link.rochester.townsquarenewsletters.com Open in urlscan Pro
3.226.166.212 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://link.rochester.townsquarenewsletters.com/view/5d810cb1b43a6140aa2a1340fqjdo.12v/ef79b482
Submission: On January 21 via manual (January 21st 2022, 9:39:47 pm UTC) from IN — Scanned from DE

Summary HTTP 29 Redirects Behaviour Indicators

Summary

This website contacted 15 IPs in 3 countries across 14 domains to perform 29 HTTP transactions. The main IP is 3.226.166.212, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is link.rochester.townsquarenewsletters.com.
TLS certificate: Issued by R3 on January 6th 2022. Valid for: 3 months.

This is the only time link.rochester.townsquarenewsletters.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 3	3.226.166.212 3.226.166.212	14618 (AMAZON-AES) (AMAZON-AES)
5	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1	52.217.40.238 52.217.40.238	16509 (AMAZON-02) (AMAZON-02)
1	18.66.97.92 18.66.97.92	16509 (AMAZON-02) (AMAZON-02)
2	192.229.233.172 192.229.233.172	15133 (EDGECAST) (EDGECAST)
1	216.152.138.37 216.152.138.37	13768 (COGECO-PEER1) (COGECO-PEER1)
3	192.229.233.181 192.229.233.181	15133 (EDGECAST) (EDGECAST)
8 8	2.16.186.234 2.16.186.234	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
5 8	18.214.62.106 18.214.62.106	14618 (AMAZON-AES) (AMAZON-AES)
1	151.101.65.44 151.101.65.44	54113 (FASTLY) (FASTLY)
2	2.18.232.230 2.18.232.230	16625 (AKAMAI-AS) (AKAMAI-AS)
4	52.222.236.94 52.222.236.94	16509 (AMAZON-02) (AMAZON-02)
1	52.216.28.76 52.216.28.76	16509 (AMAZON-02) (AMAZON-02)
2 3	34.231.142.219 34.231.142.219	14618 (AMAZON-AES) (AMAZON-AES)
1 1	185.29.132.245 185.29.132.245	30419 (MEDIAMATH...) (MEDIAMATH-INC)
1 2	2600:1f18:444... 2600:1f18:444a:4680:6bbe:49e:bc45:59	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
29	15

3 3.226.166.212 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-226-166-212.compute-1.amazonaws.com

link.rochester.townsquarenewsletters.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.40.238 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-92.fra56.r.cloudfront.net

media.sailthru.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.229.233.172 (Thousand Oaks, United States)

ASN15133 (EDGECAST, US)

ultimateclassicrock.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.152.138.37 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)

www.seizethedeal.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.229.233.181 (Thousand Oaks, United States)

ASN15133 (EDGECAST, US)

krocnews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
quickcountry.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2.16.186.234 (Frankfurt am Main, Germany) 8 redirects

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-234.deploy.static.akamaitechnologies.com

sli.townsquarenewsletters.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 18.214.62.106 (Ashburn, United States) 5 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-214-62-106.compute-1.amazonaws.com

p.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.44 (United States)

ASN54113 (FASTLY, US)

mb.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.232.230 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-230.deploy.static.akamaitechnologies.com

c.licasd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.222.236.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-94.fra56.r.cloudfront.net

d2fi4ri5dhpqd1.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.216.28.76 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

sailthru-media.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 34.231.142.219 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-231-142-219.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.245 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:444a:4680:6bbe:49e:bc45:59 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
13	liadm.com 8 redirects p.liadm.com — Cisco Umbrella Rank: 7404 i.liadm.com — Cisco Umbrella Rank: 512 i6.liadm.com — Cisco Umbrella Rank: 1514	5 KB
11	townsquarenewsletters.com 9 redirects link.rochester.townsquarenewsletters.com sli.townsquarenewsletters.com — Cisco Umbrella Rank: 736916	77 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 47	3 KB
4	cloudfront.net d2fi4ri5dhpqd1.cloudfront.net	8 KB
2	licasd.com c.licasd.com — Cisco Umbrella Rank: 8638	17 KB
2	krocnews.com krocnews.com — Cisco Umbrella Rank: 769044	209 KB
2	ultimateclassicrock.com ultimateclassicrock.com — Cisco Umbrella Rank: 180892	170 KB
2	amazonaws.com s3.amazonaws.com sailthru-media.s3.amazonaws.com — Cisco Umbrella Rank: 22508	15 KB
1	gstatic.com fonts.gstatic.com	16 KB
1	mathtag.com 1 redirects sync.mathtag.com — Cisco Umbrella Rank: 421	674 B
1	taboola.com mb.taboola.com — Cisco Umbrella Rank: 90761	66 KB
1	quickcountry.com quickcountry.com	62 KB
1	seizethedeal.com www.seizethedeal.com	120 KB
1	sailthru.com media.sailthru.com — Cisco Umbrella Rank: 12543	510 KB
29	14

	Domain	Requested by
8	p.liadm.com	5 redirects link.rochester.townsquarenewsletters.com
8	sli.townsquarenewsletters.com	8 redirects
5	fonts.googleapis.com	link.rochester.townsquarenewsletters.com
4	d2fi4ri5dhpqd1.cloudfront.net	link.rochester.townsquarenewsletters.com
3	i.liadm.com	2 redirects link.rochester.townsquarenewsletters.com
3	link.rochester.townsquarenewsletters.com	1 redirects link.rochester.townsquarenewsletters.com
2	i6.liadm.com	1 redirects link.rochester.townsquarenewsletters.com
2	c.licasd.com	link.rochester.townsquarenewsletters.com
2	krocnews.com	link.rochester.townsquarenewsletters.com
2	ultimateclassicrock.com	link.rochester.townsquarenewsletters.com
1	fonts.gstatic.com	fonts.googleapis.com
1	sync.mathtag.com	1 redirects
1	sailthru-media.s3.amazonaws.com	link.rochester.townsquarenewsletters.com
1	mb.taboola.com	link.rochester.townsquarenewsletters.com
1	quickcountry.com	link.rochester.townsquarenewsletters.com
1	www.seizethedeal.com	link.rochester.townsquarenewsletters.com
1	media.sailthru.com	link.rochester.townsquarenewsletters.com
1	s3.amazonaws.com	link.rochester.townsquarenewsletters.com
29	18

This site contains no links.

Subject Issuer	Validity	Valid
link.rochester.townsquarenewsletters.com R3	`2022-01-06` - `2022-04-06`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh
media.sailthru.com Amazon	`2021-06-04` - `2022-07-03`	a year	crt.sh
www5.townsquaremedia.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-19` - `2022-10-27`	a year	crt.sh
www.seizethedeal.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-24` - `2022-03-15`	a year	crt.sh
www6.townsquaremedia.com DigiCert TLS RSA SHA256 2020 CA1	`2021-10-27` - `2022-10-27`	a year	crt.sh
*.cloudfront.net Amazon	`2021-03-19` - `2022-03-17`	a year	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-12-13` - `2022-12-13`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-12-27` - `2022-03-21`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://link.rochester.townsquarenewsletters.com/view/5d810cb1b43a6140aa2a1340fqjdo.12v/ef79b482
Frame ID: 41601F7FFAEEC16CF5933F4401997FBA
Requests: 29 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Page Statistics

29
Requests

69 %
HTTPS

18 %
IPv6

14
Domains

18
Subdomains

15
IPs

3
Countries

1269 kB
Transfer

1356 kB
Size

7
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 5

https://link.rochester.townsquarenewsletters.com/img/5d810cb1b43a6140aa2a1340fqjdo.12v/e702d1bb.gif HTTP 302
https://s3.amazonaws.com/sailthru-media/3ih/1k4/a/m/5f91e18537c36.png

Request Chain 13

https://sli.townsquarenewsletters.com/imp?s=796783&li=26432412&m=f07a69d4b7928df9573cb795a7449197&p=26433811&stpe=default HTTP 301
https://p.liadm.com/imp?s=796783&li=26432412&m=f07a69d4b7928df9573cb795a7449197&p=26433811&stpe=default&_lc2_fpi=809c54f47cce--01fsz99df0sbf4ckt4sgn5e49k HTTP 302
https://mb.taboola.com/server/1.1/jpg/liveintent-ron-row/recommendations.get?recipient.proprietary.namespace=liveintent&recipient.proprietary.id=&recipient.user.id=&instance.id=7e451c08-bfe8-30b6-a4db-c34b7f1ace40&widget.placement=796783&widget.slot=1&widget.mode=thumbnails-medrec&source.url=http%3A%2F%2Fliveintent.com%2F&newsletter.id=33631&recipient.user.agent=&recipient.ipv4=185.213.155.166&widget.alternative=

Request Chain 14

https://sli.townsquarenewsletters.com/imp?s=796784&li=26432412&m=f07a69d4b7928df9573cb795a7449197&p=26433811&stpe=static HTTP 301
https://p.liadm.com/imp?s=796784&li=26432412&m=f07a69d4b7928df9573cb795a7449197&p=26433811&stpe=static&_lc2_fpi=809c54f47cce--01fsz99dets3dx28xsk4maq9mx HTTP 302
https://c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/94c8cd36dc1428947beeb6283056d111.png

Request Chain 15

https://sli.townsquarenewsletters.com/imp?s=796786&li=26432412&m=f07a69d4b7928df9573cb795a7449197&p=26433811&stpe=static HTTP 301
https://p.liadm.com/imp?s=796786&li=26432412&m=f07a69d4b7928df9573cb795a7449197&p=26433811&stpe=static&_lc2_fpi=809c54f47cce--01fsz99dez7c223hz74n1przn7 HTTP 302
https://c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/27e30bebaaece921293946f3c75ca02b.png

Request Chain 21

https://sli.townsquarenewsletters.com/imp?s=126363100&li=26432412&m=f07a69d4b7928df9573cb795a7449197&p=26433811&stpe=pixel HTTP 301
https://p.liadm.com/imp?s=126363100&li=26432412&m=f07a69d4b7928df9573cb795a7449197&p=26433811&stpe=pixel&_lc2_fpi=809c54f47cce--01fsz99dfcs8m4f94tdq6j9ajt HTTP 302
https://i.liadm.com/s/section/126363100?m=f07a69d4b7928df9573cb795a7449197&sh1=&sh2=&source=safe_rtb HTTP 303
https://i.liadm.com/s/section/126363100?sh2=&source=safe_rtb&m=f07a69d4b7928df9573cb795a7449197&_li_chk=true&sh1=&previous_uuid=f8eed15d53ff4f12bc366290c349f8ec HTTP 303
https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2F2533%2F0%2Faa6233272cb049fa87aba052c9b72a6c%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&f8eed15d-53ff-4f12-bc36-6290c349f8ec&previous_uuid=aa6233272cb049fa87aba052c9b72a6c HTTP 302
https://i.liadm.com/s/e/2533/0/aa6233272cb049fa87aba052c9b72a6c?mpid=7156&muid=431461eb-281e-4a00-8965-e1cb408820f1

Request Chain 22

https://sli.townsquarenewsletters.com/imp?s=126363101&li=26432412&m=f07a69d4b7928df9573cb795a7449197&p=26433811&stpe=pixel HTTP 301
https://p.liadm.com/imp?s=126363101&li=26432412&m=f07a69d4b7928df9573cb795a7449197&p=26433811&stpe=pixel&_lc2_fpi=809c54f47cce--01fsz99dfe05w6ceb8x4v6evy8 HTTP 302
https://i6.liadm.com/s/section/126363101?m=f07a69d4b7928df9573cb795a7449197&sh1=&sh2=&source=safe_rtb HTTP 303
https://i6.liadm.com/s/section/126363101?sh2=&source=safe_rtb&m=f07a69d4b7928df9573cb795a7449197&_li_chk=true&sh1=&previous_uuid=f7c23425f00c4ebcb9e568f5a58cf581

Request Chain 23

https://sli.townsquarenewsletters.com/imp?s=126363102&li=26432412&m=f07a69d4b7928df9573cb795a7449197&p=26433811&stpe=pixel HTTP 301
https://p.liadm.com/imp?s=126363102&li=26432412&m=f07a69d4b7928df9573cb795a7449197&p=26433811&stpe=pixel&_lc2_fpi=809c54f47cce--01fsz99dffg2dgd0v2nrfkr77p

Request Chain 24

https://sli.townsquarenewsletters.com/imp?s=126363103&li=26432412&m=f07a69d4b7928df9573cb795a7449197&p=26433811&stpe=pixel HTTP 301
https://p.liadm.com/imp?s=126363103&li=26432412&m=f07a69d4b7928df9573cb795a7449197&p=26433811&stpe=pixel&_lc2_fpi=809c54f47cce--01fsz99dfe05w6ceb8x4v6evy8

Request Chain 25

https://sli.townsquarenewsletters.com/imp?s=126363104&li=26432412&m=f07a69d4b7928df9573cb795a7449197&p=26433811&stpe=pixel HTTP 301
https://p.liadm.com/imp?s=126363104&li=26432412&m=f07a69d4b7928df9573cb795a7449197&p=26433811&stpe=pixel&_lc2_fpi=809c54f47cce--01fsz99dfe05w6ceb8x4v6evy8

29 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request ef79b482 Show response
link.rochester.townsquarenewsletters.com/view/5d810cb1b43a6140aa2a1340fqjdo.12v/ 99 KB
8 KB 761ms
447ms Document
text/html 3.226.166.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://link.rochester.townsquarenewsletters.com/view/5d810cb1b43a6140aa2a1340fqjdo.12v/ef79b482
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.226.166.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-226-166-212.compute-1.amazonaws.com
Software: Sailthru /
Resource Hash: 1068464af281b25be5be3dd04963dda10c550cb4f9063e5f432cf3b0699e4e23

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Fri, 21 Jan 2022 21:39:41 GMT
server: Sailthru
x-robots-tag: noindex
vary: Accept-Encoding
content-encoding: gzip
content-length: 7997
content-type: text/html; charset=utf-8
connection: close

GET
H2 200 css
fonts.googleapis.com/ 2 KB
1 KB 134ms
47ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto

Requested by

Host: link.rochester.townsquarenewsletters.com
URL: https://link.rochester.townsquarenewsletters.com/view/5d810cb1b43a6140aa2a1340fqjdo.12v/ef79b482

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://link.rochester.townsquarenewsletters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 21 Jan 2022 21:01:44 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 21 Jan 2022 21:39:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 Jan 2022 21:39:42 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
594 B 134ms
47ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald

Requested by

Host: link.rochester.townsquarenewsletters.com
URL: https://link.rochester.townsquarenewsletters.com/view/5d810cb1b43a6140aa2a1340fqjdo.12v/ef79b482

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

731ee3bbaa9f2fd92879f9087c9fbbf7438d3a52595c6c8a8020bb2a69b7afd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://link.rochester.townsquarenewsletters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 21 Jan 2022 21:33:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 21 Jan 2022 21:39:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 Jan 2022 21:39:42 GMT

GET
H2 200 css
fonts.googleapis.com/ 664 B
428 B 135ms
48ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Lato

Requested by

Host: link.rochester.townsquarenewsletters.com
URL: https://link.rochester.townsquarenewsletters.com/view/5d810cb1b43a6140aa2a1340fqjdo.12v/ef79b482

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f8f5705ee03667d1a28565f6dc84b7748bb9d7c4ded30c270354edd054b86b32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://link.rochester.townsquarenewsletters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 21 Jan 2022 20:34:39 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 21 Jan 2022 21:39:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 Jan 2022 21:39:42 GMT

GET
H2 200 css
fonts.googleapis.com/ 3 KB
695 B 142ms
56ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: link.rochester.townsquarenewsletters.com
URL: https://link.rochester.townsquarenewsletters.com/view/5d810cb1b43a6140aa2a1340fqjdo.12v/ef79b482

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c99361c0d8561c7d88a237009bac83ecc149fe6f1f91c52dde79b7841b584c40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://link.rochester.townsquarenewsletters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 21 Jan 2022 20:53:53 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 21 Jan 2022 21:39:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 Jan 2022 21:39:42 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
635 B 143ms
57ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro

Requested by

Host: link.rochester.townsquarenewsletters.com
URL: https://link.rochester.townsquarenewsletters.com/view/5d810cb1b43a6140aa2a1340fqjdo.12v/ef79b482

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6e6ca8458e665dbb0c6ef4974ee969c1a854bbc5c0f2a66edeebf68b806f3a0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://link.rochester.townsquarenewsletters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 21 Jan 2022 20:36:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 21 Jan 2022 21:39:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 21 Jan 2022 21:39:42 GMT

GET
H/1.1

200
OK

5f91e18537c36.png
s3.amazonaws.com/sailthru-media/3ih/1k4/a/m/
Redirect Chain

https://link.rochester.townsquarenewsletters.com/img/5d810cb1b43a6140aa2a1340fqjdo.12v/e702d1bb.gif
https://s3.amazonaws.com/sailthru-media/3ih/1k4/a/m/5f91e18537c36.png

110 B
501 B

397ms
110ms

Image
image/png

52.217.40.238
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sailthru-media/3ih/1k4/a/m/5f91e18537c36.png
Requested by: Host: link.rochester.townsquarenewsletters.com
URL: https://link.rochester.townsquarenewsletters.com/view/5d810cb1b43a6140aa2a1340fqjdo.12v/ef79b482
Protocol: HTTP/1.1
Server: 52.217.40.238 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 6f064b11007507ecebb88b25c6b21a41e51189b079c5a30342c8dc8950019c0c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://link.rochester.townsquarenewsletters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 21 Jan 2022 21:39:43 GMT
Last-Modified: Thu, 22 Oct 2020 19:46:14 GMT
Server: AmazonS3
x-amz-request-id: R1AZT5NBFX5YR0S6
ETag: "e51232cf9fc8dd7b4756cbe34f3be9cc"
Content-Type: image/png
Cache-Control: no-cache, no-store
Accept-Ranges: bytes
Content-Length: 110
x-amz-id-2: BIj7WBNiWs7E3F8c4gpzn/bAA+nuy3qD+KSBcIZ38PV4+P704+yPt5rJ++K7xZIaqg8Xx6/QPfI=

Redirect headers

date: Fri, 21 Jan 2022 21:39:42 GMT
server: Sailthru
content-type: text/html; charset=UTF-8
location: https://s3.amazonaws.com/sailthru-media/3ih/1k4/a/m/5f91e18537c36.png
cache-control: no-cache, no-store
connection: close
x-robots-tag: noindex
content-length: 0

GET
H/1.1 200
OK Sasquatch%20Logo%20Horizontal.png
media.sailthru.com/composer/images/sailthru-prod-3ih/ 509 KB
510 KB 149ms
105ms Image
image/png 18.66.97.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.sailthru.com/composer/images/sailthru-prod-3ih/Sasquatch%20Logo%20Horizontal.png
Requested by: Host: link.rochester.townsquarenewsletters.com
URL: https://link.rochester.townsquarenewsletters.com/view/5d810cb1b43a6140aa2a1340fqjdo.12v/ef79b482
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.97.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-97-92.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 27d91a9f49c46830822b4cd4afbaa60a5b4a68b835fd01e2a005d4c34c5363f7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://link.rochester.townsquarenewsletters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 21 Jan 2022 21:02:03 GMT
Via: 1.1 f4137273db9ae377298b8f8daf5b93f0.cloudfront.net (CloudFront)
Last-Modified: Thu, 02 Sep 2021 16:30:14 GMT
Server: AmazonS3
Age: 2260
ETag: "01f1148dd20d7e43c298bddd10950ac8"
X-Cache: Hit from cloudfront
Content-Type: image/png
Connection: keep-alive
X-Amz-Cf-Pop: FRA56-P2
Accept-Ranges: bytes
Content-Length: 521301
X-Amz-Cf-Id: Apc5rhKFtidPF3ztxgVjwb_RZzvV6LagMpSfwsi6jFbPBoKy7tAIrA==

GET
H2 200 attachment-George-Martin-The-Beatles-Hulton-Getty-Images.jpeg
ultimateclassicrock.com/files/2022/01/ 69 KB
70 KB 42ms
7ms Image
image/jpeg 192.229.233.172
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ultimateclassicrock.com/files/2022/01/attachment-George-Martin-The-Beatles-Hulton-Getty-Images.jpeg?w=640&h=427

Requested by

Host: link.rochester.townsquarenewsletters.com
URL: https://link.rochester.townsquarenewsletters.com/view/5d810cb1b43a6140aa2a1340fqjdo.12v/ef79b482

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.172 Thousand Oaks, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67BC) / Express

Resource Hash

1134b65d997df572a2e155b191fb2e378ee50c444f42d6e7994f81271ce76733

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://link.rochester.townsquarenewsletters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-abgroup: B
date: Fri, 21 Jan 2022 21:39:42 GMT
via: 1.1 varnish
age: 174014
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 71023
last-modified: Wed, 19 Jan 2022 21:16:02 GMT
server: ECS (frb/67BC)
x-frame-options: SAMEORIGIN
x-varnish: 2017393321
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Fri, 21 Jan 2022 21:39:41 GMT

GET
H/1.1 200
OK widget-rochester.png
www.seizethedeal.com/images/widgets/ 117 KB
120 KB 437ms
210ms Image
image/png 216.152.138.37
COGECO-PEER1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.seizethedeal.com/images/widgets/widget-rochester.png

Requested by

Host: link.rochester.townsquarenewsletters.com
URL: https://link.rochester.townsquarenewsletters.com/view/5d810cb1b43a6140aa2a1340fqjdo.12v/ef79b482

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

216.152.138.37 Herndon, United States, ASN13768 (COGECO-PEER1, CA),

Reverse DNS

Software

nginx /

Resource Hash

e5086ca7f430934a772c28cdaaa9d63157013ecd8c7e751822192772eec455a7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://fonts.gstatic.com;script-src 'self' .seizethedeal.com .townsquarecommerce.com .seizethedeal.com:8983 .seizethedeal.com:8982 .townsquarecommerce.com:8983 .townsquarecommerce.com:8982 netdna.bootstrapcdn.com https://oss.maxcdn.com https://maxcdn.bootstrapcdn.com https://www.googletagmanager.com https://ssl.google-analytics.com https://www.google-analytics.com https://www.google.com http://www.google-analytics.com https://accounts.google.com https://apis.google.com https://unpkg.com https://faye.getstream.io https://guarantee-cdn.com http://nsg.symantec.com https://nsg.symantec.com https://ajax.googleapis.com https://cdnjs.cloudflare.com https://graph.facebook.com connect.facebook.net http://thomasjbradley.ca http://github.com https://maps.google.com https://cdn.rawgit.com https://maps.googleapis.com https://www.gstatic.com https://ssl.gstatic.com http://ak.sail-horizon.com https://ak.sail-horizon.com https://platform.twitter.com https://assets.pinterest.com .adroll.com http://.sharethis.com https://.sharethis.com https://bat.bing.com 'unsafe-inline' 'unsafe-eval';style-src 'self' https://accounts.google.com https://netdna.bootstrapcdn.com https://maxcdn.bootstrapcdn.com http://code.jquery.com https://fonts.googleapis.com http://fonts.googleapis.com https://ajax.googleapis.com https://www.google.com https://unpkg.com http://.sharethis.com https://.sharethis.com 'unsafe-inline';img-src data:;connect-src 'self' https://graph.facebook.com https://faye.getstream.io wss://faye.getstream.io c.sharethis.mgr.consensu.org l.sharethis.com https://t.sharethis.com .seizethedeal.com .seizethedeal.com:8983 .seizethedeal.com:8982 .townsquarecommerce.com .townsquarecommerce.com:8983 .townsquarecommerce.com:8982 https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net https://www.facebook.com https://ajax.googleapis.com https://cdnjs.cloudflare.com;font-src 'self' https://netdna.bootstrapcdn.com https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://fonts.gstatic.com data:;object-src ;media-src data:;frame-src 'self' https://www.facebook.com staticxx.facebook.com https://web.facebook.com https://www.google.com https://accounts.google.com https://content.googleapis.com https://plusone.google.com https://platform.twitter.com https://nsg.symantec.com https://status.rackspace.com https://rackspace.service-now.com https://www.youtube.com https://c.sharethis.mgr.consensu.org https://t.sharethis.com https://ws.sharethis.com edge.sharethis.com https://*.sharethis.com gsa://onpageload data:;child-src 'self' https://www.facebook.com staticxx.facebook.com https://www.google.com https://accounts.google.com https://content.googleapis.com https://plusone.google.com https://platform.twitter.com https://status.rackspace.com https://rackspace.service-now.com edge.sharethis.com gsa://onpageload data:; report-uri /policy
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://link.rochester.townsquarenewsletters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 21 Jan 2022 21:39:42 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Last-Modified: Fri, 21 Jan 2022 16:05:14 GMT
Server: nginx
ETag: W/"61ead9ba-1d30c"
X-Frame-Options: SAMEORIGIN
Content-Type: image/png
Cache-Control: max-age=315360000
Transfer-Encoding: chunked
Content-Security-Policy: default-src 'self' https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://fonts.gstatic.com;script-src 'self' *.seizethedeal.com *.townsquarecommerce.com *.seizethedeal.com:8983 *.seizethedeal.com:8982 *.townsquarecommerce.com:8983 *.townsquarecommerce.com:8982 netdna.bootstrapcdn.com https://oss.maxcdn.com https://maxcdn.bootstrapcdn.com https://www.googletagmanager.com https://ssl.google-analytics.com https://www.google-analytics.com https://www.google.com http://www.google-analytics.com https://accounts.google.com https://apis.google.com https://unpkg.com https://faye.getstream.io https://guarantee-cdn.com http://nsg.symantec.com https://nsg.symantec.com https://ajax.googleapis.com https://cdnjs.cloudflare.com https://graph.facebook.com connect.facebook.net http://thomasjbradley.ca http://github.com https://maps.google.com https://cdn.rawgit.com https://maps.googleapis.com https://www.gstatic.com https://ssl.gstatic.com http://ak.sail-horizon.com https://ak.sail-horizon.com https://platform.twitter.com https://assets.pinterest.com *.adroll.com http://*.sharethis.com https://*.sharethis.com https://bat.bing.com 'unsafe-inline' 'unsafe-eval';style-src 'self' https://accounts.google.com https://netdna.bootstrapcdn.com https://maxcdn.bootstrapcdn.com http://code.jquery.com https://fonts.googleapis.com http://fonts.googleapis.com https://ajax.googleapis.com https://www.google.com https://unpkg.com http://*.sharethis.com https://*.sharethis.com 'unsafe-inline';img-src * data:;connect-src 'self' https://graph.facebook.com https://faye.getstream.io wss://faye.getstream.io c.sharethis.mgr.consensu.org l.sharethis.com https://t.sharethis.com *.seizethedeal.com *.seizethedeal.com:8983 *.seizethedeal.com:8982 *.townsquarecommerce.com *.townsquarecommerce.com:8983 *.townsquarecommerce.com:8982 https://www.google-analytics.com www.google-analytics.com https://stats.g.doubleclick.net https://www.facebook.com https://ajax.googleapis.com https://cdnjs.cloudflare.com;font-src 'self' https://netdna.bootstrapcdn.com https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://fonts.gstatic.com data:;object-src *;media-src * data:;frame-src 'self' https://www.facebook.com staticxx.facebook.com https://web.facebook.com https://www.google.com https://accounts.google.com https://content.googleapis.com https://plusone.google.com https://platform.twitter.com https://nsg.symantec.com https://status.rackspace.com https://rackspace.service-now.com https://www.youtube.com https://c.sharethis.mgr.consensu.org https://t.sharethis.com https://ws.sharethis.com edge.sharethis.com https://*.sharethis.com gsa://onpageload data:;child-src 'self' https://www.facebook.com staticxx.facebook.com https://www.google.com https://accounts.google.com https://content.googleapis.com https://plusone.google.com https://platform.twitter.com https://status.rackspace.com https://rackspace.service-now.com edge.sharethis.com gsa://onpageload data:; report-uri /policy
Connection: keep-alive
Vary: Accept-Encoding, Accept-Encoding
X-XSS-Protection: 1; mode=block
Expires: Mon, 19 Jan 2032 21:39:42 GMT

GET
H2 200 IMG_1789.jpg
krocnews.com/files/2019/08/ 102 KB
103 KB 50ms
19ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://krocnews.com/files/2019/08/IMG_1789.jpg?w=640&h=427

Requested by

Host: link.rochester.townsquarenewsletters.com
URL: https://link.rochester.townsquarenewsletters.com/view/5d810cb1b43a6140aa2a1340fqjdo.12v/ef79b482

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Thousand Oaks, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/67F2) / Express

Resource Hash

02782c42073dabdbb823665c1cf94ad6cf1c8d274d09ce6a1f5f73ad3577a90f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://link.rochester.townsquarenewsletters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-abgroup: B
date: Fri, 21 Jan 2022 21:39:42 GMT
via: 1.1 varnish
age: 88609
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 104809
last-modified: Sat, 23 Oct 2021 20:00:10 GMT
server: ECS (frb/67F2)
x-frame-options: SAMEORIGIN
x-varnish: 2032246710
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Fri, 21 Jan 2022 21:39:41 GMT

GET
H2 200 Pamela-and-Tommy-pics.jpg
ultimateclassicrock.com/files/2021/05/ 100 KB
100 KB 42ms
8ms Image
image/jpeg 192.229.233.172
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ultimateclassicrock.com/files/2021/05/Pamela-and-Tommy-pics.jpg?w=640&h=427

Requested by

Host: link.rochester.townsquarenewsletters.com
URL: https://link.rochester.townsquarenewsletters.com/view/5d810cb1b43a6140aa2a1340fqjdo.12v/ef79b482

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.172 Thousand Oaks, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6763) / Express

Resource Hash

b75b4a2abb0688ba8b63cdd5f7b0767026f4f9baf27044fb217acdd732668bcc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://link.rochester.townsquarenewsletters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-abgroup: A
date: Fri, 21 Jan 2022 21:39:42 GMT
via: 1.1 varnish
age: 4178236
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 102678
last-modified: Sat, 08 May 2021 14:41:48 GMT
server: ECS (frb/6763)
x-frame-options: SAMEORIGIN
x-varnish: 988925731
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Fri, 21 Jan 2022 21:39:41 GMT

GET
H2 200 attachment-cw2.jpg
krocnews.com/files/2022/01/ 106 KB
106 KB 38ms
7ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://krocnews.com/files/2022/01/attachment-cw2.jpg?w=640&h=427

Requested by

Host: link.rochester.townsquarenewsletters.com
URL: https://link.rochester.townsquarenewsletters.com/view/5d810cb1b43a6140aa2a1340fqjdo.12v/ef79b482

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Thousand Oaks, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/674D) / Express

Resource Hash

fbd93cb5ffff6118564635f140465cc4f9c104196a399437c96c5d33b7785592

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://link.rochester.townsquarenewsletters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-abgroup: B
date: Fri, 21 Jan 2022 21:39:42 GMT
via: 1.1 varnish
age: 88608
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 108328
last-modified: Thu, 20 Jan 2022 21:00:54 GMT
server: ECS (frb/674D)
x-frame-options: SAMEORIGIN
x-varnish: 1523433186
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Fri, 21 Jan 2022 21:39:41 GMT

GET
H2 200 attachment-Potatoes-on-I-94.jpg
quickcountry.com/files/2022/01/ 62 KB
62 KB 50ms
8ms Image
image/jpeg 192.229.233.181
EDGECAST

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://quickcountry.com/files/2022/01/attachment-Potatoes-on-I-94.jpg?w=640&h=427

Requested by

Host: link.rochester.townsquarenewsletters.com
URL: https://link.rochester.townsquarenewsletters.com/view/5d810cb1b43a6140aa2a1340fqjdo.12v/ef79b482

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

192.229.233.181 Thousand Oaks, United States, ASN15133 (EDGECAST, US),

Reverse DNS

Software

ECS (frb/6796) / Express

Resource Hash

1c38a4a99afb23b1e1ae21333b8de937862b7b975d899910279c6ea68f7bb69f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://link.rochester.townsquarenewsletters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-abgroup: B
date: Fri, 21 Jan 2022 21:39:42 GMT
via: 1.1 varnish
age: 88609
x-powered-by: Express
x-cache: HIT
x-carbon-image: compressed-gm
x-ua-device: desktop
x-device: desktop
content-length: 63271
last-modified: Thu, 20 Jan 2022 21:00:54 GMT
server: ECS (frb/6796)
x-frame-options: SAMEORIGIN
x-varnish: 2032246724
access-control-allow-origin: *
cache-control: no-cache
gdpr-source: DE
accept-ranges: bytes
content-type: image/jpeg
expires: Fri, 21 Jan 2022 21:39:41 GMT

GET
H2

200

recommendations.get
mb.taboola.com/server/1.1/jpg/liveintent-ron-row/
Redirect Chain

https://sli.townsquarenewsletters.com/imp?s=796783&li=26432412&m=f07a69d4b7928df9573cb795a7449197&p=26433811&stpe=default
https://p.liadm.com/imp?s=796783&li=26432412&m=f07a69d4b7928df9573cb795a7449197&p=26433811&stpe=default&_lc2_fpi=809c54f47cce--01fsz99df0sbf4ckt4sgn5e49k
https://mb.taboola.com/server/1.1/jpg/liveintent-ron-row/recommendations.get?recipient.proprietary.namespace=liveintent&recipient.proprietary.id=&recipient.user.id=&instance.id=7e451c08-bfe8-30b6-a...

66 KB
66 KB

261ms
234ms

Image
image/jpeg

151.101.65.44
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mb.taboola.com/server/1.1/jpg/liveintent-ron-row/recommendations.get?recipient.proprietary.namespace=liveintent&recipient.proprietary.id=&recipient.user.id=&instance.id=7e451c08-bfe8-30b6-a4db-c34b7f1ace40&widget.placement=796783&widget.slot=1&widget.mode=thumbnails-medrec&source.url=http%3A%2F%2Fliveintent.com%2F&newsletter.id=33631&recipient.user.agent=&recipient.ipv4=185.213.155.166&widget.alternative=
Requested by: Host: link.rochester.townsquarenewsletters.com
URL: https://link.rochester.townsquarenewsletters.com/view/5d810cb1b43a6140aa2a1340fqjdo.12v/ef79b482
Protocol: H2
Server: 151.101.65.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 2c7e59cd8c97ae912917b220cb2ba8beabdc4512b890d70de059bc75de1c8fbd

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://link.rochester.townsquarenewsletters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 21 Jan 2022 21:39:42 GMT
via: 1.1 varnish
server: nginx
x-timer: S1642801183.626829,VS0,VE228
x-served-by: cache-hhn4029-HHN
x-cache: MISS
content-type: image/jpeg
accept-ranges: bytes
content-length: 67204
x-application-context: application:fe,capture-cache-remote-hz,capture-remote-hz:8080
x-cache-hits: 0

Redirect headers

Location: https://mb.taboola.com/server/1.1/jpg/liveintent-ron-row/recommendations.get?recipient.proprietary.namespace=liveintent&recipient.proprietary.id=&recipient.user.id=&instance.id=7e451c08-bfe8-30b6-a4db-c34b7f1ace40&widget.placement=796783&widget.slot=1&widget.mode=thumbnails-medrec&source.url=http%3A%2F%2Fliveintent.com%2F&newsletter.id=33631&recipient.user.agent=&recipient.ipv4=185.213.155.166&widget.alternative=
Date: Fri, 21 Jan 2022 21:39:42 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

94c8cd36dc1428947beeb6283056d111.png
c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/
Redirect Chain

https://sli.townsquarenewsletters.com/imp?s=796784&li=26432412&m=f07a69d4b7928df9573cb795a7449197&p=26433811&stpe=static
https://p.liadm.com/imp?s=796784&li=26432412&m=f07a69d4b7928df9573cb795a7449197&p=26433811&stpe=static&_lc2_fpi=809c54f47cce--01fsz99dets3dx28xsk4maq9mx
https://c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/94c8cd36dc1428947beeb6283056d111.png

1 KB
2 KB

72ms
6ms

Image
image/png

2.18.232.230
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/94c8cd36dc1428947beeb6283056d111.png
Requested by: Host: link.rochester.townsquarenewsletters.com
URL: https://link.rochester.townsquarenewsletters.com/view/5d810cb1b43a6140aa2a1340fqjdo.12v/ef79b482
Protocol: HTTP/1.1
Server: 2.18.232.230 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-230.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 7df42999b17c3dd8039a37c41774eaa804db05245669e742e2e686b8da507bff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://link.rochester.townsquarenewsletters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 21 Jan 2022 21:39:42 GMT
Last-Modified: Tue, 06 Aug 2019 20:24:36 GMT
Server: AmazonS3
x-amz-request-id: D97D81VAR2573A3S
ETag: "6956da20f9d008ec379926ee358e5594"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1255
x-amz-id-2: e6ZyE1BrrLeXKTYAnhXDvlr8DMRn/MHuBN+o1LSbXo7824ovhU2gm6bTqN91tguaSSKz+5k3l+c=

Redirect headers

Location: https://c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/94c8cd36dc1428947beeb6283056d111.png
Date: Fri, 21 Jan 2022 21:39:42 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H/1.1

200
OK

27e30bebaaece921293946f3c75ca02b.png
c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/
Redirect Chain

https://sli.townsquarenewsletters.com/imp?s=796786&li=26432412&m=f07a69d4b7928df9573cb795a7449197&p=26433811&stpe=static
https://p.liadm.com/imp?s=796786&li=26432412&m=f07a69d4b7928df9573cb795a7449197&p=26433811&stpe=static&_lc2_fpi=809c54f47cce--01fsz99dez7c223hz74n1przn7
https://c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/27e30bebaaece921293946f3c75ca02b.png

15 KB
16 KB

72ms
8ms

Image
image/png

2.18.232.230
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/27e30bebaaece921293946f3c75ca02b.png
Requested by: Host: link.rochester.townsquarenewsletters.com
URL: https://link.rochester.townsquarenewsletters.com/view/5d810cb1b43a6140aa2a1340fqjdo.12v/ef79b482
Protocol: HTTP/1.1
Server: 2.18.232.230 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-230.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 5417ebe6c4d945b5780b26bff7af7b190dd85ebd80a273f91bfb18c948eb20ac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://link.rochester.townsquarenewsletters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 21 Jan 2022 21:39:42 GMT
Last-Modified: Wed, 17 Feb 2016 22:44:07 GMT
Server: AmazonS3
x-amz-request-id: JR0WZXEFJV0HCWEG
ETag: "c56fae17aa690ac40e2a23fbf5796b60"
Content-Type: image/png
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 15721
x-amz-id-2: o9QLULRJnC6gb8ZT9j75hoEY4ZgyuyNdhI3tezJfxocn9GksAQfC0WU436hsC2kL/ISuqs3hFXQ=

Redirect headers

Location: https://c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/27e30bebaaece921293946f3c75ca02b.png
Date: Fri, 21 Jan 2022 21:39:42 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 200 facebook@2x.png
d2fi4ri5dhpqd1.cloudfront.net/public/resources/social-networks-icon-sets/t-circle-white/ 1 KB
2 KB 46ms
7ms Image
image/png 52.222.236.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2fi4ri5dhpqd1.cloudfront.net/public/resources/social-networks-icon-sets/t-circle-white/facebook@2x.png
Requested by: Host: link.rochester.townsquarenewsletters.com
URL: https://link.rochester.townsquarenewsletters.com/view/5d810cb1b43a6140aa2a1340fqjdo.12v/ef79b482
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-94.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 0c088026faa2a80d33c8117233fcb4be746daea0af39e2dd62759a02085025ec

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://link.rochester.townsquarenewsletters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 21 Jan 2022 11:15:29 GMT
via: 1.1 30e954298424aa69c035e25834574742.cloudfront.net (CloudFront)
last-modified: Wed, 03 Feb 2021 07:41:38 GMT
server: AmazonS3
age: 37455
etag: "c4ec95a1c08ae549f3dd1860ca607629"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
content-length: 1220
x-amz-cf-id: eA2etRiBTU_u0L86N-jiNEQT80VF-KUPuLFJSAdpjob4Me5Aqonrng==

GET
H2 200 instagram@2x.png
d2fi4ri5dhpqd1.cloudfront.net/public/resources/social-networks-icon-sets/t-circle-white/ 2 KB
3 KB 45ms
8ms Image
image/png 52.222.236.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2fi4ri5dhpqd1.cloudfront.net/public/resources/social-networks-icon-sets/t-circle-white/instagram@2x.png
Requested by: Host: link.rochester.townsquarenewsletters.com
URL: https://link.rochester.townsquarenewsletters.com/view/5d810cb1b43a6140aa2a1340fqjdo.12v/ef79b482
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-94.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c457023b1b9b2e490190b9bb8b48633ac43ed306da97992c7ed3e276c522d579

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://link.rochester.townsquarenewsletters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 21 Jan 2022 00:02:18 GMT
via: 1.1 30e954298424aa69c035e25834574742.cloudfront.net (CloudFront)
last-modified: Mon, 28 Jan 2019 10:17:16 GMT
server: AmazonS3
age: 77845
etag: "c095937cf9b51783fad442a52c4a60d5"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
content-length: 2225
x-amz-cf-id: GYs5WJjWXZPIt2SI8ebGGdv7QTMn62G-qVjHJVkeBJ9wnl8TKFxDsw==
x-amz-meta-s3b-last-modified: 20180109T142507Z

GET
H2 200 twitter@2x.png
d2fi4ri5dhpqd1.cloudfront.net/public/resources/social-networks-icon-sets/t-circle-white/ 2 KB
2 KB 46ms
8ms Image
image/png 52.222.236.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2fi4ri5dhpqd1.cloudfront.net/public/resources/social-networks-icon-sets/t-circle-white/twitter@2x.png
Requested by: Host: link.rochester.townsquarenewsletters.com
URL: https://link.rochester.townsquarenewsletters.com/view/5d810cb1b43a6140aa2a1340fqjdo.12v/ef79b482
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-94.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fe76f6380bd04af7132269755eb0a3d080465271c99f72cb3529619a057eac63

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://link.rochester.townsquarenewsletters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 21 Jan 2022 01:28:15 GMT
via: 1.1 30e954298424aa69c035e25834574742.cloudfront.net (CloudFront)
last-modified: Mon, 28 Jan 2019 10:17:18 GMT
server: AmazonS3
age: 73257
etag: "24316b31fbfdee3f36dde1448b475ab3"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
content-length: 1681
x-amz-cf-id: BQQ0W1eYhrDU2TUc2IKDybfQW8z4IUrXgkC7efvjA9BhwamMObnUKQ==
x-amz-meta-s3b-last-modified: 20180109T142507Z

GET
H2 200 youtube@2x.png
d2fi4ri5dhpqd1.cloudfront.net/public/resources/social-networks-icon-sets/t-circle-white/ 1 KB
2 KB 44ms
8ms Image
image/png 52.222.236.94
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d2fi4ri5dhpqd1.cloudfront.net/public/resources/social-networks-icon-sets/t-circle-white/youtube@2x.png
Requested by: Host: link.rochester.townsquarenewsletters.com
URL: https://link.rochester.townsquarenewsletters.com/view/5d810cb1b43a6140aa2a1340fqjdo.12v/ef79b482
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.222.236.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-52-222-236-94.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 467c70da1d9c4e1a0637d6296f4aba044babb6ecbf0c7bc56f84620c0456cb16

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://link.rochester.townsquarenewsletters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 21 Jan 2022 17:08:06 GMT
via: 1.1 30e954298424aa69c035e25834574742.cloudfront.net (CloudFront)
last-modified: Mon, 28 Jan 2019 10:17:19 GMT
server: AmazonS3
age: 16297
etag: "c57b01cd518fe866aee4ace6d7f4a99a"
x-cache: Hit from cloudfront
content-type: image/png
x-amz-cf-pop: FRA56-P4
accept-ranges: bytes
content-length: 1531
x-amz-cf-id: oIAalYW3d0MtC6X7bTr3p4NRSvgT7A4rjdvO1Vg7yOdaynRheesBBA==
x-amz-meta-s3b-last-modified: 20180109T142507Z

GET
H/1.1 200
OK ts-beacon-dark-large-v2.png
sailthru-media.s3.amazonaws.com/composer/images/sailthru-prod-16m/ 14 KB
14 KB 391ms
107ms Image
image/png 52.216.28.76
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sailthru-media.s3.amazonaws.com/composer/images/sailthru-prod-16m/ts-beacon-dark-large-v2.png
Requested by: Host: link.rochester.townsquarenewsletters.com
URL: https://link.rochester.townsquarenewsletters.com/view/5d810cb1b43a6140aa2a1340fqjdo.12v/ef79b482
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.28.76 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3cf818f6b992d96efc205eba2672ecbc60a95d99e04463955f0af1039fdfd3f0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://link.rochester.townsquarenewsletters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 21 Jan 2022 21:39:43 GMT
Last-Modified: Thu, 22 Oct 2020 17:51:45 GMT
Server: AmazonS3
x-amz-request-id: R1AYDRHJGMRCXJXM
ETag: "14b33885245b11f9a1c94bcc8877683e"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 14417
x-amz-id-2: 44ILLEVBySQY8grrxvo/GWprGMI9AHDWoJelRQJjF8HVnhQ2VVnn1Mhe9ttDTfQq0+Ova5O9oL8=

GET
H/1.1

200
OK

aa6233272cb049fa87aba052c9b72a6c
i.liadm.com/s/e/2533/0/
Redirect Chain

https://sli.townsquarenewsletters.com/imp?s=126363100&li=26432412&m=f07a69d4b7928df9573cb795a7449197&p=26433811&stpe=pixel
https://p.liadm.com/imp?s=126363100&li=26432412&m=f07a69d4b7928df9573cb795a7449197&p=26433811&stpe=pixel&_lc2_fpi=809c54f47cce--01fsz99dfcs8m4f94tdq6j9ajt
https://i.liadm.com/s/section/126363100?m=f07a69d4b7928df9573cb795a7449197&sh1=&sh2=&source=safe_rtb
https://i.liadm.com/s/section/126363100?sh2=&source=safe_rtb&m=f07a69d4b7928df9573cb795a7449197&_li_chk=true&sh1=&previous_uuid=f8eed15d53ff4f12bc366290c349f8ec
https://sync.mathtag.com/sync/img?mt_exid=36&redir=https%3A%2F%2Fi.liadm.com%2Fs%2Fe%2F2533%2F0%2Faa6233272cb049fa87aba052c9b72a6c%3Fmpid%3D7156%26muid%3D%5BMM_UUID%5D&f8eed15d-53ff-4f12-bc36-6290c...
https://i.liadm.com/s/e/2533/0/aa6233272cb049fa87aba052c9b72a6c?mpid=7156&muid=431461eb-281e-4a00-8965-e1cb408820f1

43 B
285 B

94ms
94ms

Image
image/gif

34.231.142.219
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.liadm.com/s/e/2533/0/aa6233272cb049fa87aba052c9b72a6c?mpid=7156&muid=431461eb-281e-4a00-8965-e1cb408820f1

Requested by

Host: link.rochester.townsquarenewsletters.com
URL: https://link.rochester.townsquarenewsletters.com/view/5d810cb1b43a6140aa2a1340fqjdo.12v/ef79b482

Protocol

HTTP/1.1

Server

34.231.142.219 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-34-231-142-219.compute-1.amazonaws.com

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://link.rochester.townsquarenewsletters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 21 Jan 2022 21:39:42 GMT
Cache-Control: no-store
Connection: keep-alive
trace-id: 857627d075ba75bc
Content-Length: 43
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif

Redirect headers

Date: Fri, 21 Jan 2022 21:39:43 GMT
Server: MT3 4133 baa842e master zrh-pixel-x26 config:1.0.0
Access-Control-Allow-Origin: *
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://i.liadm.com/s/e/2533/0/aa6233272cb049fa87aba052c9b72a6c?mpid=7156&muid=431461eb-281e-4a00-8965-e1cb408820f1
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 21 Jan 2022 21:39:42 GMT

GET
H/1.1

200
OK

126363101
i6.liadm.com/s/section/
Redirect Chain

https://sli.townsquarenewsletters.com/imp?s=126363101&li=26432412&m=f07a69d4b7928df9573cb795a7449197&p=26433811&stpe=pixel
https://p.liadm.com/imp?s=126363101&li=26432412&m=f07a69d4b7928df9573cb795a7449197&p=26433811&stpe=pixel&_lc2_fpi=809c54f47cce--01fsz99dfe05w6ceb8x4v6evy8
https://i6.liadm.com/s/section/126363101?m=f07a69d4b7928df9573cb795a7449197&sh1=&sh2=&source=safe_rtb
https://i6.liadm.com/s/section/126363101?sh2=&source=safe_rtb&m=f07a69d4b7928df9573cb795a7449197&_li_chk=true&sh1=&previous_uuid=f7c23425f00c4ebcb9e568f5a58cf581

43 B
447 B

104ms
104ms

Image
image/gif

2600:1f18:444a:4680:6bbe:49e:bc45:59
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/section/126363101?sh2=&source=safe_rtb&m=f07a69d4b7928df9573cb795a7449197&_li_chk=true&sh1=&previous_uuid=f7c23425f00c4ebcb9e568f5a58cf581

Requested by

Host: link.rochester.townsquarenewsletters.com
URL: https://link.rochester.townsquarenewsletters.com/view/5d810cb1b43a6140aa2a1340fqjdo.12v/ef79b482

Protocol

HTTP/1.1

Server

2600:1f18:444a:4680:6bbe:49e:bc45:59 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://link.rochester.townsquarenewsletters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 21 Jan 2022 21:39:42 GMT
Cache-Control: no-store
Connection: keep-alive
trace-id: cc5f42b03e4ee86b
Content-Length: 43
Strict-Transport-Security: max-age=31536000; includeSubDomains
Content-Type: image/gif

Redirect headers

Location: /s/section/126363101?sh2=&source=safe_rtb&m=f07a69d4b7928df9573cb795a7449197&_li_chk=true&sh1=&previous_uuid=f7c23425f00c4ebcb9e568f5a58cf581
Date: Fri, 21 Jan 2022 21:39:42 GMT
Connection: keep-alive
trace-id: b92b50ed006ca9b2
Content-Length: 0
Strict-Transport-Security: max-age=31536000; includeSubDomains

GET
H/1.1

200
OK

imp
p.liadm.com/
Redirect Chain

https://sli.townsquarenewsletters.com/imp?s=126363102&li=26432412&m=f07a69d4b7928df9573cb795a7449197&p=26433811&stpe=pixel
https://p.liadm.com/imp?s=126363102&li=26432412&m=f07a69d4b7928df9573cb795a7449197&p=26433811&stpe=pixel&_lc2_fpi=809c54f47cce--01fsz99dffg2dgd0v2nrfkr77p

43 B
235 B

283ms
95ms

Image
image/gif

18.214.62.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.liadm.com/imp?s=126363102&li=26432412&m=f07a69d4b7928df9573cb795a7449197&p=26433811&stpe=pixel&_lc2_fpi=809c54f47cce--01fsz99dffg2dgd0v2nrfkr77p
Requested by: Host: link.rochester.townsquarenewsletters.com
URL: https://link.rochester.townsquarenewsletters.com/view/5d810cb1b43a6140aa2a1340fqjdo.12v/ef79b482
Protocol: HTTP/1.1
Server: 18.214.62.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-214-62-106.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://link.rochester.townsquarenewsletters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 21 Jan 2022 21:39:42 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Pragma: no-cache
Date: Fri, 21 Jan 2022 21:39:42 GMT
Content-Type: text/html
Location: https://p.liadm.com/imp?s=126363102&li=26432412&m=f07a69d4b7928df9573cb795a7449197&p=26433811&stpe=pixel&_lc2_fpi=809c54f47cce--01fsz99dffg2dgd0v2nrfkr77p
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Expires: Fri, 21 Jan 2022 21:39:42 GMT

GET
H/1.1

200
OK

imp
p.liadm.com/
Redirect Chain

https://sli.townsquarenewsletters.com/imp?s=126363103&li=26432412&m=f07a69d4b7928df9573cb795a7449197&p=26433811&stpe=pixel
https://p.liadm.com/imp?s=126363103&li=26432412&m=f07a69d4b7928df9573cb795a7449197&p=26433811&stpe=pixel&_lc2_fpi=809c54f47cce--01fsz99dfe05w6ceb8x4v6evy8

43 B
235 B

94ms
94ms

Image
image/gif

18.214.62.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.liadm.com/imp?s=126363103&li=26432412&m=f07a69d4b7928df9573cb795a7449197&p=26433811&stpe=pixel&_lc2_fpi=809c54f47cce--01fsz99dfe05w6ceb8x4v6evy8
Requested by: Host: link.rochester.townsquarenewsletters.com
URL: https://link.rochester.townsquarenewsletters.com/view/5d810cb1b43a6140aa2a1340fqjdo.12v/ef79b482
Protocol: HTTP/1.1
Server: 18.214.62.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-214-62-106.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://link.rochester.townsquarenewsletters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 21 Jan 2022 21:39:42 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Pragma: no-cache
Date: Fri, 21 Jan 2022 21:39:42 GMT
Content-Type: text/html
Location: https://p.liadm.com/imp?s=126363103&li=26432412&m=f07a69d4b7928df9573cb795a7449197&p=26433811&stpe=pixel&_lc2_fpi=809c54f47cce--01fsz99dfe05w6ceb8x4v6evy8
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Expires: Fri, 21 Jan 2022 21:39:42 GMT

GET
H/1.1

200
OK

imp
p.liadm.com/
Redirect Chain

https://sli.townsquarenewsletters.com/imp?s=126363104&li=26432412&m=f07a69d4b7928df9573cb795a7449197&p=26433811&stpe=pixel
https://p.liadm.com/imp?s=126363104&li=26432412&m=f07a69d4b7928df9573cb795a7449197&p=26433811&stpe=pixel&_lc2_fpi=809c54f47cce--01fsz99dfe05w6ceb8x4v6evy8

43 B
235 B

94ms
94ms

Image
image/gif

18.214.62.106
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.liadm.com/imp?s=126363104&li=26432412&m=f07a69d4b7928df9573cb795a7449197&p=26433811&stpe=pixel&_lc2_fpi=809c54f47cce--01fsz99dfe05w6ceb8x4v6evy8
Requested by: Host: link.rochester.townsquarenewsletters.com
URL: https://link.rochester.townsquarenewsletters.com/view/5d810cb1b43a6140aa2a1340fqjdo.12v/ef79b482
Protocol: HTTP/1.1
Server: 18.214.62.106 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-214-62-106.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://link.rochester.townsquarenewsletters.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 21 Jan 2022 21:39:42 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

Pragma: no-cache
Date: Fri, 21 Jan 2022 21:39:42 GMT
Content-Type: text/html
Location: https://p.liadm.com/imp?s=126363104&li=26432412&m=f07a69d4b7928df9573cb795a7449197&p=26433811&stpe=pixel&_lc2_fpi=809c54f47cce--01fsz99dfe05w6ceb8x4v6evy8
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Expires: Fri, 21 Jan 2022 21:39:42 GMT

GET
H/1.1 200
OK ef79b482
link.rochester.townsquarenewsletters.com/view/5d810cb1b43a6140aa2a1340fqjdo.12v/ 64 KB
64 KB 435ms
325ms Image
text/html 3.226.166.212
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://link.rochester.townsquarenewsletters.com/view/5d810cb1b43a6140aa2a1340fqjdo.12v/ef79b482
Requested by: Host: link.rochester.townsquarenewsletters.com
URL: https://link.rochester.townsquarenewsletters.com/view/5d810cb1b43a6140aa2a1340fqjdo.12v/ef79b482
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.226.166.212 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-226-166-212.compute-1.amazonaws.com
Software: Sailthru /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://link.rochester.townsquarenewsletters.com/view/5d810cb1b43a6140aa2a1340fqjdo.12v/ef79b482
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 21 Jan 2022 21:39:42 GMT
content-encoding: gzip
server: Sailthru
vary: Accept-Encoding
content-type: text/html; charset=utf-8
connection: close
x-robots-tag: noindex
content-length: 7997

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 118ms
37ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://link.rochester.townsquarenewsletters.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Wed, 19 Jan 2022 01:54:06 GMT
x-content-type-options: nosniff
age: 243936
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 19 Jan 2023 01:54:06 GMT

Verdicts & Comments Add Verdict or Comment

0 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
link.rochester.townsquarenewsletters.com/img/5d810cb1b43a6140aa2a1340fqjdo.12v	1970-01-20 00:20:01	Name: sail_fwd Value: 1642801182
i.liadm.com/s	1970-01-20 01:03:13	Name: _li_ss Value: MgUIBhCzEQ
.townsquarenewsletters.com/	1970-01-20 09:05:58	Name: sailthru_hid Value: 996cfe3c917b0009f61828324d6621765d810cb1b43a6140aa2a1340f8441759a3379d0303e06451965c3fdb
.townsquarenewsletters.com/	1970-01-20 00:20:11	Name: sailthru_bid Value: 26432412.00001399
.townsquarenewsletters.com/	1970-01-20 17:51:13	Name: _lc2_fpi Value: 809c54f47cce--01fsz99dfe05w6ceb8x4v6evy8
.liadm.com/	1970-01-20 17:51:13	Name: lidid Value: f8eed15d-53ff-4f12-bc36-6290c349f8ec
.mathtag.com/	1970-01-20 09:45:56	Name: uuid Value: 431461eb-281e-4a00-8965-e1cb408820f1

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.licasd.com
d2fi4ri5dhpqd1.cloudfront.net
fonts.googleapis.com
fonts.gstatic.com
i.liadm.com
i6.liadm.com
krocnews.com
link.rochester.townsquarenewsletters.com
mb.taboola.com
media.sailthru.com
p.liadm.com
quickcountry.com
s3.amazonaws.com
sailthru-media.s3.amazonaws.com
sli.townsquarenewsletters.com
sync.mathtag.com
ultimateclassicrock.com
www.seizethedeal.com
151.101.65.44
18.214.62.106
18.66.97.92
185.29.132.245
192.229.233.172
192.229.233.181
2.16.186.234
2.18.232.230
216.152.138.37
2600:1f18:444a:4680:6bbe:49e:bc45:59
2a00:1450:4001:80f::2003
2a00:1450:4001:830::200a
3.226.166.212
34.231.142.219
52.216.28.76
52.217.40.238
52.222.236.94
02782c42073dabdbb823665c1cf94ad6cf1c8d274d09ce6a1f5f73ad3577a90f
0c088026faa2a80d33c8117233fcb4be746daea0af39e2dd62759a02085025ec
1068464af281b25be5be3dd04963dda10c550cb4f9063e5f432cf3b0699e4e23
1134b65d997df572a2e155b191fb2e378ee50c444f42d6e7994f81271ce76733
1c38a4a99afb23b1e1ae21333b8de937862b7b975d899910279c6ea68f7bb69f
27d91a9f49c46830822b4cd4afbaa60a5b4a68b835fd01e2a005d4c34c5363f7
2c7e59cd8c97ae912917b220cb2ba8beabdc4512b890d70de059bc75de1c8fbd
3cf818f6b992d96efc205eba2672ecbc60a95d99e04463955f0af1039fdfd3f0
467c70da1d9c4e1a0637d6296f4aba044babb6ecbf0c7bc56f84620c0456cb16
5417ebe6c4d945b5780b26bff7af7b190dd85ebd80a273f91bfb18c948eb20ac
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
6e6ca8458e665dbb0c6ef4974ee969c1a854bbc5c0f2a66edeebf68b806f3a0e
6f064b11007507ecebb88b25c6b21a41e51189b079c5a30342c8dc8950019c0c
731ee3bbaa9f2fd92879f9087c9fbbf7438d3a52595c6c8a8020bb2a69b7afd6
7888a75eac5f8b9dc4c448f10e8dc9030fcae612cb236f1a9e9700d56ae6ef34
7df42999b17c3dd8039a37c41774eaa804db05245669e742e2e686b8da507bff
b75b4a2abb0688ba8b63cdd5f7b0767026f4f9baf27044fb217acdd732668bcc
c457023b1b9b2e490190b9bb8b48633ac43ed306da97992c7ed3e276c522d579
c99361c0d8561c7d88a237009bac83ecc149fe6f1f91c52dde79b7841b584c40
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5086ca7f430934a772c28cdaaa9d63157013ecd8c7e751822192772eec455a7
f8f5705ee03667d1a28565f6dc84b7748bb9d7c4ded30c270354edd054b86b32
fbd93cb5ffff6118564635f140465cc4f9c104196a399437c96c5d33b7785592
fe76f6380bd04af7132269755eb0a3d080465271c99f72cb3529619a057eac63

link.rochester.townsquarenewsletters.com Open in urlscan Pro 3.226.166.212 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

29 Requests

69 %HTTPS

18 %IPv6

14 Domains

18 Subdomains

15 IPs

3 Countries

1269 kBTransfer

1356 kBSize

7 Cookies

0 Outgoing links

Redirected requests

29 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

link.rochester.townsquarenewsletters.com Open in urlscan Pro
3.226.166.212 Public Scan

Screenshot
Live screenshot

Full Image

29
Requests

69 %
HTTPS

18 %
IPv6

14
Domains

18
Subdomains

15
IPs

3
Countries

1269 kB
Transfer

1356 kB
Size

7
Cookies

29 HTTP transactions
0 data transactions