec4849c8049b678fec9942ae08df5ca57757280
ac7f93546dcd6a61894fa38cf3c506290cf5889d194df2a3feba7b561633d5b4
b10a075758097bb0578287af03c76a9fcd82fa4607587109ae41fe2d24756600
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3a9a6006e4c01d6d84a49eecf07cf36a818779ff4e99bbff22850f02de9c7a8
b9f8c3e05942ae2318ad24f9a9827faecab676916f560fc2a418ce4615feba36
bad3f4a20b737202b4cb52ce0124a2ae5d54be0002feb42790867ee446425332
bc40838a707dba656095bdce002939c726b0fe7de618b613ff3a29a39aef0938
c2c98e36537b792b0b73d7b88d3cbf2c59a8c06a2fab88739418cbc1902ee3c1
c2e6b587f22b7539ce069930acbc0e235321f672f247832f04675ab8d9dee415
c3ce2d96ebd4a12ea6c88bbada843d0c1803fade312e1719889e1eb63d3a24c4
c43747103a0c5861f11bac8f5d66cf149d70214756861656bccf7faea4f541be
c8bd9b846c0afbbbe8b440a5a38bf5e8bfe94236ae439e7fe2f93ddf15bcee96
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
cddc0f42fefc4f8f49ead3f1898713f85b54b7e48b8de8293c0028fc40fb3631
d09a1cbec72fcd36623e97a32d538a5969b8d5efdb691818b7c3dff9c43ec57f
d415e766b9d4f5de23d312cb525a19730fc7f8250d93b46bd7299630d6b0741a
d50881e8cf2ac03741c7c31b98dcabdf91d458ed76766efc511b26a2b796dd0f
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
d9af544bca7998f6fbb9e9fcff9cef9d9f69881812cda8fe6ee4edfafd1b8cbb
da46bc766028c67f94e34c39ecf0c36513fd5ffffe1e126ce09908ebcd671eb6
ddd1991e3d8ce67431989f8cca95743706d110f064ed2b3609041a3f20e50d2c
e1ce17fd79478fbb0830c687ff4046c86993acb5fd14fc35b4fd29bed00ce94a
e31c42447e764b1195ff393437950867800ce2465dd3724c95640f4f5b34487c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e623c5f82b25fcf65a7e81c57fff477387e7caca5ad8a0eed291dd2e9e5eb36d
e9a2e1c0eaa710faee6a13d3bdf9df0150d0344114b69974d3e3a19cd810d601
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef83a8cf0dffca7ff8b953318e55f5698ec626adcd8f4fde49e7899c532771f9
f0feed76d752929bb586de606efaf6a920f49452499ebeb463c84c8610556449
f3ac0531a31762cc3168b9903ecd84aa040ef70af17b44803d977da207c7e599
f3ed7caa8c5cd3c49197eecdd4080ddeb192bc8a5cec039d2e49bdb4b461bf45
f5e55a21dfa3a20ceb298737c8f4c517a83d7960468c7f53b3f33c567bacff3c
f6d17017f426cd12df76f77e8c2bbd026f35dcb3b0f1e48061349bd570a689dd
f98e8196d88bff2a006872a05d79c2d695f6dda36e0aecdd0ace020207809f40
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
fe5d23d415187d71dfa026db8852418f98513ef7f7a1c3e1321bc95d6d6a0f5f