bangordailynews.com Open in urlscan Pro
192.0.78.250 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://hubspot.fedscoop.com/e2t/tc/VVtbbF268JrwW42vy7Q5XWCP5W99f7mw4qLW2MN5_C1nX2-G_BV1-WJV7CgCv-W3dT5MB76BL5JW4GxGHC8_ZvbkW...
Effective URL:
https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-...
Submission: On April 26 via api (April 26th 2021, 9:47:54 pm UTC) from US

Summary HTTP 417 Redirects Links 28 Behaviour Indicators

Summary

This website contacted 95 IPs in 7 countries across 61 domains to perform 417 HTTP transactions. The main IP is 192.0.78.250, located in United States and belongs to AUTOMATTIC, US. The main domain is bangordailynews.com.
TLS certificate: Issued by R3 on April 23rd 2021. Valid for: 3 months.

This is the only time bangordailynews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	199.60.103.225 199.60.103.225	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
42	192.0.78.250 192.0.78.250	2635 (AUTOMATTIC) (AUTOMATTIC)
15	192.0.77.37 192.0.77.37	2635 (AUTOMATTIC) (AUTOMATTIC)
4	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20e... 2600:9000:20eb:f200:9:4c16:5180:21	16509 (AMAZON-02) (AMAZON-02)
5	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	2.18.234.163 2.18.234.163	16625 (AKAMAI-AS) (AKAMAI-AS)
16	204.48.28.205 204.48.28.205	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
24	178.79.242.139 178.79.242.139	22822 (LLNW) (LLNW)
12	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
7	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
1	13.224.112.38 13.224.112.38	16509 (AMAZON-02) (AMAZON-02)
3	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2600:9000:21f... 2600:9000:21f3:6e00:d:77c3:2dc0:21	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
2 3	151.101.114.137 151.101.114.137	54113 (FASTLY) (FASTLY)
4	151.101.14.137 151.101.14.137	54113 (FASTLY) (FASTLY)
1	2606:4700:303... 2606:4700:3031::ac43:9eaa	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:808::2003	15169 (GOOGLE) (GOOGLE)
4	2606:4700:20:... 2606:4700:20::ac43:4671	13335 (CLOUDFLAR...) (CLOUDFLARENET)
24	52.70.144.100 52.70.144.100	14618 (AMAZON-AES) (AMAZON-AES)
1	34.96.85.105 34.96.85.105	15169 (GOOGLE) (GOOGLE)
1	52.52.166.208 52.52.166.208	16509 (AMAZON-02) (AMAZON-02)
1	54.144.144.142 54.144.144.142	14618 (AMAZON-AES) (AMAZON-AES)
11	2606:4700::68... 2606:4700::6811:b8b1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	13.224.105.229 13.224.105.229	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f01... 2a03:2880:f01c:800e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
8	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:20c... 2600:9000:20c8:9000:18:1fcd:34e:d2a1	16509 (AMAZON-02) (AMAZON-02)
1 2	107.178.250.234 107.178.250.234	15169 (GOOGLE) (GOOGLE)
1	52.217.14.124 52.217.14.124	16509 (AMAZON-02) (AMAZON-02)
7	54.194.230.135 54.194.230.135	16509 (AMAZON-02) (AMAZON-02)
28	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
4	52.210.137.162 52.210.137.162	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:803::2006	15169 (GOOGLE) (GOOGLE)
9	3.143.119.104 3.143.119.104	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
11	2606:4700::68... 2606:4700::6810:2a41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
2	52.45.183.189 52.45.183.189	14618 (AMAZON-AES) (AMAZON-AES)
3	35.168.95.93 35.168.95.93	14618 (AMAZON-AES) (AMAZON-AES)
1	2a00:1450:400... 2a00:1450:400c:c0c::9b	15169 (GOOGLE) (GOOGLE)
2	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
4	52.203.28.84 52.203.28.84	14618 (AMAZON-AES) (AMAZON-AES)
21	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1 1	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6811:4e22	13335 (CLOUDFLAR...) (CLOUDFLARENET)
12	2620:116:800d... 2620:116:800d:21:f916:5049:f87f:108e	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:20c... 2600:9000:20c8:6400:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	34.225.120.49 34.225.120.49	14618 (AMAZON-AES) (AMAZON-AES)
5	2607:f8b0:400... 2607:f8b0:400a:80a::2003	15169 (GOOGLE) (GOOGLE)
3	2600:9000:215... 2600:9000:2156:ce00:15:6f6c:b180:93a1	16509 (AMAZON-02) (AMAZON-02)
3	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	52.208.222.238 52.208.222.238	16509 (AMAZON-02) (AMAZON-02)
1 3	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	34.120.133.55 34.120.133.55	15169 (GOOGLE) (GOOGLE)
1	52.30.73.5 52.30.73.5	16509 (AMAZON-02) (AMAZON-02)
2	185.94.180.124 185.94.180.124	35220 (SPOTX-AMS) (SPOTX-AMS)
4 8	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2	185.33.223.178 185.33.223.178	29990 (ASN-APPNEX) (ASN-APPNEX)
1	52.28.122.36 52.28.122.36	16509 (AMAZON-02) (AMAZON-02)
3	54.195.68.175 54.195.68.175	16509 (AMAZON-02) (AMAZON-02)
3	185.33.221.52 185.33.221.52	29990 (ASN-APPNEX) (ASN-APPNEX)
1	2a00:1450:400... 2a00:1450:400c:c0d::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
5	52.59.160.25 52.59.160.25	16509 (AMAZON-02) (AMAZON-02)
2	54.195.94.143 54.195.94.143	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1288:80:... 2a00:1288:80:800::7001	203220 (YAHOO-DEB) (YAHOO-DEB)
8	3.122.87.145 3.122.87.145	16509 (AMAZON-02) (AMAZON-02)
4	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
1	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	152.199.22.185 152.199.22.185	15133 (EDGECAST) (EDGECAST)
1	69.168.106.81 69.168.106.81	36271 (SYNACOR-C...) (SYNACOR-CLUSTER)
2 2	52.28.120.199 52.28.120.199	16509 (AMAZON-02) (AMAZON-02)
2	52.24.184.198 52.24.184.198	16509 (AMAZON-02) (AMAZON-02)
2 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1	44.238.170.237 44.238.170.237	16509 (AMAZON-02) (AMAZON-02)
1	178.162.133.150 178.162.133.150	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	185.255.84.151 185.255.84.151	200271 (IGUANE-) (IGUANE-)
1	104.16.190.66 104.16.190.66	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	72.251.249.13 72.251.249.13	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	18.196.230.57 18.196.230.57	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:16::1460	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	213.19.147.42 213.19.147.42	3356 (LEVEL3) (LEVEL3)
1	52.21.43.22 52.21.43.22	14618 (AMAZON-AES) (AMAZON-AES)
1	35.158.21.212 35.158.21.212	16509 (AMAZON-02) (AMAZON-02)
1	152.199.22.191 152.199.22.191	15133 (EDGECAST) (EDGECAST)
1	150.136.156.92 150.136.156.92	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
417	95

2 199.60.103.225 (United States) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

hubspot.fedscoop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

42 192.0.78.250 (United States)

ASN2635 (AUTOMATTIC, US)

bangordailynews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 192.0.77.37 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

c0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:f200:9:4c16:5180:21 (United States)

ASN16509 (AMAZON-02, US)

d25dfknw9ghxs6.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.163 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-163.deploy.static.akamaitechnologies.com

s.ntv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 204.48.28.205 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

serv-vdo.pixfuture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 178.79.242.139 (United States)

ASN22822 (LLNW, US)
PTR: https-178-79-242-139.fra.llnw.net

player.anyclip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
config.anyclip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.anyclip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn5.anyclip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 192.0.77.2 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com

i1.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i2.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)

assets.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.112.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-112-38.mad50.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.0.76.3 (United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:21f3:6e00:d:77c3:2dc0:21 (United States)

ASN16509 (AMAZON-02, US)

d2s8wlbatk24s7.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.114.137 (Frankfurt am Main, Germany) 2 redirects

ASN54113 (FASTLY, US)

cd.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 151.101.14.137 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cds.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vid.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::ac43:9eaa (United States)

ASN13335 (CLOUDFLARENET, US)

www.npttech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::ac43:4671 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.pixfuture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 52.70.144.100 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-70-144-100.compute-1.amazonaws.com

pixel.anyclip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.85.105 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 105.85.96.34.bc.googleusercontent.com

bangordailynews.coral.coralproject.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.52.166.208 (San Jose, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-52-166-208.us-west-1.compute.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.144.144.142 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-144-144-142.compute-1.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6811:b8b1 (United States)

ASN13335 (CLOUDFLARENET, US)

buy.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
experience.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.105.229 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-105-229.mad50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:800e:face:b00c:0:2 (United States)

ASN32934 (FACEBOOK, US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20c8:9000:18:1fcd:34e:d2a1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.250.234 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 234.250.178.107.bc.googleusercontent.com

js.matheranalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.14.124 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

bdn-data.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 54.194.230.135 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.210.137.162 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-137-162.eu-west-1.compute.amazonaws.com

vid.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:803::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 3.143.119.104 (Columbus, United States)

ASN16509 (AMAZON-02, US)

capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6810:2a41 (United States)

ASN13335 (CLOUDFLARENET, US)

api-esp.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.45.183.189 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.168.95.93 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

www.i.matheranalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.203.28.84 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

trafficmanager.anyclip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:4e22 (United States)

ASN13335 (CLOUDFLARENET, US)

global.proper.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eb.proper.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2620:116:800d:21:f916:5049:f87f:108e (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20c8:6400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.225.120.49 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

lreprx-server.anyclip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:400a:80a::2003 (United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:2156:ce00:15:6f6c:b180:93a1 (United States)

ASN16509 (AMAZON-02, US)

vpaid.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.208.222.238 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

bc-ssb-dub.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.159.8 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

anyclip-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
propermedia-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.73.5 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.124 (United States)

ASN35220 (SPOTX-AMS, US)

search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.98.64.218 (Kansas City, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

pixfuture2-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.223.178 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.28.122.36 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-122-36.eu-central-1.compute.amazonaws.com

ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.195.68.175 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

vid-io-dub.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.33.221.52 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0d::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 52.59.160.25 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

ads.adaptv.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.195.94.143 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

acds.prod.vidible.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1288:80:800::7001 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

cdn-ssl.vidible.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 3.122.87.145 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

trk.vidible.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.22.185 (United States)

ASN15133 (EDGECAST, US)

reflex.media.syn-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.168.106.81 (United States)

ASN36271 (SYNACOR-CLUSTER, US)

synacor.autoplay-plugins.static-origin.syn-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.28.120.199 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-120-199.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.24.184.198 (Boardman, United States)

ASN16509 (AMAZON-02, US)

usync.proper.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.238.170.237 (Boardman, United States)

ASN16509 (AMAZON-02, US)

bids.proper.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.150 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com

apex.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.151 (Paris, France)

ASN200271 (IGUANE-, FR)

hb-api.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.190.66 (United States)

ASN13335 (CLOUDFLARENET, US)

dmx.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.249.13 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.196.230.57 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

hb.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:16::1460 (United States)

ASN41041 (VCLK-EU-SE, US)

web.hb.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.147.42 (United Kingdom)

ASN3356 (LEVEL3, US)

tag.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.21.43.22 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

ssc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.158.21.212 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.22.191 (United States)

ASN15133 (EDGECAST, US)

contango-cdn.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 150.136.156.92 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)

uat-net.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
54	anyclip.com player.anyclip.com config.anyclip.com pixel.anyclip.com assets.anyclip.com trafficmanager.anyclip.com cdn5.anyclip.com lreprx-server.anyclip.com	628 KB
42	bangordailynews.com bangordailynews.com	344 KB
32	googleapis.com fonts.googleapis.com imasdk.googleapis.com	4 MB
30	wp.com c0.wp.com i1.wp.com i2.wp.com i0.wp.com stats.wp.com pixel.wp.com	320 KB
21	googlesyndication.com pagead2.googlesyndication.com	198 KB
20	pixfuture.com serv-vdo.pixfuture.com cdn.pixfuture.com	446 KB
16	connatix.com 2 redirects cd.connatix.com cds.connatix.com capi.connatix.com vid.connatix.com img.connatix.com	469 KB
14	vidible.tv acds.prod.vidible.tv cdn-ssl.vidible.tv trk.vidible.tv	221 KB
14	revcontent.com assets.revcontent.com trends.revcontent.com img.revcontent.com cdn.revcontent.com images.revcontent.com	160 KB
12	quantserve.com secure.quantserve.com pixel.quantserve.com	11 KB
12	springserve.com vid.springserve.com vpaid.springserve.com bc-ssb-dub.springserve.com vid-io-dub.springserve.com	264 KB
11	openx.net 5 redirects anyclip-d.openx.net pixfuture2-d.openx.net propermedia-d.openx.net	4 KB
11	piano.io api-esp.piano.io i.piano.io	33 KB
11	tinypass.com buy.tinypass.com id.tinypass.com experience.tinypass.com	2 MB
10	gstatic.com fonts.gstatic.com csi.gstatic.com	160 KB
7	google-analytics.com www.google-analytics.com	59 KB
7	google.com fundingchoicesmessages.google.com ampcid.google.com www.google.com	95 KB
7	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net	359 KB
6	proper.io global.proper.io usync.proper.io bids.proper.io eb.proper.io	87 KB
6	pubmatic.com ads.pubmatic.com hbopenbid.pubmatic.com image6.pubmatic.com	99 KB
6	2mdn.net s0.2mdn.net	82 KB
5	advertising.com ads.adaptv.advertising.com	5 KB
5	adnxs.com ib.adnxs.com secure.adnxs.com	6 KB
5	matheranalytics.com 1 redirects js.matheranalytics.com www.i.matheranalytics.com	41 KB
4	moatads.com z.moatads.com px.moatads.com	88 KB
3	google.de ampcid.google.de www.google.de	638 B
3	facebook.com graph.facebook.com www.facebook.com	921 B
3	amazon-adsystem.com c.amazon-adsystem.com	35 KB
3	googletagmanager.com www.googletagmanager.com	112 KB
2	technoratimedia.com contango-cdn.technoratimedia.com uat-net.technoratimedia.com	4 KB
2	yahoo.com 2 redirects ups.analytics.yahoo.com	2 KB
2	bidswitch.net 2 redirects x.bidswitch.net	1019 B
2	syn-cdn.com reflex.media.syn-cdn.com synacor.autoplay-plugins.static-origin.syn-cdn.com	93 KB
2	casalemedia.com as-sec.casalemedia.com	2 KB
2	spotxchange.com search.spotxchange.com	2 KB
2	criteo.com 1 redirects gum.criteo.com mug.criteo.com	1 KB
2	chartbeat.net ping.chartbeat.net	337 B
2	facebook.net connect.facebook.net	96 KB
2	parsely.com cdn.parsely.com p1.parsely.com	19 KB
2	cloudfront.net d25dfknw9ghxs6.cloudfront.net d2s8wlbatk24s7.cloudfront.net	29 KB
2	fedscoop.com 1 redirects hubspot.fedscoop.com	4 KB
1	sharethrough.com btlr.sharethrough.com	117 B
1	33across.com ssc.33across.com	670 B
1	1rx.io tag.1rx.io	175 B
1	dotomi.com web.hb.ad.cpe.dotomi.com	372 B
1	emxdgt.com hb.emxdgt.com	162 B
1	lijit.com ap.lijit.com	778 B
1	districtm.io dmx.districtm.io	430 B
1	omnitagjs.com hb-api.omnitagjs.com	557 B
1	sonobi.com apex.go.sonobi.com	739 B
1	360yield.com ice.360yield.com	506 B
1	adsrvr.org match.adsrvr.org	546 B
1	rlcdn.com api.rlcdn.com	224 B
1	quantcount.com rules.quantcount.com	428 B
1	googletagservices.com www.googletagservices.com	21 KB
1	amazonaws.com bdn-data.s3.amazonaws.com	9 KB
1	chartbeat.com static.chartbeat.com	14 KB
1	postrelease.com jadserve.postrelease.com	601 B
1	coralproject.net bangordailynews.coral.coralproject.net	15 KB
1	npttech.com www.npttech.com	3 KB
1	ntv.io s.ntv.io	103 KB
417	61

	Domain	Requested by
42	bangordailynews.com	hubspot.fedscoop.com bangordailynews.com c0.wp.com
28	imasdk.googleapis.com	player.anyclip.com imasdk.googleapis.com cd.connatix.com vpaid.springserve.com serv-vdo.pixfuture.com
24	pixel.anyclip.com	bangordailynews.com
21	pagead2.googlesyndication.com	srcdoc imasdk.googleapis.com
16	serv-vdo.pixfuture.com	bangordailynews.com serv-vdo.pixfuture.com
15	c0.wp.com	bangordailynews.com
11	pixel.quantserve.com	serv-vdo.pixfuture.com
11	assets.anyclip.com	player.anyclip.com bangordailynews.com
9	api-esp.piano.io	buy.tinypass.com c0.wp.com api-esp.piano.io
9	capi.connatix.com	cd.connatix.com
9	buy.tinypass.com	bangordailynews.com buy.tinypass.com
8	trk.vidible.tv
8	pixfuture2-d.openx.net	4 redirects
8	cdn5.anyclip.com	bangordailynews.com player.anyclip.com
7	trends.revcontent.com	assets.revcontent.com
7	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com bangordailynews.com hubspot.fedscoop.com
6	s0.2mdn.net	player.anyclip.com imasdk.googleapis.com
5	ads.adaptv.advertising.com	imasdk.googleapis.com cdn-ssl.vidible.tv
5	csi.gstatic.com	imasdk.googleapis.com
5	fonts.gstatic.com	fonts.googleapis.com
5	i2.wp.com	bangordailynews.com
5	securepubads.g.doubleclick.net	bangordailynews.com securepubads.g.doubleclick.net www.googletagservices.com global.proper.io
4	cdn-ssl.vidible.tv	acds.prod.vidible.tv cdn-ssl.vidible.tv
4	images.revcontent.com	bangordailynews.com
4	trafficmanager.anyclip.com	player.anyclip.com
4	vid.springserve.com	player.anyclip.com synacor.autoplay-plugins.static-origin.syn-cdn.com
4	cdn.pixfuture.com	serv-vdo.pixfuture.com
4	fundingchoicesmessages.google.com	bangordailynews.com
4	i1.wp.com	bangordailynews.com
4	player.anyclip.com	bangordailynews.com player.anyclip.com imasdk.googleapis.com
4	fonts.googleapis.com	bangordailynews.com
3	secure.adnxs.com	imasdk.googleapis.com
3	vid-io-dub.springserve.com	vpaid.springserve.com
3	hbopenbid.pubmatic.com	vpaid.springserve.com global.proper.io
3	vpaid.springserve.com	player.anyclip.com synacor.autoplay-plugins.static-origin.syn-cdn.com
3	www.i.matheranalytics.com	bangordailynews.com
3	c.amazon-adsystem.com	bangordailynews.com c.amazon-adsystem.com
3	cds.connatix.com	bangordailynews.com cd.connatix.com
3	www.googletagmanager.com	bangordailynews.com hubspot.fedscoop.com www.googletagmanager.com
3	i0.wp.com	bangordailynews.com
2	ups.analytics.yahoo.com	2 redirects
2	usync.proper.io
2	x.bidswitch.net	2 redirects
2	px.moatads.com
2	z.moatads.com	cdn-ssl.vidible.tv
2	acds.prod.vidible.tv	imasdk.googleapis.com
2	ib.adnxs.com	vpaid.springserve.com global.proper.io
2	as-sec.casalemedia.com	vpaid.springserve.com global.proper.io
2	search.spotxchange.com	vpaid.springserve.com
2	anyclip-d.openx.net	1 redirects
2	bc-ssb-dub.springserve.com	vpaid.springserve.com
2	lreprx-server.anyclip.com	imasdk.googleapis.com
2	i.piano.io	buy.tinypass.com
2	global.proper.io	assets.revcontent.com global.proper.io
2	www.facebook.com	bangordailynews.com connect.facebook.net
2	www.google.de	bangordailynews.com
2	www.google.com	bangordailynews.com
2	ads.pubmatic.com	serv-vdo.pixfuture.com vpaid.springserve.com
2	stats.g.doubleclick.net	www.google-analytics.com
2	ping.chartbeat.net	bangordailynews.com
2	js.matheranalytics.com	1 redirects bangordailynews.com
2	connect.facebook.net	hubspot.fedscoop.com connect.facebook.net
2	pixel.wp.com	bangordailynews.com
2	cd.connatix.com	2 redirects
2	hubspot.fedscoop.com	1 redirects
1	eb.proper.io	global.proper.io
1	uat-net.technoratimedia.com	vpaid.springserve.com
1	contango-cdn.technoratimedia.com	synacor.autoplay-plugins.static-origin.syn-cdn.com
1	btlr.sharethrough.com	global.proper.io
1	ssc.33across.com	global.proper.io
1	tag.1rx.io	global.proper.io
1	web.hb.ad.cpe.dotomi.com	global.proper.io
1	hb.emxdgt.com	global.proper.io
1	ap.lijit.com	global.proper.io
1	dmx.districtm.io	global.proper.io
1	hb-api.omnitagjs.com	global.proper.io
1	propermedia-d.openx.net	global.proper.io
1	apex.go.sonobi.com	global.proper.io
1	bids.proper.io	global.proper.io
1	synacor.autoplay-plugins.static-origin.syn-cdn.com	imasdk.googleapis.com
1	reflex.media.syn-cdn.com	imasdk.googleapis.com
1	image6.pubmatic.com	ads.pubmatic.com
1	ice.360yield.com	vpaid.springserve.com
1	match.adsrvr.org	ads.pubmatic.com
1	api.rlcdn.com	ads.pubmatic.com
1	rules.quantcount.com	secure.quantserve.com
1	secure.quantserve.com	global.proper.io
1	cdn.revcontent.com	bangordailynews.com
1	img.revcontent.com	bangordailynews.com
1	img.connatix.com	bangordailynews.com
1	experience.tinypass.com	buy.tinypass.com
1	www.googletagservices.com	serv-vdo.pixfuture.com
1	mug.criteo.com	bangordailynews.com
1	gum.criteo.com	1 redirects
1	vid.connatix.com	cd.connatix.com
1	id.tinypass.com	buy.tinypass.com
1	ampcid.google.de	www.google-analytics.com
1	ampcid.google.com	www.google-analytics.com
1	bdn-data.s3.amazonaws.com	bangordailynews.com
1	static.chartbeat.com	hubspot.fedscoop.com
1	graph.facebook.com	c0.wp.com
1	p1.parsely.com	bangordailynews.com
1	jadserve.postrelease.com	s.ntv.io
1	bangordailynews.coral.coralproject.net	bangordailynews.com
1	config.anyclip.com	player.anyclip.com
1	www.npttech.com	bangordailynews.com
1	d2s8wlbatk24s7.cloudfront.net	d25dfknw9ghxs6.cloudfront.net
1	stats.wp.com	bangordailynews.com
1	cdn.parsely.com	bangordailynews.com
1	assets.revcontent.com	bangordailynews.com
1	s.ntv.io	bangordailynews.com
1	d25dfknw9ghxs6.cloudfront.net	bangordailynews.com
417	112

This site contains links to these domains. Also see Links.

Domain
obituaries.bangordailynews.com
www.mainenotices.com
classifieds.bangordailynews.com
jobs.bangordailynews.com
eedition.bangordailynews.com
bangordailynews.zendesk.com
anyclip.com
trends.revcontent.com
help.revcontent.com
www.revcontent.com
store.bangordailynews.com
pulsemarketingagency.com
s3.amazonaws.com
newspack.pub

Subject Issuer	Validity	Valid
hubspot.fedscoop.com Cloudflare Inc ECC CA-3	`2020-07-17` - `2021-07-17`	a year	crt.sh
tls.automattic.com R3	`2021-04-23` - `2021-07-22`	3 months	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2021-02-22` - `2022-02-21`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.ntv.io DigiCert SHA2 Secure Server CA	`2021-01-25` - `2022-02-01`	a year	crt.sh
*.pixfuture.com Sectigo RSA Domain Validation Secure Server CA	`2019-12-03` - `2021-12-02`	2 years	crt.sh
*.anyclip.com Go Daddy Secure Certificate Authority - G2	`2020-07-13` - `2022-07-13`	2 years	crt.sh
assets.revcontent.com R3	`2021-03-15` - `2021-06-13`	3 months	crt.sh
*.parsely.com Amazon	`2020-08-02` - `2021-09-02`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.connatix.com Go Daddy Secure Certificate Authority - G2	`2020-09-29` - `2021-10-19`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-05` - `2021-08-05`	a year	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
bangordailynews.coral.coralproject.net GTS CA 1D4	`2021-04-01` - `2021-06-30`	3 months	crt.sh
*.postrelease.com Amazon	`2021-01-28` - `2022-02-26`	a year	crt.sh
*.piano.io Sectigo RSA Domain Validation Secure Server CA	`2020-09-17` - `2021-09-17`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2020-08-04` - `2021-08-02`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2020-06-01` - `2021-06-02`	a year	crt.sh
js.matheranalytics.com Sectigo RSA Domain Validation Secure Server CA	`2021-03-19` - `2022-04-19`	a year	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-01-11` - `2022-02-11`	a year	crt.sh
revcontent.com Amazon	`2020-07-08` - `2021-08-08`	a year	crt.sh
*.springserve.com Amazon	`2021-04-23` - `2022-05-22`	a year	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2020-12-01` - `2021-12-30`	a year	crt.sh
www.i.matheranalytics.com Sectigo RSA Domain Validation Secure Server CA	`2020-01-28` - `2022-01-27`	2 years	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
www.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
proper.io Cloudflare Inc ECC CA-3	`2020-07-03` - `2021-07-03`	a year	crt.sh
img.revcontent.com R3	`2021-03-16` - `2021-06-14`	3 months	crt.sh
cdn.revcontent.com R3	`2021-03-17` - `2021-06-15`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
images.revcontent.com R3	`2021-03-15` - `2021-06-13`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.spotxchange.com GeoTrust RSA CA 2018	`2021-03-10` - `2022-03-29`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.360yield.com Amazon	`2020-08-26` - `2021-09-26`	a year	crt.sh
*.v.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-12-26` - `2021-06-22`	6 months	crt.sh
acds.prod.vidible.tv DigiCert SHA2 High Assurance Server CA	`2021-01-26` - `2021-07-20`	6 months	crt.sh
cdn-ycs.vidible.tv DigiCert SHA2 High Assurance Server CA	`2020-12-19` - `2021-06-15`	6 months	crt.sh
trk.vidible.tv DigiCert SHA2 High Assurance Server CA	`2021-02-09` - `2021-08-03`	6 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
*.media.syn-cdn.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-01` - `2022-04-01`	a year	crt.sh
sa.static-origin.syn-cdn.com DigiCert SHA2 High Assurance Server CA	`2020-04-21` - `2021-06-02`	a year	crt.sh
*.proper.io Sectigo RSA Domain Validation Secure Server CA	`2020-12-20` - `2022-01-20`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-18` - `2021-06-18`	a year	crt.sh
districtm.io Cloudflare Inc ECC CA-3	`2020-07-01` - `2021-07-01`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2021-03-11` - `2022-04-12`	a year	crt.sh
*.emxdgt.com Amazon	`2020-07-31` - `2021-08-30`	a year	crt.sh
ad.cpe.dotomi.com GlobalSign RSA OV SSL CA 2018	`2020-03-30` - `2022-06-25`	2 years	crt.sh
*.1rx.io Sectigo RSA Domain Validation Secure Server CA	`2019-06-28` - `2021-06-27`	2 years	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2019-10-01` - `2021-09-30`	2 years	crt.sh
*.sharethrough.com Amazon	`2020-09-09` - `2021-10-11`	a year	crt.sh
*.technoratimedia.com DigiCert SHA2 High Assurance Server CA	`2020-07-28` - `2021-10-01`	a year	crt.sh

This page contains 47 frames:

Primary Page: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Frame ID: 90F58BE5E402267768D02484EFECD0EF
Requests: 241 HTTP requests in this frame

Frame: https://cds.connatix.com/p/115064/connatix.playspace.dc.js
Frame ID: A2CEBA9A41B0EE67D53D2F25ECA87EF0
Requests: 1 HTTP requests in this frame

Frame: https://cds.connatix.com/p/115064/connatix.player.dc.js
Frame ID: B0FEA953E9F0877FC3172B0C6CCF2468
Requests: 14 HTTP requests in this frame

Frame: https://cdn.pixfuture.com/jquery.min.js
Frame ID: 266A239BB4F300FD713C0EE209383B6C
Requests: 40 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Frame ID: FC11A0911B30CEAA2917DF921C8F409F
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 2F52C69254DA3F14D8FA6F0B91FECD55
Requests: 1 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=%23piano-bottom&templateId=OT4SMJA264JI&offerId=OFTT8RQJHOEV&formNameByTermId=%7B%7D&hideCompletedFields=true&showCloseButton=false&experienceId=EXTQ1E06385B&activeMeters=%5B%7B%22meterName%22%3A%22MeteredExperience%22%2C%22views%22%3A1%2C%22viewsLeft%22%3A2%2C%22maxViews%22%3A3%2C%22totalViews%22%3A1%7D%5D&widget=offer&iframeId=offer-0-gEtWl&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=U1S2txQ29t&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=570d7dd7a9
Frame ID: 6FB078B49CB771BC2370A1F4AACB3F19
Requests: 13 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Frame ID: E7D19EFD730C31F6580F27E1D8F5D42E
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 2F16D51E7AF4C6B1B8D2A0C6742645F1
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/loader.js
Frame ID: BE34DDB5CEB2C1DE8DB60317C832E0B0
Requests: 16 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Frame ID: CDBEACAA8AB2B531BA53C2D392FA0044
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: AFEB91B53534C6F077F00157877CB0F1
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Frame ID: 23637973DEC83DDF0B7E024A6CFA17A0
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 086D963621951142F3ABC41978FC375A
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Frame ID: B4B0897438827A755120D074584AA637
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 86A6CF1C831F783E34F525608C5759FD
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Frame ID: F2B1FB6BFC9E461A224441493B17E3E2
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 7D921649809F1C81CF6B69EB36967E28
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Frame ID: CE30523E2A97527AC585F05C783CAE97
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 276160AFD64B11479783531D3310380A
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Frame ID: 811252503A5502BBD0CCFB5C66C62F8E
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: EB8236817BBD816F9E848F5533E9D267
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Frame ID: 3C2D94F253F20BC57A54BEBC7C450D79
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: B17FBE417381B1F247E4DED2930BE5E0
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Frame ID: 3C6D1E04308EFD80B0769D526AE1F0C1
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: A0AC2DF03C608E030490ABF012FDD0D8
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Frame ID: 10690F1AD34A071900B2695AF232E8B2
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 03966896DD02659AB1E79D438DA51612
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/loader.js
Frame ID: F123036414AF31E963A7F871539D053F
Requests: 9 HTTP requests in this frame

Frame: https://cdn-ssl.vidible.tv/prod/player/ad-time/local-storage.html
Frame ID: AE3053ED0FB4F50F01BA31434E813174
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Frame ID: 8043F971C523067E485D8B039058ED8F
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 0EC914F0AE80A715113DBC9F7C222D59
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/loader.js
Frame ID: 8445904C910C53913A5F88D266FACB17
Requests: 9 HTTP requests in this frame

Frame: https://cdn-ssl.vidible.tv/prod/player/ad-time/local-storage.html
Frame ID: 2E62BC9063C779E4BAC236E32C4174C9
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Frame ID: 22B0D0415389D6D256EB5302DB473809
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 8DBA93769001910C6411EBFA11C5A60B
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Frame ID: D873CE67E9308EE5ED47F1B0F1EF06CF
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 7FDB68FB73F722E7121D785E43703D12
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/loader.js
Frame ID: 5F03FD0D9B852C9F2B388A3C0925CA53
Requests: 8 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: FF68808A3AD6EAD4278EE10D5C75C3B5
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Frame ID: 5FF73E591AD14D5A52D6FD9B6362013B
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 6D800C0102AF407DE16C2A0D62789B8F
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Frame ID: F877F02C46B50F3E7AEBC491D97AB77B
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: E9DAB656D1BE0942658047F389FC20C8
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/loader.js
Frame ID: F53BA3681C7C5D010A64A6E904D7289C
Requests: 4 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: BECCD05B2239876E2060FBADA94C5627
Requests: 2 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_982cce59.js
Frame ID: 4DA798E258FA15FDB8949963EA96807E
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://hubspot.fedscoop.com/e2t/tc/VVtbbF268JrwW42vy7Q5XWCP5W99f7mw4qLW2MN5_C1nX2-G_BV1-WJV7CgCv-W3dT5MB... Page URL
https://hubspot.fedscoop.com/events/public/v1/track/tc/VVtbbF268JrwW42vy7Q5XWCP5W99f7mw4qLW2MN5_C1nX2-G_B... HTTP 307
https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-t... Page URL

Detected technologies

Chartbeat (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /chartbeat\.js/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /2mdn\.net/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /2mdn\.net/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i
script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Google Analytics Enhanced eCommerce (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/plugins\/ua\/(?:ec|ecommerce)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Quantcast (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /\.quantserve\.com\/quant\.js/i

Page Statistics

417
Requests

98 %
HTTPS

36 %
IPv6

61
Domains

112
Subdomains

95
IPs

7
Countries

11361 kB
Transfer

32100 kB
Size

39
Cookies

28 Outgoing links

These are links going to different origins than the main page.

URL: https://obituaries.bangordailynews.com/
Title: Obituaries

Search URL Search Domain Scan URL

URL: http://www.mainenotices.com/
Title: Public Notices

Search URL Search Domain Scan URL

URL: https://classifieds.bangordailynews.com/
Title: Classifieds

Search URL Search Domain Scan URL

URL: https://classifieds.bangordailynews.com/bangor/transportation/search/
Title: Autos

Search URL Search Domain Scan URL

URL: https://classifieds.bangordailynews.com/me-bangor/real-estate/search
Title: Real Estate

Search URL Search Domain Scan URL

URL: http://jobs.bangordailynews.com/
Title: Jobs

Search URL Search Domain Scan URL

URL: https://www.mainenotices.com/
Title: Public Notices

Search URL Search Domain Scan URL

URL: http://eedition.bangordailynews.com/Olive/ODN/BangorDailyNews/default.aspx
Title: E-edition

Search URL Search Domain Scan URL

URL: https://bangordailynews.zendesk.com/hc/en-us/
Title: Customer service

Search URL Search Domain Scan URL

URL: https://anyclip.com/
Title: AnyClip

Search URL Search Domain Scan URL

URL: https://anyclip.com/?source=logo&wid=0011r00002SRK6m_6242

Search URL Search Domain Scan URL

URL: https://anyclip.com/?source=powered&wid=0011r00002SRK6m_6242
Title: Powered by AnyClip

Search URL Search Domain Scan URL

URL: https://anyclip.com/privacy-policy/?source=policy&wid=0011r00002SRK6m_6242
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=0nBSixKOYjgus7WZSjs%2F4vz7CohJM%2B%2FZRvbDPqYNrfaxB8Prx%2FwY4uNIgZAh9BUyHEZguoEvjUH3cH55zVb1t%2BRHJSxLhEhDh0JJvWYKGJ2miQNNXx3B6L2Z76szxld3cFjXACYN7UbcqF%2F%2BN%2B%2F2q5l7tngg836iF3WAfKfHos%2F3KeEEaAFYpAFDxVl7oKqAK2rfFPTKUyWRxx%2B7GLE4rMixMYi3ko1ZvLKHYIGl%2FYSRAjEeBZUFfoAi9u5oRVxKCOMkwpIsrgUIFPIllWTTM5bSSfRnGLNUmYpJGKzCeTdABz5nlVXZ7Bqnp3CDkGp2mk0Mn%2B21boRh3b1R%2F443JO1JLfcOWq622rjm%2B7ZfaIu%2B%2BiQGnqKJ%2BJvyUOjJ1iT9IJ1kPOHhOuJQGypetp1s%2BGEjhyURmA2iEnA3XybYzBwrwJPkEHnqvExJeNvrmPPoqgrB1QcsH8ZuJ27%2B5i0Z1T%2F98j7U7XanxYQ%2BT66lUVDGIj99NaqDGmimYR9MfFK1JplQfIz%2B%2FRyJtMOVtcCotOm7tkxMus0rNnZkkUHVz2vTA7lhKXWKSps54vGaxyhKAGQBwvRwkV7q5kX9a6oHZFAloRPHTBdzVHt%2BdmcTuwaU2f5%2FwTjByjQi6b539INIarwq3wyMunOE2a4lIDrIPLownicJBkkDTVgchkNZ4dsnIfcFvx0UhHzzB0Vv%2BxI4hXYORW4EJl5lQsah08v2%2FZvrvAceTQc4Ys%2FwQ3j66HrrVwbHKhbEx2yxGl4Fx5tB8t9tgCUmGNGtUikHjzXxrPHVOCCRMbIlnv0ijkcYpu4Cl%2BUVtlZG%2BNT%2F9FrNLdSBZH5KjMr2AO%2B%2B2rXBH9G%2BsUTH2vtDT8%2B4FaA%2Bfpjths3%2FrLiVOlFK0M7l0VoiXEk%2Fxu1psUjLuh02FSe6YwntcXpoS44OSpdWmcRdGJ75o3TBq%2BgXrZPfHQG45vH1c7Ok8IyXmgXl%2Ffs1mZrEPxAvr2w4aO9A2MS9Eq8uVS2w1cYd3EOzm%2Fn3X2EWYxCG6BrOy%2B7IjwH6XfVzTimdlOKXBfCwqY3eSJnT0n%2B%2Fnrth2uDDLufseq6%2BepEHyCeufe3QLUUmshK9DLDFgXaZfqlHtFdeNlKqp%2FNx%2BUyshIbAlyDgf7pg3RQqy3C3KteUcBfmRx82YP0E8Nr%2BJuQiO%2Bbnalmlmj1EVhxbAIYv5mimm2GePDguLgXMNz3%2FlHbuEyw%2BTKM3ghjiGl56wFxuY85j2LwzqbCtJbvzac87ceVTQToikYD2HkfRiV3OZWW%2F6GVHe59hdvLON2%2FX6ESzRYZ0Y74h1kd6e77cxXxvEf9LRdQJCdOfh%2FlX%2BccYXGMOrRd6&s2s=1
Title: Doctors Stunned: Mole & Skin Tag Removal Has Never Been Easier (No Surgery)Essential Health

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=ZLMlkloXGqiZXBHQ4dx0%2FCJKxmbWLL18BuGMA1hooHqk9zspevn4J1fjjHv9Bx52KN1DEOAKe%2Fc3%2FEm3EWL2uU5oElougDImdx05s3r8rzQ1rkTqeocxDbkGJRp2SKK%2Fs9GGyvaTAu%2BbKpZag1eOFMd5Im4qtCGz1%2FsORQH5iY0DPjEu5ZAY8XUUStkU6JW05HtruneMT%2FgMWoNNy1TUhyZQWQk3tcoaJAEq9FK6TqmUURDKRhKx4dVfRPrTsGJyPRDHI4RK5Il0T%2Bwf9hdeMxtLXbAMsZ1fEvUk5QF1Mh88fkcDaBaqPNjRnen9a2i8H2%2FrqDAsrj%2FyqvV1wfK0DT7mv5HlO8AwF%2BFx1%2F1r4SATEPhroqdmM%2BBuxEiI5GnkoDZrLQ%2B%2F7NFmYv7nHFhFcfYZHZm3ahxaq7L7VdJcYTKO5JN8nnfMNFl3RU9%2BRlbShulzj9iyepEy6dhsmcZ1t4tQqI%2BRBGj4RGESFI%2Ba08m6UpxaEQuqifw5I3ZRUan5Ny49skCdro2n6TI6FlkFPaIPEiiJbsxv3dnuDlRcD5fyqD6RJhDYEviOfOXDxaCoVdciut2qdIHCcsoJx8fqakqCat01Dj4q8MJ8iBbaJoU9UuI%2B3WK69%2FP%2Fmb9GqTkeGmmKhnjtugu8xKWwUB1NK2YTo5VSF60MmfWGZ8a1y7auzPQiMl6RSv2611g1laypxor8BnKm%2BSjMVek3qd4XEGNLmsPKt%2F9Ri0F39vnAvcn1KO7AEbA7t1tPLUQ8m29VPoUGYhav0DVoY2WQ7WDe9W3p0DLSNZuBAROMb2pf8N2BoQyRNl0JLXyvvzkiuDOPT9W6yOevzpVxsZWjGdjIEEfUWL1mDHaOrFe28FeXXupWU0zaUrLtULyDF2Vt90eo2YGntG%2BMTJCHwSN3hizQ%2FA623hNlH6XyX7GwKbHUiLfWEvTqvdgAW0Q9y%2Fu%2F0q7hYmtEJ%2FzjqUnMok2AVAcL8i137rf6Ursw0nKkrE%2B304%2F%2FYHNafpJmFOhsqJyhs7lMEAX3mtjWERiTVI1aoZQ4Kg7EGGL0hWNiGADuh6D9lYajwF%2B91Agk09xKY96Y%2FJ%2FrOvDyDgemQW1O209huoue5WXgXZq2W1tOxxend2wnUxVF4TKF5WwAYsZootX%2BBkIExapi9qJuWsP34VIm4n2Nk%2BBD4yqMAoF1YTzbnBdYJ8LeHHBu6sG5awWsjfozHHpaIQw72Y54F0JofLvodDgiRHKtEg%2BWRunb142sJrV%2FRYheQQAlFjr37NOgY%2Fcnxh0MeoFpqAIJdXqMFH43t24uBTPIklZ1FgE6J9r%2BasRfSOo%3D
Title: You Won't Believe What the World's Most Beautiful Girl Looks Like TodayNueey

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=m2mT7g9XPbvHNfGYpgr14UVvbI42gK3ekOIzIsFMbBni3hijrxsOhP4iJR%2B81T7UPoLsgYNVnAqMV3R7%2F4fKwJE%2FriJoW9CGVnDqqK3fAiCnvOyfQDGu%2FJCd1WctO51H1SXHZAbRKeLoHEVjQOtioPeL9bOx1yVnquVTPxF3cQvzMEvKSRb%2BG9%2F7jo992a1kTx9VIMsQCJ1kBhu%2BFbANUJf1%2FGJoS4Njw4QT%2FAEPyuZHrx%2FrCgiU4xdLtqUU0I0y2s26ZfMwvdOOgHTYa0A1ymnYtxP0ChPcvzEE8TWVgyqyvnrNlD16RRsqFP%2FfGHxNX0hhU2FDencizBMPBksVtqm1C3LMgbXTIWSm2Uz4EL65%2BBZAjRdFwJmxiH8coDKjvAvq1ZOoJZZJJR%2BAM1ZHN2kBC%2BoFXdp74tnkTs9mY0PHTM%2B9F1a1mJ4QQhleY2z9n1rfDZYZ%2FUvtlRZrHk9NaqsZ0nW5NK6rmwEMbJEIf7VC1RHSGcP2h24goqlWVRJG6s8w62chcw2e4JCH7ULOiuOWqxFZhrTp6BN3gZShMacaEvw%2BlLU%2F9eNvZrcN%2FapO4UmD1wNg3tMVl%2BJNf6L5rZMfx1I%2Bs4Yan6Npxu1vQyinctH1gu8SA9TufF%2FMS%2F4E%2FMm3DzEXCv9nKENfTcaMNGGWMtDF0b48RoVFIGdPVCs%2BRSon4tkSTdD4nxCFdsunX2sGnNvpxlsVgBBrZaDqnN0y1t7P9md41%2BJaAAf9SvdXoC2xzLo%2BhZp2jja9BB8apEXikEaSqKAPxUcObh4UPLW4BGAl2YhGnNanBRI9VxWwl8sHKbjtjgV9c0vxzJiao2wLSV19Bv2uCTZSaXcLAQQ5g1x8kI9%2FNiWC%2Fdxh%2BlnT2dQkNPWBgN4c6THWgN0qgLsHqtuDRJN4jSAMm%2FFusDRKB0u62vdULVll6JWvT7BvkdAWwOzuQN0JTrJjL37nMcV1Q1AuucjrNxW1MB%2FPcPrhvlg4Wp8HhVqqX8p5eiNdcXfUDWfCKdk9pjIsYZ3FY1dgkPAGUHkk%2BWU%2BO%2FVND2gDCjfEeyE5GLiklxnkwYaK5RHPfcdtORfKzJJ9GYAPTu2qHI9i37ig02P%2BP0FeHg63ogc5xa0WAzsANtfxraOVBt%2BSZgyHKcxre3uttyOmKajBe824uqjj4drr7KKx4PuKZDxLZ%2FtAT%2Bk6ZSWhDUGxMRdXMXDK3Wy5goTsxZLgAPygxkhUJgEkXObixLLQKA%3D%3D&s2s=1
Title: 32-second Stretch Ends Back Pain & Sciatica (Watch)Patriot Health Zone

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=lm11Z6bGE2ihF01WTSGya1XXuy5Wyvj2AwLm6s6Hu7MIqYzhcjn6toy1hDHVK%2B0WuJ6q4KUKGv7ckziEIlIa%2BSIP56zHE52l6ch8gRVAwcy0TjThz%2FoPM55e450ZyJadrFjk5T8TD%2Fg1EOJlNS0wGT47rDSIQEb5bXnX1Q0chMy4IkkF6IoIY%2BebMCcOl9vInwmrQnkJLe6if%2FpObTSuGfafXJeHq%2FIeCrvMUBfn8cuYpliMy7JRYLquHtWBlIXed1wYqHdbvdf%2Fz%2FDibr2conRCXaCSpOu5a%2FfHIystbZHDbEoI2PWFBNFgfW5WD6lXKtxiB7S58wS5rnAv5bT4spFyYEwK6KE2VnUQBmjn9e%2B3J5vyhLLg7DGoI5cI1ThrQoSnIMcvSIGSoXeWP0QFboe3edTsiNFvwsljACFs18hB8N%2FWyQCLXf0wTNjQA09iFoICKduR3O3VVS1tULipckuaWg9sG3zgiPvO60YroBoPTOihrh1vwV4swXF1lUs2%2BO8o4kLRGOy4yBmGwvPkCxyIrCLJeHQjCR79FzC1FXJMjtytkY3n4TufbOpslcESjziuvn%2BIQd%2FxxC658pUvZV2cL0r26zkJfZly3ppZDQuBxIsMoKpbrEgvvNcE4I74e5JyGpUY%2FNBnrRX3ROTl45gtN%2B2g9xXcJ12oeKf71%2BIcjIWDPOYPoAvhbON6bSS8mpE0L7pbpVTgn5ibbzQLXtP4Ss4peVMpRSJM%2BC%2FfdDIv92HYYTSUVm%2F4BUwK8yiUEOcdsyV4%2FF%2Fnr%2FkRdDrMn0XjgTb3l3Fmw%2F2cruD7YsAaXVCr97XP%2F8qKnp9j%2FnF86lZ51Cf3BNZuHWnrI%2BDfVX6oHNYLdauFwVFvIjsdvZp4jV78%2B3BvSg7%2BfSCI0pjVScrtxcIJjtB0wq92qqhmeGJh0GzaciGTJCPgbbD%2BYxVgERc9U15%2FPrN1J3ePhBYRuz49o4vFYQssNzcujOrxDYt5MfDjr%2Fvg58wl4Qx02OmqHa0ZS%2FQNqhuvYJriuZg9qy5Z%2Fj8hW6jrpwqrbFjC7QHhZj1VIL6JJycMpuOc0ETEVCawKVgeZ%2B2DU%2FKLB72W%2B277NoEA8MsjuzFXFOx6x3TXURB2yDeiAQ8nun8WH0iWmDymhfc1u%2Fsv%2BltqegIuiYKDbU7357D8wJhIrb%2BQcdiDvHcC7vo4B0%2B%2F%2Fcq8RU6qVUc5sr%2F4VEbSHvr1a4ai7Um07OcNOhSi03fNgvHWcYiPR73mVrrj482GVG653QM%3D&s2s=1
Title: Drink This Before Bed, Watch Your Body Fat Melt Like CrazyAlka Weight Loss Secret

Search URL Search Domain Scan URL

URL: https://help.revcontent.com/en/knowledge/revcontent-privacy-policy
Title: Revcontent's Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.revcontent.com/
Title: Increase Your Engagement Now!

Search URL Search Domain Scan URL

URL: https://help.revcontent.com/en/knowledge/fake-news-complaints
Title: Submit a Report

Search URL Search Domain Scan URL

URL: https://bangordailynews.zendesk.com/hc/en-us/articles/360042380972-The-history-of-the-BDN
Title: About Us

Search URL Search Domain Scan URL

URL: https://classifieds.bangordailynews.com/?ref=footer&_ga=2.128907657.425825190.1592087148-346633731.1589997382
Title: Classifieds

Search URL Search Domain Scan URL

URL: https://classifieds.bangordailynews.com/bangor/transportation/search/?ref=footer&_ga=2.123772175.425825190.1592087148-346633731.1589997382
Title: Autos

Search URL Search Domain Scan URL

URL: https://classifieds.bangordailynews.com/me-bangor/real-estate/search/?ref=footer&_ga=2.127785992.425825190.1592087148-346633731.1589997382
Title: Real Estate

Search URL Search Domain Scan URL

URL: https://store.bangordailynews.com/?ref=footer
Title: Photo & Video Store

Search URL Search Domain Scan URL

URL: https://pulsemarketingagency.com/
Title: Pulse Marketing Agency

Search URL Search Domain Scan URL

URL: https://s3.amazonaws.com/bdn-data/uploads/PDFs/2019_print_digital_creative_specs.pdf
Title: Creative Guide

Search URL Search Domain Scan URL

URL: https://newspack.pub/
Title: Proudly powered by Newspack by Automattic

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://hubspot.fedscoop.com/e2t/tc/VVtbbF268JrwW42vy7Q5XWCP5W99f7mw4qLW2MN5_C1nX2-G_BV1-WJV7CgCv-W3dT5MB76BL5JW4GxGHC8_ZvbkW7yppvy6wPgF4W2X4Qd77xsMTbW8K1xyF6zXJmqW20Tjyk5R12PHV14ldv4WmkTsW4K1V_f9lsZcnW8Tc4CT9kbXq-N2PWbrrNycVmW1q584c5SrcXhW31MlGl3m0CynW3hCQt-76m50LN7JYH_VrXv3dW47ShYY77Y7pkW6fJs4t17jfsSW4cshDg39jRbgW968q3F2J345PW87T-vV3vttDyW6ttyL52v3QQbW6Z-87j43kBffW45TQtw70GH3BW1yH1Fm5-DplsW83lQ3b4vG4q7W1F6GRr52fh7pW3fw4TJ7sCBg1VpYCBK7YHZ-3W94YHRR8fl63tW34Y5r54DGLrbW60XdWX4k87px3kz91 Page URL
https://hubspot.fedscoop.com/events/public/v1/track/tc/VVtbbF268JrwW42vy7Q5XWCP5W99f7mw4qLW2MN5_C1nX2-G_BV1-WJV7CgCv-W3dT5MB76BL5JW4GxGHC8_ZvbkW7yppvy6wPgF4W2X4Qd77xsMTbW8K1xyF6zXJmqW20Tjyk5R12PHV14ldv4WmkTsW4K1V_f9lsZcnW8Tc4CT9kbXq-N2PWbrrNycVmW1q584c5SrcXhW31MlGl3m0CynW3hCQt-76m50LN7JYH_VrXv3dW47ShYY77Y7pkW6fJs4t17jfsSW4cshDg39jRbgW968q3F2J345PW87T-vV3vttDyW6ttyL52v3QQbW6Z-87j43kBffW45TQtw70GH3BW1yH1Fm5-DplsW83lQ3b4vG4q7W1F6GRr52fh7pW3fw4TJ7sCBg1VpYCBK7YHZ-3W94YHRR8fl63tW34Y5r54DGLrbW60XdWX4k87px3kz91?_ud=75149627-b530-4e2e-b93e-accd1615195a&_ch=p&_pr2=p&_pl=0&_lg=en-US&_dr=b&_ts=p HTTP 307
https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 76

https://cd.connatix.com/connatix.playspace.js HTTP 302
https://cds.connatix.com/p/115064/connatix.playspace.dc.js

Request Chain 82

https://cd.connatix.com/connatix.player.js HTTP 302
https://cds.connatix.com/p/115064/connatix.player.dc.js

Request Chain 104

https://js.matheranalytics.com/s/ma63069/92760912/ml.js?cb=1562 HTTP 301
https://js.matheranalytics.com/static/ltm/ma63069/92760912/12/ml.br.js

Request Chain 170

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fbangordailynews.com%2F&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=dKObhnxDNyt6STNuRStaYUtrQk4wRnVYR3dsdlk2NTFLOXYrN1drdnpqbFFFUEJRK2Q4VXRvTi9kYTdBckJzQjg4aXJsOWFJNDBZVk5rMklNSWRJU2NoVUR2V2VYNDhjSXlKRE1VWHh4NkpCMEt1NkVCQnpZL2g1UW5VUENmRGtqQUVJN1R6eGVhOENweVJQQlBtRW41c1NmVk9xTmwrcnBZdEY1ZlBRRlhUS0JQdVozSS9nRnhwU09EN29HZGdKdkw1dW5sSW9ocW16UWp0d2VqKzd2ZDl4M1p6c2dUcHltNWtFanRsTVVnWG1CVFBnPXw&cppv=2

Request Chain 245

https://anyclip-d.openx.net/v/1.0/avjp?auid=543971735&url=https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/&vht=439&vwd=780&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%2C%22video%2Fwebm%22%2C%22video%2Fogg%22%5D%2C%22w%22%3A780%2C%22h%22%3A439%7D%7D%5D%7D&be=true&schain=1.0,1!anyclip.com,0011r00002SRK6mAAH,1,,,&us_privacy=1--- HTTP 302
https://anyclip-d.openx.net/v/1.0/avjp?cc=1&auid=543971735&url=https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/&vht=439&vwd=780&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%2C%22video%2Fwebm%22%2C%22video%2Fogg%22%5D%2C%22w%22%3A780%2C%22h%22%3A439%7D%7D%5D%7D&be=true&schain=1.0,1!anyclip.com,0011r00002SRK6mAAH,1,,,&us_privacy=1---

Request Chain 264

https://pixfuture2-d.openx.net/v/1.0/av?auid=540462321&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&vht=360&vwd=640&cb=a2a51c3f64&us_privacy=1---&schain=1.0,1!pixfuture.com,231,1,MTEyMDIxLTA0LTI2IDA5MDk6NDc0NzozNDM0 HTTP 302
https://pixfuture2-d.openx.net/v/1.0/av?cc=1&auid=540462321&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&vht=360&vwd=640&cb=a2a51c3f64&us_privacy=1---&schain=1.0,1!pixfuture.com,231,1,MTEyMDIxLTA0LTI2IDA5MDk6NDc0NzozNDM0

Request Chain 288

https://pixfuture2-d.openx.net/v/1.0/av?auid=540453138&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&vht=360&vwd=640&cb=e2e0e4a0b0&us_privacy=1---&schain=1.0,1!pixfuture.com,231,1,MTEyMDIxLTA0LTI2IDA5MDk6NDc0NzozNDM0 HTTP 302
https://pixfuture2-d.openx.net/v/1.0/av?cc=1&auid=540453138&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&vht=360&vwd=640&cb=e2e0e4a0b0&us_privacy=1---&schain=1.0,1!pixfuture.com,231,1,MTEyMDIxLTA0LTI2IDA5MDk6NDc0NzozNDM0

Request Chain 309

https://pixfuture2-d.openx.net/v/1.0/av?auid=540453133&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&vht=360&vwd=640&cb=1a18235f4c&us_privacy=1---&schain=1.0,1!pixfuture.com,231,1,MTEyMDIxLTA0LTI2IDA5MDk6NDc0NzozNDM0 HTTP 302
https://pixfuture2-d.openx.net/v/1.0/av?cc=1&auid=540453133&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&vht=360&vwd=640&cb=1a18235f4c&us_privacy=1---&schain=1.0,1!pixfuture.com,231,1,MTEyMDIxLTA0LTI2IDA5MDk6NDc0NzozNDM0

Request Chain 375

https://pixfuture2-d.openx.net/v/1.0/av?auid=540453114&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&vht=360&vwd=640&cb=1be21eb6fb&us_privacy=1---&schain=1.0,1!pixfuture.com,231,1,MTEyMDIxLTA0LTI2IDA5MDk6NDc0NzozNDM0 HTTP 302
https://pixfuture2-d.openx.net/v/1.0/av?cc=1&auid=540453114&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&vht=360&vwd=640&cb=1be21eb6fb&us_privacy=1---&schain=1.0,1!pixfuture.com,231,1,MTEyMDIxLTA0LTI2IDA5MDk6NDc0NzozNDM0

Request Chain 397

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D68ab0439-5790-4af2-98cf-cbf2a541d44a%26uid%3D%24%7BBSW_UUID%7D?gdpr=true&us_privacy=1---&callback=window.proper_bbc87fb1_007fcea2_1 HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D68ab0439-5790-4af2-98cf-cbf2a541d44a%26uid%3D%24%7BBSW_UUID%7D?gdpr=true&us_privacy=1---&callback=window.proper_bbc87fb1_007fcea2_1 HTTP 302
https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=68ab0439-5790-4af2-98cf-cbf2a541d44a&uid=0ae2cd53-2a4d-424e-9253-6fbff0300107

Request Chain 398

https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_423f34ac_cd085a89_2 HTTP 302
https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_423f34ac_cd085a89_2&verify=true HTTP 302
https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-CcncB1FE2uHduLpl1HPTbTXHuQwZJ7fr~A

417 HTTP transactions
9 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 VVtbbF268JrwW42vy7Q5XWCP5W99f7mw4qLW2MN5_C1nX2-G_BV1-WJV7CgCv-W3dT5MB76BL5JW4GxGHC8_ZvbkW7yppvy6wPgF4W2X4Qd77xsMTbW8K1xyF6zXJmqW20Tjyk5R12PHV14ldv4WmkTsW4K1V_f9lsZcnW8Tc4CT9kbXq-N2PWbrrNycVmW1q584c...
hubspot.fedscoop.com/e2t/tc/ 9 KB
3 KB 123ms
70ms Document
text/html 199.60.103.225
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://hubspot.fedscoop.com/e2t/tc/VVtbbF268JrwW42vy7Q5XWCP5W99f7mw4qLW2MN5_C1nX2-G_BV1-WJV7CgCv-W3dT5MB76BL5JW4GxGHC8_ZvbkW7yppvy6wPgF4W2X4Qd77xsMTbW8K1xyF6zXJmqW20Tjyk5R12PHV14ldv4WmkTsW4K1V_f9lsZcnW8Tc4CT9kbXq-N2PWbrrNycVmW1q584c5SrcXhW31MlGl3m0CynW3hCQt-76m50LN7JYH_VrXv3dW47ShYY77Y7pkW6fJs4t17jfsSW4cshDg39jRbgW968q3F2J345PW87T-vV3vttDyW6ttyL52v3QQbW6Z-87j43kBffW45TQtw70GH3BW1yH1Fm5-DplsW83lQ3b4vG4q7W1F6GRr52fh7pW3fw4TJ7sCBg1VpYCBK7YHZ-3W94YHRR8fl63tW34Y5r54DGLrbW60XdWX4k87px3kz91
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.60.103.225 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

:method: GET
:authority: hubspot.fedscoop.com
:scheme: https
:path: /e2t/tc/VVtbbF268JrwW42vy7Q5XWCP5W99f7mw4qLW2MN5_C1nX2-G_BV1-WJV7CgCv-W3dT5MB76BL5JW4GxGHC8_ZvbkW7yppvy6wPgF4W2X4Qd77xsMTbW8K1xyF6zXJmqW20Tjyk5R12PHV14ldv4WmkTsW4K1V_f9lsZcnW8Tc4CT9kbXq-N2PWbrrNycVmW1q584c5SrcXhW31MlGl3m0CynW3hCQt-76m50LN7JYH_VrXv3dW47ShYY77Y7pkW6fJs4t17jfsSW4cshDg39jRbgW968q3F2J345PW87T-vV3vttDyW6ttyL52v3QQbW6Z-87j43kBffW45TQtw70GH3BW1yH1Fm5-DplsW83lQ3b4vG4q7W1F6GRr52fh7pW3fw4TJ7sCBg1VpYCBK7YHZ-3W94YHRR8fl63tW34Y5r54DGLrbW60XdWX4k87px3kz91
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:31 GMT
content-type: text/html;charset=utf-8
set-cookie: __cfduid=d9ce13136f0ebdb87a04c41dd598716ea1619473651; expires=Wed, 26-May-21 21:47:31 GMT; path=/; domain=.hubspot.fedscoop.com; HttpOnly; SameSite=Lax __cfruid=adf3903b054e1bbdfece6516cb4d22ab4df2b94e-1619473651; path=/; domain=.hubspot.fedscoop.com; HttpOnly; Secure; SameSite=None
cf-ray: 646302928df24c2b-AMS
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
cf-request-id: 09b1bfef9300004c2b772a4000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
x-hubspot-correlation-id: 9e51c310-feae-4ebe-a44b-afed53e7c7b2
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=5QZarrcBbWTdVJJaJHhDOxe4PfpE5w5Mn0t50KOgE%2FPX4RIU2avUfAuYYg7vBTFM8XSZxSWy46JgaV4fad%2Fv2OKIg2opNJV0Q9S2LDaZx61x%2BEDJAA%3D%3D"}],"group":"cf-nel"}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br

GET
H2

200

Primary Request / Show response
bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Redirect Chain

https://hubspot.fedscoop.com/events/public/v1/track/tc/VVtbbF268JrwW42vy7Q5XWCP5W99f7mw4qLW2MN5_C1nX2-G_BV1-WJV7CgCv-W3dT5MB76BL5JW4GxGHC8_ZvbkW7yppvy6wPgF4W2X4Qd77xsMTbW8K1xyF6zXJmqW20Tjyk5R12PHV1...
https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

154 KB
35 KB

688ms
649ms

Document
text/html

192.0.78.250
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Requested by

Host: hubspot.fedscoop.com
URL: https://hubspot.fedscoop.com/e2t/tc/VVtbbF268JrwW42vy7Q5XWCP5W99f7mw4qLW2MN5_C1nX2-G_BV1-WJV7CgCv-W3dT5MB76BL5JW4GxGHC8_ZvbkW7yppvy6wPgF4W2X4Qd77xsMTbW8K1xyF6zXJmqW20Tjyk5R12PHV14ldv4WmkTsW4K1V_f9lsZcnW8Tc4CT9kbXq-N2PWbrrNycVmW1q584c5SrcXhW31MlGl3m0CynW3hCQt-76m50LN7JYH_VrXv3dW47ShYY77Y7pkW6fJs4t17jfsSW4cshDg39jRbgW968q3F2J345PW87T-vV3vttDyW6ttyL52v3QQbW6Z-87j43kBffW45TQtw70GH3BW1yH1Fm5-DplsW83lQ3b4vG4q7W1F6GRr52fh7pW3fw4TJ7sCBg1VpYCBK7YHZ-3W94YHRR8fl63tW34Y5r54DGLrbW60XdWX4k87px3kz91

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.250 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

342d06b17e371f4fe8da24cb7e8748c56eddcf232b65f1e4eb7e377aaf71465d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: bangordailynews.com
:scheme: https
:path: /2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hubspot.fedscoop.com/e2t/tc/VVtbbF268JrwW42vy7Q5XWCP5W99f7mw4qLW2MN5_C1nX2-G_BV1-WJV7CgCv-W3dT5MB76BL5JW4GxGHC8_ZvbkW7yppvy6wPgF4W2X4Qd77xsMTbW8K1xyF6zXJmqW20Tjyk5R12PHV14ldv4WmkTsW4K1V_f9lsZcnW8Tc4CT9kbXq-N2PWbrrNycVmW1q584c5SrcXhW31MlGl3m0CynW3hCQt-76m50LN7JYH_VrXv3dW47ShYY77Y7pkW6fJs4t17jfsSW4cshDg39jRbgW968q3F2J345PW87T-vV3vttDyW6ttyL52v3QQbW6Z-87j43kBffW45TQtw70GH3BW1yH1Fm5-DplsW83lQ3b4vG4q7W1F6GRr52fh7pW3fw4TJ7sCBg1VpYCBK7YHZ-3W94YHRR8fl63tW34Y5r54DGLrbW60XdWX4k87px3kz91

Response headers

server: nginx
date: Mon, 26 Apr 2021 21:47:32 GMT
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000
vary: Accept-Encoding Cookie
host-header: Newspack
link: <https://bangordailynews.com/wp-json/>; rel="https://api.w.org/" <https://bangordailynews.com/wp-json/wp/v2/posts/3087062>; rel="alternate"; type="application/json" <https://bangordailynews.com/?p=3087062>; rel=shortlink
x-tec-api-version: v1
x-tec-api-root: https://bangordailynews.com/wp-json/tribe/events/v1/
x-tec-api-origin: https://bangordailynews.com
set-cookie: bdn_subscriber=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.bangordailynews.com bdn_subscriber=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0
content-encoding: gzip
x-ac: 5.ams _atomic_ams EXPIRED

Redirect headers

date: Mon, 26 Apr 2021 21:47:31 GMT
location: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
cf-ray: 646302937fbb4c2b-AMS
link: <https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/>; rel="canonical"
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
cf-request-id: 09b1bff02e00004c2b4a344000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
x-hubspot-correlation-id: db160fb7-b648-40c0-b4c2-16183a033179
x-robots-tag: none
report-to: {"max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AvjLW0pWusZLy93zEnNHN6%2BOVAcuDWGGiu%2F7GsRcHRaK7Tt5OiMDu1tUE3DHtu5OA9zPUp6XXutjWbudKtfnI01NC1omhyG4bKf%2Bd4S5kCrZeey9dg%3D%3D"}],"group":"cf-nel"}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 common-skeleton.min.css
bangordailynews.com/wp-content/plugins/the-events-calendar/common/src/resources/css/ 12 KB
2 KB 21ms
16ms Stylesheet
text/css 192.0.78.250
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/the-events-calendar/common/src/resources/css/common-skeleton.min.css?ver=4.13.0

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.250 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

cd1c57063478b82f0dbf91525785d7dd35115da8a1cee2aba6472bab7e069c7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/the-events-calendar/common/src/resources/css/common-skeleton.min.css?ver=4.13.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 30 Mar 2021 14:21:33 GMT
server: nginx
etag: W/"606333ed-3144"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
date: Mon, 26 Apr 2021 21:47:32 GMT
x-ac: 5.ams _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tooltip.min.css
bangordailynews.com/wp-content/plugins/the-events-calendar/common/src/resources/css/ 2 KB
623 B 22ms
16ms Stylesheet
text/css 192.0.78.250
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/the-events-calendar/common/src/resources/css/tooltip.min.css?ver=4.13.0

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.250 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

872454cbfd47b444a3fa6cfa9a74b0f57e5f6b3a47b9870108d2b0e5ce4aace5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/the-events-calendar/common/src/resources/css/tooltip.min.css?ver=4.13.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 30 Mar 2021 14:21:33 GMT
server: nginx
etag: W/"606333ed-662"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
date: Mon, 26 Apr 2021 21:47:32 GMT
x-ac: 5.ams _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.min.css
c0.wp.com/c/5.7.1/wp-includes/css/dist/block-library/ 57 KB
8 KB 63ms
20ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.7.1/wp-includes/css/dist/block-library/style.min.css

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Mon, 26 Apr 2021 21:47:32 GMT
content-encoding: br
last-modified: Tue, 06 Apr 2021 23:50:28 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Tue, 26 Apr 2022 21:47:32 GMT

GET
H2 200 theme.min.css
c0.wp.com/c/5.7.1/wp-includes/css/dist/block-library/ 3 KB
706 B 63ms
20ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.7.1/wp-includes/css/dist/block-library/theme.min.css

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

3ee638689e343730a82027d03714f274b6c665cf7e3bf60b5208a3a0cdb3581d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Mon, 26 Apr 2021 21:47:32 GMT
content-encoding: br
last-modified: Tue, 02 Feb 2021 05:17:13 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Tue, 26 Apr 2022 21:47:32 GMT

GET
H2 200 style.min.css
c0.wp.com/c/5.7.1/wp-includes/css/dist/components/ 109 KB
15 KB 63ms
21ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.7.1/wp-includes/css/dist/components/style.min.css

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

326d0bda74e1b897845728260dafccd9ec8847ce2180eb0cae0255097308f688

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Mon, 26 Apr 2021 21:47:32 GMT
content-encoding: br
last-modified: Wed, 24 Feb 2021 15:57:54 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Tue, 26 Apr 2022 21:47:32 GMT

GET
H2 200 style.min.css
c0.wp.com/c/5.7.1/wp-includes/css/dist/block-editor/ 91 KB
11 KB 63ms
21ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.7.1/wp-includes/css/dist/block-editor/style.min.css

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

26a8833b3f616d42ce16ba186e2283f43aaca6b97ce2231d38e8789bfc6f0798

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Mon, 26 Apr 2021 21:47:32 GMT
content-encoding: br
last-modified: Wed, 24 Feb 2021 15:57:54 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Tue, 26 Apr 2022 21:47:32 GMT

GET
H2 200 style.min.css
c0.wp.com/c/5.7.1/wp-includes/css/dist/nux/ 3 KB
729 B 83ms
41ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.7.1/wp-includes/css/dist/nux/style.min.css

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

f14fdd346b1ec64d40a6a03c7cfb4561f784e8249c1fde667bf018ccff66c238

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Mon, 26 Apr 2021 21:47:32 GMT
content-encoding: br
last-modified: Thu, 28 Jan 2021 02:04:13 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Tue, 26 Apr 2022 21:47:32 GMT

GET
H2 200 style.min.css
c0.wp.com/c/5.7.1/wp-includes/css/dist/editor/ 22 KB
4 KB 63ms
21ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.7.1/wp-includes/css/dist/editor/style.min.css

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

caceb5c6afee7548a5281cfe5be7af62aee13db7652c5425af34a7d2661dd9fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Mon, 26 Apr 2021 21:47:32 GMT
content-encoding: br
last-modified: Tue, 02 Feb 2021 05:17:13 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Tue, 26 Apr 2022 21:47:32 GMT

GET
H2 200 blocks.style.build.css
bangordailynews.com/wp-content/plugins/simple-iframe/dist/ 0
62 B 24ms
17ms Stylesheet
text/css 192.0.78.250
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/simple-iframe/dist/blocks.style.build.css?ver=5.7.1

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.250 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/simple-iframe/dist/blocks.style.build.css?ver=5.7.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:32 GMT
x-ac: 5.ams _atomic_ams HIT
last-modified: Tue, 25 Aug 2020 17:41:56 GMT
server: nginx
etag: "5f454d64-0"
strict-transport-security: max-age=31536000
content-type: text/css
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 0
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 frontend.css
bangordailynews.com/wp-content/plugins/ad-lite-experience/assets/css/ 18 B
85 B 24ms
17ms Stylesheet
text/css 192.0.78.250
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/ad-lite-experience/assets/css/frontend.css?ver=1.0.0

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.250 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

737786f290221d12ae8613dadd87f7189d417e282c05c0c3d389f889ed1f978c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/ad-lite-experience/assets/css/frontend.css?ver=1.0.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:32 GMT
x-ac: 5.ams _atomic_ams HIT
last-modified: Mon, 01 Mar 2021 17:14:51 GMT
server: nginx
etag: "603d210b-12"
strict-transport-security: max-age=31536000
content-type: text/css
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 18
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 frontend.css
bangordailynews.com/wp-content/plugins/bdn-misc-tweaks/assets/css/ 586 B
338 B 24ms
18ms Stylesheet
text/css 192.0.78.250
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/bdn-misc-tweaks/assets/css/frontend.css?ver=1.0.11

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.250 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

3ebd30a29a8df5a32c81526db897a1a34fd567a6f6743fef70a02171e911c2c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/bdn-misc-tweaks/assets/css/frontend.css?ver=1.0.11
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 09 Apr 2021 14:23:29 GMT
server: nginx
etag: W/"60706361-24a"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
date: Mon, 26 Apr 2021 21:47:32 GMT
x-ac: 5.ams _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.css
bangordailynews.com/wp-content/plugins/covid-19-dashboard/assets/css/ 14 KB
3 KB 172ms
166ms Stylesheet
text/css 192.0.78.250
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/covid-19-dashboard/assets/css/style.css?ver=209605605

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.250 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

18bd9979ced86ec37946bfd5d2d1ba858d261aca517a54948a33b0fbda732e92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/covid-19-dashboard/assets/css/style.css?ver=209605605
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Thu, 02 Jul 2020 17:41:36 GMT
server: nginx
etag: W/"5efe1c50-3875"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
date: Mon, 26 Apr 2021 21:47:32 GMT
x-ac: 5.ams _atomic_ams MISS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Chart.css
bangordailynews.com/wp-content/plugins/covid-19-dashboard/assets/chartjs/ 811 B
433 B 23ms
18ms Stylesheet
text/css 192.0.78.250
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/covid-19-dashboard/assets/chartjs/Chart.css?ver=1.0.0

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.250 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

22f33d9c97ff6f997646879b8859e8f7613938db6d57268412c75e9830ba8900

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/covid-19-dashboard/assets/chartjs/Chart.css?ver=1.0.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 28 Apr 2020 12:21:15 GMT
server: nginx
etag: W/"5ea81fbb-32b"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
date: Mon, 26 Apr 2021 21:47:32 GMT
x-ac: 5.ams _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 block_styles.css
bangordailynews.com/wp-content/plugins/newspack-blocks/dist/ 2 KB
576 B 24ms
18ms Stylesheet
text/css 192.0.78.250
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/newspack-blocks/dist/block_styles.css?ver=1.24.0

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.250 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

df6dd02b859376bb36a9774f1e2681559c348effe7c09fbac9916e81269ad0c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/newspack-blocks/dist/block_styles.css?ver=1.24.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 06 Apr 2021 22:22:11 GMT
server: nginx
etag: W/"606cdf13-825"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
date: Mon, 26 Apr 2021 21:47:32 GMT
x-ac: 5.ams _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.css
bangordailynews.com/wp-content/plugins/newspack-header-widget-area/ 284 B
353 B 24ms
18ms Stylesheet
text/css 192.0.78.250
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/newspack-header-widget-area/style.css?ver=1591911793

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.250 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

6b59ddfb5e523c6ba40ed6fb7b912da7aef494812b9ae95767df2aef6a42a26b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/newspack-header-widget-area/style.css?ver=1591911793
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:32 GMT
x-ac: 5.ams _atomic_ams HIT
last-modified: Thu, 11 Jun 2020 21:43:13 GMT
server: nginx
etag: "5ee2a571-11c"
strict-transport-security: max-age=31536000
content-type: text/css
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 284
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 assets.css
bangordailynews.com/wp-content/plugins/newspack-listings/dist/ 6 KB
1 KB 24ms
19ms Stylesheet
text/css 192.0.78.250
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/newspack-listings/dist/assets.css?ver=0.0.1

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.250 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

db4b253272b2002cec9f281c1444d5c0efea44dfaceb3dde7df26259f1ab96c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/newspack-listings/dist/assets.css?ver=0.0.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 18 Dec 2020 21:49:20 GMT
server: nginx
etag: W/"5fdd23e0-18ae"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
date: Mon, 26 Apr 2021 21:47:32 GMT
x-ac: 5.ams _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-parsely.css
bangordailynews.com/wp-content/plugins/wp-parsely/ 2 KB
601 B 65ms
60ms Stylesheet
text/css 192.0.78.250
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/wp-parsely/wp-parsely.css?ver=1618956761

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.250 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

115c7b67d5ef5d6fac8f12989a63efc39f2ccc39855b33e031a2a65519040e0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/wp-parsely/wp-parsely.css?ver=1618956761
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 20 Apr 2021 18:20:38 GMT
server: nginx
etag: W/"607f1b76-706"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
date: Mon, 26 Apr 2021 21:47:32 GMT
x-ac: 5.ams _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
799 B 20ms
16ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=IBM+Plex+Serif%3A400%2C400i%2C700%2C700i&subset=latin%2Clatin-ext&display=swap

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3284132fdb7ccdd0ccc87aa0b7651fea00583f9900d25915b834567b6afae59b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 26 Apr 2021 21:47:32 GMT
server: ESF
date: Mon, 26 Apr 2021 21:47:32 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 26 Apr 2021 21:47:32 GMT

GET
H2 200 style.css
bangordailynews.com/wp-content/themes/newspack-sacha/ 149 KB
24 KB 70ms
66ms Stylesheet
text/css 192.0.78.250
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/themes/newspack-sacha/style.css?ver=1.36.0

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.250 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

e8f1356fc872c07c400d3c261fc3a667e08f019eb2448626caa01a14d1417308

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/themes/newspack-sacha/style.css?ver=1.36.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 20 Apr 2021 22:12:49 GMT
server: nginx
etag: W/"607f51e1-25265"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
date: Mon, 26 Apr 2021 21:47:32 GMT
x-ac: 5.ams _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
629 B 18ms
14ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Oswald&display=swap

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dbdf77316101cc3b934e7f5499baa34d0ffb4aeefc00003327cc339e8ecdd23a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 26 Apr 2021 19:51:00 GMT
server: ESF
date: Mon, 26 Apr 2021 21:47:32 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 26 Apr 2021 21:47:32 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
619 B 18ms
14ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c340f2fc9103b3a383daf2262c4c58829e4acd29f2e18e02675a823f89eef33b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 26 Apr 2021 21:10:55 GMT
server: ESF
date: Mon, 26 Apr 2021 21:47:32 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 26 Apr 2021 21:47:32 GMT

GET
H2 200 newspack-sponsors.css
bangordailynews.com/wp-content/themes/newspack-theme/styles/ 6 KB
2 KB 73ms
69ms Stylesheet
text/css 192.0.78.250
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/themes/newspack-theme/styles/newspack-sponsors.css?ver=1.36.0

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.250 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

56e08d9805d2273ad1d88eccd2a9ab07d98a2df54936d049bb73483ceb2ad398

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/themes/newspack-theme/styles/newspack-sponsors.css?ver=1.36.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 20 Apr 2021 22:12:41 GMT
server: nginx
etag: W/"607f51d9-164b"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
date: Mon, 26 Apr 2021 21:47:32 GMT
x-ac: 5.ams _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tablepress-combined.min.css
bangordailynews.com/wp-content/ 5 KB
2 KB 73ms
69ms Stylesheet
text/css 192.0.78.250
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/tablepress-combined.min.css?ver=6

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.250 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

5fe68142c54c445608347635bf9501e0dc95e3b774659bf900a3acd2c1cff5d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/tablepress-combined.min.css?ver=6
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 09 Mar 2021 22:18:20 GMT
server: nginx
etag: W/"6047f42c-14a5"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
date: Mon, 26 Apr 2021 21:47:32 GMT
x-ac: 5.ams _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 social-logos.min.css
c0.wp.com/p/jetpack/9.6.1/_inc/social-logos/ 12 KB
8 KB 58ms
21ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/9.6.1/_inc/social-logos/social-logos.min.css

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

b958e0f47861dde13a175cc69494bdb54f08e2b5e78cecf6abd16470d2085257

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Mon, 26 Apr 2021 21:47:32 GMT
content-encoding: br
last-modified: Tue, 30 Jun 2020 14:24:10 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Tue, 26 Apr 2022 21:47:32 GMT

GET
H2 200 jetpack.css
c0.wp.com/p/jetpack/9.6.1/css/ 75 KB
13 KB 79ms
41ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/9.6.1/css/jetpack.css

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

b17a1dde76cbfa8f7e19a7121ecde1ad3d2cc9fca6bbd795042d3f484b53d2a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Mon, 26 Apr 2021 21:47:32 GMT
content-encoding: br
last-modified: Tue, 30 Mar 2021 16:59:40 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Tue, 26 Apr 2022 21:47:32 GMT

GET
H2 200 related-posts.min.js Show response
c0.wp.com/p/jetpack/9.6.1/_inc/build/related-posts/ 6 KB
2 KB 83ms
45ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/9.6.1/_inc/build/related-posts/related-posts.min.js

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

fc2e4fd761c3a7833d11973c14ace3a38828e52a56f1be8c5ba3ab7fe0376bcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Mon, 26 Apr 2021 21:47:32 GMT
content-encoding: br
last-modified: Tue, 23 Feb 2021 16:08:42 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Tue, 26 Apr 2022 21:47:32 GMT

GET
H2 200 jquery.min.js Show response
c0.wp.com/c/5.7.1/wp-includes/js/jquery/ 87 KB
30 KB 83ms
46ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.7.1/wp-includes/js/jquery/jquery.min.js

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Mon, 26 Apr 2021 21:47:32 GMT
content-encoding: br
last-modified: Wed, 07 Oct 2020 16:33:25 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Tue, 26 Apr 2022 21:47:32 GMT

GET
H2 200 jquery-migrate.min.js Show response
c0.wp.com/c/5.7.1/wp-includes/js/jquery/ 11 KB
4 KB 83ms
46ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.7.1/wp-includes/js/jquery/jquery-migrate.min.js

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Mon, 26 Apr 2021 21:47:32 GMT
content-encoding: br
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Tue, 26 Apr 2022 21:47:32 GMT

GET
H2 200 advanced.min.js Show response
bangordailynews.com/wp-content/plugins/advanced-ads/public/assets/js/ 11 KB
4 KB 73ms
71ms Script
application/javascript 192.0.78.250
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/advanced-ads/public/assets/js/advanced.min.js?ver=1.24.1

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.250 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

c280a532f1bfe942302340b698487d9fc32c8f5f0916fb27b3dc528d43226802

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/advanced-ads/public/assets/js/advanced.min.js?ver=1.24.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 30 Mar 2021 14:31:12 GMT
server: nginx
etag: W/"60633630-2a54"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
date: Mon, 26 Apr 2021 21:47:32 GMT
x-ac: 5.ams _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 conditions.min.js Show response
bangordailynews.com/wp-content/plugins/advanced-ads-pro/modules/advanced-visitor-conditions/inc/ 776 B
276 B 73ms
71ms Script
application/javascript 192.0.78.250
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/advanced-ads-pro/modules/advanced-visitor-conditions/inc/conditions.min.js?ver=2.11.0

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.250 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

34a076e639ab3a82f7aabf481baea42f28f323dd18176be527f7a64e8f528ade

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/advanced-ads-pro/modules/advanced-visitor-conditions/inc/conditions.min.js?ver=2.11.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 19 Feb 2021 18:41:06 GMT
server: nginx
etag: W/"60300642-308"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
date: Mon, 26 Apr 2021 21:47:32 GMT
x-ac: 5.ams _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 advanced-ads-pro.js Show response
bangordailynews.com/wp-content/plugins/advanced-ads-pro/assets/ 9 KB
3 KB 74ms
71ms Script
application/javascript 192.0.78.250
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/advanced-ads-pro/assets/advanced-ads-pro.js?ver=2.11.0

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.250 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

7cd95461f1915f7955a9fa168745fdff91b4c30058495667bc2429a60d2ccbab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/advanced-ads-pro/assets/advanced-ads-pro.js?ver=2.11.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 19 Feb 2021 18:40:23 GMT
server: nginx
etag: W/"60300617-2328"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
date: Mon, 26 Apr 2021 21:47:32 GMT
x-ac: 5.ams _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 base.min.js Show response
bangordailynews.com/wp-content/plugins/advanced-ads-pro/modules/cache-busting/inc/ 90 KB
26 KB 79ms
77ms Script
application/javascript 192.0.78.250
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/advanced-ads-pro/modules/cache-busting/inc/base.min.js?ver=2.11.0

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.250 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

3755d95c7e731819ba231813d9f769b66e091cb4896c01e776043b41460caf1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/advanced-ads-pro/modules/cache-busting/inc/base.min.js?ver=2.11.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 19 Feb 2021 18:41:18 GMT
server: nginx
etag: W/"6030064e-168ac"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
date: Mon, 26 Apr 2021 21:47:32 GMT
x-ac: 5.ams _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sp.js Show response
d25dfknw9ghxs6.cloudfront.net/ 36 KB
11 KB 43ms
7ms Script
application/javascript 2600:9000:20eb:f200:9:4c16:5180:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d25dfknw9ghxs6.cloudfront.net/sp.js
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:f200:9:4c16:5180:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dd1be805fb7b6b55ba270703ce9e23cf5ba35bc271a2bcb7a65b321facf4ab9c

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: JCe5I2lNvuti8Cl.nqdofRN.76AQPq.e
content-encoding: gzip
last-modified: Tue, 20 Apr 2021 17:12:31 GMT
server: AmazonS3
age: 75506
etag: W/"43eefb7f4eb22e1ecc914737224f37ed"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 7a3193ebce69450274ae629ce856b09d.cloudfront.net (CloudFront)
date: Mon, 26 Apr 2021 00:49:07 GMT
x-amz-cf-pop: FRA2-C1
x-amz-cf-id: 8pieEnUjD2Zfnt7HmeL1Fr3ugX8K6dehqA_oeTn2NvUK-He-A4YAuQ==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 62 KB
21 KB 99ms
31ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

a6d89c61ae4e065be516a293445f877f26955224a5547dca4988b6362f73c9dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "854 / 120 of 1000 / last-modified: 1619472960"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21117
x-xss-protection: 0
expires: Mon, 26 Apr 2021 21:47:32 GMT

GET
H/1.1 200
OK load.js Show response
s.ntv.io/serve/ 353 KB
103 KB 117ms
51ms Script
application/x-javascript 2.18.234.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/serve/load.js
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-163.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 1550346cc4acb90924ac38fd0a7157a20e8750c2df0fa0cfab411980c9bc1cfe

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 21:47:32 GMT
Content-Encoding: gzip
x-amz-request-id: 5BE94SRWFAVGV6KN
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: UHZ1M7Ew2kMfC0OOdUcDgpivU6fMYEDCTASgK41blK6kjlk4fUQ8DjDXNIAFTEux8/fej9hjTrc=
Last-Modified: Tue, 13 Apr 2021 17:19:57 GMT
Server: AmazonS3
ETag: "4330b9a8c8acd8b7385eb09575a0f098"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 wp-emoji-release.min.js Show response
bangordailynews.com/wp-includes/js/ 14 KB
5 KB 75ms
70ms Script
application/javascript 192.0.78.250
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.1

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.250 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-includes/js/wp-emoji-release.min.js?ver=5.7.1
pragma: no-cache
cookie: advanced_ads_page_impressions=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 06 Jan 2021 15:29:24 GMT
server: nginx
etag: W/"5ff5d754-3795"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
date: Mon, 26 Apr 2021 21:47:32 GMT
x-ac: 5.ams _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 print.css
bangordailynews.com/wp-content/themes/newspack-theme/styles/ 3 KB
1 KB 74ms
70ms Stylesheet
text/css 192.0.78.250
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/themes/newspack-theme/styles/print.css?ver=1.36.0

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.250 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

992224de1fc2af7964f26e6f191525d0a844fcb391707631d058c86105dfe329

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/themes/newspack-theme/styles/print.css?ver=1.36.0
pragma: no-cache
cookie: advanced_ads_page_impressions=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 20 Apr 2021 22:12:41 GMT
server: nginx
etag: W/"607f51d9-ad9"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
date: Mon, 26 Apr 2021 21:47:32 GMT
x-ac: 5.ams _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK ads.js Show response
serv-vdo.pixfuture.com/vpaid/ 8 KB
9 KB 328ms
109ms Script
application/javascript 204.48.28.205
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://serv-vdo.pixfuture.com/vpaid/ads.js
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.48.28.205 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 074e983a3f30d6842f672e0bfb8f30b3fdb2847c856b39bfec3fe0fe06e5b6ab

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 21:47:32 GMT
Last-Modified: Wed, 03 Feb 2021 18:56:08 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "601af1c8-2148"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800, public, no-transform
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 8520
Expires: Wed, 28 Apr 2021 21:47:32 GMT

GET
H/1.1 200
OK lre.js Show response
player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/ 1 MB
343 KB 90ms
35ms Script
application/javascript 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash: 24c0e9f44162bbae5a0426d68c0c36368f3c945a96043cc6cb1ccfe8ec12f8cd

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 21:47:32 GMT
Content-Encoding: gzip
Age: 2957
Connection: keep-alive
Content-Length: 350817
x-amz-id-2: /HcllLcxBTrONYCeMclqB7RPWNTbD3jMC5/DTP3dWsRiVEUwscZiqUTG8DYcTu0fEvVf/sufLCM=
Last-Modified: Tue, 13 Apr 2021 08:15:51 GMT
Server: AmazonS3
Vary: Accept-Encoding
x-amz-request-id: 9JDQAVGY90SCPKG4
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=60
x-amz-version-id: qgVhjFjc0SAIfYby.bjZb.FjcikqUUqc
Accept-Ranges: bytes
Content-Type: application/javascript
X-LLID: 4aea3bc4e20bde8c73426ecd22f1f54d
Expires: Mon, 26 Apr 2021 20:59:15 GMT

GET
H2 200 munye-mohamed-shine-portland-maine-troy-bennett-3-1.jpg
i1.wp.com/bdn-data.s3.amazonaws.com/uploads/2021/04/ 790 B
1 KB 61ms
18ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/bdn-data.s3.amazonaws.com/uploads/2021/04/munye-mohamed-shine-portland-maine-troy-bennett-3-1.jpg?fit=1024%2C683&ssl=1&resize=40%2C40

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

f83993e9f4eebf9e0e6041fec8768042b9ae0761e683b39e5c6bf3c3406c2e6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Mon, 26 Apr 2021 21:47:32 GMT
x-content-type-options: nosniff
last-modified: Mon, 26 Apr 2021 13:11:53 GMT
server: nginx
etag: "8c1889bf7e0b21b1"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://bdn-data.s3.amazonaws.com/uploads/2021/04/munye-mohamed-shine-portland-maine-troy-bennett-3-1.jpg>; rel="canonical"
content-length: 790
expires: Thu, 27 Apr 2023 01:11:53 GMT

GET
H2 200 natashairving-A-LCO-1.jpg
i2.wp.com/bdn-data.s3.amazonaws.com/uploads/2021/04/ 494 B
812 B 61ms
19ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/bdn-data.s3.amazonaws.com/uploads/2021/04/natashairving-A-LCO-1.jpg?fit=1024%2C696&ssl=1&resize=40%2C40

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

37b3fcaac2fff52fcc1a8fd979c1fe36f23477f9800b4a6474f37b8bbcaa74da

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 5
date: Mon, 26 Apr 2021 21:47:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 25 Apr 2021 15:48:49 GMT
server: nginx
etag: "9bb265cb21bf43f2"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://bdn-data.s3.amazonaws.com/uploads/2021/04/natashairving-A-LCO-1.jpg>; rel="canonical"
content-length: 494
expires: Wed, 26 Apr 2023 03:48:49 GMT

GET
H2 200 hpt_border_crossing_canada-2-1.jpg
i2.wp.com/bdn-data.s3.amazonaws.com/uploads/2021/04/ 558 B
743 B 61ms
19ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/bdn-data.s3.amazonaws.com/uploads/2021/04/hpt_border_crossing_canada-2-1.jpg?fit=1024%2C640&ssl=1&resize=40%2C40

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

e6f388e9eae391c1de0edd3510f4df5cef223a0d4cae535a460ca4738e076cae

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 2
date: Mon, 26 Apr 2021 21:47:32 GMT
x-content-type-options: nosniff
last-modified: Sat, 24 Apr 2021 18:43:53 GMT
server: nginx
etag: "c3fcf8d65afcde48"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://bdn-data.s3.amazonaws.com/uploads/2021/04/hpt_border_crossing_canada-2-1.jpg>; rel="canonical"
content-length: 558
expires: Tue, 25 Apr 2023 06:43:53 GMT

GET
H2 200 Police-lights-7.jpg
i2.wp.com/bdn-data.s3.amazonaws.com/uploads/2021/04/ 460 B
635 B 61ms
19ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/bdn-data.s3.amazonaws.com/uploads/2021/04/Police-lights-7.jpg?fit=1200%2C800&ssl=1&resize=40%2C40

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

ae2e6561ced3a7de5d3d9e66dddbffd15b8d0e6fc676f1b018916992755c8332

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 4
date: Mon, 26 Apr 2021 21:47:32 GMT
x-content-type-options: nosniff
last-modified: Mon, 26 Apr 2021 04:40:09 GMT
server: nginx
etag: "2274b824da3680a9"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://bdn-data.s3.amazonaws.com/uploads/2021/04/Police-lights-7.jpg>; rel="canonical"
content-length: 460
expires: Wed, 26 Apr 2023 16:40:09 GMT

GET
H2 200 Food-Truck-A-LCO-1.jpg
i2.wp.com/bdn-data.s3.amazonaws.com/uploads/2021/04/ 958 B
1 KB 62ms
20ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/bdn-data.s3.amazonaws.com/uploads/2021/04/Food-Truck-A-LCO-1.jpg?fit=1024%2C612&ssl=1&resize=40%2C40

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

e4c6fdab9a48f0a27f4bd33993a1b824c68d26ef992eace91e0650833c059e33

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 4
date: Mon, 26 Apr 2021 21:47:32 GMT
x-content-type-options: nosniff
last-modified: Sat, 24 Apr 2021 13:53:58 GMT
server: nginx
etag: "b6673cc4a2f2b22e"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://bdn-data.s3.amazonaws.com/uploads/2021/04/Food-Truck-A-LCO-1.jpg>; rel="canonical"
content-length: 958
expires: Tue, 25 Apr 2023 01:53:58 GMT

GET
H2 200 Virus-Outbreak-Schools-1.jpg
i0.wp.com/bdn-data.s3.amazonaws.com/uploads/2021/04/ 868 B
1 KB 72ms
21ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/bdn-data.s3.amazonaws.com/uploads/2021/04/Virus-Outbreak-Schools-1.jpg?fit=1024%2C684&ssl=1&resize=40%2C40

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

2197820c8ec59d71befa274a43dd7b5d573d59bd720313e83610c997316d3d6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 7
date: Mon, 26 Apr 2021 21:47:32 GMT
x-content-type-options: nosniff
last-modified: Sun, 25 Apr 2021 17:07:33 GMT
server: nginx
etag: "5d841a634df52e55"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://bdn-data.s3.amazonaws.com/uploads/2021/04/Virus-Outbreak-Schools-1.jpg>; rel="canonical"
content-length: 868
expires: Wed, 26 Apr 2023 05:07:33 GMT

GET
H2 200 BorderPatrol020320_NAW1.jpg
i1.wp.com/bdn-data.s3.amazonaws.com/uploads/2021/04/ 464 B
645 B 26ms
25ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/bdn-data.s3.amazonaws.com/uploads/2021/04/BorderPatrol020320_NAW1.jpg?fit=1024%2C640&ssl=1&resize=40%2C40

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

0e15782517f2a5d7cbf2d88e2e861b518ee4794e3bf7a09cfc72ff420c8e5d06

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 7
date: Mon, 26 Apr 2021 21:47:32 GMT
x-content-type-options: nosniff
last-modified: Mon, 26 Apr 2021 21:12:01 GMT
server: nginx
etag: "2f557ac060546706"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://bdn-data.s3.amazonaws.com/uploads/2021/04/BorderPatrol020320_NAW1.jpg>; rel="canonical"
content-length: 464
expires: Thu, 27 Apr 2023 09:12:01 GMT

GET
H2 200 delivery.js Show response
assets.revcontent.com/master/ 358 KB
101 KB 72ms
23ms Script
application/x-javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/delivery.js
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d9d56ba371a99b5c76a73f85319718e8ac8c0bbac5fcc5eccd52656061f02e6d

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:32 GMT
content-encoding: gzip
last-modified: Tue, 13 Apr 2021 16:20:23 GMT
server: AmazonS3
x-amz-request-id: A6K0G3GG72D0JEP1
etag: "c75fba731f8a2c6605eca5cabf593e6c"
x-hw: 1619473652.cds011.fr8.hn,1619473652.cds055.fr8.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=60
accept-ranges: bytes
content-length: 103064
x-amz-id-2: pJisy81peHA/cSDp9FJW610GoeSnk6/yoWnLqnjRfvQqLvWA2V6fnODw/Ts4s23J/4ds6QWrM5g=

GET
H2 200 p.js Show response
cdn.parsely.com/keys/bangordailynews.com/ 50 KB
19 KB 165ms
71ms Script
application/x-javascript 13.224.112.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/bangordailynews.com/p.js
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.112.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-112-38.mad50.r.cloudfront.net
Software: nginx /
Resource Hash: 989f8d4c8cb3c69644f338fd1c860ad92300a155472c096619befde19f6adc96

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Mon, 26 Apr 2021 21:37:28 GMT
content-encoding: gzip
last-modified: Wed, 03 Mar 2021 18:34:21 GMT
server: nginx
age: 604
etag: W/"603fd6ad-c8bd"
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 4f1fb18f52f7f3f86e0c73a59088e8ad.cloudfront.net (CloudFront)
cache-control: max-age=86400, public
x-amz-cf-pop: MAD50-C1
x-amz-cf-id: hLNYLtbObxXC_jIo3IiuVdhVud5lo2AA5JHO57_lx8_6PuMzSb5Bmw==
expires: Tue, 27 Apr 2021 21:37:28 GMT

GET
H2 200 loading.gif
bangordailynews.com/wp-content/plugins/jetpack/modules/sharedaddy/images/ 2 KB
3 KB 74ms
70ms Image
image/gif 192.0.78.250
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bangordailynews.com/wp-content/plugins/jetpack/modules/sharedaddy/images/loading.gif

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.250 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

3fa54e29f88aee644eaaac38e11681ea07858eb1ea76b1baae12597aae83fe82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/jetpack/modules/sharedaddy/images/loading.gif
pragma: no-cache
cookie: advanced_ads_page_impressions=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:32 GMT
x-ac: 5.ams _atomic_ams HIT
last-modified: Wed, 09 Mar 2011 16:12:50 GMT
server: nginx
etag: "4d77a702-9e2"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: max-age=604800
accept-ranges: bytes
content-length: 2530
expires: Wed, 22 Jul 2020 00:38:35 GMT

GET
H2 200 photon.min.js Show response
c0.wp.com/p/jetpack/9.6.1/_inc/build/photon/ 758 B
425 B 26ms
16ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/9.6.1/_inc/build/photon/photon.min.js

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Mon, 26 Apr 2021 21:47:32 GMT
content-encoding: br
last-modified: Tue, 31 Mar 2020 17:26:38 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Tue, 26 Apr 2022 21:47:32 GMT

GET
H2 200 frontend.min.js Show response
bangordailynews.com/wp-content/plugins/ad-lite-experience/assets/js/ 37 B
105 B 50ms
41ms Script
application/javascript 192.0.78.250
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/ad-lite-experience/assets/js/frontend.min.js?ver=1.0.0

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.250 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

9120fc5e7b83f3083c39b6ee71d2cd0322451890f95440289b32dca28294e68f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/ad-lite-experience/assets/js/frontend.min.js?ver=1.0.0
pragma: no-cache
cookie: advanced_ads_page_impressions=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:32 GMT
x-ac: 5.ams _atomic_ams HIT
last-modified: Mon, 01 Mar 2021 17:14:53 GMT
server: nginx
etag: "603d210d-25"
strict-transport-security: max-age=31536000
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 37
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 frontend.min.js Show response
bangordailynews.com/wp-content/plugins/bdn-misc-tweaks/assets/js/ 37 B
102 B 51ms
41ms Script
application/javascript 192.0.78.250
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/bdn-misc-tweaks/assets/js/frontend.min.js?ver=1.0.11

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.250 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

9120fc5e7b83f3083c39b6ee71d2cd0322451890f95440289b32dca28294e68f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/bdn-misc-tweaks/assets/js/frontend.min.js?ver=1.0.11
pragma: no-cache
cookie: advanced_ads_page_impressions=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:32 GMT
x-ac: 5.ams _atomic_ams HIT
last-modified: Fri, 02 Apr 2021 11:04:58 GMT
server: nginx
etag: "6066fa5a-25"
strict-transport-security: max-age=31536000
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 37
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 frontend.min.js Show response
bangordailynews.com/wp-content/plugins/covid-19-dashboard/assets/js/ 37 B
104 B 51ms
41ms Script
application/javascript 192.0.78.250
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/covid-19-dashboard/assets/js/frontend.min.js?ver=1.0.0

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.250 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

9120fc5e7b83f3083c39b6ee71d2cd0322451890f95440289b32dca28294e68f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/covid-19-dashboard/assets/js/frontend.min.js?ver=1.0.0
pragma: no-cache
cookie: advanced_ads_page_impressions=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:32 GMT
x-ac: 5.ams _atomic_ams HIT
last-modified: Tue, 28 Apr 2020 12:21:07 GMT
server: nginx
etag: "5ea81fb3-25"
strict-transport-security: max-age=31536000
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 37
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Chart.js Show response
bangordailynews.com/wp-content/plugins/covid-19-dashboard/assets/chartjs/ 418 KB
105 KB 52ms
43ms Script
application/javascript 192.0.78.250
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/covid-19-dashboard/assets/chartjs/Chart.js?ver=1.0.0

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.250 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

c8e4a27e6f793df7f0d93f11973224c9bdc0a6b182276ee211c2c140e87ff0db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/covid-19-dashboard/assets/chartjs/Chart.js?ver=1.0.0
pragma: no-cache
cookie: advanced_ads_page_impressions=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 28 Apr 2020 12:21:15 GMT
server: nginx
etag: W/"5ea81fbb-68824"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
date: Mon, 26 Apr 2021 21:47:32 GMT
x-ac: 5.ams _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 utils.js Show response
bangordailynews.com/wp-content/plugins/covid-19-dashboard/assets/chartjs/ 3 KB
1 KB 67ms
58ms Script
application/javascript 192.0.78.250
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/covid-19-dashboard/assets/chartjs/utils.js?ver=1.0.0

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.250 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

0f2aa0b48a55e5bada7d08c3a536a9c3d33cf0b4a6cd600a9b3a9aa743dd9ff1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/covid-19-dashboard/assets/chartjs/utils.js?ver=1.0.0
pragma: no-cache
cookie: advanced_ads_page_impressions=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 28 Apr 2020 12:21:16 GMT
server: nginx
etag: W/"5ea81fbc-cf6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
date: Mon, 26 Apr 2021 21:47:32 GMT
x-ac: 5.ams _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 raphael.min.js Show response
bangordailynews.com/wp-content/plugins/covid-19-dashboard/assets/map/ 91 KB
32 KB 67ms
59ms Script
application/javascript 192.0.78.250
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/covid-19-dashboard/assets/map/raphael.min.js?ver=1.0.0

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.250 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

ebb072f8da4eb66f646b547ac6951e7de18e63c9165871d100a96f69327b38d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/covid-19-dashboard/assets/map/raphael.min.js?ver=1.0.0
pragma: no-cache
cookie: advanced_ads_page_impressions=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 28 Apr 2020 12:20:59 GMT
server: nginx
etag: W/"5ea81fab-16c43"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
date: Mon, 26 Apr 2021 21:47:32 GMT
x-ac: 5.ams _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 mousewheel.min.js Show response
bangordailynews.com/wp-content/plugins/covid-19-dashboard/assets/map/ 3 KB
1 KB 70ms
61ms Script
application/javascript 192.0.78.250
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/covid-19-dashboard/assets/map/mousewheel.min.js?ver=1.0.0

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.250 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

8e73a30d35c83ea6a597c3343324d2b7df097ad26e67b62efb5266ee12d317b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/covid-19-dashboard/assets/map/mousewheel.min.js?ver=1.0.0
pragma: no-cache
cookie: advanced_ads_page_impressions=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 28 Apr 2020 12:20:59 GMT
server: nginx
etag: W/"5ea81fab-ad3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
date: Mon, 26 Apr 2021 21:47:32 GMT
x-ac: 5.ams _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 chroma.min.js Show response
bangordailynews.com/wp-content/plugins/covid-19-dashboard/assets/map/ 33 KB
13 KB 70ms
62ms Script
application/javascript 192.0.78.250
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/covid-19-dashboard/assets/map/chroma.min.js?ver=1.0.0

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.250 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

baac72a1bfa929ed13fe7e4ad64195bc0f9015c467c190eab6b06d67110e00df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/covid-19-dashboard/assets/map/chroma.min.js?ver=1.0.0
pragma: no-cache
cookie: advanced_ads_page_impressions=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Thu, 26 Mar 2020 17:01:14 GMT
server: nginx
etag: W/"5e7cdfda-8309"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
date: Mon, 26 Apr 2021 21:47:32 GMT
x-ac: 5.ams _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.mapael.js Show response
bangordailynews.com/wp-content/plugins/covid-19-dashboard/assets/map/ 120 KB
24 KB 72ms
64ms Script
application/javascript 192.0.78.250
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/covid-19-dashboard/assets/map/jquery.mapael.js?ver=1.0.0

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.250 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

55255cb11b3ec899f616cf39ebdb309a4af82996918d9324a539f97b22f6693e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/covid-19-dashboard/assets/map/jquery.mapael.js?ver=1.0.0
pragma: no-cache
cookie: advanced_ads_page_impressions=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 28 Apr 2020 12:20:58 GMT
server: nginx
etag: W/"5ea81faa-1e07a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
date: Mon, 26 Apr 2021 21:47:32 GMT
x-ac: 5.ams _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 maine-counties.js Show response
bangordailynews.com/wp-content/plugins/covid-19-dashboard/assets/map/maps/ 23 KB
10 KB 74ms
66ms Script
application/javascript 192.0.78.250
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/covid-19-dashboard/assets/map/maps/maine-counties.js?ver=1.0.0

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.250 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

064f4bac94e9ff6a1a83ad14389745dfdb762132ffd6fb21cea533c72abb6f24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/covid-19-dashboard/assets/map/maps/maine-counties.js?ver=1.0.0
pragma: no-cache
cookie: advanced_ads_page_impressions=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Thu, 26 Mar 2020 17:01:14 GMT
server: nginx
etag: W/"5e7cdfda-5cdf"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
date: Mon, 26 Apr 2021 21:47:32 GMT
x-ac: 5.ams _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 usa_states.js Show response
bangordailynews.com/wp-content/plugins/covid-19-dashboard/assets/map/maps/ 64 KB
24 KB 75ms
67ms Script
application/javascript 192.0.78.250
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/covid-19-dashboard/assets/map/maps/usa_states.js?ver=1.0.0

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.250 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

144bc702fd7d0201a22691d071e63a96f65412ed61b2bc30eb6c1a5d481e2ad0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/covid-19-dashboard/assets/map/maps/usa_states.js?ver=1.0.0
pragma: no-cache
cookie: advanced_ads_page_impressions=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 21 Apr 2020 16:14:13 GMT
server: nginx
etag: W/"5e9f1bd5-100f8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
date: Mon, 26 Apr 2021 21:47:32 GMT
x-ac: 5.ams _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 assets.js Show response
bangordailynews.com/wp-content/plugins/newspack-listings/dist/ 14 KB
4 KB 76ms
69ms Script
application/javascript 192.0.78.250
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/newspack-listings/dist/assets.js?ver=0.0.1

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.250 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

b47ea457146a75df3b104a01ca95875cefeac7088fc7d262ea19e045ff7c9399

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/newspack-listings/dist/assets.js?ver=0.0.1
pragma: no-cache
cookie: advanced_ads_page_impressions=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 18 Dec 2020 21:49:20 GMT
server: nginx
etag: W/"5fdd23e0-37e6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
date: Mon, 26 Apr 2021 21:47:32 GMT
x-ac: 5.ams _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sticky.js Show response
bangordailynews.com/wp-content/plugins/advanced-ads-sticky-ads/public/assets/js/ 6 KB
2 KB 76ms
69ms Script
application/javascript 192.0.78.250
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/advanced-ads-sticky-ads/public/assets/js/sticky.js?ver=1.8.1

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.250 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

d8503c041e7f21942aa95fcd5992a29989cb49116d3cb3bf096455658498417a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/advanced-ads-sticky-ads/public/assets/js/sticky.js?ver=1.8.1
pragma: no-cache
cookie: advanced_ads_page_impressions=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 19 Feb 2021 18:42:54 GMT
server: nginx
etag: W/"603006ae-171a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
date: Mon, 26 Apr 2021 21:47:32 GMT
x-ac: 5.ams _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 comment-reply.min.js Show response
c0.wp.com/c/5.7.1/wp-includes/js/ 3 KB
1 KB 24ms
17ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.7.1/wp-includes/js/comment-reply.min.js

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Mon, 26 Apr 2021 21:47:32 GMT
content-encoding: br
last-modified: Thu, 25 Mar 2021 20:02:19 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Tue, 26 Apr 2022 21:47:32 GMT

GET
H2 200 amp-fallback.js Show response
bangordailynews.com/wp-content/themes/newspack-theme/js/dist/ 12 KB
3 KB 76ms
69ms Script
application/javascript 192.0.78.250
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/themes/newspack-theme/js/dist/amp-fallback.js?ver=1.36.0

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.250 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

84a81507549904bca8c739183162c261a1e499b8d7ae0645ae63eddb4903fd36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/themes/newspack-theme/js/dist/amp-fallback.js?ver=1.36.0
pragma: no-cache
cookie: advanced_ads_page_impressions=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 20 Apr 2021 22:12:44 GMT
server: nginx
etag: W/"607f51dc-3143"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
date: Mon, 26 Apr 2021 21:47:32 GMT
x-ac: 5.ams _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 amp-fallback-newspack-sponsors.js Show response
bangordailynews.com/wp-content/themes/newspack-theme/js/dist/ 5 KB
2 KB 76ms
69ms Script
application/javascript 192.0.78.250
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/themes/newspack-theme/js/dist/amp-fallback-newspack-sponsors.js?ver=1.36.0

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.250 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

4d8c0efbdf5e45fa5383d08d690203d0d499e7a8279600f5aec0e264d7134ea3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/themes/newspack-theme/js/dist/amp-fallback-newspack-sponsors.js?ver=1.36.0
pragma: no-cache
cookie: advanced_ads_page_impressions=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 20 Apr 2021 22:12:44 GMT
server: nginx
etag: W/"607f51dc-14f0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
date: Mon, 26 Apr 2021 21:47:32 GMT
x-ac: 5.ams _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 intersectionobserver-polyfill.min.js Show response
bangordailynews.com/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/src/js/ 8 KB
3 KB 76ms
70ms Script
application/javascript 192.0.78.250
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/src/js/intersectionobserver-polyfill.min.js?ver=1.1.2

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.250 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

88264adf3d3193fb56c229f0b92e2a6096770eb76996d1fedc95f5bcb208ccda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/src/js/intersectionobserver-polyfill.min.js?ver=1.1.2
pragma: no-cache
cookie: advanced_ads_page_impressions=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 05 Jan 2021 15:42:42 GMT
server: nginx
etag: W/"5ff488f2-1e63"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
date: Mon, 26 Apr 2021 21:47:32 GMT
x-ac: 5.ams _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 lazy-images.min.js Show response
bangordailynews.com/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/src/js/ 3 KB
1 KB 76ms
70ms Script
application/javascript 192.0.78.250
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/src/js/lazy-images.min.js?ver=1.1.2

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.250 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

51e78e904c795ed5b0154a9995d1ab0b7e3667f5aede719bda86ba38236c5989

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/src/js/lazy-images.min.js?ver=1.1.2
pragma: no-cache
cookie: advanced_ads_page_impressions=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 05 Jan 2021 15:42:42 GMT
server: nginx
etag: W/"5ff488f2-cb7"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
date: Mon, 26 Apr 2021 21:47:32 GMT
x-ac: 5.ams _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 script.js Show response
bangordailynews.com/wp-content/plugins/advanced-ads-tracking/public/assets/js/ 13 KB
3 KB 76ms
70ms Script
application/javascript 192.0.78.250
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/advanced-ads-tracking/public/assets/js/script.js?ver=1.21.0

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.250 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

719d8b1d77fd1f103d9d3a46e4b96e5122d0edeb80b85565b5a6882f0b50d573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/advanced-ads-tracking/public/assets/js/script.js?ver=1.21.0
pragma: no-cache
cookie: advanced_ads_page_impressions=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 16 Oct 2020 09:13:41 GMT
server: nginx
etag: W/"5f896445-333b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
date: Mon, 26 Apr 2021 21:47:32 GMT
x-ac: 5.ams _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-embed.min.js Show response
c0.wp.com/c/5.7.1/wp-includes/js/ 1 KB
719 B 22ms
17ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.7.1/wp-includes/js/wp-embed.min.js

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Mon, 26 Apr 2021 21:47:32 GMT
content-encoding: br
last-modified: Wed, 06 Jan 2021 15:29:24 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Tue, 26 Apr 2022 21:47:32 GMT

GET
H2 200 sharing.min.js Show response
c0.wp.com/p/jetpack/9.6.1/_inc/build/sharedaddy/ 12 KB
4 KB 23ms
18ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/9.6.1/_inc/build/sharedaddy/sharing.min.js

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

80ee2d8ce5d2a3f78fc3b8eaa67bc266645c58b96d8a804556f1e6cb8737d0cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 1
date: Mon, 26 Apr 2021 21:47:32 GMT
content-encoding: br
last-modified: Tue, 26 Jan 2021 16:25:48 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Tue, 26 Apr 2022 21:47:32 GMT

GET
H2 200 e-202117.js Show response
stats.wp.com/ 9 KB
3 KB 71ms
21ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202117.js
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams
date: Mon, 26 Apr 2021 21:47:32 GMT
content-encoding: gzip
server: nginx
etag: W/"5c6340e3-350a"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sun, 17 Apr 2022 22:09:31 GMT

GET
H2 200 e3bf52b8-991a-41fe-9bb4-1acf24a22d27.js Show response
d2s8wlbatk24s7.cloudfront.net/service/js/ 51 KB
17 KB 33ms
7ms XHR
application/javascript 2600:9000:21f3:6e00:d:77c3:2dc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2s8wlbatk24s7.cloudfront.net/service/js/e3bf52b8-991a-41fe-9bb4-1acf24a22d27.js
Requested by: Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/sp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:6e00:d:77c3:2dc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 573a89ca120aefa174231f8ac23a259f089f0ef0304a7f23b7cd05d3c1187e2e

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 19:00:31 GMT
content-encoding: gzip
server: nginx/1.10.3 (Ubuntu)
age: 10021
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 14400
cache-control: public, max-age=14400
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA2-C2
access-control-allow-headers: *
x-amz-cf-id: 2wbbXlhakfunyEz7Qa_UBOvFudqiZB4Bz8wpZWtZvZd2cuarOk9Gbg==
via: 1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 137 KB
47 KB 27ms
23ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W3QLSF

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

db1c3fd8de820be33718bc917afd8ce71094d03040b644dfb0624b4405559d61

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:32 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47553
x-xss-protection: 0
last-modified: Mon, 26 Apr 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 26 Apr 2021 21:47:32 GMT

GET
H2 200 AGSKWxW-2D-NpOj-Hh67ZS7JVI4_Q0GEMemkPkF9m__v_6YFUh1r7KgeU9oTjsajdLc_nxARZIXW4BDHXowiQDVBBI8= Show response
fundingchoicesmessages.google.com/f/ 83 KB
31 KB 40ms
36ms Script
application/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW-2D-NpOj-Hh67ZS7JVI4_Q0GEMemkPkF9m__v_6YFUh1r7KgeU9oTjsajdLc_nxARZIXW4BDHXowiQDVBBI8=

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

70e67c0213f0fee73cacda44952405471a2b391281a858876d1ffa5302490aeb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-As9sIgq4Sl1uOpNySQrPTg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-As9sIgq4Sl1uOpNySQrPTg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 21:47:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-As9sIgq4Sl1uOpNySQrPTg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-As9sIgq4Sl1uOpNySQrPTg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

connatix.playspace.dc.js Show response
cds.connatix.com/p/115064/ Frame A2CE
Redirect Chain

https://cd.connatix.com/connatix.playspace.js
https://cds.connatix.com/p/115064/connatix.playspace.dc.js

1 MB
230 KB

70ms
23ms

Script
application/javascript

151.101.14.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/115064/connatix.playspace.dc.js
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d2ab45aba734c6f2bd5cf4b106d5890152b22011f063358e0fa2dac3aa4145d6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:33 GMT
content-encoding: br
last-modified: Mon, 26 Apr 2021 15:04:09 GMT
age: 19008
etag: "133862d2c2cd044139eae0f492f54fc3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 234968

Redirect headers

location: https://cds.connatix.com/p/115064/connatix.playspace.dc.js
date: Mon, 26 Apr 2021 21:47:32 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
age: 0
accept-ranges: bytes
content-length: 0
retry-after: 0

GET
H2 200 advertising.js Show response
www.npttech.com/ 7 KB
3 KB 44ms
15ms Script
application/javascript 2606:4700:3031::ac43:9eaa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.npttech.com/advertising.js
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:9eaa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:32 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4641
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: MY9S0PJDNWKA0N4N
x-amz-id-2: u+L7370psI8SIxAmhNpCXyD7oSJ5Mvj4UhFctRtjgqEQW9IRVxx/Z0CAHkLIPiAPTAks5+rBcUw=
last-modified: Wed, 19 Jun 2019 08:25:01 GMT
server: cloudflare
etag: W/"3d6f80c860866175f58a84bbbc9217c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"group":"cf-nel","max_age":604800,"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=X%2Fr4Ze3dN2QUDZRUmTEgf%2B8ywjdZmW0bn7eTqhKqcT7wtqcwt4rr9i8dOuQO80usX1GKu6G64EEN%2BgTMt5gSU7%2BFhKqwNWNFlieWPzdbvUwc%2Fkwz%2FvkiISKoOTI%3D"}]}
x-amz-version-id: hXQWgdpwSBM26VgKOeTSlm.4VT89.h9w
cache-control: max-age=28800
cf-request-id: 09b1bff4bb00002bc647253000000001
cf-ray: 6463029acc1d2bc6-FRA

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ 14 KB
14 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:808::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://bangordailynews.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 01:50:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:22 GMT
server: sffe
age: 590215
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14380
x-xss-protection: 0
expires: Wed, 20 Apr 2022 01:50:37 GMT

GET
DATA 200
OK truncated
/ 7 KB
7 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cdf3f88beb166e98d2656e957b247c886d1702027559a290e74a02d58d950c8c

Request headers

Origin: https://bangordailynews.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 logo-1.png
i2.wp.com/bdn-data.s3.amazonaws.com/uploads/2020/06/ 4 KB
4 KB 19ms
18ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/bdn-data.s3.amazonaws.com/uploads/2020/06/logo-1.png?resize=480%2C128&ssl=1

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

a76c8b8ecd594c086cc4849151090ad114d1688e039d33f0a6df1cb67b6ee277

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 7
date: Mon, 26 Apr 2021 21:47:33 GMT
x-content-type-options: nosniff
last-modified: Tue, 06 Apr 2021 14:28:38 GMT
server: nginx
etag: "64118eef749da2d5"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://bdn-data.s3.amazonaws.com/uploads/2020/06/logo-1.png>; rel="canonical"
content-length: 3640
expires: Fri, 07 Apr 2023 02:28:38 GMT

GET
H2

200

connatix.player.dc.js Show response
cds.connatix.com/p/115064/ Frame B0FE
Redirect Chain

https://cd.connatix.com/connatix.player.js
https://cds.connatix.com/p/115064/connatix.player.dc.js

1007 KB
219 KB

73ms
54ms

Script
application/javascript

151.101.14.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/115064/connatix.player.dc.js
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3aaf702c0f3b57c8d8ae99a8c98336e838c9fe4a6fa33cb4bbe5b268f4200963

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:33 GMT
content-encoding: br
last-modified: Mon, 26 Apr 2021 15:04:08 GMT
age: 19008
etag: "5567d457731d7b3e403bd22f5842235e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 223850

Redirect headers

location: https://cds.connatix.com/p/115064/connatix.player.dc.js
date: Mon, 26 Apr 2021 21:47:33 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
age: 0
accept-ranges: bytes
content-length: 0
retry-after: 0

GET
H2 200 jquery.min.js Show response
cdn.pixfuture.com/ Frame 266A 85 KB
30 KB 40ms
21ms Script
application/javascript 2606:4700:20::ac43:4671
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/jquery.min.js
Requested by: Host: serv-vdo.pixfuture.com
URL: https://serv-vdo.pixfuture.com/vpaid/ads.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4671 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:33 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 5784
cf-request-id: 09b1bff59a00004e67c1a5d000000001
last-modified: Wed, 12 Aug 2020 19:49:59 GMT
server: cloudflare
etag: W/"5f3447e7-1538f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=G1D97gqEPJ4KR%2FwjoVzD93Qtdt3PYwxLWFav%2FjEYsnnw8bykl2HokuK%2BnJYMpGxCvPPn2LZHdmcrS1016Vxyml3NRCpK0CwYZBOFqYSchHT3DvvunjwJj8gqXy%2BaOg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2678400, no-transform
cf-ray: 6463029c2eca4e67-FRA
expires: Wed, 28 Apr 2021 20:11:08 GMT

GET
H3-29 200 pubads_impl_2021042101.js Show response
securepubads.g.doubleclick.net/gpt/ 301 KB
106 KB 39ms
38ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042101.js?31060891

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

59c35f54d601301c5ad4ac4d92d0d60f8c09e264cafe2e61a756c059889b6da9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 21 Apr 2021 08:38:12 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108325
x-xss-protection: 0
expires: Mon, 26 Apr 2021 21:47:33 GMT

GET
H/1.1 200
OK conf.js Show response
config.anyclip.com/anyclip-widget/config/bangordailynewscom/0011r00002SRK6m_6242/ 8 KB
3 KB 78ms
24ms Script
application/javascript 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://config.anyclip.com/anyclip-widget/config/bangordailynewscom/0011r00002SRK6m_6242/conf.js?cb=972235
Requested by: Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash: dd209c8b96b55de842b9a2ea39c082ed2fd84b2999cf71d90d9e3afbb2cb1746

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 21:47:33 GMT
Content-Encoding: gzip
Age: 2246
x-amz-meta-updatedby: adela@anyclip.com
Connection: keep-alive
x-amz-request-id: 8CWASXPAVZE990X4
x-amz-id-2: o9LfWzD9YGOyXpZX9gyYYtJNj2FWxyjeqn7VxPLEStG5PSoKKRgjWAySkIZOnRJbL1voeW/rN9o=
Accept-Ranges: bytes
Last-Modified: Thu, 22 Apr 2021 13:27:14 GMT
Server: AmazonS3
Vary: Accept-Encoding
x-amz-version-id: UZf6SjhF.vAO11.UZZPGoZapYnemoCnV
Access-Control-Allow-Origin: *
Content-Length: 2226
Content-Type: application/javascript;charset=UTF-8
X-LLID: e227b2d9a8cddf3a049890fb0c5a7c43

GET
H/1.1 200
OK rules.js Show response
player.anyclip.com/anyclip-widget/lre-widget/sps-flow/ 474 B
959 B 24ms
23ms Script
application/javascript 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://player.anyclip.com/anyclip-widget/lre-widget/sps-flow/rules.js
Requested by: Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash: bf8a3d71354828a837da5f234fdeab608b2e535b11b4851e89d75b1686686635

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 21:47:33 GMT
Content-Encoding: gzip
Age: 57388
x-amz-meta-sha256: bf8a3d71354828a837da5f234fdeab608b2e535b11b4851e89d75b1686686635
Connection: keep-alive
Content-Length: 216
x-amz-id-2: 7HkPI7+B5C7IcunixJO7C4idNtfQ8FLMqRRWbLD82w87FYgtWGA4i7/NoLd6iFqdZ0VFgy7r+uk=
Last-Modified: Thu, 30 Apr 2020 15:11:24 GMT
Server: AmazonS3
Vary: Accept-Encoding
x-amz-request-id: 0AD2C118F7F81FB1
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=60
x-amz-meta-s3b-last-modified: 20200430T151051Z
x-amz-version-id: Dnob.rNfaHkFPCA9eGou8IS.DrpBU9EH
Accept-Ranges: bytes
Content-Type: application/javascript
X-LLID: 80fd33ed4ca0e8d0a2d1f3e34b0ecc81
Expires: Mon, 26 Apr 2021 05:52:05 GMT

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
180 B 312ms
102ms Image
image/gif 52.70.144.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=60&val=vjs&wnx=0&abc=&ty=wlo&v=0&ext=0&ta=1&lnx=0&sid=Osi3mNltXbV876WpjDifDXJ67ql8zdhQ&pid=bangordailynewscom&wid=0011r00002SRK6m_6242&pt=a
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.144.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-144-100.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:33 GMT
last-modified: Wed, 30 Dec 2020 14:34:46 GMT
server: nginx
accept-ranges: bytes
etag: "5fec9006-23"
content-length: 35
content-type: image/gif

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 312ms
102ms Image
image/gif 52.70.144.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?dom=bangordailynews.com&cke=true&lan=en-US&plat=Linux+x86_64&net=-&ver=js4.0.4.1.923&dev=desktop&os=Windows&bw=Chrome%2C89&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&ty=data&rt=61&sid=Osi3mNltXbV876WpjDifDXJ67ql8zdhQ&pid=bangordailynewscom&wid=0011r00002SRK6m_6242&pt=a
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.144.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-144-100.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:33 GMT
last-modified: Wed, 30 Dec 2020 14:34:46 GMT
server: nginx
accept-ranges: bytes
etag: "5fec9006-23"
content-length: 35
content-type: image/gif

GET
H2 200 embed.js Show response
bangordailynews.coral.coralproject.net/assets/js/ 52 KB
15 KB 67ms
20ms Script
application/javascript 34.96.85.105
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.coral.coralproject.net/assets/js/embed.js

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.85.105 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

105.85.96.34.bc.googleusercontent.com

Software

Resource Hash

fa180e0c5c49d672e65b866e3f0809042cc76209788f323267ab5e51ca386b3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
x-content-type-options: nosniff
age: 549427
alt-svc: clear
content-length: 15359
x-xss-protection: 1; mode=block
x-trace-id: c6114d90-a1d9-11eb-84a6-35a0f021ef04
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 11 Feb 2021 21:23:31 GMT
date: Tue, 20 Apr 2021 13:10:26 GMT
vary: Accept-Encoding
content-language: en-US
via: 1.1 google
cache-control: public, max-age=604800
etag: W/"3bff-17792fa4438"
accept-ranges: bytes
content-type: application/javascript; charset=UTF-8

POST
H3-29 204 AGSKWxXJQKQcgSqNmQ0GIxAs-SpW-Al_463CJ6DfdkQ8uW5Oxi1Rd5hBJZo6-8rBcdSq431TaFeOd6qvzCIoV0vscIU= Show response
fundingchoicesmessages.google.com/l/ 0
26 B 34ms
20ms XHR
text/html 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/l/AGSKWxXJQKQcgSqNmQ0GIxAs-SpW-Al_463CJ6DfdkQ8uW5Oxi1Rd5hBJZo6-8rBcdSq431TaFeOd6qvzCIoV0vscIU=?pvid=9F399281-706E-43B5-A705-73141B47D395&anonid=8CF64FBE-AF33-4F2D-8D0D-B0BD87B0AB13

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.en_US.yBB4d6BTfRc.es5.O/d=1/rs=AJlcJMxclVqNNZ5tV-63qo4lEWKqY67sDg/m=loader_js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-wzkQSlj8Hs/MopClKpq49w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-wzkQSlj8Hs/MopClKpq49w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 26 Apr 2021 21:47:33 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://bangordailynews.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-wzkQSlj8Hs/MopClKpq49w' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-wzkQSlj8Hs/MopClKpq49w' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 AGSKWxWx7Tg4bv_hDrQVslZjx2gVYOBdDdPA3Oml9ra_SBA4SA6lElzMbLnXNmAwNx3ejMJHV9xZAUA9b1c0_Zn-vjo= Show response
fundingchoicesmessages.google.com/f/ 283 KB
63 KB 65ms
51ms Script
application/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxWx7Tg4bv_hDrQVslZjx2gVYOBdDdPA3Oml9ra_SBA4SA6lElzMbLnXNmAwNx3ejMJHV9xZAUA9b1c0_Zn-vjo=?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCwyLFsxNjE5NDczNjUzLDMxMDAwMDAwMF0sIjlGMzk5MjgxLTcwNkUtNDNCNS1BNzA1LTczMTQxQjQ3RDM5NSIsIjhDRjY0RkJFLUFGMzMtNEYyRC04RDBELUIwQkQ4N0IwQUIxMyIsbnVsbCxbbnVsbCxbN11dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.en_US.yBB4d6BTfRc.es5.O/d=1/rs=AJlcJMxclVqNNZ5tV-63qo4lEWKqY67sDg/m=loader_js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

040ab9cfebe5a15501871bfbb5114a19eb3541545559141774e2877ea51b6097

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-+ev0fCUYeDDVEfcx+utK3Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-+ev0fCUYeDDVEfcx+utK3Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 21:47:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-+ev0fCUYeDDVEfcx+utK3Q' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-+ev0fCUYeDDVEfcx+utK3Q' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 t Show response
jadserve.postrelease.com/ 223 B
601 B 506ms
162ms Script
text/javascript 52.52.166.208
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&ntv_mvi&us_privacy=1---
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.52.166.208 San Jose, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-52-166-208.us-west-1.compute.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: 1eab91f81bf81819c8832c3a70044b09fc8a6c73fd75df3eda4b0decda03da4f

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 21:47:33 GMT
content-encoding: gzip
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: text/javascript;charset=UTF-8
content-length: 184
expires: Mon, 1 Jan 1990 12:00:00 GMT

GET
BLOB 200
OK eb56fd1d-32c5-4643-a9e0-c56f26f4e468
https://bangordailynews.com/ 417 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://bangordailynews.com/eb56fd1d-32c5-4643-a9e0-c56f26f4e468
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7c1d63e26285cc21e133de0ecdb2364c797317e45fd3405ddd49930a1e949a11

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 417

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
257 B 412ms
104ms Image
image/gif 54.144.144.142
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1619473653385&plid=78068355&idsite=bangordailynews.com&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&sref=&sts=1619473653380&slts=0&title=Holden+brothers+sue+Northern+Light+over+data+breach+they+claim+left+them+vulnerable+to+identity+theft&date=Mon+Apr+26+2021+23%3A47%3A33+GMT%2B0200+(Central+European+Summer+Time)&action=pageview&pvid=47903465&u=pid%3D81e51acc8eb9cf052137836c7bcef971
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.144.144.142 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-144-144-142.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 21:47:33 GMT
Cache-Control: no-cache
Last-Modified: Monday, 26-Apr-2021 21:47:33 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 tinypass.min.js Show response
buy.tinypass.com/api/ 1009 KB
234 KB 106ms
88ms Script
application/javascript 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/tinypass.min.js

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee5cf9111ad49f7f2de82277cfb3f825a54444269d7bc7724292582efbff6265

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:33 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 39
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 09b1bff6a000004e4a22031000000001
wn: prod-dash-10-0-124-91
last-modified: Fri, 23 Apr 2021 17:53:42 GMT
server: cloudflare
etag: W/"1033310-1619200422000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
content-type: application/javascript
server-time: 0.001
cache-control: public, max-age=300
cf-ray: 6463029dceee4e4a-FRA
expires: Mon, 26 Apr 2021 21:52:33 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 119 KB
31 KB 130ms
44ms Script
application/javascript 13.224.105.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.105.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-105-229.mad50.r.cloudfront.net
Software: Server /
Resource Hash: 9e5a3984c873d9f7009795b85f0d9bfa38e8f9dddc2309d83556aea4d7ee41a0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:36:44 GMT
content-encoding: gzip
server: Server
age: 648
etag: 433bd8b9aebf928ab8f51e43abc531d2
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 8747333bac66b8350649da1b14bbb5e5.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: MAD50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-version-id: FUA623DCjlDRvcvJxerHmi4TRUp1BV44
x-amz-cf-id: K83LixnfSfii2YW1datIsulzd1kuOtupZOaJ87aYt06GvOYM3gmdMg==

GET
H2 200 g.gif
pixel.wp.com/ 50 B
115 B 23ms
22ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A9.6.1&blog=38606143&post=3087062&tz=-4&srv=bangordailynews.com&host=bangordailynews.com&ref=&fcp=1345&rand=0.3397064749198706
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:33 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 / Show response
bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/ 2 KB
1 KB 543ms
543ms XHR
application/json 192.0.78.250
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/?relatedposts=1

Requested by

Host: c0.wp.com
URL: https://c0.wp.com/p/jetpack/9.6.1/_inc/build/related-posts/related-posts.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.250 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

19cff09123b7c8f052b5fcf83f97eda885abeceac7abac7d9f6e1a286a2f40dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: ntvSession={}; advanced_ads_page_impressions=1; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1619473653291]]; ntv_as_us_privacy=1---; _parsely_session={%22sid%22:1%2C%22surl%22:%22https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/%22%2C%22sref%22:%22%22%2C%22sts%22:1619473653380%2C%22slts%22:0}; _parsely_visitor={%22id%22:%22pid=81e51acc8eb9cf052137836c7bcef971%22%2C%22session_count%22:1%2C%22last_session_ts%22:1619473653380}
:path: /2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/?relatedposts=1
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
x-requested-with: XMLHttpRequest

Response headers

x-nananana: Batcache-Set
strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 26 Apr 2021 21:47:33 GMT
server: nginx
date: Mon, 26 Apr 2021 21:47:33 GMT
vary: Accept-Encoding Cookie
content-type: application/json; charset=utf-8
cache-control: max-age=300, must-revalidate
x-ac: 5.ams _atomic_ams MISS
host-header: Newspack

GET
H2 200 / Show response
graph.facebook.com/ 244 B
647 B 45ms
31ms Script
text/javascript 2a03:2880:f01c:800e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?callback=WPCOMSharing.update_facebook_count&ids=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F

Requested by

Host: c0.wp.com
URL: https://c0.wp.com/p/jetpack/9.6.1/_inc/build/sharedaddy/sharing.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:800e:face:b00c:0:2 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e0d35d6dbb592d007fb01391192ceba3f770da765c13e83b555c07e1e9facc13

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
www-authenticate: OAuth "Facebook Platform" "invalid_request" "(#2) Service temporarily unavailable"
x-fb-rev: 1003684644
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 186
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: kb17mX+pNTGPXV0T1Fd9VA9PCuH9KoS7TKElKwUXgxyCVOXKXjlfdD9TlcolgFmjGTdRMlJlaoGTBYw5qmhHEA==
x-fb-trace-id: HqQ+SbfZEdK
date: Mon, 26 Apr 2021 21:47:33 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-fb-request-id: AXLcnuww2MawZJfE6gL4S0n
cache-control: no-store
facebook-api-version: v3.2
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
74 B 22ms
22ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=wpcom-no-pv&x_sharing-count-request=facebook&r=0.820323279320528
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:33 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W3QLSF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 420
date: Mon, 26 Apr 2021 21:40:33 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Mon, 26 Apr 2021 23:40:33 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 92 KB
24 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0ae5ed57dc48abbee125d5f915e37110c9f2bb6a95d1aa5ccf3c141f8fe10db3

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23961
x-fb-rlafr: 0
pragma: public
x-fb-debug: rCMowuPbux8ue/vs10FTs+RQ4nkYKkxGHNvgNnBi1LDOmFVPqaYRo3aF/zPO7dfT1+ECUHEjaGFr8sE6VaEqRA==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Mon, 26 Apr 2021 21:47:33 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 120ms
41ms Script
application/x-javascript 2600:9000:20c8:9000:18:1fcd:34e:d2a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: hubspot.fedscoop.com
URL: https://hubspot.fedscoop.com/e2t/tc/VVtbbF268JrwW42vy7Q5XWCP5W99f7mw4qLW2MN5_C1nX2-G_BV1-WJV7CgCv-W3dT5MB76BL5JW4GxGHC8_ZvbkW7yppvy6wPgF4W2X4Qd77xsMTbW8K1xyF6zXJmqW20Tjyk5R12PHV14ldv4WmkTsW4K1V_f9lsZcnW8Tc4CT9kbXq-N2PWbrrNycVmW1q584c5SrcXhW31MlGl3m0CynW3hCQt-76m50LN7JYH_VrXv3dW47ShYY77Y7pkW6fJs4t17jfsSW4cshDg39jRbgW968q3F2J345PW87T-vV3vttDyW6ttyL52v3QQbW6Z-87j43kBffW45TQtw70GH3BW1yH1Fm5-DplsW83lQ3b4vG4q7W1F6GRr52fh7pW3fw4TJ7sCBg1VpYCBK7YHZ-3W94YHRR8fl63tW34Y5r54DGLrbW60XdWX4k87px3kz91
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c8:9000:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: ec93813683cccb74a7896a34a2ed1b2163288620f6959ae06de3ded30cf518b9

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 16:18:05 GMT
content-encoding: gzip
last-modified: Fri, 02 Apr 2021 00:04:46 GMT
server: nginx
age: 19768
etag: W/"60665f9e-8e96"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 0645caa18be2b3be5e4612d40f45a0ba.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: MAD50-C1
x-amz-cf-id: MTD1MecafXS1MA4_fbpkCY1ryUprzBupim56-miLJP4hUDoX94Q-uA==
expires: Tue, 27 Apr 2021 16:18:05 GMT

GET
H2

200

ml.br.js Show response
js.matheranalytics.com/static/ltm/ma63069/92760912/12/
Redirect Chain

https://js.matheranalytics.com/s/ma63069/92760912/ml.js?cb=1562
https://js.matheranalytics.com/static/ltm/ma63069/92760912/12/ml.br.js

136 KB
40 KB

19ms
19ms

Script
application/x-javascript

107.178.250.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.matheranalytics.com/static/ltm/ma63069/92760912/12/ml.br.js
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.250.234 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 234.250.178.107.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5bb1dbff0830b6ff798a95ceb6d01d9c04ead26188e18da619699bc3135a1e47

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 12:10:08 GMT
content-encoding: br
last-modified: Wed, 12 Aug 2020 16:26:04 GMT
server: nginx
age: 34645
etag: "88fbdebeb74ed488bdf0ebada228f578"
vary: Accept-Encoding
x-cache: HIT Wed, 12 Aug 2020 16:39:09 GMT
content-type: application/x-javascript
via: 1.1 google
cache-control: public,max-age=3600
alt-svc: clear
content-length: 40740

Redirect headers

date: Mon, 26 Apr 2021 21:47:33 GMT
via: 1.1 google
server: nginx
vary: Accept-Encoding
location: https://js.matheranalytics.com/static/ltm/ma63069/92760912/12/ml.br.js
cache-control: public, max-age=269200
alt-svc: clear
x-served-by: 6-gc-euw1-10925

GET
H/1.1 200
OK Harrison-Judy-employee-headshot-JCR-1-200x200.jpg
bdn-data.s3.amazonaws.com/uploads/2020/06/ 8 KB
9 KB 426ms
122ms Image
image/jpeg 52.217.14.124
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bdn-data.s3.amazonaws.com/uploads/2020/06/Harrison-Judy-employee-headshot-JCR-1-200x200.jpg
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.14.124 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: d46cdf5cd6827461ac61fcff2768bfff82203c047c7c93e1c82091f1232610fb

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 21:47:34 GMT
Last-Modified: Thu, 18 Jun 2020 02:58:23 GMT
Server: AmazonS3
x-amz-request-id: KWY5G65TMSSQPV64
ETag: "268b990f7103e86c2be5a8cbedbb9b53"
x-amz-version-id: HtSq84lLDSsbDF.It5rdjSpKWYffj93A
Cache-Control: max-age=2592000
x-amz-replication-status: COMPLETED
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 8413
x-amz-id-2: 9egMkOeDYKGEFVFZYjnQVmxOm+bNS+498/cc/57zzss51rY9WuDcbdwgvLPVBBTevoROxCLkjPo=

GET
H2 200 016-EMHS-Brewer-06-16-2014-090-14-293-x-1.jpg
i0.wp.com/bdn-data.s3.amazonaws.com/uploads/2021/04/ 185 KB
186 KB 31ms
31ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/bdn-data.s3.amazonaws.com/uploads/2021/04/016-EMHS-Brewer-06-16-2014-090-14-293-x-1.jpg?w=1024&ssl=1

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

6bb02f4b3e234d03c30f0a6c214ea2a851709f607db2edbb7cf4ad66a35561a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 4
date: Mon, 26 Apr 2021 21:47:33 GMT
x-content-type-options: nosniff
last-modified: Fri, 23 Apr 2021 05:54:26 GMT
server: nginx
etag: "88683fb67f2a2139"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://bdn-data.s3.amazonaws.com/uploads/2021/04/016-EMHS-Brewer-06-16-2014-090-14-293-x-1.jpg>; rel="canonical"
content-length: 189820
expires: Sun, 23 Apr 2023 17:54:26 GMT

GET
H/1.1 200
OK ads-iframe.js Show response
serv-vdo.pixfuture.com/vpaid/ Frame 266A 49 KB
49 KB 197ms
196ms Script
application/javascript 204.48.28.205
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://serv-vdo.pixfuture.com/vpaid/ads-iframe.js
Requested by: Host: serv-vdo.pixfuture.com
URL: https://serv-vdo.pixfuture.com/vpaid/ads.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.48.28.205 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 04b25bf1bce048c6c1ee2b85818b0c335193bef7bfcc62a2bb9a58c021de28b8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 21:47:33 GMT
Last-Modified: Wed, 17 Mar 2021 20:57:13 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60526d29-c2f6"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800, public, no-transform
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 49910
Expires: Wed, 28 Apr 2021 21:47:33 GMT

GET
H/1.1 200
OK push_player.js Show response
serv-vdo.pixfuture.com/vpaid/ Frame 266A 1 KB
2 KB 312ms
105ms Script
application/javascript 204.48.28.205
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://serv-vdo.pixfuture.com/vpaid/push_player.js
Requested by: Host: serv-vdo.pixfuture.com
URL: https://serv-vdo.pixfuture.com/vpaid/ads.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.48.28.205 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1441bff79eb18764087ec481fa0018adb219abe2bf3178ece73aa8e0d35f12f3

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 21:47:33 GMT
Last-Modified: Mon, 08 Feb 2021 16:32:36 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "602167a4-50e"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800, public, no-transform
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 1294
Expires: Wed, 28 Apr 2021 21:47:33 GMT

GET
H2 200 connatix.player.css
cds.connatix.com/p/115064/ 54 KB
8 KB 23ms
23ms Stylesheet
text/css 151.101.14.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/115064/connatix.player.css
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f1c022aff023cba27a95c593e440595dfb6f16413a18483866e74a56e2563db5

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:33 GMT
content-encoding: br
last-modified: Mon, 26 Apr 2021 15:04:09 GMT
age: 19008
etag: "fcaa0ea82bb0765612e6ce7eef717e24"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 8363

GET
H2 200 / Show response
trends.revcontent.com/api/demand/ 52 B
269 B 160ms
85ms Fetch
text/html 54.194.230.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/api/demand/?w=165643&gdpr=1&us_privacy=1---

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.194.230.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.25 (Debian) /

Resource Hash

8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://bangordailynews.com
date: Mon, 26 Apr 2021 21:47:33 GMT
access-control-allow-credentials: true
server: Apache/2.4.25 (Debian)
content-length: 52
strict-transport-security: max-age=931536000; includeSubDomains
content-type: text/html; charset=UTF-8

GET
H2 204 sync
trends.revcontent.com/ 0
0 158ms
84ms Fetch 54.194.230.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trends.revcontent.com/sync?gdpr=1
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.230.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://bangordailynews.com
date: Mon, 26 Apr 2021 21:47:33 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H3-29 200 css
fonts.googleapis.com/ 52 KB
3 KB 27ms
26ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabTcfV2ClientJs.en_US.8ep3xi8CkMA.es5.O/d=1/rs=AJlcJMyFrSO2jIY22_vIzSxZlBSR8QB5HA/m=iabtcfv2wallscript

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4818ee6ad6d1167b02d5d560cbcebabbe23414debce3ee661c661f5fc7f0d87c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 26 Apr 2021 21:47:33 GMT
server: ESF
date: Mon, 26 Apr 2021 21:47:33 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 26 Apr 2021 21:47:33 GMT

HEAD
H/1.1 200
OK advertising.js
assets.anyclip.com/anyclip-widget/lre-widget/assets/js/ 0
0 89ms
22ms Fetch
application/javascript 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.anyclip.com/anyclip-widget/lre-widget/assets/js/advertising.js
Requested by: Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 21:47:33 GMT
Age: 3212
Connection: keep-alive
Content-Length: 32
x-amz-id-2: TE1LlP6v1FuIediBAbvTJcntLB8pPizYnSPlkqUirghQVEOX1bexc3GTdkReCz0S+EpD9BG1G0E=
Last-Modified: Mon, 10 Dec 2018 11:26:45 GMT
Server: AmazonS3
x-amz-request-id: H7CK13QB0N1H5GE0
Access-Control-Allow-Origin: *
Expires: Tue, 27 Apr 2021 00:54:01 GMT
Cache-Control: public,max-age=14400
x-amz-version-id: yQR7I__mdWlTGiugUbenyyFFuDDzo_a4
Accept-Ranges: bytes
Content-Type: application/javascript
X-LLID: 6f4f8191efb2f98834b682a153a21c2c
x-amz-meta-s3b-last-modified: 20181210T110233Z

HEAD
H2 200 ima3.js
imasdk.googleapis.com/js/sdkloader/ 0
0 35ms
13ms Fetch
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 26 Apr 2021 21:47:33 GMT

GET
H2 200 362290
vid.springserve.com/vast/ 22 B
0 111ms
33ms Fetch
application/xml 52.210.137.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/362290
Requested by: Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.137.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-137-162.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 26 Apr 2021 21:47:33 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 22
content-type: application/xml;charset=UTF-8

HEAD
H2 200 loader.js
imasdk.googleapis.com/js/sdkloader/ 0
0 28ms
6ms Fetch
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/loader.js

Requested by

Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:40:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 21 Apr 2021 20:57:11 GMT
server: sffe
age: 434
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18070
x-xss-protection: 0
expires: Mon, 26 Apr 2021 21:55:19 GMT

HEAD
H2 200 client.js
s0.2mdn.net/instream/video/ 0
0 35ms
13ms Fetch
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 26 Apr 2021 21:47:33 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 334 KB
115 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d25942b7da85bc7cdb258cdb436227b1de7e3a2b50c61f7d7050eff911f88f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117044
x-xss-protection: 0
expires: Mon, 26 Apr 2021 21:47:33 GMT

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 102ms
101ms Image
image/gif 52.70.144.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=495&val=0&wnx=0&abc=&ty=blo&v=0&ext=0&ta=1&lnx=0&sid=Osi3mNltXbV876WpjDifDXJ67ql8zdhQ&pid=bangordailynewscom&wid=0011r00002SRK6m_6242&pt=a
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.144.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-144-100.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:33 GMT
last-modified: Wed, 30 Dec 2020 14:34:46 GMT
server: nginx
accept-ranges: bytes
etag: "5fec9006-23"
content-length: 35
content-type: image/gif

GET
H3-29 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:22:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 1520
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
expires: Mon, 26 Apr 2021 22:22:13 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
539 B 35ms
13ms XHR
application/json 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 26 Apr 2021 21:47:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://bangordailynews.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 94
x-xss-protection: 0

GET
H3-29 200 733394673714818 Show response
connect.facebook.net/signals/config/ 254 KB
72 KB 59ms
59ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/733394673714818?v=2.9.39&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ef0b6e589e662ef1b9c44e23acea2320db067ebaf821d262febe0e4d576013f1

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: et0taUAy9LUHOW7A3+8kCxl0XmPJHrFFrFMt1/idMWcLRJD5p4Frj2DKl4vk8hUFTX3O01/p8Rm3JAWpUQwMsw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
date: Mon, 26 Apr 2021 21:47:33 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H/1.1 200
OK pls Show response
capi.connatix.com/core/ Frame B0FE 2 KB
2 KB 486ms
145ms XHR
multipart/form-data 3.143.119.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/pls?v=115064
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.143.119.104 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 70e8c747ad5c9f53e7bf3527205a4b52be647725291de7b25b1aa8820c48db5b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Mon, 26 Apr 2021 21:47:34 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://bangordailynews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1704

POST
H3-29 204 AGSKWxWg7rKV8WgVAIVpttfGRvpL4j9m2dpDIGbGkhs6ABpWgXXmjW8f9933UFJUuf_NBmtpTG7pQg_oU2HOYGFYPYnK38-GQSyMAmjHiqJuP1H_o81V6jMhJBV_vGB7i02201B05tVQZ7l88MF78q-2LhXfwHzYmitnaFswQjkIxesZFF8ZDp8U6rVg9Ln6 Show response
fundingchoicesmessages.google.com/l/ 0
26 B 21ms
21ms XHR
text/html 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/l/AGSKWxWg7rKV8WgVAIVpttfGRvpL4j9m2dpDIGbGkhs6ABpWgXXmjW8f9933UFJUuf_NBmtpTG7pQg_oU2HOYGFYPYnK38-GQSyMAmjHiqJuP1H_o81V6jMhJBV_vGB7i02201B05tVQZ7l88MF78q-2LhXfwHzYmitnaFswQjkIxesZFF8ZDp8U6rVg9Ln6?dmid=9a88d2cd9a80bfe2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-IofN24hs/fSGe0qLR8ftyg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-IofN24hs/fSGe0qLR8ftyg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 26 Apr 2021 21:47:33 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://bangordailynews.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-IofN24hs/fSGe0qLR8ftyg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-IofN24hs/fSGe0qLR8ftyg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v85/ 100 KB
100 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v85/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ee528fae3270a18f9ef02e08baa054b2a428d449190346a68afefeb047fa6a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://bangordailynews.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Apr 2021 22:06:12 GMT
x-content-type-options: nosniff
last-modified: Thu, 15 Apr 2021 23:28:06 GMT
server: sffe
age: 344481
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102728
x-xss-protection: 0
expires: Fri, 22 Apr 2022 22:06:12 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://bangordailynews.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Apr 2021 01:43:32 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
age: 417841
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
expires: Fri, 22 Apr 2022 01:43:32 GMT

GET
H3-29 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://bangordailynews.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 20:40:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:00 GMT
server: sffe
age: 522415
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15056
x-xss-protection: 0
expires: Wed, 20 Apr 2022 20:40:38 GMT

GET
H3-29 200 mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhp.woff2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://bangordailynews.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:47 GMT
server: sffe
age: 128635
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14880
x-xss-protection: 0
expires: Mon, 25 Apr 2022 10:03:38 GMT

GET
H2 200 sdk.js Show response
api-esp.piano.io/public/sdk/v04/ 43 KB
14 KB 44ms
20ms Script
application/javascript 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a2f415894088c48d895ce6549090ee756a6f1b3e05699bbf0547b005b3b68d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:33 GMT
content-encoding: gzip
x-tq-node: x
cf-cache-status: HIT
age: 1097
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=60; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09b1bff85e00004e316b972000000001
last-modified: Wed, 21 Apr 2021 11:16:56 GMT
server: cloudflare
etag: W/"1bbec-178f425b840"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: api-esp.piano.io
vary: Accept-Encoding
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 646302a09ded4e31-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Tue, 27 Apr 2021 01:47:33 GMT

GET
H2 200 get.js Show response
buy.tinypass.com/api/v3/anon/captcha/ 153 B
387 B 132ms
132ms Script
application/javascript 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/v3/anon/captcha/get.js?callback=jsonpCallback&aid=U1S2txQ29t

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

52374f169cc0b3ea3759d3d472a71b1fd493377c5de0ec0beaa7ccfb4bf397a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:33 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: EXPIRED
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 09b1bff84c00004e4a4083e000000001
x-request-id: C9vx6sqxGoB
pragma
wn: prod-dash-10-0-90-233
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
content-type: application/javascript
server-time: 0.001
cache-control: public, max-age=1200
cf-ray: 646302a07b764e4a-FRA
expires: Mon, 26 Apr 2021 22:07:33 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
468 B 50ms
30ms XHR
application/json 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 26 Apr 2021 21:47:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://bangordailynews.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 76 KB
30 KB 14ms
14ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

95939c9262bfe892fddf8fd1214c6dc6c811ce6a57c1ba9f1ac4574d737078eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:33 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31127
x-xss-protection: 0
last-modified: Mon, 26 Apr 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 26 Apr 2021 21:47:33 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
373 B 86ms
86ms XHR
text/javascript 13.224.105.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&pid=a9OJnahwMFfbf&cb=0&ws=1600x1200&v=7.61.00&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22180x80%22%5D%2C%22sn%22%3A%22%2F21682974628%2Fbangordailynews%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22180x80%22%5D%2C%22sn%22%3A%22%2F21682974628%2Fbangordailynews%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F21682974628%2Fbangordailynews%22%7D%2C%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22300x600%22%2C%22160x600%22%5D%2C%22sn%22%3A%22%2F21682974628%2Fbangordailynews%22%7D%5D&cfgv=0&pubid=b9cc9a74-23ed-483b-9eb8-000dee4af668&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.105.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-105-229.mad50.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:33 GMT
via: 1.1 8747333bac66b8350649da1b14bbb5e5.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: MAD50-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://bangordailynews.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 7mWSeBaxlnsDvEln8BJfl51zibcS6ppUZ9m9Nrz6Ks492NSmCLEuXA==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 140ms
59ms XHR
application/javascript 13.224.105.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.105.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-105-229.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 15:17:53 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
age: 23381
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Wed, 07 Apr 2021 05:49:36 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: eEYYOb32LZFr6yGAi8hXG4401uAIPew2
via: 1.1 3a5cd718bb9eb50d9c931e1f7586b5a8.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: MAD50-C1
content-type: application/javascript
x-amz-cf-id: Ai2164BSymIjJQuCP4rtEm2TW1IPGUTsid-DSnK93zhSqr-C-tzfXQ==

GET
H2 200 ping
ping.chartbeat.net/ 43 B
169 B 305ms
102ms Image
image/gif 52.45.183.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=bangordailynews.com&p=%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&u=DRMttgC0SoHNlFPW4&d=bangordailynews.com&g=14550&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=4284&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=2170&t=xH8xTBEByvJBdOj4pBB2dBMk8jAx&V=126&i=Holden%20brothers%20sue%20Northern%20Light%20over%20data%20breach%20they%20claim%20left%20them%20vulnerable%20to%20identity%20thef&tz=-120&sn=1&sv=LXDQSCVvXAKDCo9ywBSr6cM3DkX6&sd=1&im=067b2fff&_
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.183.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 21:47:34 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 verify Show response
id.tinypass.com/id/api/v1/identity/token/ 207 B
988 B 201ms
191ms Script
application/javascript 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://id.tinypass.com/id/api/v1/identity/token/verify?callback=jQuery112408799488857547242_1619473653691&client_id=U1S2txQ29t&site=https%3A%2F%2Fbangordailynews.com&_=1619473653692

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

765244a9d9480279a211240fe7711355809133b249d40f9cac66655164c3c667

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:34 GMT
content-encoding: br
cf-cache-status: DYNAMIC
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL", CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 09b1bff8cc00004e4a1f0e6000000001
x-request-id: Cavx6sqxWh0
pragma: no-cache
wn: prod-id-10-0-94-153
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-cache="set-cookie"
access-control-allow-credentials: true
server-time: 0.001
cf-ray: 646302a14cb94e4a-FRA
access-control-allow-headers: origin, content-type, accept, authorization
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
245 B 436ms
102ms Image
image/gif 35.168.95.93
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=pv&page=Holden%20brothers%20sue%20Northern%20Light%20over%20data%20breach%20they%20claim%20left%20them%20vulnerable%20to%20identity%20theft&pubname=Bangor%20Daily%20News&artupt=1619174198&artpubt=1619154000&tv=js-3.0.109&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=-120&lang=en-US&cs=UTF-8&navt=link&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&tvltm=12&tid=5fa6b75b-844f-4bc6-892d-c787011eea85&pid=f9b49f8f-9777-4344-9c2e-e7cdb4cba6c5&dtm=1619473653980&qnm=_matherq&visible=1&tabid=45c55acd-a8ed-4b25-aedb-c464e943b3ad&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&vp=1600x1200&ds=1600x4284&tofa=1619473654&vid=1&lvidt=1619473654&duid=897f9ce940136859&fp=1072425006&cid=ma63069&mrk=92760912&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTYxOTQ3MzY1MTc0NSIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIzMy4xbWIiLCJoZWFwVCI6IjM5LjZtYiIsImZzdFBhaW50IjoiMTM0NSIsImZldGNoUyI6IjE4MCIsImRvbWFpblMiOiIxODEiLCJkb21haW5FIjoiMTgyIiwiY29ublMiOiIxODIiLCJjb25uRSI6IjIxOSIsInNzbFMiOiIxOTUiLCJyZXF1UyI6IjIyMCIsInJlc3BTIjoiODY5IiwicmVzcEUiOiI5NzIiLCJkb21Mb2FkIjoiODcxIiwiZG9tSW50ZXIiOiIxNjc2IiwiZG9tTG9hZFMiOiIxNzE3IiwiZG9tTG9hZEUiOiIxNzI2In19
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.168.95.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 21:47:34 GMT
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length: 43
Content-Type: image/gif

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
91 B 23ms
23ms XHR
text/plain 2a00:1450:400c:c0c::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-5329647-52&cid=67365718.1619473654&jid=1047201902&gjid=1532477972&_gid=1530301968.1619473654&_u=aGBAgUALAAQCAE~&z=249107672

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 26 Apr 2021 21:47:33 GMT
content-type: text/plain
access-control-allow-origin: https://bangordailynews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 6ms
6ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1867188589&t=pageview&_s=1&dl=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&ul=en-us&de=UTF-8&dt=Holden%20brothers%20sue%20Northern%20Light%20over%20data%20breach%20they%20claim%20left%20them%20vulnerable%20to%20identity%20theft&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgUALAAQC~&jid=1047201902&gjid=1532477972&cid=67365718.1619473654&tid=UA-5329647-52&_gid=1530301968.1619473654&gtm=2wg4e1W3QLSF&cd24=https&cd25=false&cd28=no&cm5=0&z=1046774701

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Apr 2021 23:57:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 78578
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=1867188589&t=pageview&_s=1&dl=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&ul=en-us&de=UTF-8&dt=Holden%20brothers%20sue%20Northern%20Light%20over%20data%20breach%20they%20claim%20left%20them%20vulnerable%20to%20identity%20theft&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAiUALBAQCAE~&jid=&gjid=&cid=67365718.1619473654&tid=UA-5329647-52&_gid=1530301968.1619473654&gtm=2wg4e1W3QLSF&cd24=https&cd25=false&cd28=no&cm5=0&z=15517571

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 25 Apr 2021 23:57:56 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 78578
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 102ms
102ms Image
image/gif 52.70.144.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=864&val=ima&wnx=0&abc=&ty=ami&v=0&ext=0&ta=1&lnx=0&sid=Osi3mNltXbV876WpjDifDXJ67ql8zdhQ&pid=bangordailynewscom&wid=0011r00002SRK6m_6242&pt=a
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.144.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-144-100.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:34 GMT
last-modified: Wed, 30 Dec 2020 14:34:46 GMT
server: nginx
accept-ranges: bytes
etag: "5fec9006-23"
content-length: 35
content-type: image/gif

GET
H/1.1 200
OK pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/158127/2642/ Frame 266A 275 KB
84 KB 88ms
31ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/158127/2642/pwt.js
Requested by: Host: serv-vdo.pixfuture.com
URL: https://serv-vdo.pixfuture.com/vpaid/ads-iframe.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e98e8d723dd2eaca28bade949628d27e81e6cf8c9b3e0fd8091fe4b3843f78ce

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 21:47:34 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Oct 2020 22:47:13 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "10c1257-44c71-5b2d70fa58647"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: public, max-age=129323
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 85626
Expires: Wed, 28 Apr 2021 09:42:57 GMT

GET
H/1.1 200
OK vast_prebid_init.php Show response
serv-vdo.pixfuture.com/vpaid/ Frame 266A 16 KB
16 KB 221ms
221ms Script
application/javascript 204.48.28.205
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://serv-vdo.pixfuture.com/vpaid/vast_prebid_init.php?zoneid=11&siteid=231&keywords=holden,brothers,sue,northern,light,over,data,breach,they,claim,left,them,vulnerable,identity,theft&url=https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/&ads_counter=not_started
Requested by: Host: serv-vdo.pixfuture.com
URL: https://serv-vdo.pixfuture.com/vpaid/ads-iframe.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.48.28.205 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 037e5dcb1d7da4aac30d513c9ea7c0e4b4c679ffc9c362db8405a5513e839128

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 21:47:34 GMT
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800, public, no-transform
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Wed, 28 Apr 2021 21:47:34 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 17ms
17ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-5329647-52&cid=67365718.1619473654&jid=1047201902&_u=aGBAgUALAAQCAE~&z=808982731

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 21:47:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 17ms
16ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-5329647-52&cid=67365718.1619473654&jid=1047201902&_u=aGBAgUALAAQCAE~&z=808982731

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 21:47:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Perkins_Wrigley.jpg
i1.wp.com/bdn-data.s3.amazonaws.com/uploads/2021/04/ 4 KB
4 KB 20ms
19ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/bdn-data.s3.amazonaws.com/uploads/2021/04/Perkins_Wrigley.jpg?fit=1024%2C768&ssl=1&resize=350%2C200

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

63212c3f7b2974ad304272eae4a980c5913ac2c220d0bb47f396f46544b0e128

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 7
date: Mon, 26 Apr 2021 21:47:34 GMT
x-content-type-options: nosniff
last-modified: Mon, 26 Apr 2021 20:09:32 GMT
server: nginx
etag: "0974a1c9209fe6e5"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://bdn-data.s3.amazonaws.com/uploads/2021/04/Perkins_Wrigley.jpg>; rel="canonical"
content-length: 4190
expires: Thu, 27 Apr 2023 08:09:32 GMT

GET
H2 200 Spring-Snow-042221-LCO-1.jpg
i0.wp.com/bdn-data.s3.amazonaws.com/uploads/2021/04/ 7 KB
7 KB 24ms
23ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/bdn-data.s3.amazonaws.com/uploads/2021/04/Spring-Snow-042221-LCO-1.jpg?fit=1024%2C635&ssl=1&resize=350%2C200

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

a24cc1d44b3023d00ab2d32622623c7dbf0b87727974904107b30bcbd3933d79

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 3
date: Mon, 26 Apr 2021 21:47:34 GMT
x-content-type-options: nosniff
last-modified: Mon, 26 Apr 2021 21:12:02 GMT
server: nginx
etag: "911076e583743a70"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://bdn-data.s3.amazonaws.com/uploads/2021/04/Spring-Snow-042221-LCO-1.jpg>; rel="canonical"
content-length: 7386
expires: Thu, 27 Apr 2023 09:12:02 GMT

GET
H2 200 BHHospital4.jpg
i1.wp.com/bdn-data.s3.amazonaws.com/uploads/2021/03/ 8 KB
8 KB 23ms
22ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/bdn-data.s3.amazonaws.com/uploads/2021/03/BHHospital4.jpg?fit=1024%2C683&ssl=1&resize=350%2C200

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

fdd12761bc6e5a46c20a2e0053e3b53c7df5efae0e2aebd0eeb70b41bdfa75f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT ams 5
date: Mon, 26 Apr 2021 21:47:34 GMT
x-content-type-options: nosniff
last-modified: Mon, 26 Apr 2021 21:11:21 GMT
server: nginx
etag: "2959686461b60540"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://bdn-data.s3.amazonaws.com/uploads/2021/03/BHHospital4.jpg>; rel="canonical"
content-length: 7980
expires: Thu, 27 Apr 2023 09:11:21 GMT

POST
H2 204 generic
trends.revcontent.com/event/ 0
0 107ms
36ms Fetch 54.194.230.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trends.revcontent.com/event/generic
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.230.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Grizzly/2.4.4 /
Resource Hash

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://bangordailynews.com
date: Mon, 26 Apr 2021 21:47:34 GMT
access-control-allow-credentials: true
server: Grizzly/2.4.4
access-control-allow-headers: Content-Type

GET
H2 200 / Show response
trends.revcontent.com/api/delivery/ 17 KB
7 KB 224ms
223ms Fetch
text/html 54.194.230.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/api/delivery/?is_blocked=false&w=165643&width=1600&gdpr=1&us_privacy=1---&rev_allow_cookies=0&site_url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&icr_url=&va=1&time=1619473654067&up=pc&bn=chrome&bv=89&widget_width=780

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.194.230.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Apache/2.4.25 (Debian) /

Resource Hash

efcb8aca4bc2b04d1a21bb234010fc5afe5e912e4fe6af020ef9f92f2797c529

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:34 GMT
content-encoding: gzip
server: Apache/2.4.25 (Debian)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://bangordailynews.com
access-control-allow-credentials: true
strict-transport-security: max-age=931536000; includeSubDomains
content-length: 7336

GET
H2 200 /
www.facebook.com/tr/ 44 B
259 B 6ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=733394673714818&ev=PageView&dl=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&rl=&if=false&ts=1619473654084&sw=1600&sh=1200&v=2.9.39&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1619473654082.1628960792&it=1619473653678&coo=false&exp=l0&rqm=GET

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:34 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 26 Apr 2021 21:47:34 GMT

OPTIONS
H3-29 200 232
api-esp.piano.io/publisher/fusion/lucid/data/ Frame 0
0 145ms
135ms Preflight 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/publisher/fusion/lucid/data/232?email=&visitor=&stored_visitor=&pnespid=

Protocol

H3-29

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://bangordailynews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 26 Apr 2021 21:47:34 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://bangordailynews.com
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-max-age: 36000
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-tq-node: x
strict-transport-security: max-age=60; includeSubDomains
cf-cache-status: DYNAMIC
cf-request-id: 09b1bff95b00004db2673cb000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 646302a22a074db2-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3-29 200 232 Show response
api-esp.piano.io/publisher/fusion/lucid/data/ 4 KB
2 KB 151ms
143ms XHR
application/json 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/publisher/fusion/lucid/data/232?email=&visitor=&stored_visitor=&pnespid=

Requested by

Host: c0.wp.com
URL: https://c0.wp.com/c/5.7.1/wp-includes/js/jquery/jquery.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19e2865bd7db7c880dd243813491ea938f7767eaedaaab21bf8e00fb1223e1aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 26 Apr 2021 21:47:34 GMT
content-encoding: gzip
x-tq-node: x
cf-cache-status: DYNAMIC
x-cache-status: BYPASS
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=60; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09b1bff9ec00002ba101b87000000001
server: cloudflare
etag: W/"117d-B4SfID7Ich9XruireXxpB3zNHIw"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bangordailynews.com
vary: Accept-Encoding
access-control-allow-credentials: true
cf-ray: 646302a3199f2ba1-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token

GET
H/1.1 200
OK play-big.svg
assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/ 650 B
1 KB 70ms
22ms Image
image/svg+xml 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/play-big.svg?hash=55977d5a99
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash: 3cc9389c9cfdbc0fb7c282c3026c3cd9c11894913f4cf60cf9d1140a1415ad0a

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 21:47:34 GMT
Content-Encoding: gzip
Age: 13175
Connection: keep-alive
Content-Length: 400
x-amz-id-2: 2ZRGmD+kh257W9+vyOdL6QpvAOGlYqi9dgt1aL0FP89CyWLDvZNesGZlGXxYDzF/4PQZCl44NDY=
Last-Modified: Tue, 06 Aug 2019 13:18:15 GMT
Server: AmazonS3
Vary: Accept-Encoding
x-amz-request-id: 842E25E42F23E437
Access-Control-Allow-Origin: *
Expires: Mon, 26 Apr 2021 22:07:59 GMT
Cache-Control: public,max-age=14400
x-amz-version-id: P54LBC7dA7.CKZKZL0usNEXn5r08cUmk
Accept-Ranges: bytes
Content-Type: image/svg+xml
X-LLID: b4fbb286891e8ec1b4737155e35c74be
x-amz-meta-s3b-last-modified: 20190806T131201Z

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 103ms
102ms Image
image/gif 52.70.144.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=930&val=1---&wnx=0&abc=&ty=crs&v=0&ext=0&ta=1&lnx=0&sid=Osi3mNltXbV876WpjDifDXJ67ql8zdhQ&pid=bangordailynewscom&wid=0011r00002SRK6m_6242&pt=a
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.144.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-144-100.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:34 GMT
last-modified: Wed, 30 Dec 2020 14:34:46 GMT
server: nginx
accept-ranges: bytes
etag: "5fec9006-23"
content-length: 35
content-type: image/gif

GET
H3-29 200 bridge3.453.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame FC11 570 KB
186 KB 20ms
6ms Document
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03fa924099182c607c33fb7877f50e7de0ae3522e1bcff8f7247ae5e88a2b25b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.453.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bangordailynews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://bangordailynews.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 190793
date: Thu, 22 Apr 2021 15:44:13 GMT
expires: Fri, 22 Apr 2022 15:44:13 GMT
last-modified: Wed, 21 Apr 2021 20:50:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 367401
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
16 KB 31ms
16ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Mon, 26 Apr 2021 21:47:34 GMT

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 103ms
102ms Image
image/gif 52.70.144.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=992&val=0&wnx=0&abc=&ty=wre&v=0&ext=0&ta=1&lnx=0&sid=Osi3mNltXbV876WpjDifDXJ67ql8zdhQ&pid=bangordailynewscom&wid=0011r00002SRK6m_6242&pt=a
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.144.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-144-100.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:34 GMT
last-modified: Wed, 30 Dec 2020 14:34:46 GMT
server: nginx
accept-ranges: bytes
etag: "5fec9006-23"
content-length: 35
content-type: image/gif

GET
H/1.1 200
OK anyclip-logo.png
assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/ 1 KB
2 KB 36ms
23ms Image
image/png 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/anyclip-logo.png
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash: a9face165b5af8cc8cd1aef61858dc946c4296ee34ef63790747394d4f25c38b

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 21:47:34 GMT
Age: 8441
Connection: keep-alive
Content-Length: 1316
x-amz-id-2: N/VDY41NRXTx/nPQAv9dDCcMACdcAIt2Fm18wi1xCY9RUyh4EgW+SPCtCrkLkstP59oOzMRV7GM=
Last-Modified: Thu, 20 Dec 2018 13:30:18 GMT
Server: AmazonS3
x-amz-request-id: BB40BB343D4078AE
Access-Control-Allow-Origin: *
Expires: Mon, 26 Apr 2021 23:26:53 GMT
Cache-Control: public,max-age=14400
x-amz-version-id: OklAUkiF01qvm0z5Jbxqbgl4N5mndRTg
Accept-Ranges: bytes
Content-Type: image/png
X-LLID: 31e3087bab69a7c8e98d03ec44f83e92
x-amz-meta-s3b-last-modified: 20180812T120014Z

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 105ms
103ms Image
image/gif 52.70.144.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=1008&val=780&wnx=0&abc=&ty=psw&v=0&ext=0&ta=1&lnx=0&sid=Osi3mNltXbV876WpjDifDXJ67ql8zdhQ&pid=bangordailynewscom&wid=0011r00002SRK6m_6242&pt=a
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.144.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-144-100.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:34 GMT
last-modified: Wed, 30 Dec 2020 14:34:46 GMT
server: nginx
accept-ranges: bytes
etag: "5fec9006-23"
content-length: 35
content-type: image/gif

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 106ms
104ms Image
image/gif 52.70.144.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=1009&val=439&wnx=0&abc=&ty=psh&v=0&ext=0&ta=1&lnx=0&sid=Osi3mNltXbV876WpjDifDXJ67ql8zdhQ&pid=bangordailynewscom&wid=0011r00002SRK6m_6242&pt=a
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.144.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-144-100.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:34 GMT
last-modified: Wed, 30 Dec 2020 14:34:46 GMT
server: nginx
accept-ranges: bytes
etag: "5fec9006-23"
content-length: 35
content-type: image/gif

GET
H3-29 200 js Show response
www.googletagmanager.com/gtag/ 88 KB
35 KB 22ms
20ms Script
application/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-5329647-52&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

80cd6ac0459d15cced43979a151e45593c20956be4852e185727cbace76ea840

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:34 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35813
x-xss-protection: 0
last-modified: Mon, 26 Apr 2021 21:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 26 Apr 2021 21:47:34 GMT

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 376ms
376ms Image
image/gif 52.70.144.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=1026&val=&wnx=0&abc=&ty=cuc&v=0&ext=0&ta=1&lnx=0&sid=Osi3mNltXbV876WpjDifDXJ67ql8zdhQ&pid=bangordailynewscom&wid=0011r00002SRK6m_6242&pt=a
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.144.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-144-100.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:34 GMT
last-modified: Wed, 30 Dec 2020 14:34:46 GMT
server: nginx
accept-ranges: bytes
etag: "5fec9006-23"
content-length: 35
content-type: image/gif

OPTIONS
H2 200 playlist
trafficmanager.anyclip.com/trafficmanager/api/v2/player/ Frame 0
0 314ms
104ms Preflight
text/plain 52.203.28.84
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trafficmanager.anyclip.com/trafficmanager/api/v2/player/playlist?
Protocol: H2
Server: 52.203.28.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://bangordailynews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 26 Apr 2021 21:47:34 GMT
content-type: text/plain
content-length: 24
access-control-allow-origin: https://bangordailynews.com
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-headers: Content-Type
allow: HEAD,POST,GET,OPTIONS

POST
H2 200 playlist Show response
trafficmanager.anyclip.com/trafficmanager/api/v2/player/ 12 KB
3 KB 109ms
108ms Fetch
application/json 52.203.28.84
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trafficmanager.anyclip.com/trafficmanager/api/v2/player/playlist?
Requested by: Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.203.28.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: e36527928f911df99992584d1e7c8969dae2f20e19a4d56b835931a25bfc1d0e

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 26 Apr 2021 21:47:34 GMT
content-encoding: gzip
vary: accept-encoding
access-control-allow-methods: GET,POST
content-type: application/json
access-control-allow-origin: https://bangordailynews.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 375ms
374ms Image
image/gif 52.70.144.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=1027&val=0&wnx=0&abc=&ty=prq&v=0&ext=0&ta=1&lnx=0&sid=Osi3mNltXbV876WpjDifDXJ67ql8zdhQ&pid=bangordailynewscom&wid=0011r00002SRK6m_6242&pt=a
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.144.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-144-100.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:34 GMT
last-modified: Wed, 30 Dec 2020 14:34:46 GMT
server: nginx
accept-ranges: bytes
etag: "5fec9006-23"
content-length: 35
content-type: image/gif

POST
H/1.1 200
OK sr Show response
capi.connatix.com/tr/ Frame B0FE 0
300 B 112ms
112ms XHR
multipart/form-data 3.143.119.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/sr?v=115064
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.143.119.104 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Mon, 26 Apr 2021 21:47:34 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://bangordailynews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 200 3_media.bin Show response
vid.connatix.com/f5c7a599-b259-4238-99b3-be7d14fa0d7e/ Frame B0FE 365 B
498 B 71ms
23ms XHR
application/octet-stream 151.101.14.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/f5c7a599-b259-4238-99b3-be7d14fa0d7e/3_media.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.14.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: bdf1f7ba8a88449f240ab2af46cb4acea2a25cbb6d4eb6747198c7655e518577

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:34 GMT
content-encoding: gzip
last-modified: Thu, 01 Apr 2021 17:55:21 GMT
age: 440558
etag: "ff513ff15ce20eba22146c1d1606a244"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 310

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 2F52 36 KB
13 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:14:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 1993
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Mon, 26 Apr 2021 22:14:21 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 266A
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fbangordailynews.com%2F&cw=1
https://mug.criteo.com/sid?cpp=dKObhnxDNyt6STNuRStaYUtrQk4wRnVYR3dsdlk2NTFLOXYrN1drdnpqbFFFUEJRK2Q4VXRvTi9kYTdBckJzQjg4aXJsOWFJNDBZVk5rMklNSWRJU2NoVUR2V2VYNDhjSXlKRE1VWHh4NkpCMEt1NkVCQnpZL2g1UW5VUE...

355 B
636 B

76ms
22ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=dKObhnxDNyt6STNuRStaYUtrQk4wRnVYR3dsdlk2NTFLOXYrN1drdnpqbFFFUEJRK2Q4VXRvTi9kYTdBckJzQjg4aXJsOWFJNDBZVk5rMklNSWRJU2NoVUR2V2VYNDhjSXlKRE1VWHh4NkpCMEt1NkVCQnpZL2g1UW5VUENmRGtqQUVJN1R6eGVhOENweVJQQlBtRW41c1NmVk9xTmwrcnBZdEY1ZlBRRlhUS0JQdVozSS9nRnhwU09EN29HZGdKdkw1dW5sSW9ocW16UWp0d2VqKzd2ZDl4M1p6c2dUcHltNWtFanRsTVVnWG1CVFBnPXw&cppv=2

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

7714d73fcc1a3b4c32128e054028e81044a98b1830a3609288a1a2e08e1d8783

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Mon, 26 Apr 2021 21:47:33 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2196
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Mon, 26 Apr 2021 21:47:33 GMT
location: https://mug.criteo.com/sid?cpp=dKObhnxDNyt6STNuRStaYUtrQk4wRnVYR3dsdlk2NTFLOXYrN1drdnpqbFFFUEJRK2Q4VXRvTi9kYTdBckJzQjg4aXJsOWFJNDBZVk5rMklNSWRJU2NoVUR2V2VYNDhjSXlKRE1VWHh4NkpCMEt1NkVCQnpZL2g1UW5VUENmRGtqQUVJN1R6eGVhOENweVJQQlBtRW41c1NmVk9xTmwrcnBZdEY1ZlBRRlhUS0JQdVozSS9nRnhwU09EN29HZGdKdkw1dW5sSW9ocW16UWp0d2VqKzd2ZDl4M1p6c2dUcHltNWtFanRsTVVnWG1CVFBnPXw&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://bangordailynews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1676
content-length: 482
expires: 0

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 266A 62 KB
21 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: serv-vdo.pixfuture.com
URL: https://serv-vdo.pixfuture.com/vpaid/ads-iframe.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

941f7cae4a21e86311620e7174e9c7f77c153a29da372b2af0f64fc49aca5a6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "854 / 586 of 1000 / last-modified: 1619472890"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21116
x-xss-protection: 0
expires: Mon, 26 Apr 2021 21:47:34 GMT

GET
H2 200 prebid_4_23.js Show response
cdn.pixfuture.com/ Frame 266A 318 KB
319 KB 25ms
25ms Script
application/javascript 2606:4700:20::ac43:4671
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/prebid_4_23.js
Requested by: Host: serv-vdo.pixfuture.com
URL: https://serv-vdo.pixfuture.com/vpaid/ads-iframe.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4671 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb20b25bccd61ce9602de4ea1a9ceb31f6f65a945ba5da6ed9e91c88486288bd

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:34 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 5784
cf-polished: origSize=326091
cf-bgj: minify
cf-request-id: 09b1bffa2a00004e67f00b9000000001
last-modified: Tue, 02 Feb 2021 20:10:57 GMT
server: cloudflare
etag: W/"6019b1d1-4f9cb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ciXIqNpRfh3WUaWCt9qNXNGg2YZ6j9gfDtkGungEdfA1H3DNfzeA0chJ%2Fnlg%2FEdHFY60BYzXX6YtSldgKMSJZZV5yZUOPVpDdZWJAn%2FGx76q6l7f%2FyOdlJy1Z42qpg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=2678400, no-transform
cf-ray: 646302a37b7a4e67-FRA
expires: Wed, 28 Apr 2021 20:11:07 GMT

POST
H2 200 execute Show response
experience.tinypass.com/xbuilder/experience/ 8 KB
4 KB 207ms
205ms XHR
application/json 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://experience.tinypass.com/xbuilder/experience/execute?aid=U1S2txQ29t

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e7b2f65513824006a79d016b562b1f24f0662cd52886b67afe8665ee6ac21c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Accept: */*
Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Mon, 26 Apr 2021 21:47:34 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 09b1bffa3600004e4a112d3000000001
x-request-id: Cavx6sqrHzt
pragma: no-cache
wn: prod-exp-10-0-133-14
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://bangordailynews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 646302a388ed4e4a-FRA
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK scroll-right.svg
assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/ 645 B
1 KB 24ms
24ms Image
image/svg+xml 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/scroll-right.svg?hash=55977d5a99
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash: 6c73cf3d94d29e498f66facb6891a9be80ef4f5caee6c9b09e6128b167b3c966

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 21:47:34 GMT
Content-Encoding: gzip
Age: 7161
Connection: keep-alive
Content-Length: 403
x-amz-id-2: nLnfk/r/mIXzGPk6s/OAXbdiUorGp0Dst2sOdUesks19NoBk9ZzcrAStbBxZFu6HfLuA3cKNJuI=
Last-Modified: Thu, 09 Aug 2018 13:37:36 GMT
Server: AmazonS3
Vary: Accept-Encoding
x-amz-request-id: 234AAB5878CD704F
Access-Control-Allow-Origin: *
Expires: Mon, 26 Apr 2021 23:48:13 GMT
Cache-Control: public,max-age=14400
x-amz-version-id: LWFiUmbBDbZYtKTcsVUC4L21DxkdHU5h
Accept-Ranges: bytes
Content-Type: image/svg+xml
X-LLID: 57a085e630715ef95e84ffaf1dd1de2e
x-amz-meta-s3b-last-modified: 20180710T071342Z

POST
H/1.1 200
OK ao Show response
capi.connatix.com/tr/ Frame B0FE 0
300 B 112ms
111ms XHR
multipart/form-data 3.143.119.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/ao?v=115064
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.143.119.104 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Mon, 26 Apr 2021 21:47:34 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://bangordailynews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK g Show response
capi.connatix.com/rtb/ Frame B0FE 117 B
407 B 514ms
155ms XHR
multipart/form-data 3.143.119.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/rtb/g?v=115064
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.143.119.104 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ab2e858f7499fcb3d8b72cd2ae160ce6d51a9e5f6f48aaebfd33c732585aae39

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Mon, 26 Apr 2021 21:47:34 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://bangordailynews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 126

POST
H/1.1 200
OK ps Show response
capi.connatix.com/tr/ Frame B0FE 0
300 B 218ms
111ms XHR
multipart/form-data 3.143.119.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/ps?v=115064
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.143.119.104 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Mon, 26 Apr 2021 21:47:34 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://bangordailynews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 200 1_th.jpg
img.connatix.com/f5c7a599-b259-4238-99b3-be7d14fa0d7e/ 7 KB
7 KB 24ms
22ms Image
image/jpeg 151.101.114.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/f5c7a599-b259-4238-99b3-be7d14fa0d7e/1_th.jpg?crop=546:307,smart&width=546&height=307&format=jpeg&quality=60&fit=crop
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.114.137 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e13fd0b97f78a3ae877dca686386bbb70c8b144e1585a02bbb04d1cebec156d5

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:34 GMT
age: 1544194
etag: "K232/qM8Qh2bZ4pKG3SFvfI7wr//GI3a2a/gnBCBQxM"
access-control-max-age: 86400
fastly-io-info: ifsz=9210 idim=375x212 ifmt=jpeg ofsz=7187 odim=375x211 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=31557600
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 7187

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 190ms
190ms Image
image/gif 52.70.144.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=undefined&inx=undefined&rt=1211&val=ad%3Dhttps%253A%252F%252Fvid.springserve.com%252Fvast%252F630417%253Fima%253D4%2526w%253D780%2526h%253D439%2526url%253Dhttps%25253A%25252F%25252Fbangordailynews.com%25252F2021%25252F04%25252F23%25252Fnews%25252Fbangor%25252Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%25252F%2526cb%253D938569572%2526widgetid%253D0011r00002SRK6m_6242%2526lob%253D%2526clipid%253Dundefined%2526key_custom1%253D%255Ew%253D0011r00002SRK6m_6242%255Ec%253Dundefined%255Ei%253D0%255Eab%253D%255Ev%253D0%255Ep%253Dbangordailynewscom%2526key_custom2%253D%255Ed%253Dbangordailynews.com%255Eu%253D%255Edv%253D1%255Eco%253D%255Epl%253Da%2526gdpr%253D%2526consent%253D%2526viewability%253D0%2526schain%253D1.0%252C1%2521anyclip.com%252C0011r00002SRK6mAAH%252C1%252C%252C%252C%252C%2526us_privacy%253D1---%2526domain%253Dbangordailynews.com%26mavs%3D0%26rqcm%3D1%26ast%3D-1%26smb%3D1%26sid%3DOsi3mNltXbV876WpjDifDXJ67ql8zdhQ%26imaw%3D0%26amd%3D1%26sf%3D0&wnx=0&abc=&ty=arq&v=0&ext=0&ta=1&lnx=0&sid=Osi3mNltXbV876WpjDifDXJ67ql8zdhQ&pid=bangordailynewscom&wid=0011r00002SRK6m_6242&pt=a&anx=1&arx=1&crt=0&s=0&aty=vid&tty=ac&rol=mid
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.144.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-144-100.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:34 GMT
last-modified: Wed, 30 Dec 2020 14:34:46 GMT
server: nginx
accept-ranges: bytes
etag: "5fec9006-23"
content-length: 35
content-type: image/gif

GET
H2 200 bangordailynews.min.js Show response
global.proper.io/ 15 KB
5 KB 48ms
26ms Script
application/javascript 2606:4700::6811:4e22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://global.proper.io/bangordailynews.min.js
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4e22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6ab38c80589bb5c0c5a3019da49047c6d1aadcb9feac43450f2d7769d662ace

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 23 Apr 2021 17:02:26 GMT
server: cloudflare
age: 276174
etag: W/"6082fda2-3de8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=300
cf-ray: 646302a418ecd711-FRA
cf-request-id: 09b1bffa8b0000d7111790d000000001
expires: Mon, 26 Apr 2021 21:52:34 GMT

POST
H2 204 impression
trends.revcontent.com/event/ 0
0 37ms
37ms Fetch 54.194.230.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trends.revcontent.com/event/impression
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.230.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Grizzly/2.4.4 /
Resource Hash

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://bangordailynews.com
date: Mon, 26 Apr 2021 21:47:34 GMT
access-control-allow-credentials: true
server: Grizzly/2.4.4
access-control-allow-headers: Content-Type

GET
H2 200 /
img.revcontent.com/ 20 KB
20 KB 73ms
24ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.revcontent.com/?url=https://cdn.revcontent.com/assets/img/full_color.png&static=true
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: c842ab9a59af3f3d62511fdb5488ad527d2193c3371b5561ade4a2a19a8e7062

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:34 GMT
last-modified: Wed, 01 Jul 2020 17:13:25 GMT
etag: "1593623605"
x-hw: 1619473654.cds004.fr8.hn,1619473654.cds260.fr8.c
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 20438

GET
H2 200 rc-logo.png
cdn.revcontent.com/assets/img/ 4 KB
4 KB 72ms
27ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revcontent.com/assets/img/rc-logo.png
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 66e0312cb1c8f068831abec6de6c5c6e8e7b6134881cc245c3fd99744619aec1

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:34 GMT
last-modified: Mon, 26 Apr 2021 16:17:17 GMT
etag: "1619453837"
x-hw: 1619473654.cds159.fr8.hn,1619473654.cds130.fr8.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=72845
accept-ranges: bytes
content-length: 4298

GET
H3-29 200 pubads_impl_2021042101.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 266A 301 KB
106 KB 31ms
31ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042101.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

59c35f54d601301c5ad4ac4d92d0d60f8c09e264cafe2e61a756c059889b6da9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 21 Apr 2021 08:38:12 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108325
x-xss-protection: 0
expires: Mon, 26 Apr 2021 21:47:34 GMT

GET
H/1.1 200
OK req_demand.php Show response
serv-vdo.pixfuture.com/www/delivery/ Frame 266A 0
579 B 109ms
108ms Script
text/html 204.48.28.205
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://serv-vdo.pixfuture.com/www/delivery/req_demand.php?script=videoAds:&bidders=pubmatic,synacormedia,openx,gumgum,spotx,sonobi,smartadserver,33across,oneVideo,conversant,appnexus,districtm&zoneid=11
Requested by: Host: serv-vdo.pixfuture.com
URL: https://serv-vdo.pixfuture.com/vpaid/ads-iframe.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.48.28.205 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 21:47:34 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Wed, 28 Apr 2021 21:47:34 GMT

OPTIONS
H3-29 200 114
api-esp.piano.io/tracker/lucid/visit/ Frame 0
0 127ms
126ms Preflight 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/tracker/lucid/visit/114?story_url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&visitor=dj1jrpqtqoftim7z

Protocol

H3-29

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://bangordailynews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 26 Apr 2021 21:47:34 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://bangordailynews.com
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-max-age: 36000
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-tq-node: x
strict-transport-security: max-age=60; includeSubDomains
cf-cache-status: DYNAMIC
cf-request-id: 09b1bffad900004db2c2a76000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 646302a48ea34db2-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3-29 200 114 Show response
api-esp.piano.io/tracker/lucid/visit/ 65 B
712 B 139ms
139ms XHR
application/json 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: c0.wp.com
URL: https://c0.wp.com/c/5.7.1/wp-includes/js/jquery/jquery.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

86d709ed3d0fa7661628cccb805bd44c2ca985af4bc07a9a0f0576f633fae69c

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Mon, 26 Apr 2021 21:47:34 GMT
content-encoding: gzip
x-tq-node: x
cf-cache-status: DYNAMIC
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=60; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09b1bffb5800002ba1ea1a2000000001
server: cloudflare
etag: W/"41-3E+ZILML/FQvzJpZDfkXVxA0uz0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bangordailynews.com
vary: Accept-Encoding, X-HTTP-Method-Override
access-control-allow-credentials: true
cf-ray: 646302a55d1a2ba1-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token

GET
H3-29 200 iframeResizer.min.js Show response
api-esp.piano.io/public/sdk/vx/lib/iframeResizer/ 11 KB
5 KB 22ms
22ms Script
application/javascript 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/public/sdk/vx/lib/iframeResizer/iframeResizer.min.js?v=vd.1.63.3.13-2b559ec&p=114

Requested by

Host: api-esp.piano.io
URL: https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5b874cb5c9f3a822335797b9ce5ef7a08fc29ec8e14d84c5662d41745e24b12

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:34 GMT
content-encoding: gzip
x-tq-node: x
cf-cache-status: HIT
age: 35291
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=60; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09b1bffada00002ba1ad123000000001
last-modified: Wed, 21 Apr 2021 11:16:56 GMT
server: cloudflare
etag: W/"2e2f-178f425b840"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: api-esp.piano.io
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 646302a48bfe2ba1-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Tue, 26 Apr 2022 21:47:34 GMT

GET
H3-29 200 state-machine.min.js Show response
api-esp.piano.io/public/sdk/vx/lib/state-machine/ 4 KB
2 KB 23ms
22ms Script
application/javascript 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/public/sdk/vx/lib/state-machine/state-machine.min.js?v=vd.1.63.3.13-2b559ec&p=114

Requested by

Host: api-esp.piano.io
URL: https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22397b41dbe5333180c07d20dbc2d3dac3742e1e1cd2cbeb9fc3126d9a249b51

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:34 GMT
content-encoding: gzip
x-tq-node: x
cf-cache-status: HIT
age: 35291
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=60; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09b1bffada00002ba1ff8d0000000001
last-modified: Wed, 21 Apr 2021 11:16:56 GMT
server: cloudflare
etag: W/"f2a-178f425b840"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: api-esp.piano.io
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 646302a49bff2ba1-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Tue, 26 Apr 2022 21:47:34 GMT

GET
H3-29 200 displayer.js Show response
api-esp.piano.io/public/sdk/vx/widgets/base/ 16 KB
5 KB 19ms
18ms Script
application/javascript 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/public/sdk/vx/widgets/base/displayer.js?v=vd.1.63.3.13-2b559ec&p=114

Requested by

Host: api-esp.piano.io
URL: https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b3f47c88cda76867aaf6d622b230307763d73eb759601b447b2c4deb912904f

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:34 GMT
content-encoding: gzip
x-tq-node: x
cf-cache-status: HIT
age: 35291
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=60; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09b1bffada00002ba1ec913000000001
last-modified: Wed, 21 Apr 2021 11:16:56 GMT
server: cloudflare
etag: W/"8abb-178f425b840"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: api-esp.piano.io
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 646302a49c002ba1-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Tue, 26 Apr 2022 21:47:34 GMT

GET
H3-29 200 displayer.js Show response
api-esp.piano.io/public/sdk/vx/widgets/embedded/ 2 KB
2 KB 28ms
28ms Script
application/javascript 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/public/sdk/vx/widgets/embedded/displayer.js?v=vd.1.63.3.13-2b559ec&p=114

Requested by

Host: api-esp.piano.io
URL: https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61c08be466a49ad1612b95a5d57048744ba6490a0a0a4ff0bafe302ef51dd3a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:34 GMT
content-encoding: gzip
x-tq-node: x
cf-cache-status: HIT
age: 35291
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=60; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09b1bffada00002ba1c1981000000001
last-modified: Wed, 21 Apr 2021 11:16:56 GMT
server: cloudflare
etag: W/"19c7-178f425b840"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: api-esp.piano.io
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 646302a49c012ba1-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Tue, 26 Apr 2022 21:47:34 GMT

GET
H2 200 latest.js Show response
global.proper.io/payloads/ 319 KB
81 KB 39ms
39ms Script
application/javascript 2606:4700::6811:4e22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://global.proper.io/payloads/latest.js
Requested by: Host: global.proper.io
URL: https://global.proper.io/bangordailynews.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4e22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35093baf103e71966e4a720b9f6785024df6ac9be544e6411c696b438957b74b

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Jan 2021 15:33:24 GMT
server: cloudflare
age: 3026713
etag: W/"5fff12c4-4fbd6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=300
cf-ray: 646302a4a98ed711-FRA
cf-request-id: 09b1bffae80000d71146856000000001
expires: Mon, 26 Apr 2021 21:52:34 GMT

GET
H2 200 show Show response
buy.tinypass.com/checkout/offer/ Frame 6FB0 3 MB
2 MB 185ms
185ms Document
text/html 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=%23piano-bottom&templateId=OT4SMJA264JI&offerId=OFTT8RQJHOEV&formNameByTermId=%7B%7D&hideCompletedFields=true&showCloseButton=false&experienceId=EXTQ1E06385B&activeMeters=%5B%7B%22meterName%22%3A%22MeteredExperience%22%2C%22views%22%3A1%2C%22viewsLeft%22%3A2%2C%22maxViews%22%3A3%2C%22totalViews%22%3A1%7D%5D&widget=offer&iframeId=offer-0-gEtWl&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=U1S2txQ29t&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=570d7dd7a9

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

323f943895e805f04f271088b7b68b235526666436ce7e1da3076aa8cd8fbe6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Xss-Protection	0

Request headers

:method: GET
:authority: buy.tinypass.com
:scheme: https
:path: /checkout/offer/show?displayMode=inline&containerSelector=%23piano-bottom&templateId=OT4SMJA264JI&offerId=OFTT8RQJHOEV&formNameByTermId=%7B%7D&hideCompletedFields=true&showCloseButton=false&experienceId=EXTQ1E06385B&activeMeters=%5B%7B%22meterName%22%3A%22MeteredExperience%22%2C%22views%22%3A1%2C%22viewsLeft%22%3A2%2C%22maxViews%22%3A3%2C%22totalViews%22%3A1%7D%5D&widget=offer&iframeId=offer-0-gEtWl&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=U1S2txQ29t&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=570d7dd7a9
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bangordailynews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://bangordailynews.com/

Response headers

date: Mon, 26 Apr 2021 21:47:34 GMT
content-type: text/html;charset=UTF-8
access-control-allow-methods: *
access-control-allow-origin: https://dashboard.piano.io
cache-control: no-cache, no-store, must-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NON DSP COR OUR IND"
pragma: no-cache
server-time: 0.007
set-cookie: ch_sid=5NOUkoLx0B3OdfJ;Version=1;Domain=.tinypass.com;Path=/;Max-Age=3600;Secure;SameSite=None LANG=en_US;Version=1;Domain=.tinypass.com;Path=/;Max-Age=2592000;Secure;SameSite=None __cflb=02DiuHCYe3gAA7tKYXZHc1Kjp8tYqQh4cxEvVkzgvCmCp; SameSite=Lax; path=/; expires=Tue, 27-Apr-21 20:47:34 GMT; HttpOnly
strict-transport-security: max-age=60; includeSubDomains
vary: accept-encoding
wn: prod-dash-10-0-121-63
x-forwarded-https: on
x-request-id: Cavx6sqPhbd
x-xss-protection: 0
cf-cache-status: DYNAMIC
cf-request-id: 09b1bffb4700004e4a3d099000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 646302a53baa4e4a-FRA
content-encoding: br

POST
H3-29 200 /
www.facebook.com/tr/ 0
15 B 6ms
6ms Ping
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarya7JfrLEe9EAegVOU

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Mon, 26 Apr 2021 21:47:34 GMT
content-type: text/plain
access-control-allow-origin: https://bangordailynews.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 24ms
8ms Script
application/javascript 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8000d797097e74bfff377d2f3fca7e046ee4490ea4edb70c2c0b189575847629

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:34 GMT
content-encoding: gzip
etag: "9iaPKZLFg6XYoMRMhilE8g=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Mon, 03 May 2021 21:47:34 GMT

GET
H/1.1 200
OK 1619104036829_852x480_thumbnail.jpg
cdn5.anyclip.com/GWgZ-ngBS4c3fdCU5nse/ 154 KB
154 KB 87ms
23ms Image
image/jpeg 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn5.anyclip.com/GWgZ-ngBS4c3fdCU5nse/1619104036829_852x480_thumbnail.jpg?wid=0011r00002SRK6m_6242
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash: 6d8673cdf4ca9648f88a93ef5e7286ba32b6f777ccb7a82eae62b6a95af3d51b

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 21:47:34 GMT
Last-Modified: Thu, 22 Apr 2021 15:07:17 GMT
Server: AmazonS3
Age: 2173
x-amz-id-2: UdJr/E0AHniEpgyYd1wnE1sJheFmOLox1vnU5bEu7JTD9VnEMKkkGEhtlHaydBpesF6S4m3x5gE=
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=86400
Content-Length: 157301
Connection: keep-alive
Accept-Ranges: bytes
x-amz-request-id: 96M6NWX662TSMSYY
X-LLID: ef7ad35a44fe19daaa648b2fdb958373

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 104ms
103ms Image
image/gif 52.70.144.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=1523&val=%7B%22userAgent%22%3A%7B%22allow%22%3Atrue%2C%22software%22%3A%7B%22nameCode%22%3A%22chrome%22%2C%22ver%22%3A%2289%22%7D%2C%22os%22%3A%7B%22nameCode%22%3A%22windows%22%2C%22ver%22%3A%2210%22%7D%2C%22hw%22%3A%7B%22type%22%3A%22computer%22%2C%22subType%22%3Anull%7D%7D%7D&wnx=0&abc=&ty=prs&v=0&ext=0&ta=1&lnx=0&sid=Osi3mNltXbV876WpjDifDXJ67ql8zdhQ&pid=bangordailynewscom&wid=0011r00002SRK6m_6242&pt=a
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.144.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-144-100.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:34 GMT
last-modified: Wed, 30 Dec 2020 14:34:46 GMT
server: nginx
accept-ranges: bytes
etag: "5fec9006-23"
content-length: 35
content-type: image/gif

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 104ms
104ms Image
image/gif 52.70.144.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=1524&val=0&wnx=0&abc=&ty=pll&v=0&ext=0&ta=1&lnx=0&sid=Osi3mNltXbV876WpjDifDXJ67ql8zdhQ&pid=bangordailynewscom&wid=0011r00002SRK6m_6242&pt=a
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.144.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-144-100.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:34 GMT
last-modified: Wed, 30 Dec 2020 14:34:46 GMT
server: nginx
accept-ranges: bytes
etag: "5fec9006-23"
content-length: 35
content-type: image/gif

GET
H/1.1 200
OK 1619104036758_248x140_thumbnail.jpg
cdn5.anyclip.com/GWgZ-ngBS4c3fdCU5nse/ 21 KB
22 KB 70ms
23ms Image
image/jpeg 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn5.anyclip.com/GWgZ-ngBS4c3fdCU5nse/1619104036758_248x140_thumbnail.jpg?wid=0011r00002SRK6m_6242
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash: c1c45358e23710e17cc8f7efdc30edfa2ab217cbb843f445b39921eaa1ae530e

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 21:47:34 GMT
Last-Modified: Thu, 22 Apr 2021 15:07:17 GMT
Server: AmazonS3
Age: 7438
x-amz-id-2: ZV3md2h0A+nHtq3mZw1yqGDA3KEO3vPiaVH+DyeN1BRxwQAOm6NleesGrfWs0lpPjYegVgqKoNo=
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=86400
Content-Length: 21852
Connection: keep-alive
Accept-Ranges: bytes
x-amz-request-id: WP7BKX5XZX6119JK
X-LLID: f7d2b4c14a9193f72df15b47a709a01b

GET
H/1.1 200
OK 1618905797651_248x140_thumbnail.jpg
cdn5.anyclip.com/8T9M7ngBxQuMbRQg72pX/ 20 KB
21 KB 72ms
24ms Image
image/jpeg 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn5.anyclip.com/8T9M7ngBxQuMbRQg72pX/1618905797651_248x140_thumbnail.jpg?wid=0011r00002SRK6m_6242
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash: 01a8d3f4c7e0263845c2480b92812b0c50b72123c8e2bdeb5ac594ffb9a6679c

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 21:47:34 GMT
Last-Modified: Tue, 20 Apr 2021 08:03:18 GMT
Server: AmazonS3
Age: 9765
x-amz-id-2: D9I1CzxABc2OsW997/zFIQpG6YDWH8QjkPt1it2Zas05XAgZtnLLO6UA7Oh23MN39wWVUCXh744=
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=86400
Content-Length: 20531
Connection: keep-alive
Accept-Ranges: bytes
x-amz-request-id: 799MTSQSZGJ1MD6H
X-LLID: 17581a6a05a2ca6057f8dfd2a9e8a01f

GET
H/1.1 200
OK 1619026651087_248x140_thumbnail.jpg
cdn5.anyclip.com/EFNv9XgBS4c3fdCUKLu7/ 8 KB
8 KB 71ms
23ms Image
image/jpeg 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn5.anyclip.com/EFNv9XgBS4c3fdCUKLu7/1619026651087_248x140_thumbnail.jpg?wid=0011r00002SRK6m_6242
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash: b2662757e77781a39210c37b7a5abc104e460d682416f70584b6eb19dfbdea67

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 21:47:34 GMT
Last-Modified: Wed, 21 Apr 2021 17:37:32 GMT
Server: AmazonS3
Age: 53967
x-amz-id-2: WfVVvr+lcVwcs/NKlbXSa5fhx6wzw01TEgr2lHWtCPoi5k6LRHfPu4iwBuxP8aJdbXPpCj27xtg=
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=86400
Content-Length: 7902
Connection: keep-alive
Accept-Ranges: bytes
x-amz-request-id: 8M2T9YESYP0KFNAM
X-LLID: 1c75200d4d12402c0ddead36cdd68a8c

GET
H/1.1 200
OK 1619449640509_248x140_thumbnail.jpg
cdn5.anyclip.com/BaC0DnkBc_W7xeGl6DPY/ 17 KB
18 KB 98ms
24ms Image
image/jpeg 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn5.anyclip.com/BaC0DnkBc_W7xeGl6DPY/1619449640509_248x140_thumbnail.jpg?wid=0011r00002SRK6m_6242
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash: d5b949958171ec2adc2c5b926aa13d7a8db03067efe7a65844aabdac707074f0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 21:47:34 GMT
Last-Modified: Mon, 26 Apr 2021 15:07:21 GMT
Server: AmazonS3
Age: 2173
x-amz-id-2: rMV3WhCWUSxn6CMMFEGgOhHX0EApk5QQaXCMb5CMWc9Tnyz2FBnPSxTiQf2sKR2I5vvYjzUsnaE=
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=86400
Content-Length: 17827
Connection: keep-alive
Accept-Ranges: bytes
x-amz-request-id: F2MQW5C9BH4BHFJM
X-LLID: 505c9866c901fc52bc358515aa2335eb

GET
H/1.1 200
OK 1617729410172_210x140_thumbnail.jpg
cdn5.anyclip.com/1rovqHgBi_HOy6yVe6J9/ 13 KB
14 KB 108ms
23ms Image
image/jpeg 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn5.anyclip.com/1rovqHgBi_HOy6yVe6J9/1617729410172_210x140_thumbnail.jpg?wid=0011r00002SRK6m_6242
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash: 90a6c1119e64439672d3060b7a67c8387a236515704fdae29ed9ea534e2eeedf

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 21:47:34 GMT
Last-Modified: Tue, 06 Apr 2021 17:16:51 GMT
Server: AmazonS3
Age: 82177
x-amz-id-2: n8sukG1M8TTD+EsKB2TR2KQilOozbhWRB/YCV6uzv1T2C4Pu0p1vrlecAwgNwgGv83Zyo6/oktM=
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=86400
Content-Length: 13624
Connection: keep-alive
Accept-Ranges: bytes
x-amz-request-id: 0SW7JK7F28004YCC
X-LLID: b7e4a1dde643769e7a17c02c50ecd963

GET
H2 200 e4596a5f2ba98ef1f0e097bf016cb191.png
images.revcontent.com/revcontent/image/fetch/f_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ 5 KB
5 KB 77ms
31ms Image
image/webp 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/e4596a5f2ba98ef1f0e097bf016cb191.png

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

a81ac9c01d11b5ff2ba40cf04af8ed6a38c341044b9bfc659d93211454ba9380

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:34 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="e4596a5f2ba98ef1f0e097bf016cb191.webp"
server-timing: fastly;dur=1;cpu=0;start=2021-03-04T06:48:04.286Z;desc=hit,rtt;dur=0
content-length: 5040
last-modified: Wed, 03 Mar 2021 19:20:24 GMT
server: Cloudinary
etag: "810e855ad9d96ac5c62ba507e0033a2e"
vary: Accept
x-hw: 1619473654.cds103.fr8.hn,1619473654.cds101.fr8.c
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 15607864980674604554.jpg
images.revcontent.com/revcontent/image/fetch/f_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ 7 KB
7 KB 60ms
31ms Image
image/webp 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/15607864980674604554.jpg

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

d225211fdc556dd164992c9b3fc91e398f326ff6fe42159a04291bb45f475b42

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:34 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="15607864980674604554.webp"
server-timing: fastly;dur=1;cpu=0;start=2021-03-15T08:00:51.055Z;desc=hit,rtt;dur=0
content-length: 6656
last-modified: Mon, 12 Oct 2020 18:14:31 GMT
server: Cloudinary
etag: "0991843435281f170e89e48db4aa2ca1"
vary: Accept
x-hw: 1619473654.cds103.fr8.hn,1619473654.cds215.fr8.c
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 5f3d542c56d5b8-06589581.jpg
images.revcontent.com/revcontent/image/fetch/f_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ 8 KB
8 KB 61ms
35ms Image
image/webp 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/5f3d542c56d5b8-06589581.jpg

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

38f4cafad6d235a057eb945e6f6e0cc55bb1a34eb0a3c77acc216df43db1221d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:34 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="5f3d542c56d5b8-06589581.webp"
server-timing: fastly;dur=173;cpu=0;start=2021-01-03T00:29:24.621Z;desc=miss,rtt;dur=0,cloudinary;dur=78;start=2021-01-03T00:29:24.670Z
content-length: 8054
last-modified: Mon, 12 Oct 2020 18:14:22 GMT
server: Cloudinary
etag: "28b8567a2130173955993ca4a1c26751"
vary: Accept
x-hw: 1619473654.cds103.fr8.hn,1619473654.cds157.fr8.c
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 15736069171991530246.jpg
images.revcontent.com/revcontent/image/fetch/f_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ 6 KB
7 KB 69ms
45ms Image
image/webp 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/15736069171991530246.jpg

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

aae052537cca186d41aba50426e6215456365c53c57b6c019c1a355bb2f1c328

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:34 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="15736069171991530246.webp"
server-timing: fastly;dur=1;cpu=0;start=2021-04-19T11:05:38.393Z;desc=hit,rtt;dur=0
content-length: 6562
last-modified: Mon, 12 Oct 2020 18:14:29 GMT
server: Cloudinary
etag: "67b1caa9b82537c0bb5af2a16637d3ba"
vary: Accept
x-hw: 1619473654.cds103.fr8.hn,1619473654.cds287.fr8.c
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK 1619103769277_subtitles.vtt Show response
cdn5.anyclip.com/GWgZ-ngBS4c3fdCU5nse/cc/EN/ 3 KB
4 KB 320ms
24ms XHR
application/octet-stream 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn5.anyclip.com/GWgZ-ngBS4c3fdCU5nse/cc/EN/1619103769277_subtitles.vtt
Requested by: Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash: 0595e7d433e3e142736ce98a4df9b8193ee226f392dcb7d8ed6291def1bd970a

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 21:47:35 GMT
Last-Modified: Thu, 22 Apr 2021 15:02:50 GMT
Server: AmazonS3
Age: 47568
x-amz-id-2: pwjebJ1+cFsUTNmwVGgnpyAIq699T5YZQYnTf5eN1+l9fhu3oH3Lr0PJzNH30uOpX7knCfdFwLo=
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=86400
Content-Length: 3576
Connection: keep-alive
Accept-Ranges: bytes
x-amz-request-id: 6FYH6C4GWD3GR9GK
X-LLID: df11a6d9b63f4bf6629f188293c32b07

GET
H/1.1 200
OK watch.svg
assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/ 364 B
982 B 24ms
23ms Image
image/svg+xml 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/watch.svg?hash=55977d5a99
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash: 67386f7f6c11079518c59fdca44b5a6c5b17f4b8cda8ead4e993f3b2dfda0e5d

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 21:47:34 GMT
Content-Encoding: gzip
Age: 12585
x-amz-meta-sha256: 67386f7f6c11079518c59fdca44b5a6c5b17f4b8cda8ead4e993f3b2dfda0e5d
Connection: keep-alive
Content-Length: 245
x-amz-id-2: 2nGMXII0jg7YAkO3jU84XMesq35GbzJUyaLc24gp3i1+Or8LOhiV8RiCVaoYVCN0E/cyPX8iy3Y=
Last-Modified: Tue, 04 Aug 2020 10:39:53 GMT
Server: AmazonS3
Vary: Accept-Encoding
x-amz-request-id: F5D829359B29FCE1
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=14400
x-amz-meta-s3b-last-modified: 20200804T103752Z
x-amz-version-id: jJ7plitpaP9q57Aey2ETnqu6JQKZQWu3
Accept-Ranges: bytes
Content-Type: image/svg+xml
X-LLID: a2904ae3ee8c163618537a81fbf2579d
Expires: Mon, 26 Apr 2021 22:17:49 GMT

GET
H/1.1 200
OK like.svg
assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/ 401 B
1 KB 23ms
22ms Image
image/svg+xml 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/like.svg?hash=55977d5a99
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash: 453e9cc6fc295196d8914da9858a388ce58a1dcb9b033aab9037aa2badbbc0d9

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 21:47:34 GMT
Content-Encoding: gzip
Age: 12587
x-amz-meta-sha256: 453e9cc6fc295196d8914da9858a388ce58a1dcb9b033aab9037aa2badbbc0d9
Connection: keep-alive
Content-Length: 287
x-amz-id-2: YJwcVjjXEYHrgbfUQ0ZprM+hynZGigUcRCrQAb35V3o7TeudfG+54d8Yf0o2jYAbR1wWkA0is7Y=
Last-Modified: Tue, 04 Aug 2020 10:39:58 GMT
Server: AmazonS3
Vary: Accept-Encoding
x-amz-request-id: 9ZAG8KANCKER4H5Y
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=14400
x-amz-meta-s3b-last-modified: 20200804T103803Z
x-amz-version-id: AgMuGLHw2p4hvvpUt5__8K6ZhGhprdTJ
Accept-Ranges: bytes
Content-Type: image/svg+xml
X-LLID: 57170e714a5ad1275bb9c1b933951ed8
Expires: Mon, 26 Apr 2021 22:17:47 GMT

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 103ms
103ms Image
image/gif 52.70.144.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=i5lwowrnnztueuzummzwmzcdku2w443f&inx=0&rt=1581&val=&wnx=1&abc=&ty=pli&v=0&ext=0&ta=1&lnx=0&sid=Osi3mNltXbV876WpjDifDXJ67ql8zdhQ&pid=bangordailynewscom&wid=0011r00002SRK6m_6242&pt=a
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.144.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-144-100.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:34 GMT
last-modified: Wed, 30 Dec 2020 14:34:46 GMT
server: nginx
accept-ranges: bytes
etag: "5fec9006-23"
content-length: 35
content-type: image/gif

GET
H2 200 rules-p-mEzuYq24VEJ-3.js Show response
rules.quantcount.com/ 3 B
428 B 119ms
37ms Script
application/javascript 2600:9000:20c8:6400:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-mEzuYq24VEJ-3.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c8:6400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:17:47 GMT
via: 1.1 e9e9ef2b004f5c4a430ab05e0f919051.cloudfront.net (CloudFront)
age: 1787
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 02:39:21 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-pop: MAD50-C1
accept-ranges: bytes
x-amz-cf-id: JF3LHXwLrkZWTsGYURZ15W8T6BuWRaBppXBQFZOQSv2qk1OsNr31-w==

GET
H2 200 checkout.bundle.1.1.css
buy.tinypass.com/widget/dist/checkout/css/ Frame 6FB0 308 KB
47 KB 39ms
38ms Stylesheet
text/css 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/widget/dist/checkout/css/checkout.bundle.1.1.css

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=%23piano-bottom&templateId=OT4SMJA264JI&offerId=OFTT8RQJHOEV&formNameByTermId=%7B%7D&hideCompletedFields=true&showCloseButton=false&experienceId=EXTQ1E06385B&activeMeters=%5B%7B%22meterName%22%3A%22MeteredExperience%22%2C%22views%22%3A1%2C%22viewsLeft%22%3A2%2C%22maxViews%22%3A3%2C%22totalViews%22%3A1%7D%5D&widget=offer&iframeId=offer-0-gEtWl&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=U1S2txQ29t&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=570d7dd7a9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d16d5e3a0aff3f3b11fb37c313e172797ff9e25f4298537beb8bb58038f81424

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=%23piano-bottom&templateId=OT4SMJA264JI&offerId=OFTT8RQJHOEV&formNameByTermId=%7B%7D&hideCompletedFields=true&showCloseButton=false&experienceId=EXTQ1E06385B&activeMeters=%5B%7B%22meterName%22%3A%22MeteredExperience%22%2C%22views%22%3A1%2C%22viewsLeft%22%3A2%2C%22maxViews%22%3A3%2C%22totalViews%22%3A1%7D%5D&widget=offer&iframeId=offer-0-gEtWl&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=U1S2txQ29t&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=570d7dd7a9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:34 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1667
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 09b1bffc0700004e4a5bb76000000001
wn: prod-dash-10-0-86-80
last-modified: Fri, 23 Apr 2021 17:49:06 GMT
server: cloudflare
etag: W/"315098-1619200146000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
content-type: text/css
server-time: 0.000
cache-control: public, max-age=7200
cf-ray: 646302a67e264e4a-FRA
expires: Mon, 26 Apr 2021 23:47:34 GMT

GET
H2 200 platform-translation-map_en_US.js Show response
buy.tinypass.com/ng/common/i18n/ Frame 6FB0 47 KB
9 KB 48ms
47ms Script
application/javascript 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/ng/common/i18n/platform-translation-map_en_US.js?version=12.167.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f958dca7921982c0e587c0606cf48887865fea588a623bdab97a33211c74726

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=%23piano-bottom&templateId=OT4SMJA264JI&offerId=OFTT8RQJHOEV&formNameByTermId=%7B%7D&hideCompletedFields=true&showCloseButton=false&experienceId=EXTQ1E06385B&activeMeters=%5B%7B%22meterName%22%3A%22MeteredExperience%22%2C%22views%22%3A1%2C%22viewsLeft%22%3A2%2C%22maxViews%22%3A3%2C%22totalViews%22%3A1%7D%5D&widget=offer&iframeId=offer-0-gEtWl&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=U1S2txQ29t&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=570d7dd7a9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:34 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: HIT
age: 37672
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 09b1bffc0800004e4a5a1f5000000001
wn: prod-dash-10-0-133-192
last-modified: Fri, 23 Apr 2021 16:25:20 GMT
server: cloudflare
etag: W/"48411-1619195120000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
content-type: application/javascript;charset=UTF-8
server-time: 0.001
cache-control: public, max-age=86400
cf-ray: 646302a67e284e4a-FRA
expires: Tue, 27 Apr 2021 21:47:34 GMT

GET
H2 200 H4sIAAAAAAAAAD3ISQrAIAwAwA_VBD31N8Ul2NgQoYn0-715GwY_bp0cG5tjvak-czkO24aytAmBcL_9QOFimLUvyW-IkCAl5HjqPpk1C12kYRkM-wFw5y1kYAAAAA Show response
buy.tinypass.com/_sam/ Frame 6FB0 553 KB
160 KB 78ms
77ms Script
text/javascript 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3ISQrAIAwAwA_VBD31N8Ul2NgQoYn0-715GwY_bp0cG5tjvak-czkO24aytAmBcL_9QOFimLUvyW-IkCAl5HjqPpk1C12kYRkM-wFw5y1kYAAAAA?compressed=true&v=12.167.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a10e468908f0836c577b2231649534f718e802fb941221bf488a6f8fcef5d186

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=%23piano-bottom&templateId=OT4SMJA264JI&offerId=OFTT8RQJHOEV&formNameByTermId=%7B%7D&hideCompletedFields=true&showCloseButton=false&experienceId=EXTQ1E06385B&activeMeters=%5B%7B%22meterName%22%3A%22MeteredExperience%22%2C%22views%22%3A1%2C%22viewsLeft%22%3A2%2C%22maxViews%22%3A3%2C%22totalViews%22%3A1%7D%5D&widget=offer&iframeId=offer-0-gEtWl&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=U1S2txQ29t&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=570d7dd7a9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:34 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 1616
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 09b1bffc0800004e4a36139000000001
wn: prod-dash-10-0-124-91
last-modified: Fri, 23 Apr 2021 17:55:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
content-type: text/javascript
server-time: 0.004
cache-control: public, max-age=603184
x-optimized-by: _sam
cf-ray: 646302a67e2b4e4a-FRA
expires: Mon, 03 May 2021 21:20:38 GMT

GET
H2 200 BDN_square_logo.svg
i.piano.io/managedservices/bangor-daily-news/ Frame 6FB0 2 KB
1 KB 69ms
61ms Image
image/svg+xml 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.piano.io/managedservices/bangor-daily-news/BDN_square_logo.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6bd40ddeee3347941e62e54a12e1534a71c45517a8c5f61be6790feb1be4fee9

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:34 GMT
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
age: 2173
x-cache: Hit from cloudfront
content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09b1bffc4900004e313e3e4000000001
last-modified: Wed, 15 Jan 2020 17:32:45 GMT
server: cloudflare
etag: W/"7edd00f9f23e9f6572a677bb121f2d39"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
content-type: image/svg+xml
cache-control: public, max-age=14400
x-amz-cf-pop: FRA6-C1
cf-ray: 646302a6d9514e31-FRA
x-amz-cf-id: kpJl3LOwq89cMO4DLXf_G1UPPO8Z-0Dn-PmCtmTS6nzrlCrLBkUvOg==
expires: Tue, 27 Apr 2021 01:47:34 GMT

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame B0FE 334 KB
114 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d25942b7da85bc7cdb258cdb436227b1de7e3a2b50c61f7d7050eff911f88f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117044
x-xss-protection: 0
expires: Mon, 26 Apr 2021 21:47:34 GMT

GET
H3-29 200 bridge3.453.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame E7D1 570 KB
186 KB 6ms
6ms Document
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03fa924099182c607c33fb7877f50e7de0ae3522e1bcff8f7247ae5e88a2b25b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.453.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bangordailynews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://bangordailynews.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 190793
date: Thu, 22 Apr 2021 15:44:13 GMT
expires: Fri, 22 Apr 2022 15:44:13 GMT
last-modified: Wed, 21 Apr 2021 20:50:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 367401
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame B0FE 44 KB
16 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Mon, 26 Apr 2021 21:47:34 GMT

GET
H2 200 / Show response
lreprx-server.anyclip.com/ Frame FC11 1 KB
2 KB 311ms
102ms XHR
text/xml 34.225.120.49
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://lreprx-server.anyclip.com/?ad=https%3A%2F%2Fvid.springserve.com%2Fvast%2F630417%3Fima%3D4%26w%3D780%26h%3D439%26url%3Dhttps%253A%252F%252Fbangordailynews.com%252F2021%252F04%252F23%252Fnews%252Fbangor%252Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%252F%26cb%3D938569572%26widgetid%3D0011r00002SRK6m_6242%26lob%3D%26clipid%3Dundefined%26key_custom1%3D%5Ew%3D0011r00002SRK6m_6242%5Ec%3Dundefined%5Ei%3D0%5Eab%3D%5Ev%3D0%5Ep%3Dbangordailynewscom%26key_custom2%3D%5Ed%3Dbangordailynews.com%5Eu%3D%5Edv%3D1%5Eco%3D%5Epl%3Da%26gdpr%3D%26consent%3D%26viewability%3D0%26schain%3D1.0%2C1%21anyclip.com%2C0011r00002SRK6mAAH%2C1%2C%2C%2C%2C%26us_privacy%3D1---%26domain%3Dbangordailynews.com&mavs=0&rqcm=1&ast=-1&smb=1&sid=Osi3mNltXbV876WpjDifDXJ67ql8zdhQ&imaw=0&amd=1&sf=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.225.120.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: / Express
Resource Hash: c82a1236ca4bb9ea6ff08cd32e75e3059ba365e60c873ec803fb828e8adb0614

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://imasdk.googleapis.com
date: Mon, 26 Apr 2021 21:47:35 GMT
access-control-allow-credentials: true
x-powered-by: Express
content-length: 1358
etag: W/"54e-U0rM/K+/I7+hHzHmbFYtCuYIMRI"
content-type: text/xml; charset=utf-8

POST
H2 204 generic
trends.revcontent.com/event/ 0
0 36ms
36ms Fetch 54.194.230.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trends.revcontent.com/event/generic
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.230.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Grizzly/2.4.4 /
Resource Hash

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://bangordailynews.com
date: Mon, 26 Apr 2021 21:47:34 GMT
access-control-allow-credentials: true
server: Grizzly/2.4.4
access-control-allow-headers: Content-Type

POST
H2 204 generic
trends.revcontent.com/event/ 0
0 37ms
37ms Fetch 54.194.230.135
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trends.revcontent.com/event/generic
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.194.230.135 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Grizzly/2.4.4 /
Resource Hash

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://bangordailynews.com
date: Mon, 26 Apr 2021 21:47:34 GMT
access-control-allow-credentials: true
server: Grizzly/2.4.4
access-control-allow-headers: Content-Type

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 2F16 36 KB
12 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:14:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 1994
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Mon, 26 Apr 2021 22:14:21 GMT

GET
DATA 200
OK truncated
/ Frame 6FB0 129 KB
129 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3160d60bd35ec46668de0789dd5566aff8a9182ef7896e68ef98550d24211426

Request headers

Origin: https://buy.tinypass.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/font-woff2;charset=utf-8

POST
H2 200 admin-ajax.php Show response
bangordailynews.com/wp-admin/ 63 B
322 B 1229ms
1229ms XHR
application/json 192.0.78.250
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-admin/admin-ajax.php

Requested by

Host: c0.wp.com
URL: https://c0.wp.com/c/5.7.1/wp-includes/js/jquery/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.250 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

08d19de9a8d2d436a8f65e2cfe40c15937761b17d76e77b8edc29529f15b6b2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-fetch-mode: cors
origin: https://bangordailynews.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
x-requested-with: XMLHttpRequest
cookie: advanced_ads_page_impressions=1; FCCDCF=[null,null,["[[],[],[],[],null,null,true]",1619473653291]]; ntv_as_us_privacy=1---; _parsely_session={%22sid%22:1%2C%22surl%22:%22https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/%22%2C%22sref%22:%22%22%2C%22sts%22:1619473653380%2C%22slts%22:0}; _parsely_visitor={%22id%22:%22pid=81e51acc8eb9cf052137836c7bcef971%22%2C%22session_count%22:1%2C%22last_session_ts%22:1619473653380}; _cb_ls=1; _cb=DRMttgC0SoHNlFPW4; _chartbeat2=.1619473653881.1619473653881.1.LXDQSCVvXAKDCo9ywBSr6cM3DkX6.1; _cb_svref=null; __adblocker=false; AMP_TOKEN=%24NOT_FOUND; _ga=GA1.2.67365718.1619473654; _gid=GA1.2.1530301968.1619473654; _ml_id=897f9ce940136859.1619473654.1.1619473654.1619473654; _ml_ses=*; _dc_gtm_UA-5329647-52=1; _fbp=fb.1.1619473654082.1628960792; ac_user_id=ack3e5n5sxagjpp9fe69d77ca4cde48c82e91ee882d446fb2ac6ce8f9c9cc9d9bf97b825a7a977e; _pbjs_userid_consent_data=3524755945110770; _pubcid=68ab0439-5790-4af2-98cf-cbf2a541d44a; __pnahc=0; pnespsdk_ssn=%7B%22%24s%22%3A1619473654484%2C%22visitNumber%22%3A1%7D; pnespsdk_visitor=dj1jrpqtqoftim7z; cto_bidid=OKR9KF9KQk9uZ1lyRlBoT3Fpa24lMkY5MmRuaE1EOTZ2VFdWMDRrcjJCdGhjSjdIeiUyRk9CWENxcnpndlpJTGMlMkY2JTJCSjBic1ByMmVlSXFta0xuSmdBVUZJTnFJJTJGUUElM0QlM0Q; cto_bundle=p8jnAl8xV1pMM3doSVVqR2NxNFMwYXB0QUw2bURaaWJWMHpLZzNGdHdnNkw2WTE2SU1UViUyRmZuVU1YJTJGSUZFZCUyRlVBN2ltdlVreW9hbzBFSDVNbzVRWGZ2QWZwTGVuVUltazQ4JTJCUzVQa0w0anhEUFJPbkh5b0V5T2tvMm9Hd08yWlY0UUI3; __tbc=%7Bjzx%7D8jDEHxOqpL8qr2PEo4tolP-k3tou9WT9XJQFea-VlesqASKSf8oGSDlu0LbPn9jtGHetfHoc4A22KQGL-fqja36vGo1s22ASegeLACnDXhpF6_DagKYJw4NrLP_MX6N9T7yOLjkew0vrrlYWyqoNDA; __pat=-14400000; __pvi=%7B%22id%22%3A%22v-2021-04-26-23-47-33-816-ld4CB3lIXarCdaTe-d2ad19a1efd03d0e145f58606f9b778c%22%2C%22domain%22%3A%22.bangordailynews.com%22%2C%22time%22%3A1619473654569%7D; xbc=%7Bjzx%7Dbu9A7cF1ztcg_QCL7z-SdT1BngLXcmOScO3W8AUljieSA2DWFifdhbc_n54Oiyf8Kh2tw2lUpvkgUyAX0gMfWCbXZgjZ9E_j9m6sDTCT5xJ3-DMxJ5527NeB1BNB2nyb2Axob_YzdqlSngqJMutiujB_EYZNaVLUwi5XzAxEbI_buGftdnygPQMMn118Bn0KD7CS9KDs_-YuALkSpiU9S6OrLQ1N31dgwCVHlyPutnBWBKZK2I4gptvvNFebhsSZ-V2qaPK_9XjFPaQ0jX-dnDYCPmvJnpAGt6S1Nwy_ach8jVPi6mZ1syTdVbNNehP9oILsUujbe9inChsu6BKuyHeH56wX0rZlBwlQI_pJz3E6OYIOZAhtT8SCYf7sqeqfloYxE_VGXXzbYAvDnA5ipw; _pubcid=68ab0439-5790-4af2-98cf-cbf2a541d44a; __pil=en_US
content-length: 26
:path: /wp-admin/admin-ajax.php
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/x-www-form-urlencoded; charset=UTF-8
accept: application/json, text/javascript, */*; q=0.01
cache-control: no-cache
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
host-header: Newspack
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-frame-options: SAMEORIGIN
date: Mon, 26 Apr 2021 21:47:36 GMT
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://bangordailynews.com
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-ac: 5.ams _atomic_ams
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3-29 200 BDN_square_logo.svg
i.piano.io/managedservices/bangor-daily-news/ Frame 6FB0 2 KB
2 KB 25ms
25ms Image
image/svg+xml 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.piano.io/managedservices/bangor-daily-news/BDN_square_logo.svg

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3ISQrAIAwAwA_VBD31N8Ul2NgQoYn0-715GwY_bp0cG5tjvak-czkO24aytAmBcL_9QOFimLUvyW-IkCAl5HjqPpk1C12kYRkM-wFw5y1kYAAAAA?compressed=true&v=12.167.0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6bd40ddeee3347941e62e54a12e1534a71c45517a8c5f61be6790feb1be4fee9

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:35 GMT
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
age: 2174
x-cache: Hit from cloudfront
content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09b1bffdd200002ba1d2362000000001
last-modified: Wed, 15 Jan 2020 17:32:45 GMT
server: cloudflare
etag: W/"7edd00f9f23e9f6572a677bb121f2d39"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
content-type: image/svg+xml
cache-control: public, max-age=14400
x-amz-cf-pop: FRA6-C1
cf-ray: 646302a94b312ba1-FRA
x-amz-cf-id: kpJl3LOwq89cMO4DLXf_G1UPPO8Z-0Dn-PmCtmTS6nzrlCrLBkUvOg==
expires: Tue, 27 Apr 2021 01:47:35 GMT

GET
DATA 200
OK truncated
/ Frame 6FB0 91 KB
91 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eeab69fe0fb6bd777609e74ee6e777f6f2aadef3cd2a3e11f5177e04a09eca5a

Request headers

Origin: https://buy.tinypass.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/font-woff2;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 6FB0 58 KB
58 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1711edcf9f24fffab7f631a0f721dd91bccc3d72217d13b67e01de9245481ecb

Request headers

Origin: https://buy.tinypass.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/font-woff2;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 6FB0 129 KB
129 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d3154353d46d52fb4f4b3ca5832d8f0d30ca387dc03d1d754b8dc3404facde06

Request headers

Origin: https://buy.tinypass.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/font-woff2;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 6FB0 68 KB
68 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 15545d12a24bc9e8a8f459860336b85734f18632692e5bbc1b79982a4a28bdb3

Request headers

Origin: https://buy.tinypass.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/font-woff2;charset=utf-8

POST
H2 200 trackShow Show response
buy.tinypass.com/checkout/offer/ Frame 6FB0 1 KB
1 KB 130ms
130ms XHR
application/json 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/checkout/offer/trackShow

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf703578eb834003b0842361af8dc657656357cad0843d4871d484fa9c7b8bbd

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
Ng-Request: 1
Referer: https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=%23piano-bottom&templateId=OT4SMJA264JI&offerId=OFTT8RQJHOEV&formNameByTermId=%7B%7D&hideCompletedFields=true&showCloseButton=false&experienceId=EXTQ1E06385B&activeMeters=%5B%7B%22meterName%22%3A%22MeteredExperience%22%2C%22views%22%3A1%2C%22viewsLeft%22%3A2%2C%22maxViews%22%3A3%2C%22totalViews%22%3A1%7D%5D&widget=offer&iframeId=offer-0-gEtWl&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=U1S2txQ29t&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=570d7dd7a9
X-Requested-With: XMLHttpRequest
Piano-request-without-spinner: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Mon, 26 Apr 2021 21:47:35 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
x-xss-protection: 0
x-request-id: Cbvx6sqBDJg
pragma: no-cache
wn: prod-dash-10-0-82-240
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
access-control-allow-methods: *
content-type: application/json;charset=utf-8
access-control-allow-origin: https://dashboard.piano.io
cache-control: no-cache, no-store, must-revalidate
server-time: 0.001
cf-request-id: 09b1bffe1500004e4a7132b000000001
cf-ray: 646302a9bbca4e4a-FRA
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 performanceMetrics Show response
buy.tinypass.com/api/v3/anon/assets/ 198 B
320 B 122ms
122ms Script
application/javascript 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/v3/anon/assets/performanceMetrics?tbc=%7Bjzx%7D8jDEHxOqpL8qr2PEo4tolP-k3tou9WT9XJQFea-VlesqASKSf8oGSDlu0LbPn9jtGHetfHoc4A22KQGL-fqja36vGo1s22ASegeLACnDXhpF6_DagKYJw4NrLP_MX6N9T7yOLjkew0vrrlYWyqoNDA&aid=U1S2txQ29t&user_provider=piano_id&user_token=&callApiJsonp=true&callback=jQuery112408799488857547242_1619473653691&_=1619473653693

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5114f133f3dfedc2a71446c82e538a75ad141325609d87164e8db709c2f19f7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray: 646302a9ec1e4e4a-FRA
date: Mon, 26 Apr 2021 21:47:35 GMT
content-encoding: br
cf-cache-status: DYNAMIC
wn: prod-dash-10-0-90-233
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
p3p: CP="NON DSP COR OUR IND"
server-time: 0.001
cache-control: public, max-age=86400, s-maxage=86400
x-forwarded-https: on
content-type: application/javascript
cf-request-id: 09b1bffe3400004e4a04954000000001
x-request-id: Cbvx6sqbdQR

POST
H2 204 csi
csi.gstatic.com/ Frame FC11 0
331 B 536ms
179ms Ping
image/gif 2607:f8b0:400a:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~knz4st8x&c=8634930156092&slotId=4317465078046&fb=ima-html5&sdkv=h.3.453.0&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&vmfc=1&vhc=0&ghmsh_eids=44736292%2C44739826
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400a:80a::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 21:47:35 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 loader.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame BE34 50 KB
18 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/loader.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

733f87f07bd9fe3cb01564f66523fbbcc3bb54614363eda52236e5cd32ca3d5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:40:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 21 Apr 2021 20:57:11 GMT
server: sffe
age: 436
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18070
x-xss-protection: 0
expires: Mon, 26 Apr 2021 21:55:19 GMT

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 104ms
104ms Image
image/gif 52.70.144.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=i5lwowrnnztueuzummzwmzcdku2w443f&inx=0&rt=2228&val=&wnx=1&abc=&ty=alo&v=0&ext=0&ta=1&lnx=0&sid=Osi3mNltXbV876WpjDifDXJ67ql8zdhQ&pid=bangordailynewscom&wid=0011r00002SRK6m_6242&pt=a&anx=1&arx=1&crt=0&s=0&aty=vid&tty=ac&rol=mid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.144.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-144-100.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:35 GMT
last-modified: Wed, 30 Dec 2020 14:34:46 GMT
server: nginx
accept-ranges: bytes
etag: "5fec9006-23"
content-length: 35
content-type: image/gif

GET
H/1.1 200
OK lreprx.js Show response
player.anyclip.com/lreprx/js/v1/src/ Frame BE34 33 KB
10 KB 29ms
29ms Script
application/javascript 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://player.anyclip.com/lreprx/js/v1/src/lreprx.js?ad_tag=https%3A%2F%2Fvid.springserve.com%2Fvast%2F630417%3Fima%3D4%26w%3D780%26h%3D439%26url%3Dhttps%253A%252F%252Fbangordailynews.com%252F2021%252F04%252F23%252Fnews%252Fbangor%252Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%252F%26cb%3D938569572%26widgetid%3D0011r00002SRK6m_6242%26lob%3D%26clipid%3Dundefined%26key_custom1%3D%5Ew%3D0011r00002SRK6m_6242%5Ec%3Dundefined%5Ei%3D0%5Eab%3D%5Ev%3D0%5Ep%3Dbangordailynewscom%26key_custom2%3D%5Ed%3Dbangordailynews.com%5Eu%3D%5Edv%3D1%5Eco%3D%5Epl%3Da%26gdpr%3D%26consent%3D%26viewability%3D0%26schain%3D1.0%2C1!anyclip.com%2C0011r00002SRK6mAAH%2C1%2C%2C%2C%2C%26us_privacy%3D1---%26domain%3Dbangordailynews.com&sid=Osi3mNltXbV876WpjDifDXJ67ql8zdhQ&imaw=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/loader.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash: b71963704e136edf961e62f8293a52e71ec294d069270d5108d41001a1aeea79

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 21:47:35 GMT
Content-Encoding: gzip
Age: 49238
Connection: keep-alive
Content-Length: 9324
x-amz-id-2: MvnKdu9HLNmuAOS6H9bV+ty3WcpDMJXgtwreNyioAibEuA1OxzR/5cnaw1nbFohcyQKUnARpFsw=
Last-Modified: Sun, 07 Mar 2021 09:26:06 GMT
Server: AmazonS3
Vary: Accept-Encoding
x-amz-request-id: 29JF1Q0DH5B7ECSG
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=60
x-amz-version-id: FaPWwIbbXX6vU3u1YrO_6kI7ChoCX9Rb
Accept-Ranges: bytes
Content-Type: application/javascript
X-LLID: a7caf29be2815ec003fa211af45c8b2f
Expires: Mon, 26 Apr 2021 08:07:57 GMT

GET
H2 200 630417 Show response
vid.springserve.com/vast/ Frame BE34 5 KB
2 KB 114ms
40ms Fetch
application/xml 52.210.137.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/630417?ima=4&w=780&h=439&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&cb=938569572&widgetid=0011r00002SRK6m_6242&lob=&clipid=undefined&key_custom1=^w=0011r00002SRK6m_6242^c=undefined^i=0^ab=^v=0^p=bangordailynewscom&key_custom2=^d=bangordailynews.com^u=^dv=1^co=^pl=a&gdpr=&consent=&viewability=0&schain=1.0,1!anyclip.com,0011r00002SRK6mAAH,1,,,,&us_privacy=1---&domain=bangordailynews.com
Requested by: Host: player.anyclip.com
URL: https://player.anyclip.com/lreprx/js/v1/src/lreprx.js?ad_tag=https%3A%2F%2Fvid.springserve.com%2Fvast%2F630417%3Fima%3D4%26w%3D780%26h%3D439%26url%3Dhttps%253A%252F%252Fbangordailynews.com%252F2021%252F04%252F23%252Fnews%252Fbangor%252Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%252F%26cb%3D938569572%26widgetid%3D0011r00002SRK6m_6242%26lob%3D%26clipid%3Dundefined%26key_custom1%3D%5Ew%3D0011r00002SRK6m_6242%5Ec%3Dundefined%5Ei%3D0%5Eab%3D%5Ev%3D0%5Ep%3Dbangordailynewscom%26key_custom2%3D%5Ed%3Dbangordailynews.com%5Eu%3D%5Edv%3D1%5Eco%3D%5Epl%3Da%26gdpr%3D%26consent%3D%26viewability%3D0%26schain%3D1.0%2C1!anyclip.com%2C0011r00002SRK6mAAH%2C1%2C%2C%2C%2C%26us_privacy%3D1---%26domain%3Dbangordailynews.com&sid=Osi3mNltXbV876WpjDifDXJ67ql8zdhQ&imaw=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.137.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-137-162.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: dddf93969bc7f91490c6b902806a3075b10640d48cf44d2f8ca625bf81baeca8

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://bangordailynews.com
date: Mon, 26 Apr 2021 21:47:35 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-encoding: gzip
content-type: application/xml;charset=UTF-8

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 103ms
102ms Image
image/gif 52.70.144.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=i5lwowrnnztueuzummzwmzcdku2w443f&inx=0&rt=2277&val=1.1.11_183_prod&wnx=1&abc=&ty=xlo&v=0&ext=0&ta=1&lnx=0&sid=Osi3mNltXbV876WpjDifDXJ67ql8zdhQ&pid=bangordailynewscom&wid=0011r00002SRK6m_6242&pt=a
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.144.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-144-100.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:35 GMT
last-modified: Wed, 30 Dec 2020 14:34:46 GMT
server: nginx
accept-ranges: bytes
etag: "5fec9006-23"
content-length: 35
content-type: image/gif

GET
H3-29 200 ads Show response
pagead2.googlesyndication.com/gampad/live/ Frame E7D1 0
24 B 43ms
42ms XHR
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/live/ads?iu=%2F8749%2FBDN_Ora&description_url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=3898698074522716&sdkv=h.3.453.0&osd=2&frm=1&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&us_privacy=1---&gdpr=1&gdpr_consent=tcunavailable&sdki=44d&adk=3360247788&sdk_apis=2%2C8&sid=A6D7D495-8426-4024-8904-F65F3DDFB892&eid=44736153%2C44739826&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&dlt=1619473653083&idt=2108&dt=1619473655456&scor=1217813623442891&ged=ve4_td2_tt0_pd2_la2000_er1843.317.1996.617_vi0.0.1200.1600_vp0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ltt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:35 GMT
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: ltt
google-creative-id: -2
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vpaid_982cce59.js Show response
vpaid.springserve.com/production/ Frame BE34 483 KB
86 KB 38ms
6ms Script
application/javascript 2600:9000:2156:ce00:15:6f6c:b180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_982cce59.js
Requested by: Host: player.anyclip.com
URL: https://player.anyclip.com/lreprx/js/v1/src/lreprx.js?ad_tag=https%3A%2F%2Fvid.springserve.com%2Fvast%2F630417%3Fima%3D4%26w%3D780%26h%3D439%26url%3Dhttps%253A%252F%252Fbangordailynews.com%252F2021%252F04%252F23%252Fnews%252Fbangor%252Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%252F%26cb%3D938569572%26widgetid%3D0011r00002SRK6m_6242%26lob%3D%26clipid%3Dundefined%26key_custom1%3D%5Ew%3D0011r00002SRK6m_6242%5Ec%3Dundefined%5Ei%3D0%5Eab%3D%5Ev%3D0%5Ep%3Dbangordailynewscom%26key_custom2%3D%5Ed%3Dbangordailynews.com%5Eu%3D%5Edv%3D1%5Eco%3D%5Epl%3Da%26gdpr%3D%26consent%3D%26viewability%3D0%26schain%3D1.0%2C1!anyclip.com%2C0011r00002SRK6mAAH%2C1%2C%2C%2C%2C%26us_privacy%3D1---%26domain%3Dbangordailynews.com&sid=Osi3mNltXbV876WpjDifDXJ67ql8zdhQ&imaw=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:ce00:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 917a243df62d59505a727f26b2d8c554c02ba074e678fb4f0386a3e58f6df1a2

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 18:42:00 GMT
content-encoding: br
last-modified: Tue, 20 Apr 2021 18:40:58 GMT
server: AmazonS3
age: 529536
etag: W/"f71e7ede41bd33d400f47552243c4827"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: lxcKbWGGteKSqhXOTdDffy3jov-4iFTZsVqXm0V8OMX9EJd6dsacRA==

GET
DATA 200
OK truncated
/ 777 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb705299f61aeec4baf4a54ed4621c97f86270f9fccc894e23e260285c4613aa

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
245 B 103ms
103ms Image
image/gif 35.168.95.93
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=pv&page=Holden%20brothers%20sue%20Northern%20Light%20over%20data%20breach%20they%20claim%20left%20them%20vulnerable%20to%20identity%20theft&tv=js-3.0.109&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=-120&lang=en-US&cs=UTF-8&navt=link&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&tvltm=12&tid=e00f1650-cee0-4cc0-b2fe-c2a516bfe1de&pid=f9b49f8f-9777-4344-9c2e-e7cdb4cba6c5&dtm=1619473655598&qnm=_matherq&visible=1&tabid=45c55acd-a8ed-4b25-aedb-c464e943b3ad&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&vp=1600x1200&ds=1600x5938&tofa=1619473654&vid=1&lvidt=1619473654&duid=897f9ce940136859&fp=1072425006&cid=ma63069&mrk=92760912&cx=eyJhY3Rpb24iOnsiY2F0ZWdvcnkiOiJwYXltZW50IiwiYWN0aW9uIjoic3Vic2NyaXB0aW9uc19vZmZlcmVkIiwiZGF0YSI6eyJkaXJlY3RDaGVja291dCI6IjAiLCJoaWRlQ29tcGxldGVkRmllbGRzIjoiMSIsInNob3dDbG9zZUJ1dHRvbiI6IjAiLCJjb250YWluZXJTZWxlY3RvciI6IiNwaWFuby1ib3R0b20iLCJkaXNwbGF5TW9kZSI6ImlubGluZSIsInRlbXBsYXRlSWQiOiJPVDRTTUpBMjY0SkkiLCJ0ZW1wbGF0ZVZhcmlhbnRJZCI6bnVsbCwib2ZmZXJJZCI6Ik9GVFQ4UlFKSE9FViIsImV4Y2VwdGlvbnMiOnsiaGFzQWNjZXNzVG9BbnlSZXNvdXJjZXMiOiIxIn0sImZvcm1OYW1lQnlUZXJtSWQiOiJ7fSIsImNoZWNrb3V0Rmxvd0lkIjoiIiwiZXhwZXJpZW5jZUlkIjoiRVhUUTFFMDYzODVCIiwiZXhwZXJpZW5jZUV4ZWN1dGlvbklkIjoiMTgwOGEzaWJqNC0wMDAwMnU4ZzRyaGJwcWZpajNwMDRlNnJmMCIsImV4cGVyaWVuY2VBY3Rpb25JZCI6InNob3dPZmZlckpPU0kxSENJV0E5QzY4IiwiZXhwZXJpZW5jZUNvbmRpdGlvbnMiOltdLCJicm93c2VySWQiOiJOUjZqR1R6YjBjYndVRkR2MXdpblpWQWZWUktPTzhieWVyZVhFTDM4aHFBU0l2eUdBSEFxZmI2dExqZWIiLCJhZGRpdGlvbmFsUGFyYW1OYW1lcyI6W10sImFjdGl2ZU1ldGVycyI6W3sibWV0ZXJOYW1lIjoiTWV0ZXJlZEV4cGVyaWVuY2UiLCJ2aWV3cyI6IjEiLCJ2aWV3c0xlZnQiOiIyIiwibWF4Vmlld3MiOiIzIiwidG90YWxWaWV3cyI6IjEifV19LCJvZmZlcnMiOlt7Im9mZmVySWQiOiJPRlRUOFJRSkhPRVYiLCJkaXNwbGF5TW9kZSI6ImlubGluZSIsInRlbXBsYXRlSWQiOiJPVDRTTUpBMjY0SkkifV0sInZlbmRvciI6IlBpYW5vIiwidHlwZSI6InVua25vd24ifX0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.168.95.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 21:47:35 GMT
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length: 43
Content-Type: image/gif

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame BE34 0
119 B 105ms
65ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_982cce59.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://bangordailynews.com
date: Mon, 26 Apr 2021 21:47:35 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 bc2 Show response
bc-ssb-dub.springserve.com/ Frame BE34 20 B
211 B 121ms
37ms XHR
application/json 52.208.222.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-ssb-dub.springserve.com/bc2?r=0865a93a-5e4a-4125-ba0c-1b518a0965fc-s.630417-d.388962-dc.83478&aid=316&det_d=bangordailynews.com&det_w=780
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_982cce59.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.222.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://bangordailynews.com
date: Mon, 26 Apr 2021 21:47:35 GMT
access-control-allow-credentials: true
server: nginx
content-length: 20
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json

GET
H2

200

avjp Show response
anyclip-d.openx.net/v/1.0/ Frame BE34
Redirect Chain

https://anyclip-d.openx.net/v/1.0/avjp?auid=543971735&url=https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-i...
https://anyclip-d.openx.net/v/1.0/avjp?cc=1&auid=543971735&url=https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable...

106 B
311 B

27ms
27ms

XHR
application/json

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://anyclip-d.openx.net/v/1.0/avjp?cc=1&auid=543971735&url=https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/&vht=439&vwd=780&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%2C%22video%2Fwebm%22%2C%22video%2Fogg%22%5D%2C%22w%22%3A780%2C%22h%22%3A439%7D%7D%5D%7D&be=true&schain=1.0,1!anyclip.com,0011r00002SRK6mAAH,1,,,&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.205.4 /
Resource Hash: 730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 21:47:35 GMT
via: 1.1 google
server: OXGW/16.205.4
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://bangordailynews.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 106
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Mon, 26 Apr 2021 21:47:35 GMT
via: 1.1 google
server: OXGW/16.205.4
location: https://anyclip-d.openx.net/v/1.0/avjp?cc=1&auid=543971735&url=https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/&vht=439&vwd=780&openrtb=%7B%22imp%22%3A%5B%7B%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%2C%22video%2Fwebm%22%2C%22video%2Fogg%22%5D%2C%22w%22%3A780%2C%22h%22%3A439%7D%7D%5D%7D&be=true&schain=1.0,1!anyclip.com,0011r00002SRK6mAAH,1,,,&us_privacy=1---
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://bangordailynews.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame BE34 334 KB
114 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_982cce59.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d25942b7da85bc7cdb258cdb436227b1de7e3a2b50c61f7d7050eff911f88f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117044
x-xss-protection: 0
expires: Mon, 26 Apr 2021 21:47:35 GMT

GET
H3-29 200 bridge3.453.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame CDBE 570 KB
186 KB 7ms
7ms Document
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03fa924099182c607c33fb7877f50e7de0ae3522e1bcff8f7247ae5e88a2b25b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.453.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bangordailynews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://bangordailynews.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 190793
date: Thu, 22 Apr 2021 15:44:13 GMT
expires: Fri, 22 Apr 2022 15:44:13 GMT
last-modified: Wed, 21 Apr 2021 20:50:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 367402
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame BE34 44 KB
16 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Mon, 26 Apr 2021 21:47:35 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame AFEB 36 KB
12 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:14:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 1994
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Mon, 26 Apr 2021 22:14:21 GMT

GET
H2 451 envelope Show response
api.rlcdn.com/api/identity/ Frame 266A 0
224 B 63ms
23ms XHR
text/plain 34.120.133.55
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.rlcdn.com/api/identity/envelope?pid=1258
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158127/2642/pwt.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 26 Apr 2021 21:47:36 GMT
via: 1.1 google
alt-svc: clear
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: https://bangordailynews.com
access-control-allow-credentials: true
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length: 0

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame 266A 109 B
546 B 104ms
34ms XHR
application/json 52.30.73.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158127/2642/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.73.5 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: b6db63b6014953a7991620f514075c07119d72bebd6a6fa19e987162cb2b7f2e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 26 Apr 2021 21:47:36 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bangordailynews.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Wed, 26 May 2021 21:47:36 GMT

GET
H3-29 200 ads Show response
pagead2.googlesyndication.com/gampad/ Frame CDBE 0
23 B 18ms
18ms XHR
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?iu=%2F127641337%2Fbangordailynews.com875242&description_url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&env=vp&correlator=1407197570274337&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=640x480&unviewed_position_start=1&vpmute=0&vpa=auto&cust_params=domainname%3Dbangordailynews.comA%26viewability%3D0&gdpr_consent=_755&gdpr=1&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&sdkv=h.3.453.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70%2C728x90&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&us_privacy=1---&sdki=44d&adk=2408233548&sdk_apis=2%2C8&sid=0B5ADE0F-F7D3-44F2-8999-DAE36C9B3CDD&eid=44739826&dlt=1619473655382&idt=572&dt=1619473656388&scor=240627984161612&ged=ve4_td1_tt0_pd1_la1000_er3475.200.3634.500_vi0.0.1200.1600_vp0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:36 GMT
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-creative-id: -2
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 300752 Show response
search.spotxchange.com/vast/2.0/ Frame BE34 67 B
1 KB 141ms
45ms XHR
text/xml 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/300752?VPAID=js&content_page_url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&player_width=780&player_height=439&cb=1619473655537&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_982cce59.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 21:47:36 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.001160
X-SpotX-Timing-SpotMarket: 0.004545
X-SpotX-Timing-Page-Mux: 0.000993
X-SpotX-Timing-Page-Require: 0.000419
X-fe: 095
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000025
Content-Length: 77
X-SpotX-Timing-Page: 0.014566
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.003334
Last-Modified: Mon, 26 Apr 2021 21:47:36 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.004545
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://bangordailynews.com
X-SpotX-Timing-Page-Misc: 0.004080
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000010
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 266A 334 KB
114 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: serv-vdo.pixfuture.com
URL: https://serv-vdo.pixfuture.com/vpaid/ads-iframe.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d25942b7da85bc7cdb258cdb436227b1de7e3a2b50c61f7d7050eff911f88f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117044
x-xss-protection: 0
expires: Mon, 26 Apr 2021 21:47:36 GMT

GET
H3-29 200 bridge3.453.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 2363 570 KB
186 KB 6ms
6ms Document
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03fa924099182c607c33fb7877f50e7de0ae3522e1bcff8f7247ae5e88a2b25b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.453.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 190793
date: Thu, 22 Apr 2021 15:44:13 GMT
expires: Fri, 22 Apr 2022 15:44:13 GMT
last-modified: Wed, 21 Apr 2021 20:50:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 367403
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 266A 44 KB
16 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Mon, 26 Apr 2021 21:47:36 GMT

GET
H2 200 ef.png
cdn.pixfuture.com/prebidvideo/ Frame 266A 1 KB
2 KB 18ms
18ms Image
image/png 2606:4700:20::ac43:4671
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pixfuture.com/prebidvideo/ef.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4671 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a4e707bf57a8ff7474bf343837e5b2123ccf8d63245e9e29cc0a21788440d1d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:36 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 5785
content-length: 1080
cf-request-id: 09b1c002d200004e6719998000000001
last-modified: Fri, 07 Aug 2020 14:21:25 GMT
server: cloudflare
etag: "5f2d6365-438"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lxZXIqCoOEby0RN99RHIAZcnzjQi0SWBUEw1gWzoyqqmgDwP7VEE%2Bn4YEDt%2FP04fC7hDDjMwvbL2hd8n%2F8ikQ%2FBc%2F7L5B4nlC1n%2BQBrg%2Fr%2FvMOeWGwctVggsy%2FHt0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2678400, no-transform
accept-ranges: bytes
cf-ray: 646302b15d0c4e67-FRA
expires: Wed, 28 Apr 2021 20:11:07 GMT

GET
H/1.1 200
OK internel_req_demand.php
serv-vdo.pixfuture.com/www/delivery/ Frame 266A 0
579 B 371ms
106ms Image
text/html 204.48.28.205
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serv-vdo.pixfuture.com/www/delivery/internel_req_demand.php?script=videoAds:&bidderCode=open_int&zoneid=11
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.48.28.205 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 21:47:36 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Wed, 28 Apr 2021 21:47:36 GMT

GET
H2 200 p-7ccbedljiLMl2.gif
pixel.quantserve.com/pixel/ Frame 266A 35 B
372 B 10ms
7ms Image
image/gif 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-7ccbedljiLMl2.gif

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 21:47:36 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 206 blank.mp4
cdn.pixfuture.com/prebidvideo/ Frame 266A 11 KB
11 KB 96ms
96ms Media
video/mp4 2606:4700:20::ac43:4671
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/prebidvideo/blank.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::ac43:4671 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ece8d21fc724b18df3d459e6932c68f067eedeea76f65e6e3c575173eb4e332e

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

date: Mon, 26 Apr 2021 21:47:36 GMT
access-control-allow-methods: GET, POST, OPTIONS
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
Content-Range: bytes 0-11115/11116
Content-Length: 11116
cf-request-id: 09b1c002da00004e673c05e000000001
last-modified: Fri, 07 Aug 2020 14:20:50 GMT
server: cloudflare
etag: "5f2d6342-2b6c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=HAAOLZjRuXfZobLKdOOshV7f549DvJL8DI07X%2BXKYgYHwLuHnjEpYe72hPPoHBno51TVv55avU1QD1bYS2Zlby9FjRRrZIg%2FkOLtC90B2AUH40WtIEEDHwnKqZHexA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: video/mp4
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 646302b15d204e67-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 086D 36 KB
12 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:14:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 1995
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Mon, 26 Apr 2021 22:14:21 GMT

POST
H/1.1 204
No Content 309154 Show response
search.spotxchange.com/openrtb/2.3/dados/ Frame BE34 0
1 KB 44ms
43ms XHR
application/json 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/309154
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_982cce59.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Mon, 26 Apr 2021 21:47:36 GMT
X-SpotX-Timing-Transform: 0.000319
X-SpotX-Timing-SpotMarket: 0.005027
X-SpotX-Timing-Page-Mux: 0.000833
X-SpotX-Timing-Page-Require: 0.000286
X-fe: 125
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000023
X-SpotX-Timing-Page: 0.011657
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.003103
Last-Modified: Mon, 26 Apr 2021 21:47:36 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.005027
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://bangordailynews.com
X-SpotX-Timing-Page-Misc: 0.002055
X-SpotX-Timing-Page-Exception: 0.000000
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000011
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 bc2 Show response
bc-ssb-dub.springserve.com/ Frame BE34 20 B
210 B 40ms
39ms XHR
application/json 52.208.222.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-ssb-dub.springserve.com/bc2?r=0865a93a-5e4a-4125-ba0c-1b518a0965fc-s.630417-d.880466-dc.67255_s.624019-d.388976-dc.130942&aid=316&det_d=bangordailynews.com&det_w=780
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_982cce59.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.222.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://bangordailynews.com
date: Mon, 26 Apr 2021 21:47:36 GMT
access-control-allow-credentials: true
server: nginx
content-length: 20
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json

GET
H2

200

av Show response
pixfuture2-d.openx.net/v/1.0/ Frame 2363
Redirect Chain

https://pixfuture2-d.openx.net/v/1.0/av?auid=540462321&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-t...
https://pixfuture2-d.openx.net/v/1.0/av?cc=1&auid=540462321&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-l...

48 B
333 B

29ms
29ms

XHR
text/xml

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pixfuture2-d.openx.net/v/1.0/av?cc=1&auid=540462321&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&vht=360&vwd=640&cb=a2a51c3f64&us_privacy=1---&schain=1.0,1!pixfuture.com,231,1,MTEyMDIxLTA0LTI2IDA5MDk6NDc0NzozNDM0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.205.4 /
Resource Hash: a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 21:47:37 GMT
content-encoding: gzip
server: OXGW/16.205.4
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: text/xml
alt-svc: clear
content-length: 56
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Mon, 26 Apr 2021 21:47:37 GMT
via: 1.1 google
server: OXGW/16.205.4
location: https://pixfuture2-d.openx.net/v/1.0/av?cc=1&auid=540462321&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&vht=360&vwd=640&cb=a2a51c3f64&us_privacy=1---&schain=1.0,1!pixfuture.com,231,1,MTEyMDIxLTA0LTI2IDA5MDk6NDc0NzozNDM0
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://imasdk.googleapis.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

GET
H3-29 200 bridge3.453.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame B4B0 570 KB
186 KB 6ms
6ms Document
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03fa924099182c607c33fb7877f50e7de0ae3522e1bcff8f7247ae5e88a2b25b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.453.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 190793
date: Thu, 22 Apr 2021 15:44:13 GMT
expires: Fri, 22 Apr 2022 15:44:13 GMT
last-modified: Wed, 21 Apr 2021 20:50:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 367404
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 p-7ccbedljiLMl2.gif
pixel.quantserve.com/pixel/ Frame 266A 35 B
210 B 8ms
8ms Image
image/gif 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-7ccbedljiLMl2.gif

Requested by

Host: serv-vdo.pixfuture.com
URL: https://serv-vdo.pixfuture.com/vpaid/ads-iframe.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 21:47:37 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK internel_req_demand.php
serv-vdo.pixfuture.com/www/delivery/ Frame 266A 0
579 B 107ms
107ms Image
text/html 204.48.28.205
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serv-vdo.pixfuture.com/www/delivery/internel_req_demand.php?script=videoAds:&bidderCode=Appnexus_cs_int&zoneid=11
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.48.28.205 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 21:47:37 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Wed, 28 Apr 2021 21:47:37 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 86A6 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:14:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 1996
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Mon, 26 Apr 2021 22:14:21 GMT

GET
H3-29 200 ads Show response
pagead2.googlesyndication.com/gampad/ Frame CDBE 0
23 B 17ms
17ms XHR
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?iu=%2F51666783%2Fbangordailynews.com871501&description_url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&vpmute=0&vpa=auto&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&env=vp&correlator=1392584575718951&nofb=1&ord=1619473655537&gdpr_consent=_755&gdpr=1&sdkv=h.3.453.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70%2C728x90&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&us_privacy=1---&sdki=44d&adk=2408233548&sdk_apis=2%2C8&sid=0B5ADE0F-F7D3-44F2-8999-DAE36C9B3CDD&eid=44739826&dlt=1619473655382&idt=572&dt=1619473657164&scor=3828993358546175&ged=ve4_td2_tt1_pd2_la2000_er3475.200.3634.500_vi0.0.1200.1600_vp0_ts1_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:37 GMT
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-creative-id: -2
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ Frame BE34 46 B
375 B 157ms
102ms Script
text/javascript 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?fn=indexResponse0865a93a86&v=8.8&s=631839&r=%7B%22id%22%3A%220865a93a86%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F%22%2C%22ref%22%3A%22https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F%22%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%220%22%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%2C%22video%2Fwebm%22%2C%22video%2Fogg%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A200%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%5D%2C%22w%22%3A780%2C%22h%22%3A439%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22playbackmethod%22%3A%5B3%5D%2C%22startdelay%22%3A0%2C%22placement%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22pr_1_1_s%22%2C%22custom%22%3A%22videoPlayback%22%7D%2C%22bidfloor%22%3A1.25%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22anyclip.com%22%2C%22hp%22%3A1%2C%22sid%22%3A%220011r00002SRK6mAAH%22%7D%5D%2C%22complete%22%3A1%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%7D
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_982cce59.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 45bbfd99fca390a49d911efb4ce8e728828afddc736e1e950e291a20378dce75

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 21:47:37 GMT
Content-Encoding: gzip
Server: Apache
Vary: Is-Traffic-Invalid,Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 58
Expires: Mon, 26 Apr 2021 21:47:37 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame BE34 165 B
1 KB 64ms
29ms XHR
application/json 185.33.223.178
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_982cce59.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

a31b7ab30243c47d8f7e54d1975b8d9906aa698a82ab0f4f4ed4fcc4f5731be4

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 21:47:37 GMT
X-Proxy-Origin: 194.187.251.57; 194.187.251.57; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.147:80
AN-X-Request-Uuid: 0a16de34-4086-46bf-af4e-9397432bf5da
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://bangordailynews.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 165
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 hb Show response
ice.360yield.com/ Frame BE34 85 B
506 B 127ms
77ms XHR
application/json 52.28.122.36
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22id%22%3A%220865a93a%22%2C%22version%22%3A%227.0.0-JS-6.3.0%22%2C%22domain%22%3A%22bangordailynews.com%22%2C%22page%22%3A%22https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F%22%2C%22referrer%22%3A%22https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F%22%2C%22secure%22%3A1%2C%22imp%22%3A%5B%7B%22currency%22%3A%22USD%22%2C%22pid%22%3A22478177%2C%22bidfloor%22%3A1.25%2C%22ad_types%22%3A%5B%22video%22%5D%2C%22id%22%3A%220865a93a%22%2C%22banner%22%3A%7B%7D%7D%5D%2C%22us_privacy%22%3A%221---%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22anyclip.com%22%2C%22hp%22%3A1%2C%22sid%22%3A%220011r00002SRK6mAAH%22%7D%5D%2C%22complete%22%3A1%7D%7D%7D
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_982cce59.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.122.36 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-122-36.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 8f9eabbbe1ef45f35dd6d674a81bb8be753c566e72c2db7fffed4e617c341e00

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://bangordailynews.com
date: Mon, 26 Apr 2021 21:47:37 GMT
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 85
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

POST
H2 200 i Show response
vid-io-dub.springserve.com/vd/ Frame BE34 0
120 B 111ms
35ms XHR
text/plain 54.195.68.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io-dub.springserve.com/vd/i?suuid=0865a93a&ps_id=630417&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_982cce59.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.195.68.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://bangordailynews.com
date: Mon, 26 Apr 2021 21:47:37 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 102ms
102ms Image
image/gif 52.70.144.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=i5lwowrnnztueuzummzwmzcdku2w443f&inx=0&rt=4304&val=An+unexpected+error+occurred+within+the+VPAID+creative.+Refer+to+the+inner+error+for+more+info.+%7C%7C+Error%3A+NO_FILL&wnx=1&abc=&ty=aer&v=0&ext=0&ta=1&lnx=0&sid=Osi3mNltXbV876WpjDifDXJ67ql8zdhQ&pid=bangordailynewscom&wid=0011r00002SRK6m_6242&pt=a&anx=1&arx=1&crt=0&s=0&aty=vid&tty=ac&rol=mid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.144.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-144-100.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:37 GMT
last-modified: Wed, 30 Dec 2020 14:34:46 GMT
server: nginx
accept-ranges: bytes
etag: "5fec9006-23"
content-length: 35
content-type: image/gif

GET
H/1.1 206
Partial Content 1619104278576_852x480_video.mp4
cdn5.anyclip.com/GWgZ-ngBS4c3fdCU5nse/ 1 MB
0 224ms
223ms Media
video/mp4 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn5.anyclip.com/GWgZ-ngBS4c3fdCU5nse/1619104278576_852x480_video.mp4?wid=0011r00002SRK6m_6242
Requested by: Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://bangordailynews.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Date: Mon, 26 Apr 2021 21:47:37 GMT
Last-Modified: Thu, 22 Apr 2021 15:11:19 GMT
Server: AmazonS3
x-amz-request-id: A79WAZXX9Q9G0WFX
x-amz-id-2: GCMQFgSxZJaC5bZ0TdJ2bN9vN4FklNstsZ2UJ9IeFSwp/nmK4ERCu44aSVyOeQCTta4rzk4KZZc=
Content-Type: video/mp4
Content-Range: bytes 0-11604142/11604143
Cache-Control: public,max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 11604143
X-LLID: 69d4f559c9098a77d1ad6878cc60e487

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 102ms
102ms Image
image/gif 52.70.144.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=i5lwowrnnztueuzummzwmzcdku2w443f&inx=0&rt=4318&val=1&wnx=1&abc=&ty=cla&v=0&ext=0&ta=1&lnx=0&sid=Osi3mNltXbV876WpjDifDXJ67ql8zdhQ&pid=bangordailynewscom&wid=0011r00002SRK6m_6242&pt=a
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.144.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-144-100.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:37 GMT
last-modified: Wed, 30 Dec 2020 14:34:46 GMT
server: nginx
accept-ranges: bytes
etag: "5fec9006-23"
content-length: 35
content-type: image/gif

GET
H/1.1 200
OK pause.svg
assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/ 758 B
1 KB 23ms
22ms Image
image/svg+xml 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/pause.svg?hash=55977d5a99
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash: d544eae637d61ee786c0a45bb0a7f250f9280bcd2ea1576655a761f1d397b8df

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 21:47:37 GMT
Content-Encoding: gzip
Age: 8430
Connection: keep-alive
Content-Length: 426
x-amz-id-2: pwQ4BccTl3xu4hcG4EEqMuGkgBdLgswri452ajCrVFunhV7elfgdUd4Tx9luZcp+/EZHGwBJCMU=
Last-Modified: Thu, 09 Aug 2018 13:37:34 GMT
Server: AmazonS3
Vary: Accept-Encoding
x-amz-request-id: C6D5400B3114C6E3
Access-Control-Allow-Origin: *
Expires: Mon, 26 Apr 2021 23:27:07 GMT
Cache-Control: public,max-age=14400
x-amz-version-id: COllNS2vUDfTYhxXvQJ57jWZVnnMficH
Accept-Ranges: bytes
Content-Type: image/svg+xml
X-LLID: 7b37d0fbfddf209aaaf7e163bf6e3d85
x-amz-meta-s3b-last-modified: 20180704T113405Z

GET
H/1.1 200
OK volume-off.svg
assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/ 901 B
1 KB 23ms
22ms Image
image/svg+xml 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/volume-off.svg?hash=55977d5a99
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash: 2bf4b5202559dbe01d8188a3adb26d68755a69064f233ef63f284b08efaed6ad

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 21:47:37 GMT
Content-Encoding: gzip
Age: 7453
Connection: keep-alive
Content-Length: 521
x-amz-id-2: Cqh+mlrONOH/wc7a/m3Q9U7Kz08wV1Yr0heatOAdYVK7gs5aXKj8UCFPjSbDcXUEfkPA9e/wI6M=
Last-Modified: Sun, 12 Aug 2018 11:52:27 GMT
Server: AmazonS3
Vary: Accept-Encoding
x-amz-request-id: C0D1F04334E80FDB
Access-Control-Allow-Origin: *
Expires: Mon, 26 Apr 2021 23:43:24 GMT
Cache-Control: public,max-age=14400
x-amz-version-id: LD1v9d__0LhgJzdvbwPuMTNvxNdup1gK
Accept-Ranges: bytes
Content-Type: image/svg+xml
X-LLID: 7e8294d4f6f0673ca6a638e9249250cb
x-amz-meta-s3b-last-modified: 20180812T115113Z

GET
H/1.1 200
OK cc-hidden.svg
assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/ 909 B
1 KB 48ms
24ms Image
image/svg+xml 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/cc-hidden.svg?hash=55977d5a99
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash: 2391cc30306861b59fcdb16b83a8f427ee342e5f5d6e8299a91d586687e8bef2

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 21:47:37 GMT
Content-Encoding: gzip
Age: 227
Connection: keep-alive
Content-Length: 458
x-amz-id-2: uxa9DFI/0a6EJQhaDHRQ/OBzyTQx2REonEpKJDsLeMKts+Px+jfRA7JRRtH9kkt9rBcF/csUnNQ=
Last-Modified: Wed, 13 Nov 2019 11:51:46 GMT
Server: AmazonS3
Vary: Accept-Encoding
x-amz-request-id: 767E599404B79C11
Access-Control-Allow-Origin: *
Expires: Tue, 27 Apr 2021 01:43:50 GMT
Cache-Control: public,max-age=14400
x-amz-version-id: y.QX4vCTrlpSO9kX_WB6RqB1CKq9apE_
Accept-Ranges: bytes
Content-Type: image/svg+xml
X-LLID: 8e9f7ed801ac7af2d482469d88735f3d
x-amz-meta-s3b-last-modified: 20191113T095137Z

GET
H/1.1 200
OK fullscreen.svg
assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/ 1 KB
1 KB 45ms
22ms Image
image/svg+xml 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/fullscreen.svg?hash=55977d5a99
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash: 0b7b74a139779fba8e1d17d597aa7cbffa27bd33d2b5c43d8039264c2a627412

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 21:47:37 GMT
Content-Encoding: gzip
Age: 8324
Connection: keep-alive
Content-Length: 524
x-amz-id-2: BRh90W2EfVzECaSH5h6jfUSFDTvgYjWMypRYQrJp7lo8LXFtr2iKyo+wwxm5PYvFOhZO6qVjHDA=
Last-Modified: Thu, 09 Aug 2018 13:37:33 GMT
Server: AmazonS3
Vary: Accept-Encoding
x-amz-request-id: D79B0CDA8EB8F2DB
Access-Control-Allow-Origin: *
Expires: Mon, 26 Apr 2021 23:28:53 GMT
Cache-Control: public,max-age=14400
x-amz-version-id: U03j5muVk7AbvhQemSaiRqevJSRY_Dma
Accept-Ranges: bytes
Content-Type: image/svg+xml
X-LLID: 034f55164c0f59233accb69cfcbb7e60
x-amz-meta-s3b-last-modified: 20180704T113429Z

GET
H/1.1 200
OK next.svg
assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/ 729 B
1 KB 67ms
22ms Image
image/svg+xml 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/next.svg?hash=55977d5a99
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash: 55775baf70d2f1d40bac3a60de82e8e42b7e34687802f73671f25f2f60fdc6d4

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 21:47:37 GMT
Content-Encoding: gzip
Age: 8430
Connection: keep-alive
Content-Length: 461
x-amz-id-2: aZiDwTlw4rciTlz48Jhfji0MF1tA2KOd+P1qYYUg8NE7marJLgmCvgIWPlvmWLDv8DtP+5AGNHI=
Last-Modified: Thu, 09 Aug 2018 13:37:34 GMT
Server: AmazonS3
Vary: Accept-Encoding
x-amz-request-id: CC3D2AF47BC35EBB
Access-Control-Allow-Origin: *
Expires: Mon, 26 Apr 2021 23:27:07 GMT
Cache-Control: public,max-age=14400
x-amz-version-id: 9oEyfyolAdum9dgyt9Cw6qZIm50OH1cD
Accept-Ranges: bytes
Content-Type: image/svg+xml
X-LLID: d9a3bd9089de99a8d306d60907a731ff
x-amz-meta-s3b-last-modified: 20180704T113415Z

GET
DATA 200
OK truncated
/ 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Origin: https://bangordailynews.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H/1.1 200
OK ptv Show response
secure.adnxs.com/ Frame B4B0 27 B
1 KB 63ms
26ms XHR
application/xml 185.33.221.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/ptv?id=14483186&vmaxduration=120&vskippable=1&vplaybackmethod=4&vwidth=640&vheight=360&vcontext=4&vframeworks=1,2&referrer=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&cb=9aa97d4aed&us_privacy=1---&schain=1.0,1!pixfuture.com,231,1,MTEyMDIxLTA0LTI2IDA5MDk6NDc0NzozNDM0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 21:47:37 GMT
X-Proxy-Origin: 194.187.251.57; 194.187.251.57; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.121:80
AN-X-Request-Uuid: 7e156221-7bbf-4526-99ba-85f6d4940ddc
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://imasdk.googleapis.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 27
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29 200 bridge3.453.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame F2B1 570 KB
186 KB 6ms
6ms Document
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03fa924099182c607c33fb7877f50e7de0ae3522e1bcff8f7247ae5e88a2b25b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.453.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 190793
date: Thu, 22 Apr 2021 15:44:13 GMT
expires: Fri, 22 Apr 2022 15:44:13 GMT
last-modified: Wed, 21 Apr 2021 20:50:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 367404
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 p-7ccbedljiLMl2.gif
pixel.quantserve.com/pixel/ Frame 266A 35 B
210 B 8ms
8ms Image
image/gif 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-7ccbedljiLMl2.gif

Requested by

Host: serv-vdo.pixfuture.com
URL: https://serv-vdo.pixfuture.com/vpaid/ads-iframe.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 21:47:37 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK internel_req_demand.php
serv-vdo.pixfuture.com/www/delivery/ Frame 266A 0
579 B 106ms
106ms Image
text/html 204.48.28.205
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serv-vdo.pixfuture.com/www/delivery/internel_req_demand.php?script=videoAds:&bidderCode=open_int&zoneid=11
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.48.28.205 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 21:47:37 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Wed, 28 Apr 2021 21:47:37 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 7D92 36 KB
12 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:14:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 1996
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Mon, 26 Apr 2021 22:14:21 GMT

GET
H2

200

av Show response
pixfuture2-d.openx.net/v/1.0/ Frame F2B1
Redirect Chain

https://pixfuture2-d.openx.net/v/1.0/av?auid=540453138&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-t...
https://pixfuture2-d.openx.net/v/1.0/av?cc=1&auid=540453138&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-l...

48 B
249 B

33ms
33ms

XHR
text/xml

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pixfuture2-d.openx.net/v/1.0/av?cc=1&auid=540453138&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&vht=360&vwd=640&cb=e2e0e4a0b0&us_privacy=1---&schain=1.0,1!pixfuture.com,231,1,MTEyMDIxLTA0LTI2IDA5MDk6NDc0NzozNDM0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.205.4 /
Resource Hash: a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 21:47:38 GMT
content-encoding: gzip
server: OXGW/16.205.4
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: text/xml
alt-svc: clear
content-length: 56
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Mon, 26 Apr 2021 21:47:38 GMT
via: 1.1 google
server: OXGW/16.205.4
location: https://pixfuture2-d.openx.net/v/1.0/av?cc=1&auid=540453138&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&vht=360&vwd=640&cb=e2e0e4a0b0&us_privacy=1---&schain=1.0,1!pixfuture.com,231,1,MTEyMDIxLTA0LTI2IDA5MDk6NDc0NzozNDM0
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://imasdk.googleapis.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

GET
H3-29 200 bridge3.453.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame CE30 570 KB
186 KB 6ms
6ms Document
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03fa924099182c607c33fb7877f50e7de0ae3522e1bcff8f7247ae5e88a2b25b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.453.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 190793
date: Thu, 22 Apr 2021 15:44:13 GMT
expires: Fri, 22 Apr 2022 15:44:13 GMT
last-modified: Wed, 21 Apr 2021 20:50:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 367405
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 p-7ccbedljiLMl2.gif
pixel.quantserve.com/pixel/ Frame 266A 35 B
210 B 8ms
7ms Image
image/gif 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-7ccbedljiLMl2.gif

Requested by

Host: serv-vdo.pixfuture.com
URL: https://serv-vdo.pixfuture.com/vpaid/ads-iframe.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 21:47:38 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK internel_req_demand.php
serv-vdo.pixfuture.com/www/delivery/ Frame 266A 0
579 B 108ms
105ms Image
text/html 204.48.28.205
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serv-vdo.pixfuture.com/www/delivery/internel_req_demand.php?script=videoAds:&bidderCode=Appnexus_cs_int&zoneid=11
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.48.28.205 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 21:47:38 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Wed, 28 Apr 2021 21:47:38 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 2761 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:14:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 1997
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Mon, 26 Apr 2021 22:14:21 GMT

GET
H2 200 gaAccount Show response
buy.tinypass.com/api/v3/anon/assets/ 109 B
437 B 143ms
143ms Script
application/javascript 2606:4700::6811:b8b1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/v3/anon/assets/gaAccount?aid=U1S2txQ29t&tbc=%7Bjzx%7D8jDEHxOqpL8qr2PEo4tolP-k3tou9WT9XJQFea-VlesqASKSf8oGSDlu0LbPn9jtGHetfHoc4A22KQGL-fqja36vGo1s22ASegeLACnDXhpF6_DagKYJw4NrLP_MX6N9T7yOLjkew0vrrlYWyqoNDA&user_provider=piano_id&user_token=&callApiJsonp=true&callback=jQuery112408799488857547242_1619473653691&_=1619473653694

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b8b1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0229f14664a32188093a1a51d29e46adc411815c87946cf2dc994468c0d91e0f

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray: 646302bc8cba4e4a-FRA
date: Mon, 26 Apr 2021 21:47:38 GMT
content-encoding: br
cf-cache-status: DYNAMIC
wn: prod-dash-10-0-131-156
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
p3p: CP="NON DSP COR OUR IND"
server-time: 0.001
cache-control: public, max-age=86400, s-maxage=86400
x-forwarded-https: on
content-type: application/javascript
cf-request-id: 09b1c009d500004e4a3d199000000001
x-request-id: Cevx6sqphcF

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 425
date: Mon, 26 Apr 2021 21:40:33 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Mon, 26 Apr 2021 23:40:33 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 13ms
13ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1867188589&t=event&ni=1&_s=1&dl=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&ul=en-us&de=UTF-8&dt=Holden%20brothers%20sue%20Northern%20Light%20over%20data%20breach%20they%20claim%20left%20them%20vulnerable%20to%20identity%20theft&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=showOffer&ea=%20offerId_OFTT8RQJHOEV____templateId_OT4SMJA264JI____aid_U1S2txQ29t&el=Show%20offer%20offerId%3AOFTT8RQJHOEV%20templateId%3AOT4SMJA264JI%20aid%3AU1S2txQ29t&_u=6GDACUALBAQCAG~&jid=1871554180&gjid=586372609&cid=67365718.1619473654&tid=UA-5329647-52&_gid=1530301968.1619473654&_r=1&_slc=1&z=1296581331

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 21:47:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bangordailynews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ Frame 6FB0 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 425
date: Mon, 26 Apr 2021 21:40:33 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Mon, 26 Apr 2021 23:40:33 GMT

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 27ms
13ms XHR
text/plain 2a00:1450:400c:c0d::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-5329647-52&cid=67365718.1619473654&jid=1871554180&gjid=586372609&_gid=1530301968.1619473654&_u=6GDACUALBAQCAG~&z=602598365

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0d::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 26 Apr 2021 21:47:38 GMT
content-type: text/plain
access-control-allow-origin: https://bangordailynews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 22ms
22ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-5329647-52&cid=67365718.1619473654&jid=1871554180&_u=6GDACUALBAQCAG~&z=1776085201

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 21:47:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.de/ads/ 42 B
63 B 17ms
17ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-5329647-52&cid=67365718.1619473654&jid=1871554180&_u=6GDACUALBAQCAG~&z=1776085201

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 21:47:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 action
trafficmanager.anyclip.com/trafficmanager/api/videos/video/ Frame 0
0 104ms
103ms Preflight
text/plain 52.203.28.84
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trafficmanager.anyclip.com/trafficmanager/api/videos/video/action
Protocol: H2
Server: 52.203.28.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://bangordailynews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Mon, 26 Apr 2021 21:47:38 GMT
content-type: text/plain
content-length: 13
access-control-allow-origin: https://bangordailynews.com
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-headers: Content-Type
allow: POST,OPTIONS

POST
H2 200 action
trafficmanager.anyclip.com/trafficmanager/api/videos/video/ 0
0 103ms
103ms Fetch 52.203.28.84
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trafficmanager.anyclip.com/trafficmanager/api/videos/video/action
Requested by: Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.203.28.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://bangordailynews.com
date: Mon, 26 Apr 2021 21:47:38 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 0
access-control-allow-methods: GET,POST

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 102ms
102ms Image
image/gif 52.70.144.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=i5lwowrnnztueuzummzwmzcdku2w443f&inx=0&rt=5375&val=&wnx=1&abc=&ty=cmp&v=0&ext=0&ta=1&lnx=0&sid=Osi3mNltXbV876WpjDifDXJ67ql8zdhQ&pid=bangordailynewscom&wid=0011r00002SRK6m_6242&pt=a
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.144.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-144-100.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:38 GMT
last-modified: Wed, 30 Dec 2020 14:34:46 GMT
server: nginx
accept-ranges: bytes
etag: "5fec9006-23"
content-length: 35
content-type: image/gif

GET
H/1.1 200
OK ptv Show response
secure.adnxs.com/ Frame CE30 27 B
1 KB 31ms
30ms XHR
application/xml 185.33.221.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/ptv?id=14483184&vmaxduration=120&vskippable=1&vplaybackmethod=4&vwidth=640&vheight=360&vcontext=4&vframeworks=1,2&referrer=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&cb=27d4df24a5&us_privacy=1---&schain=1.0,1!pixfuture.com,231,1,MTEyMDIxLTA0LTI2IDA5MDk6NDc0NzozNDM0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 21:47:38 GMT
X-Proxy-Origin: 194.187.251.57; 194.187.251.57; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.233:80
AN-X-Request-Uuid: a7386357-a227-482f-b5ff-726f3723c0ee
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://imasdk.googleapis.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 27
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29 200 bridge3.453.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 8112 570 KB
186 KB 6ms
6ms Document
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03fa924099182c607c33fb7877f50e7de0ae3522e1bcff8f7247ae5e88a2b25b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.453.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 190793
date: Thu, 22 Apr 2021 15:44:13 GMT
expires: Fri, 22 Apr 2022 15:44:13 GMT
last-modified: Wed, 21 Apr 2021 20:50:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 367405
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 p-7ccbedljiLMl2.gif
pixel.quantserve.com/pixel/ Frame 266A 35 B
210 B 8ms
8ms Image
image/gif 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-7ccbedljiLMl2.gif

Requested by

Host: serv-vdo.pixfuture.com
URL: https://serv-vdo.pixfuture.com/vpaid/ads-iframe.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 21:47:38 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK internel_req_demand.php
serv-vdo.pixfuture.com/www/delivery/ Frame 266A 0
579 B 106ms
106ms Image
text/html 204.48.28.205
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serv-vdo.pixfuture.com/www/delivery/internel_req_demand.php?script=videoAds:&bidderCode=open_int&zoneid=11
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.48.28.205 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 21:47:38 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Wed, 28 Apr 2021 21:47:38 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame EB82 36 KB
12 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:14:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 1997
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Mon, 26 Apr 2021 22:14:21 GMT

POST
H/1.1 200
OK abt Show response
capi.connatix.com/tr/ Frame B0FE 0
300 B 113ms
112ms XHR
multipart/form-data 3.143.119.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/abt?v=115064
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.143.119.104 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Mon, 26 Apr 2021 21:47:39 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://bangordailynews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2

200

av Show response
pixfuture2-d.openx.net/v/1.0/ Frame 8112
Redirect Chain

https://pixfuture2-d.openx.net/v/1.0/av?auid=540453133&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-t...
https://pixfuture2-d.openx.net/v/1.0/av?cc=1&auid=540453133&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-l...

48 B
248 B

30ms
30ms

XHR
text/xml

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pixfuture2-d.openx.net/v/1.0/av?cc=1&auid=540453133&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&vht=360&vwd=640&cb=1a18235f4c&us_privacy=1---&schain=1.0,1!pixfuture.com,231,1,MTEyMDIxLTA0LTI2IDA5MDk6NDc0NzozNDM0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.205.4 /
Resource Hash: a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 21:47:39 GMT
content-encoding: gzip
server: OXGW/16.205.4
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: text/xml
alt-svc: clear
content-length: 56
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Mon, 26 Apr 2021 21:47:39 GMT
via: 1.1 google
server: OXGW/16.205.4
location: https://pixfuture2-d.openx.net/v/1.0/av?cc=1&auid=540453133&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&vht=360&vwd=640&cb=1a18235f4c&us_privacy=1---&schain=1.0,1!pixfuture.com,231,1,MTEyMDIxLTA0LTI2IDA5MDk6NDc0NzozNDM0
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://imasdk.googleapis.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

GET
H3-29 200 bridge3.453.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 3C2D 570 KB
186 KB 6ms
6ms Document
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03fa924099182c607c33fb7877f50e7de0ae3522e1bcff8f7247ae5e88a2b25b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.453.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 190793
date: Thu, 22 Apr 2021 15:44:13 GMT
expires: Fri, 22 Apr 2022 15:44:13 GMT
last-modified: Wed, 21 Apr 2021 20:50:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 367406
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 p-7ccbedljiLMl2.gif
pixel.quantserve.com/pixel/ Frame 266A 35 B
210 B 9ms
8ms Image
image/gif 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-7ccbedljiLMl2.gif

Requested by

Host: serv-vdo.pixfuture.com
URL: https://serv-vdo.pixfuture.com/vpaid/ads-iframe.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 21:47:39 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK internel_req_demand.php
serv-vdo.pixfuture.com/www/delivery/ Frame 266A 0
579 B 106ms
105ms Image
text/html 204.48.28.205
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serv-vdo.pixfuture.com/www/delivery/internel_req_demand.php?script=videoAds:&bidderCode=aol_cs_int&zoneid=11
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.48.28.205 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 21:47:39 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Wed, 28 Apr 2021 21:47:39 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame B17F 36 KB
12 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:14:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 1998
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Mon, 26 Apr 2021 22:14:21 GMT

GET
H/1.1 200
OK 1cOB4sKZGVtuf69VhZVrMN3zAw0BCUWiKk2GoZrIK3yg63SWosWzAw== Show response
ads.adaptv.advertising.com/a/h/ Frame 3C2D 249 B
551 B 113ms
29ms XHR
text/xml 52.59.160.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/1cOB4sKZGVtuf69VhZVrMN3zAw0BCUWiKk2GoZrIK3yg63SWosWzAw==?cb=476281f530&gdpr=0&gdpr_consent=undefined&pet=preroll&pageUrl=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&duration=120&pi.width=640&pi.height=360&pi.viewable=1&a.ip=194.187.251.57&a.ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&eov=eov&us_privacy=1---&schain=1.0,1!pixfuture.com,231,1,MTEyMDIxLTA0LTI2IDA5MDk6NDc0NzozNDM0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.59.160.25 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

adaptv/1.0 /

Resource Hash

6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

GET
H3-29 200 bridge3.453.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 3C6D 570 KB
186 KB 6ms
6ms Document
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03fa924099182c607c33fb7877f50e7de0ae3522e1bcff8f7247ae5e88a2b25b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.453.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 190793
date: Thu, 22 Apr 2021 15:44:13 GMT
expires: Fri, 22 Apr 2022 15:44:13 GMT
last-modified: Wed, 21 Apr 2021 20:50:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 367407
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 p-7ccbedljiLMl2.gif
pixel.quantserve.com/pixel/ Frame 266A 35 B
210 B 8ms
8ms Image
image/gif 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-7ccbedljiLMl2.gif

Requested by

Host: serv-vdo.pixfuture.com
URL: https://serv-vdo.pixfuture.com/vpaid/ads-iframe.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 21:47:40 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK internel_req_demand.php
serv-vdo.pixfuture.com/www/delivery/ Frame 266A 0
579 B 106ms
105ms Image
text/html 204.48.28.205
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serv-vdo.pixfuture.com/www/delivery/internel_req_demand.php?script=videoAds:&bidderCode=aol_cs_int&zoneid=11
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.48.28.205 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 21:47:40 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Wed, 28 Apr 2021 21:47:40 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame A0AC 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:14:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 1999
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Mon, 26 Apr 2021 22:14:21 GMT

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 103ms
102ms Image
image/gif 52.70.144.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=6981&val=0&wnx=0&abc=&ty=grf&v=0&ext=0&ta=1&lnx=0&sid=Osi3mNltXbV876WpjDifDXJ67ql8zdhQ&pid=bangordailynewscom&wid=0011r00002SRK6m_6242&pt=a
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.144.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-144-100.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:40 GMT
last-modified: Wed, 30 Dec 2020 14:34:46 GMT
server: nginx
accept-ranges: bytes
etag: "5fec9006-23"
content-length: 35
content-type: image/gif

GET
H3-29 200 bridge3.453.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 1069 570 KB
186 KB 8ms
7ms Document
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03fa924099182c607c33fb7877f50e7de0ae3522e1bcff8f7247ae5e88a2b25b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.453.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bangordailynews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://bangordailynews.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 190793
date: Thu, 22 Apr 2021 15:44:13 GMT
expires: Fri, 22 Apr 2022 15:44:13 GMT
last-modified: Wed, 21 Apr 2021 20:50:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 367407
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 0396 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:14:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 1999
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Mon, 26 Apr 2021 22:14:21 GMT

GET
H/1.1 200
OK 1cOB4sKZGVtuf69VhZVrMCSPYDez0LhhKrCINBW6Tb+g63SWosWzAw== Show response
ads.adaptv.advertising.com/a/h/ Frame 3C6D 3 KB
1 KB 26ms
24ms XHR
text/xml 52.59.160.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.59.160.25 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

adaptv/1.0 /

Resource Hash

2cdd1d2d549597ecf5f8f17be52448747fb37fb9fe68300f541b4267349d0974

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 1127
expires: 0

POST
H3-29 204 csi
csi.gstatic.com/ Frame 3C6D 0
17 B 359ms
180ms Ping
image/gif 2607:f8b0:400a:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~knz4sxj6&c=8634930156092&slotId=4317465078046&fb=ima-html5&sdkv=h.3.453.0&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&vmfc=1&vhc=0&ccc=5&ccrh=5&ccri=0&ccrs=0&ccru=0&ccrhc=true&ghmsh_eids=44739555%2C44739826%2C44740262
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:400a:80a::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 21:47:40 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 loader.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame F123 50 KB
18 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/loader.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

733f87f07bd9fe3cb01564f66523fbbcc3bb54614363eda52236e5cd32ca3d5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:40:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 21 Apr 2021 20:57:11 GMT
server: sffe
age: 441
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18070
x-xss-protection: 0
expires: Mon, 26 Apr 2021 21:55:19 GMT

GET
H2 200 o2shim Show response
acds.prod.vidible.tv/ Frame F123 15 KB
7 KB 116ms
33ms Script
application/javascript 54.195.94.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://acds.prod.vidible.tv/o2shim?companionId=&cpmPassback=&placementId=1003583&orgId=24140&injectCompanionDummy=&pauseOnClick=&d.vw=&d.app=&r=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&vrid=7656f8f8-6293-4cab-84f4-c7e47cf48643&pblob=
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.195.94.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a8246c5b90bc189edde422a0d23fdae94abeea1bd6c39942c449794c98c1eebe

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:40 GMT
content-encoding: gzip
access-control-max-age: 3600
access-control-allow-methods: POST, GET, HEAD, PUT, PATCH, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-headers
content-length: 6727

GET
H2 200 0.js Show response
cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/ Frame F123 317 KB
102 KB 25ms
6ms Script
application/javascript 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/0.js

Requested by

Host: acds.prod.vidible.tv
URL: https://acds.prod.vidible.tv/o2shim?companionId=&cpmPassback=&placementId=1003583&orgId=24140&injectCompanionDummy=&pauseOnClick=&d.vw=&d.app=&r=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&vrid=7656f8f8-6293-4cab-84f4-c7e47cf48643&pblob=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

9451b6a3cdd0cdb92edab30292bd02e5a841fc9f27133ba127ee9717db70cff4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Mon, 19 Apr 2021 12:03:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 639826
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-length: 104243
x-amz-id-2: Uoz/vTC59WpkUOegD4uaVOEMEU+4IJwaPw3/reyxZPPJTLPP41z4SuFZavqdKCffwz+YtijK6nU=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 31 Mar 2021 05:09:03 GMT
server: ATS
etag: "ce274b08c0547a727a3ff76c208f4a16-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
x-amz-request-id: XC6VVQ0DSA6F75BJ
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: null
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 impression.gif
trk.vidible.tv/trk/ Frame F123 43 B
246 B 80ms
22ms Image
image/gif 3.122.87.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/impression.gif?pid=59947c0544a64b1a49e52a48&bcid=59b6c8917cdce075232fe0e3&s=true&pv=10.2.63&ifr=true&cb=0.5895305173124117&pt=o2unit&sid=bba61d23-c40c-4b8b-9f7d-208656f224df&r=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.87.145 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.4 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:40 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.4
content-type: image/gif
content-length: 43
expires: Mon, 26 Apr 2021 21:47:40 GMT

GET
H2 200 moatapi.js Show response
z.moatads.com/aolvidibleapi29384728347/ Frame 266A 133 KB
44 KB 80ms
26ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/aolvidibleapi29384728347/moatapi.js
Requested by: Host: cdn-ssl.vidible.tv
URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 90542f9de6cab010087ab4bcab0e3b0a2ec1e449e445434dc1bb5c852033f046

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:40 GMT
content-encoding: gzip
last-modified: Tue, 25 Feb 2020 18:37:38 GMT
server: AmazonS3
x-amz-request-id: 844FF664DE0AB17A
etag: "d678022569896f7b7293494e3a69c8c7"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=50220
accept-ranges: bytes
content-length: 44266
x-amz-id-2: KrpVRZD3M0T4g9xUncS5g3siU6Z/qnTuCp2KYOKEtN/tCl8UaA8yn/9PP1OCFx0nXyimfljs5VQ=

GET
H2 200 local-storage.html Show response
cdn-ssl.vidible.tv/prod/player/ad-time/ Frame AE30 2 KB
781 B 6ms
6ms Document
text/html 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/player/ad-time/local-storage.html

Requested by

Host: cdn-ssl.vidible.tv
URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

25234bf0138f056ab8b0706a3f5d76bcee06a5bfa500f3bb04e715c252476c6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: cdn-ssl.vidible.tv
:scheme: https
:path: /prod/player/ad-time/local-storage.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-id-2: zHRXkkGcGjoHNOT3K7sJTBH7ffL5kIC0N+GtcdPRM+8UN7SfhTdIryh6hEav/WDH6pmHZ2pNIkc=
x-amz-request-id: 2M9E3G67MAJCC8DH
date: Tue, 20 Apr 2021 12:11:53 GMT
last-modified: Wed, 19 Feb 2020 12:29:18 GMT
etag: "3ba0167f9f40b17c70af8074ec7b3c55-df"
x-amz-server-side-encryption: AES256
x-amz-version-id: null
accept-ranges: bytes
content-type: text/html
server: ATS
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=1209600
age: 552949
ats-carp-promotion: 1
access-control-allow-methods: GET
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
content-length: 557
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff

GET
H/1.1 200
OK 1cOB4sKZGVtuf69VhZVrMCSPYDez0LhhKrCINBW6Tb+g63SWosWzAw== Show response
ads.adaptv.advertising.com/a/h/ Frame F123 249 B
549 B 102ms
30ms XHR
text/xml 52.59.160.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/1cOB4sKZGVtuf69VhZVrMCSPYDez0LhhKrCINBW6Tb+g63SWosWzAw==?cb=90c4f096f0&gdpr=0&gdpr_consent=undefined&pet=preroll&pageUrl=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&eov=eov&us_privacy=1---&schain=1.0,1!pixfuture.com,231,1,MTEyMDIxLTA0LTI2IDA5MDk6NDc0NzozNDM0&a.cluster=0&a.pvt=0&a.d.pageUrl=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&a.hasAppInfo=2&a.sdk=o2unit&a.sdkType=js&depth=0&height=360&moatViewableOpportunity=0&p.vw.active=1&p.vw.psize=3&p.vw.viewable=0&p.vw.viewableOpportunity=0&referrerUrl=&width=640

Requested by

Host: cdn-ssl.vidible.tv
URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.59.160.25 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

adaptv/1.0 /

Resource Hash

6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: text/javascript, application/json, text/html, application/xml, text/xml, */*
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://bangordailynews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

GET
H2 200 display.gif
trk.vidible.tv/trk/ Frame F123 43 B
245 B 24ms
23ms Image
image/gif 3.122.87.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/display.gif?bcid=59b6c8917cdce075232fe0e3&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.63&r=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&s=true&sid=bba61d23-c40c-4b8b-9f7d-208656f224df&vvuid=5bc8a2c1-afc4-46c3-899e-c68a3fce6fa6&orgId=24140&plcid=1003583&vrid=7656f8f8-6293-4cab-84f4-c7e47cf48643&ab=0&dt=85&h=0&spaceid=793604934&w=0&cb=0.3792177706177897
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.87.145 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.4 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:40 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.4
content-type: image/gif
content-length: 43
expires: Mon, 26 Apr 2021 21:47:40 GMT

GET
H2 200 ad-request.gif
trk.vidible.tv/trk/ Frame F123 43 B
245 B 24ms
23ms Image
image/gif 3.122.87.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/ad-request.gif?bcid=59b6c8917cdce075232fe0e3&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.63&r=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&s=true&sid=bba61d23-c40c-4b8b-9f7d-208656f224df&vvuid=5bc8a2c1-afc4-46c3-899e-c68a3fce6fa6&orgId=24140&plcid=1003583&vrid=7656f8f8-6293-4cab-84f4-c7e47cf48643&at=preroll&ps=html5-vpaid&spaceid=793604934&p.vw.active=1&p.vw.sound=0&vwa=0&vwm=-1&cb=0.36792585206320116
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.87.145 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.4 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:40 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.4
content-type: image/gif
content-length: 43
expires: Mon, 26 Apr 2021 21:47:40 GMT

GET
H2 200 ad-engine-request.gif
trk.vidible.tv/trk/ Frame F123 43 B
245 B 24ms
23ms Image
image/gif 3.122.87.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/ad-engine-request.gif?bcid=59b6c8917cdce075232fe0e3&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.63&r=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&s=true&sid=bba61d23-c40c-4b8b-9f7d-208656f224df&vvuid=5bc8a2c1-afc4-46c3-899e-c68a3fce6fa6&orgId=24140&plcid=1003583&vrid=7656f8f8-6293-4cab-84f4-c7e47cf48643&at=preroll&adIdx=-1&pbl=true&ps=html5-vpaid&seq=-1&spaceid=793604934&v=593fb311c214e33ec50202f0&w=0&p.vw.active=1&p.vw.sound=0&vwa=0&vwm=-1&h=0&cb=0.24318015640364288
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.87.145 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.4 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:40 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.4
content-type: image/gif
content-length: 43
expires: Mon, 26 Apr 2021 21:47:40 GMT

GET
H3-29 200 ads Show response
pagead2.googlesyndication.com/gampad/live/ Frame 1069 0
24 B 44ms
44ms XHR
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/live/ads?iu=%2F8749%2FBDN_Ora&description_url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4430275947260062&sdkv=h.3.453.0&osd=2&frm=1&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&us_privacy=1---&gdpr=1&gdpr_consent=tcunavailable&sdki=44d&adk=3360247788&sdk_apis=2%2C8&sid=A6D7D495-8426-4024-8904-F65F3DDFB892&eid=44736153%2C44739826&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&dlt=1619473653083&idt=7357&dt=1619473660891&scor=442459739775873&ged=ve4_td8_tt6_pd8_la8000_er1843.317.1996.617_vi0.0.1200.1600_vp0_ts6_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ltt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:40 GMT
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: ltt
google-creative-id: -2
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 28ms
26ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&ac=1&bq=7&i=AOL_VIDIBLE_API1&t=1619473660971&de=169039723335&d=110%3A-%3A-%3A-&bo=bangordailynews.com&bd=bangordailynews.com&f=0&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 21:47:40 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 26 Apr 2021 21:47:40 GMT

GET ad-engine-response.gif
trk.vidible.tv/trk/ Frame F123 0
0

POST csi
csi.gstatic.com/ Frame 3C6D 0
0

GET
H3-29 200 bridge3.453.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 8043 570 KB
186 KB 6ms
6ms Document
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03fa924099182c607c33fb7877f50e7de0ae3522e1bcff8f7247ae5e88a2b25b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.453.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 190793
date: Thu, 22 Apr 2021 15:44:13 GMT
expires: Fri, 22 Apr 2022 15:44:13 GMT
last-modified: Wed, 21 Apr 2021 20:50:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 367407
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 p-7ccbedljiLMl2.gif
pixel.quantserve.com/pixel/ Frame 266A 35 B
210 B 8ms
8ms Image
image/gif 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-7ccbedljiLMl2.gif

Requested by

Host: serv-vdo.pixfuture.com
URL: https://serv-vdo.pixfuture.com/vpaid/ads-iframe.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 21:47:41 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK internel_req_demand.php
serv-vdo.pixfuture.com/www/delivery/ Frame 266A 0
579 B 106ms
106ms Image
text/html 204.48.28.205
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serv-vdo.pixfuture.com/www/delivery/internel_req_demand.php?script=videoAds:&bidderCode=aol_cs_int&zoneid=11
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.48.28.205 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 21:47:41 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Wed, 28 Apr 2021 21:47:41 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 0EC9 36 KB
12 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:14:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 2000
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Mon, 26 Apr 2021 22:14:21 GMT

POST
H/1.1 200
OK st Show response
capi.connatix.com/tr/ Frame B0FE 0
300 B 113ms
112ms XHR
multipart/form-data 3.143.119.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/st?v=115064
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.143.119.104 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Mon, 26 Apr 2021 21:47:41 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://bangordailynews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

GET
H/1.1 200
OK 1cOB4sKZGVtuf69VhZVrMDSdWzhQWF8Se9Jkh26K1oKg63SWosWzAw== Show response
ads.adaptv.advertising.com/a/h/ Frame 8043 3 KB
1 KB 25ms
24ms XHR
text/xml 52.59.160.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.59.160.25 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

adaptv/1.0 /

Resource Hash

9fbdae1e16979edef66c565f906870e34777c649e206e9046c597ec0100dd144

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 1123
expires: 0

POST
H3-29 204 csi
csi.gstatic.com/ Frame 8043 0
17 B 178ms
178ms Ping
image/gif 2607:f8b0:400a:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~knz4sy93&c=8634930156092&slotId=4317465078046&fb=ima-html5&sdkv=h.3.453.0&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&vmfc=1&vhc=0&ccc=5&ccrh=5&ccri=0&ccrs=0&ccru=0&ccrhc=true&ghmsh_eids=44739555%2C44739826%2C44740262
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:400a:80a::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 21:47:41 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 loader.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 8445 50 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/loader.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

733f87f07bd9fe3cb01564f66523fbbcc3bb54614363eda52236e5cd32ca3d5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:40:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 21 Apr 2021 20:57:11 GMT
server: sffe
age: 442
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18070
x-xss-protection: 0
expires: Mon, 26 Apr 2021 21:55:19 GMT

GET
H2 200 o2shim Show response
acds.prod.vidible.tv/ Frame 8445 15 KB
7 KB 35ms
35ms Script
application/javascript 54.195.94.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://acds.prod.vidible.tv/o2shim?companionId=&cpmPassback=&placementId=1003578&orgId=24140&injectCompanionDummy=&pauseOnClick=&d.vw=&d.app=&r=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&vrid=af13b321-d0bf-4ae6-8022-076994eecea4&pblob=
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.195.94.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 77c575a970d17c4249957b51211e13c941644394ec552656b38df05e81cae41a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:42 GMT
content-encoding: gzip
access-control-max-age: 3600
access-control-allow-methods: POST, GET, HEAD, PUT, PATCH, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-headers
content-length: 6726

GET
H2 200 0.js Show response
cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/ Frame 8445 317 KB
102 KB 7ms
6ms Script
application/javascript 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/0.js

Requested by

Host: acds.prod.vidible.tv
URL: https://acds.prod.vidible.tv/o2shim?companionId=&cpmPassback=&placementId=1003578&orgId=24140&injectCompanionDummy=&pauseOnClick=&d.vw=&d.app=&r=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&vrid=af13b321-d0bf-4ae6-8022-076994eecea4&pblob=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

9451b6a3cdd0cdb92edab30292bd02e5a841fc9f27133ba127ee9717db70cff4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Mon, 19 Apr 2021 12:03:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 639828
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-length: 104243
x-amz-id-2: Uoz/vTC59WpkUOegD4uaVOEMEU+4IJwaPw3/reyxZPPJTLPP41z4SuFZavqdKCffwz+YtijK6nU=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 31 Mar 2021 05:09:03 GMT
server: ATS
etag: "ce274b08c0547a727a3ff76c208f4a16-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
x-amz-request-id: XC6VVQ0DSA6F75BJ
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: null
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 impression.gif
trk.vidible.tv/trk/ Frame 8445 43 B
245 B 23ms
23ms Image
image/gif 3.122.87.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/impression.gif?pid=59947c0544a64b1a49e52a48&bcid=59b6c8917cdce075232fe0e3&s=true&pv=10.2.63&ifr=true&cb=0.9295758987366403&pt=o2unit&sid=776d556a-21b4-41c2-9ddf-59edee5982bc&r=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.87.145 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.4 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:42 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.4
content-type: image/gif
content-length: 43
expires: Mon, 26 Apr 2021 21:47:42 GMT

GET
H2 200 moatapi.js Show response
z.moatads.com/aolvidibleapi29384728347/ Frame 266A 133 KB
44 KB 27ms
27ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/aolvidibleapi29384728347/moatapi.js
Requested by: Host: cdn-ssl.vidible.tv
URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 90542f9de6cab010087ab4bcab0e3b0a2ec1e449e445434dc1bb5c852033f046

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:42 GMT
content-encoding: gzip
last-modified: Tue, 25 Feb 2020 18:37:38 GMT
server: AmazonS3
x-amz-request-id: 844FF664DE0AB17A
etag: "d678022569896f7b7293494e3a69c8c7"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=50218
accept-ranges: bytes
content-length: 44266
x-amz-id-2: KrpVRZD3M0T4g9xUncS5g3siU6Z/qnTuCp2KYOKEtN/tCl8UaA8yn/9PP1OCFx0nXyimfljs5VQ=

GET
H2 200 local-storage.html Show response
cdn-ssl.vidible.tv/prod/player/ad-time/ Frame 2E62 2 KB
614 B 7ms
6ms Document
text/html 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/player/ad-time/local-storage.html

Requested by

Host: cdn-ssl.vidible.tv
URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

25234bf0138f056ab8b0706a3f5d76bcee06a5bfa500f3bb04e715c252476c6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: cdn-ssl.vidible.tv
:scheme: https
:path: /prod/player/ad-time/local-storage.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-id-2: zHRXkkGcGjoHNOT3K7sJTBH7ffL5kIC0N+GtcdPRM+8UN7SfhTdIryh6hEav/WDH6pmHZ2pNIkc=
x-amz-request-id: 2M9E3G67MAJCC8DH
date: Tue, 20 Apr 2021 12:11:53 GMT
last-modified: Wed, 19 Feb 2020 12:29:18 GMT
etag: "3ba0167f9f40b17c70af8074ec7b3c55-df"
x-amz-server-side-encryption: AES256
x-amz-version-id: null
accept-ranges: bytes
content-type: text/html
server: ATS
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=1209600
age: 552951
ats-carp-promotion: 1
access-control-allow-methods: GET
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
content-length: 557
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff

GET
H/1.1 200
OK 1cOB4sKZGVtuf69VhZVrMDSdWzhQWF8Se9Jkh26K1oKg63SWosWzAw== Show response
ads.adaptv.advertising.com/a/h/ Frame 8445 249 B
549 B 29ms
27ms XHR
text/xml 52.59.160.25
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/1cOB4sKZGVtuf69VhZVrMDSdWzhQWF8Se9Jkh26K1oKg63SWosWzAw==?cb=4c69f06d91&gdpr=0&gdpr_consent=undefined&pet=preroll&pageUrl=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&eov=eov&us_privacy=1---&schain=1.0,1!pixfuture.com,231,1,MTEyMDIxLTA0LTI2IDA5MDk6NDc0NzozNDM0&a.cluster=0&a.pvt=0&a.d.pageUrl=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&a.hasAppInfo=2&a.sdk=o2unit&a.sdkType=js&depth=0&height=360&moatViewableOpportunity=0&p.vw.active=1&p.vw.psize=3&p.vw.viewable=0&p.vw.viewableOpportunity=0&referrerUrl=&width=640

Requested by

Host: cdn-ssl.vidible.tv
URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.59.160.25 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

adaptv/1.0 /

Resource Hash

6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: text/javascript, application/json, text/html, application/xml, text/xml, */*
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://bangordailynews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

GET
H2 200 display.gif
trk.vidible.tv/trk/ Frame 8445 43 B
245 B 25ms
23ms Image
image/gif 3.122.87.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/display.gif?bcid=59b6c8917cdce075232fe0e3&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.63&r=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&s=true&sid=776d556a-21b4-41c2-9ddf-59edee5982bc&vvuid=486b7aea-8a35-4d65-b520-34b6bbb9041d&orgId=24140&plcid=1003578&vrid=af13b321-d0bf-4ae6-8022-076994eecea4&ab=0&dt=39&h=0&spaceid=793604934&w=0&cb=0.007713232037832585
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.87.145 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.4 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:42 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.4
content-type: image/gif
content-length: 43
expires: Mon, 26 Apr 2021 21:47:42 GMT

GET
H2 200 ad-request.gif
trk.vidible.tv/trk/ Frame 8445 43 B
245 B 25ms
23ms Image
image/gif 3.122.87.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/ad-request.gif?bcid=59b6c8917cdce075232fe0e3&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.63&r=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&s=true&sid=776d556a-21b4-41c2-9ddf-59edee5982bc&vvuid=486b7aea-8a35-4d65-b520-34b6bbb9041d&orgId=24140&plcid=1003578&vrid=af13b321-d0bf-4ae6-8022-076994eecea4&at=preroll&ps=html5-vpaid&spaceid=793604934&p.vw.active=1&p.vw.sound=0&vwa=0&vwm=-1&cb=0.7556680613638607
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.87.145 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.8 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:42 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.8
content-type: image/gif
content-length: 43
expires: Mon, 26 Apr 2021 21:47:42 GMT

GET
H2 200 ad-engine-request.gif
trk.vidible.tv/trk/ Frame 8445 43 B
245 B 24ms
23ms Image
image/gif 3.122.87.145
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/ad-engine-request.gif?bcid=59b6c8917cdce075232fe0e3&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.63&r=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&s=true&sid=776d556a-21b4-41c2-9ddf-59edee5982bc&vvuid=486b7aea-8a35-4d65-b520-34b6bbb9041d&orgId=24140&plcid=1003578&vrid=af13b321-d0bf-4ae6-8022-076994eecea4&at=preroll&adIdx=-1&pbl=true&ps=html5-vpaid&seq=-1&spaceid=793604934&v=593fb311c214e33ec50202f0&w=0&p.vw.active=1&p.vw.sound=0&vwa=0&vwm=-1&h=0&cb=0.10576639864650161
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.122.87.145 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.4 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:42 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.4
content-type: image/gif
content-length: 43
expires: Mon, 26 Apr 2021 21:47:42 GMT

GET ad-engine-response.gif
trk.vidible.tv/trk/ Frame 8445 0
0

POST csi
csi.gstatic.com/ Frame 8043 0
0

GET
H3-29 200 bridge3.453.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 22B0 570 KB
186 KB 7ms
6ms Document
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03fa924099182c607c33fb7877f50e7de0ae3522e1bcff8f7247ae5e88a2b25b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.453.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 190793
date: Thu, 22 Apr 2021 15:44:13 GMT
expires: Fri, 22 Apr 2022 15:44:13 GMT
last-modified: Wed, 21 Apr 2021 20:50:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 367409
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK internel_req_demand.php
serv-vdo.pixfuture.com/www/delivery/ Frame 266A 0
579 B 108ms
107ms Image
text/html 204.48.28.205
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serv-vdo.pixfuture.com/www/delivery/internel_req_demand.php?script=videoAds:&bidderCode=Appnexus_cs_int&zoneid=11
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.48.28.205 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 21:47:42 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Wed, 28 Apr 2021 21:47:42 GMT

GET
H2 200 p-7ccbedljiLMl2.gif
pixel.quantserve.com/pixel/ Frame 266A 35 B
210 B 8ms
8ms Image
image/gif 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-7ccbedljiLMl2.gif

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 21:47:42 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 28ms
26ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&ac=1&bq=7&i=AOL_VIDIBLE_API1&t=1619473662134&de=32386700135&d=239%3A-%3A-%3A-&bo=bangordailynews.com&bd=bangordailynews.com&f=0&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 21:47:42 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Mon, 26 Apr 2021 21:47:42 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 8DBA 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:14:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 2001
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Mon, 26 Apr 2021 22:14:21 GMT

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 103ms
103ms Image
image/gif 52.70.144.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=i5lwowrnnztueuzummzwmzcdku2w443f&inx=0&rt=9365&val=ad%3Dhttps%253A%252F%252Fvid.springserve.com%252Fvast%252F630417%253Fima%253D4%2526w%253D780%2526h%253D439%2526url%253Dhttps%25253A%25252F%25252Fbangordailynews.com%25252F2021%25252F04%25252F23%25252Fnews%25252Fbangor%25252Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%25252F%2526cb%253D15786733%2526widgetid%253D0011r00002SRK6m_6242%2526lob%253D%2526clipid%253Di5lwowrnnztueuzummzwmzcdku2w443f%2526key_custom1%253D%255Ew%253D0011r00002SRK6m_6242%255Ec%253Di5lwowrnnztueuzummzwmzcdku2w443f%255Ei%253D1%255Eab%253D%255Ev%253D0%255Ep%253Dbangordailynewscom%2526key_custom2%253D%255Ed%253Dbangordailynews.com%255Eu%253D%255Edv%253D1%255Eco%253DBE%255Epl%253Da%2526gdpr%253D%2526consent%253D%2526viewability%253D0%2526schain%253D1.0%252C1%2521anyclip.com%252C0011r00002SRK6mAAH%252C1%252C%252C%252C%252C%2526us_privacy%253D1---%2526domain%253Dbangordailynews.com%26mavs%3D0%26rqcm%3D1%26m%3D1%26ast%3D-1%26smb%3D1%26sid%3DOsi3mNltXbV876WpjDifDXJ67ql8zdhQ%26imaw%3D0%26amd%3D1%26sf%3D0&wnx=1&abc=&ty=arq&v=0&ext=0&ta=1&lnx=0&sid=Osi3mNltXbV876WpjDifDXJ67ql8zdhQ&pid=bangordailynewscom&wid=0011r00002SRK6m_6242&pt=a&anx=2&arx=2&crt=4706&s=0&aty=vid&tty=ac&rol=mid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.144.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-144-100.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:42 GMT
last-modified: Wed, 30 Dec 2020 14:34:46 GMT
server: nginx
accept-ranges: bytes
etag: "5fec9006-23"
content-length: 35
content-type: image/gif

GET
H/1.1 200
OK ptv Show response
secure.adnxs.com/ Frame 22B0 27 B
1 KB 53ms
53ms XHR
application/xml 185.33.221.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/ptv?id=14406689&vmaxduration=120&vskippable=0&vplaybackmethod=4&vwidth=640&vheight=360&vcontext=4&vframeworks=1,2&referrer=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&cb=3b852c1467&gdpr=0&gdpr_consent=undefined&us_privacy=1---&schain=1.0,1!pixfuture.com,231,1,MTEyMDIxLTA0LTI2IDA5MDk6NDc0NzozNDM0

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.52 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

725.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 21:47:42 GMT
X-Proxy-Origin: 194.187.251.57; 194.187.251.57; 725.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.136:80
AN-X-Request-Uuid: b0f6a332-5b17-442c-a691-197d6f4ea65b
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://imasdk.googleapis.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 27
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29 200 bridge3.453.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame D873 570 KB
186 KB 6ms
6ms Document
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03fa924099182c607c33fb7877f50e7de0ae3522e1bcff8f7247ae5e88a2b25b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.453.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 190793
date: Thu, 22 Apr 2021 15:44:13 GMT
expires: Fri, 22 Apr 2022 15:44:13 GMT
last-modified: Wed, 21 Apr 2021 20:50:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 367409
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 p-7ccbedljiLMl2.gif
pixel.quantserve.com/pixel/ Frame 266A 35 B
210 B 8ms
8ms Image
image/gif 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-7ccbedljiLMl2.gif

Requested by

Host: serv-vdo.pixfuture.com
URL: https://serv-vdo.pixfuture.com/vpaid/ads-iframe.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 21:47:42 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK internel_req_demand.php
serv-vdo.pixfuture.com/www/delivery/ Frame 266A 0
579 B 106ms
106ms Image
text/html 204.48.28.205
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serv-vdo.pixfuture.com/www/delivery/internel_req_demand.php?script=videoAds:&bidderCode=open_int&zoneid=11
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.48.28.205 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 21:47:42 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Wed, 28 Apr 2021 21:47:42 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 7FDB 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:14:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 2001
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Mon, 26 Apr 2021 22:14:21 GMT

GET
H2 200 / Show response
lreprx-server.anyclip.com/ Frame FC11 1 KB
2 KB 103ms
103ms XHR
text/xml 34.225.120.49
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://lreprx-server.anyclip.com/?ad=https%3A%2F%2Fvid.springserve.com%2Fvast%2F630417%3Fima%3D4%26w%3D780%26h%3D439%26url%3Dhttps%253A%252F%252Fbangordailynews.com%252F2021%252F04%252F23%252Fnews%252Fbangor%252Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%252F%26cb%3D15786733%26widgetid%3D0011r00002SRK6m_6242%26lob%3D%26clipid%3Di5lwowrnnztueuzummzwmzcdku2w443f%26key_custom1%3D%5Ew%3D0011r00002SRK6m_6242%5Ec%3Di5lwowrnnztueuzummzwmzcdku2w443f%5Ei%3D1%5Eab%3D%5Ev%3D0%5Ep%3Dbangordailynewscom%26key_custom2%3D%5Ed%3Dbangordailynews.com%5Eu%3D%5Edv%3D1%5Eco%3DBE%5Epl%3Da%26gdpr%3D%26consent%3D%26viewability%3D0%26schain%3D1.0%2C1%21anyclip.com%2C0011r00002SRK6mAAH%2C1%2C%2C%2C%2C%26us_privacy%3D1---%26domain%3Dbangordailynews.com&mavs=0&rqcm=1&m=1&ast=-1&smb=1&sid=Osi3mNltXbV876WpjDifDXJ67ql8zdhQ&imaw=0&amd=1&sf=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.225.120.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: / Express
Resource Hash: f2a6dd482e5b6b27519d7e0f7530b29e1f779ffe681030a677ddc67b85c10fee

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://imasdk.googleapis.com
date: Mon, 26 Apr 2021 21:47:43 GMT
access-control-allow-credentials: true
x-powered-by: Express
content-length: 1413
etag: W/"585-vXP7SgF6v9z5CQhN0eil6WaI9Ew"
content-type: text/xml; charset=utf-8

POST
H2 204 csi
csi.gstatic.com/ Frame FC11 0
54 B 179ms
178ms Ping
image/gif 2607:f8b0:400a:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~knz4stvq&c=8634930156092&slotId=4317465078046&fb=ima-html5&sdkv=h.3.453.0&mrd=4&aab=1&itv=1&met.4=err.knz4svi5&aec=901
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:400a:80a::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 21:47:43 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 loader.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 5F03 50 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/loader.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

733f87f07bd9fe3cb01564f66523fbbcc3bb54614363eda52236e5cd32ca3d5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:40:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 21 Apr 2021 20:57:11 GMT
server: sffe
age: 444
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18070
x-xss-protection: 0
expires: Mon, 26 Apr 2021 21:55:19 GMT

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 103ms
103ms Image
image/gif 52.70.144.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=i5lwowrnnztueuzummzwmzcdku2w443f&inx=0&rt=9987&val=&wnx=1&abc=&ty=alo&v=0&ext=0&ta=1&lnx=0&sid=Osi3mNltXbV876WpjDifDXJ67ql8zdhQ&pid=bangordailynewscom&wid=0011r00002SRK6m_6242&pt=a&anx=2&arx=2&crt=5328&s=0&aty=vid&tty=ac&rol=mid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.144.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-144-100.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:43 GMT
last-modified: Wed, 30 Dec 2020 14:34:46 GMT
server: nginx
accept-ranges: bytes
etag: "5fec9006-23"
content-length: 35
content-type: image/gif

GET
H/1.1 200
OK lreprx.js Show response
player.anyclip.com/lreprx/js/v1/src/ Frame 5F03 33 KB
10 KB 24ms
24ms Script
application/javascript 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://player.anyclip.com/lreprx/js/v1/src/lreprx.js?ad_tag=https%3A%2F%2Fvid.springserve.com%2Fvast%2F630417%3Fima%3D4%26w%3D780%26h%3D439%26url%3Dhttps%253A%252F%252Fbangordailynews.com%252F2021%252F04%252F23%252Fnews%252Fbangor%252Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%252F%26cb%3D15786733%26widgetid%3D0011r00002SRK6m_6242%26lob%3D%26clipid%3Di5lwowrnnztueuzummzwmzcdku2w443f%26key_custom1%3D%5Ew%3D0011r00002SRK6m_6242%5Ec%3Di5lwowrnnztueuzummzwmzcdku2w443f%5Ei%3D1%5Eab%3D%5Ev%3D0%5Ep%3Dbangordailynewscom%26key_custom2%3D%5Ed%3Dbangordailynews.com%5Eu%3D%5Edv%3D1%5Eco%3DBE%5Epl%3Da%26gdpr%3D%26consent%3D%26viewability%3D0%26schain%3D1.0%2C1!anyclip.com%2C0011r00002SRK6mAAH%2C1%2C%2C%2C%2C%26us_privacy%3D1---%26domain%3Dbangordailynews.com&sid=Osi3mNltXbV876WpjDifDXJ67ql8zdhQ&imaw=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/loader.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash: b71963704e136edf961e62f8293a52e71ec294d069270d5108d41001a1aeea79

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 21:47:43 GMT
Content-Encoding: gzip
Age: 49246
Connection: keep-alive
Content-Length: 9324
x-amz-id-2: MvnKdu9HLNmuAOS6H9bV+ty3WcpDMJXgtwreNyioAibEuA1OxzR/5cnaw1nbFohcyQKUnARpFsw=
Last-Modified: Sun, 07 Mar 2021 09:26:06 GMT
Server: AmazonS3
Vary: Accept-Encoding
x-amz-request-id: 29JF1Q0DH5B7ECSG
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=60
x-amz-version-id: FaPWwIbbXX6vU3u1YrO_6kI7ChoCX9Rb
Accept-Ranges: bytes
Content-Type: application/javascript
X-LLID: 06b6c13f0df2edf6a461d1838bf457e1
Expires: Mon, 26 Apr 2021 08:07:57 GMT

GET
H2 200 630417 Show response
vid.springserve.com/vast/ Frame 5F03 3 KB
2 KB 38ms
38ms Fetch
application/xml 52.210.137.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/630417?ima=4&w=780&h=439&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&cb=15786733&widgetid=0011r00002SRK6m_6242&lob=&clipid=i5lwowrnnztueuzummzwmzcdku2w443f&key_custom1=^w=0011r00002SRK6m_6242^c=i5lwowrnnztueuzummzwmzcdku2w443f^i=1^ab=^v=0^p=bangordailynewscom&key_custom2=^d=bangordailynews.com^u=^dv=1^co=BE^pl=a&gdpr=&consent=&viewability=0&schain=1.0,1!anyclip.com,0011r00002SRK6mAAH,1,,,,&us_privacy=1---&domain=bangordailynews.com
Requested by: Host: player.anyclip.com
URL: https://player.anyclip.com/lreprx/js/v1/src/lreprx.js?ad_tag=https%3A%2F%2Fvid.springserve.com%2Fvast%2F630417%3Fima%3D4%26w%3D780%26h%3D439%26url%3Dhttps%253A%252F%252Fbangordailynews.com%252F2021%252F04%252F23%252Fnews%252Fbangor%252Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%252F%26cb%3D15786733%26widgetid%3D0011r00002SRK6m_6242%26lob%3D%26clipid%3Di5lwowrnnztueuzummzwmzcdku2w443f%26key_custom1%3D%5Ew%3D0011r00002SRK6m_6242%5Ec%3Di5lwowrnnztueuzummzwmzcdku2w443f%5Ei%3D1%5Eab%3D%5Ev%3D0%5Ep%3Dbangordailynewscom%26key_custom2%3D%5Ed%3Dbangordailynews.com%5Eu%3D%5Edv%3D1%5Eco%3DBE%5Epl%3Da%26gdpr%3D%26consent%3D%26viewability%3D0%26schain%3D1.0%2C1!anyclip.com%2C0011r00002SRK6mAAH%2C1%2C%2C%2C%2C%26us_privacy%3D1---%26domain%3Dbangordailynews.com&sid=Osi3mNltXbV876WpjDifDXJ67ql8zdhQ&imaw=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.137.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-137-162.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: a7489b6f2773a0dd600f00b553502e707e0d953176140a223964900f5627110d

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://bangordailynews.com
date: Mon, 26 Apr 2021 21:47:43 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-encoding: gzip
content-type: application/xml;charset=UTF-8

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 103ms
103ms Image
image/gif 52.70.144.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=i5lwowrnnztueuzummzwmzcdku2w443f&inx=0&rt=10027&val=1.1.11_183_prod&wnx=1&abc=&ty=xlo&v=0&ext=0&ta=1&lnx=0&sid=Osi3mNltXbV876WpjDifDXJ67ql8zdhQ&pid=bangordailynewscom&wid=0011r00002SRK6m_6242&pt=a
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.144.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-144-100.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:43 GMT
last-modified: Wed, 30 Dec 2020 14:34:46 GMT
server: nginx
accept-ranges: bytes
etag: "5fec9006-23"
content-length: 35
content-type: image/gif

GET
H2

200

av Show response
pixfuture2-d.openx.net/v/1.0/ Frame D873
Redirect Chain

https://pixfuture2-d.openx.net/v/1.0/av?auid=540453114&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-t...
https://pixfuture2-d.openx.net/v/1.0/av?cc=1&auid=540453114&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-l...

48 B
249 B

33ms
33ms

XHR
text/xml

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pixfuture2-d.openx.net/v/1.0/av?cc=1&auid=540453114&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&vht=360&vwd=640&cb=1be21eb6fb&us_privacy=1---&schain=1.0,1!pixfuture.com,231,1,MTEyMDIxLTA0LTI2IDA5MDk6NDc0NzozNDM0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.205.4 /
Resource Hash: a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 21:47:43 GMT
content-encoding: gzip
server: OXGW/16.205.4
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: text/xml
alt-svc: clear
content-length: 56
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Mon, 26 Apr 2021 21:47:43 GMT
via: 1.1 google
server: OXGW/16.205.4
location: https://pixfuture2-d.openx.net/v/1.0/av?cc=1&auid=540453114&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&vht=360&vwd=640&cb=1be21eb6fb&us_privacy=1---&schain=1.0,1!pixfuture.com,231,1,MTEyMDIxLTA0LTI2IDA5MDk6NDc0NzozNDM0
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://imasdk.googleapis.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

GET
H2 200 vpaid_982cce59.js Show response
vpaid.springserve.com/production/ Frame 5F03 483 KB
86 KB 7ms
6ms Script
application/javascript 2600:9000:2156:ce00:15:6f6c:b180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_982cce59.js
Requested by: Host: player.anyclip.com
URL: https://player.anyclip.com/lreprx/js/v1/src/lreprx.js?ad_tag=https%3A%2F%2Fvid.springserve.com%2Fvast%2F630417%3Fima%3D4%26w%3D780%26h%3D439%26url%3Dhttps%253A%252F%252Fbangordailynews.com%252F2021%252F04%252F23%252Fnews%252Fbangor%252Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%252F%26cb%3D15786733%26widgetid%3D0011r00002SRK6m_6242%26lob%3D%26clipid%3Di5lwowrnnztueuzummzwmzcdku2w443f%26key_custom1%3D%5Ew%3D0011r00002SRK6m_6242%5Ec%3Di5lwowrnnztueuzummzwmzcdku2w443f%5Ei%3D1%5Eab%3D%5Ev%3D0%5Ep%3Dbangordailynewscom%26key_custom2%3D%5Ed%3Dbangordailynews.com%5Eu%3D%5Edv%3D1%5Eco%3DBE%5Epl%3Da%26gdpr%3D%26consent%3D%26viewability%3D0%26schain%3D1.0%2C1!anyclip.com%2C0011r00002SRK6mAAH%2C1%2C%2C%2C%2C%26us_privacy%3D1---%26domain%3Dbangordailynews.com&sid=Osi3mNltXbV876WpjDifDXJ67ql8zdhQ&imaw=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:ce00:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 917a243df62d59505a727f26b2d8c554c02ba074e678fb4f0386a3e58f6df1a2

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 18:42:00 GMT
content-encoding: br
last-modified: Tue, 20 Apr 2021 18:40:58 GMT
server: AmazonS3
age: 529544
etag: W/"f71e7ede41bd33d400f47552243c4827"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: 4CJbXe9s8liL6PTJBA_NB9ebCFchdupLP9m8zwEL9NVn_KEkR4NLYg==

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame FF68 38 KB
14 KB 28ms
27ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_982cce59.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://bangordailynews.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://bangordailynews.com/

Response headers

Last-Modified: Wed, 14 Apr 2021 09:18:30 GMT
ETag: "13006b6-98c2-5bfeb3aef82b4"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14060
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=23954
Expires: Tue, 27 Apr 2021 04:26:57 GMT
Date: Mon, 26 Apr 2021 21:47:43 GMT
Connection: keep-alive
Vary: Accept-Encoding

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 5F03 0
63 B 53ms
53ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_982cce59.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://bangordailynews.com
date: Mon, 26 Apr 2021 21:47:43 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H3-29 200 bridge3.453.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 5FF7 570 KB
186 KB 7ms
6ms Document
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03fa924099182c607c33fb7877f50e7de0ae3522e1bcff8f7247ae5e88a2b25b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.453.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 190793
date: Thu, 22 Apr 2021 15:44:13 GMT
expires: Fri, 22 Apr 2022 15:44:13 GMT
last-modified: Wed, 21 Apr 2021 20:50:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 367410
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 p-7ccbedljiLMl2.gif
pixel.quantserve.com/pixel/ Frame 266A 35 B
372 B 8ms
8ms Image
image/gif 2620:116:800d:21:f916:5049:f87f:108e
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-7ccbedljiLMl2.gif

Requested by

Host: serv-vdo.pixfuture.com
URL: https://serv-vdo.pixfuture.com/vpaid/ads-iframe.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:f916:5049:f87f:108e , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 21:47:43 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK internel_req_demand.php
serv-vdo.pixfuture.com/www/delivery/ Frame 266A 0
579 B 106ms
106ms Image
text/html 204.48.28.205
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serv-vdo.pixfuture.com/www/delivery/internel_req_demand.php?script=videoAds:&bidderCode=synacor_cs_int&zoneid=11
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.48.28.205 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 21:47:43 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Wed, 28 Apr 2021 21:47:43 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 6D80 36 KB
12 KB 9ms
5ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:14:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 2002
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Mon, 26 Apr 2021 22:14:21 GMT

GET
H/1.1 200
OK PugMaster Show response
image6.pubmatic.com/AdServer/ Frame FF68 0
75 B 76ms
18ms Script
text/plain 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=69128030&p=NaN&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=&sec=1&async=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 21:47:43 GMT
Content-Length: 0

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 5F03 334 KB
114 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_982cce59.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d25942b7da85bc7cdb258cdb436227b1de7e3a2b50c61f7d7050eff911f88f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117044
x-xss-protection: 0
expires: Mon, 26 Apr 2021 21:47:43 GMT

GET
H3-29 200 bridge3.453.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame F877 570 KB
186 KB 6ms
6ms Document
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03fa924099182c607c33fb7877f50e7de0ae3522e1bcff8f7247ae5e88a2b25b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.453.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bangordailynews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://bangordailynews.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 190793
date: Thu, 22 Apr 2021 15:44:13 GMT
expires: Fri, 22 Apr 2022 15:44:13 GMT
last-modified: Wed, 21 Apr 2021 20:50:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 367410
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 5F03 44 KB
17 KB 33ms
13ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Mon, 26 Apr 2021 21:47:43 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame E9DA 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:14:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 2002
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Mon, 26 Apr 2021 22:14:21 GMT

GET
H2 200 vast.xml Show response
reflex.media.syn-cdn.com/vpaid/ Frame 5FF7 794 B
850 B 133ms
31ms XHR
application/xml 152.199.22.185
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://reflex.media.syn-cdn.com/vpaid/vast.xml?publisher=82378&placement=89209&us_privacy=1---&schain=1.0,1!pixfuture.com,231,1,MTEyMDIxLTA0LTI2IDA5MDk6NDc0NzozNDM0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mrs/CB8B) /
Resource Hash: 3cf8879544d3f8a9d430ef9e2116e4dd27df189b983b4e3d6a6bebf4e5ea33fb

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:43 GMT
content-encoding: gzip
age: 240
x-cache: HIT
p3p: CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length: 506
access-control-allow-origin: https://imasdk.googleapis.com
last-modified: Thu, 08 Apr 2021 17:30:51 GMT
server: ECAcc (mrs/CB8B)
etag: "a31-5bf7968a2c8c0"
vary: Accept-Encoding
x-varnish: 302949509
via: 1.1 varnish
cache-control: public, max-age=3600, immutable
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/xml
expires: Mon, 26 Apr 2021 22:47:43 GMT

GET
H3-29 200 ads Show response
pagead2.googlesyndication.com/gampad/ Frame F877 0
23 B 18ms
18ms XHR
text/html 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?iu=%2F127641337%2Fbangordailynews.com875242&description_url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&env=vp&correlator=1963281532760309&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=640x480&unviewed_position_start=1&vpmute=0&vpa=auto&cust_params=domainname%3Dbangordailynews.comA%26viewability%3D0&gdpr_consent=_755&gdpr=1&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&sdkv=h.3.453.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70%2C728x90&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&us_privacy=1---&sdki=44d&adk=2408233548&sdk_apis=2%2C8&sid=781224BC-BBAF-46F1-829A-DAC529957527&eid=420706139%2C44739826&dlt=1619473663150&idt=295&dt=1619473663913&scor=3903949480485486&ged=ve4_td1_tt1_pd1_la1000_er3475.200.3634.500_vi0.0.1200.1600_vp0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:43 GMT
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-creative-id: -2
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 204 csi
csi.gstatic.com/ Frame 5FF7 0
17 B 178ms
178ms Ping
image/gif 2607:f8b0:400a:80a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~knz4t017&c=8634930156092&slotId=4317465078046&fb=ima-html5&sdkv=h.3.453.0&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&vmfc=1&vhc=0&ghmsh_eids=44739555%2C44739826%2C44740262
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:400a:80a::2003 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 21:47:44 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 loader.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame F53B 50 KB
18 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/loader.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

733f87f07bd9fe3cb01564f66523fbbcc3bb54614363eda52236e5cd32ca3d5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:40:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 21 Apr 2021 20:57:11 GMT
server: sffe
age: 444
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18070
x-xss-protection: 0
expires: Mon, 26 Apr 2021 21:55:19 GMT

POST
H2 200 i Show response
vid-io-dub.springserve.com/vd/ Frame 5F03 0
119 B 35ms
34ms XHR
text/plain 54.195.68.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io-dub.springserve.com/vd/i?suuid=c8e0caad&ps_id=630417&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_982cce59.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.195.68.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://bangordailynews.com
date: Mon, 26 Apr 2021 21:47:43 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0

GET
H/1.1 200
OK vpaid.1.0.6.js Show response
synacor.autoplay-plugins.static-origin.syn-cdn.com/vpaid/ Frame F53B 306 KB
92 KB 589ms
220ms Script
text/javascript 69.168.106.81
SYNACOR-CLUSTER

General

Check archive.org

Show headers Download Go to

Full URL: https://synacor.autoplay-plugins.static-origin.syn-cdn.com/vpaid/vpaid.1.0.6.js
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/loader.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.168.106.81 , United States, ASN36271 (SYNACOR-CLUSTER, US),
Reverse DNS
Software: nginx /
Resource Hash: c9caf66159cb30ccddae214c368c7c0333ac63a039c7b847d9a02a61681c8ce9

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 21:47:44 GMT
Content-Encoding: gzip
Age: 4317595
P3P: CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
Connection: keep-alive
Content-Length: 93702
Access-Control-Allow-Origin: *
Last-Modified: Mon, 01 Mar 2021 15:58:41 GMT
Server: nginx
ETag: "4c659-5bc7bb10d6e40"
Vary: Accept-Encoding
X-Varnish: 1044430610 720993
Via: 1.1 varnish
Cache-Control: public, max-age=31536000, immutable
Accept-Ranges: bytes
Content-Type: text/javascript
Expires: Mon, 07 Mar 2022 22:27:49 GMT

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
245 B 102ms
102ms Image
image/gif 35.168.95.93
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=pe&tv=js-3.0.109&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=-120&lang=en-US&cs=UTF-8&navt=link&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&tvltm=12&f_privb=0&tid=616d8f06-873b-4ca4-8041-a41ac6ef2349&pid=f9b49f8f-9777-4344-9c2e-e7cdb4cba6c5&dtm=1619473663979&qnm=_matherq&visible=1&tabid=45c55acd-a8ed-4b25-aedb-c464e943b3ad&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&vp=1600x1200&ds=1600x5938&tofa=1619473664&vid=1&lvidt=1619473664&duid=8d77a388791e02a8&fp=1072425006&cid=ma63069&mrk=92760912&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTYxOTQ3MzY1MTc0NSIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIzMy4xbWIiLCJoZWFwVCI6IjM5LjZtYiIsImZzdFBhaW50IjoiMTM0NSIsImZldGNoUyI6IjE4MCIsImRvbWFpblMiOiIxODEiLCJkb21haW5FIjoiMTgyIiwiY29ublMiOiIxODIiLCJjb25uRSI6IjIxOSIsInNzbFMiOiIxOTUiLCJyZXF1UyI6IjIyMCIsInJlc3BTIjoiODY5IiwicmVzcEUiOiI5NzIiLCJkb21Mb2FkIjoiODcxIiwiZG9tSW50ZXIiOiIxNjc2IiwiZG9tTG9hZFMiOiIxNzE3IiwiZG9tTG9hZEUiOiIxNzI2IiwiZG9tQ21wbHQiOiIzNDU2IiwibG9hZFMiOiIzNDU2IiwibG9hZEUiOiIzNDU3In19
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.168.95.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 26 Apr 2021 21:47:44 GMT
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length: 43
Content-Type: image/gif

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 102ms
101ms Image
image/gif 52.70.144.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=i5lwowrnnztueuzummzwmzcdku2w443f&inx=0&rt=10817&val=An+unexpected+error+occurred+within+the+VPAID+creative.+Refer+to+the+inner+error+for+more+info.+%7C%7C+Error%3A+NO_FILL&wnx=1&abc=&ty=aer&v=0&ext=0&ta=1&lnx=0&sid=Osi3mNltXbV876WpjDifDXJ67ql8zdhQ&pid=bangordailynewscom&wid=0011r00002SRK6m_6242&pt=a&anx=2&arx=2&crt=6158&s=0&aty=vid&tty=ac&rol=mid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.144.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-144-100.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:44 GMT
last-modified: Wed, 30 Dec 2020 14:34:46 GMT
server: nginx
accept-ranges: bytes
etag: "5fec9006-23"
content-length: 35
content-type: image/gif

POST
H/1.1 200
OK abt Show response
capi.connatix.com/tr/ Frame B0FE 0
300 B 113ms
112ms XHR
multipart/form-data 3.143.119.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/abt?v=115064
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.143.119.104 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Mon, 26 Apr 2021 21:47:44 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://bangordailynews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2

200

usersync Show response
usync.proper.io/v1/
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D68ab0439-5790-4af2-98cf-cbf2a541d44a%26uid%3D%24%7BBSW_UUID%7D?gdpr=true&us_priv...
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D68ab0439-5790-4af2-98cf-cbf2a541d44a%26uid%3D%24%7BBSW_UUID%7D?gdpr=true&u...
https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=68ab0439-5790-4af2-98cf-cbf2a541d44a&uid=0ae2cd53-2a4d-424e-9253-6fbff0300107

183 B
386 B

554ms
181ms

Script
text/javascript

52.24.184.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=68ab0439-5790-4af2-98cf-cbf2a541d44a&uid=0ae2cd53-2a4d-424e-9253-6fbff0300107
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.24.184.198 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: d69200ecd775ae2003fadc754b232fd999de09c3ee62dc20f4cc8138937e3c10

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 26 Apr 2021 21:47:45 GMT
server: nginx/1.18.0
content-length: 183
content-type: text/javascript

Redirect headers

location: https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=68ab0439-5790-4af2-98cf-cbf2a541d44a&uid=0ae2cd53-2a4d-424e-9253-6fbff0300107
date: Mon, 26 Apr 2021 21:47:44 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

usersync Show response
usync.proper.io/v1/
Redirect Chain

https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_423f34ac_cd085a89_2
https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_423f34ac_cd085a89_2&verify=true
https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-CcncB1FE2uHduLpl1HPTbTXHuQwZJ7fr~A

155 B
367 B

470ms
181ms

Script
text/javascript

52.24.184.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-CcncB1FE2uHduLpl1HPTbTXHuQwZJ7fr~A
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.24.184.198 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 1bfa7496d4e8a27073043404e89689baeef79860d8499563ddd557824f556d5a

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Mon, 26 Apr 2021 21:47:45 GMT
server: nginx/1.18.0
content-length: 155
content-type: text/javascript

Redirect headers

Date: Mon, 26 Apr 2021 21:47:44 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-CcncB1FE2uHduLpl1HPTbTXHuQwZJ7fr~A
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200
OK bidding Show response
bids.proper.io/api/ 0
171 B 741ms
184ms XHR
application/octet-stream 44.238.170.237
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bids.proper.io/api/bidding
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.238.170.237 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Mon, 26 Apr 2021 21:47:45 GMT
Connection: keep-alive
Content-Length: 0
Content-Type: application/octet-stream

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame BECC 62 KB
21 KB 37ms
36ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

19d4be410718dd0076125613c4e97b3592a26a431e45a7cbacb41d79c0a2330a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "854 / 121 of 1000 / last-modified: 1619472960"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21047
x-xss-protection: 0
expires: Mon, 26 Apr 2021 21:47:44 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 100 B
739 B 108ms
41ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2299d6280bbd529ba354ec%22%3A%2299d6280bbd529ba354ec%7C300x250%7C0.1%22%7D&ref=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&s=0cc3b61f-6737-4e12-9659-1bb7d1acc353&pv=67ff6275-85ad-452b-96ac-e65727c99ace&vp=desktop&lib_name=prebid&lib_v=3.26.0&us=1&ius=1&userid=68ab0439-5790-4af2-98cf-cbf2a541d44a&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5961d07-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D&gdpr=true&us_privacy=1---

Requested by

Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

0b055fc99fafd870c8d7f9faf18e16a26d51d3075b9f2f6278442b843d5b9c0b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 21:47:44 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-9
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://bangordailynews.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 125
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

GET
H2 200 arj Show response
propermedia-d.openx.net/w/1.0/ 189 B
393 B 36ms
34ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://propermedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&aus=300x250&auid=543987690&aumfs=100&dddid=df05aa01-3a76-439b-af5d-720cf8b417cb&divIds=openx-14971070-2561-4160-8cd2-cf1da6fe2a0d&be=1&bc=hb_pb_3.0.1&nocache=1619473664716&schain=1.0%2C1!proper.io%2Ce5961d07-eb92-11e9-a488-69e3386c7506%2C1&gdpr=1&x_gdpr_f=1&us_privacy=1---
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.205.4 /
Resource Hash: 6daed25e26348fc9aeee5aa201a510bfaba41d7ad8cc6ea0c06719b608890bc5

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 21:47:44 GMT
content-encoding: gzip
server: OXGW/16.205.4
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://bangordailynews.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 175
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ 205 B
557 B 133ms
68ms XHR
application/json 185.255.84.151
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?CanonicalUrl=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F

Requested by

Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.151 Paris, France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

899b61009408aba9841ec24a771b49af19197e5ef2c02451f47e5ae7aa252f05

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 21:47:44 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bangordailynews.com
access-control-max-age: 3600
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 41
access-control-allow-headers: Accept-Encoding, Content-Type
content-length: 205
expires: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
63 B 27ms
26ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://bangordailynews.com
date: Mon, 26 Apr 2021 21:47:44 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
430 B 75ms
24ms XHR
text/plain 104.16.190.66
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.190.66 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 26 Apr 2021 21:47:44 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://bangordailynews.com
access-control-allow-credentials: true
cf-ray: 646302e4d9df4be3-AMS
access-control-allow-headers: Content-Type, Origin
cf-request-id: 09b1c0230900004be3413a6000000001

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 115 B
778 B 107ms
58ms XHR
application/json 72.251.249.13
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_3.26.0
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: 2ab14c47a35ef3a991d65c82b0b818a5a4e3fdc1baaf38d67a45adae8f8068eb

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Mon, 26 Apr 2021 21:47:44 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://bangordailynews.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 111

POST
H2 204 / Show response
hb.emxdgt.com/ 0
162 B 83ms
26ms XHR
text/plain 18.196.230.57
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=1000&ts=1619473664719
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.230.57 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://bangordailynews.com
date: Mon, 26 Apr 2021 21:47:44 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ 184 B
372 B 38ms
12ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: 5a64273784272cba22f7eaafbf9ceb7af1b18992291214a218d85ac5d809f7e2

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 21:47:44 GMT
server: nginx
content-type: application/json
access-control-allow-origin: https://bangordailynews.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 184
expires: 0

POST
H2 204 mvo Show response
tag.1rx.io/rmp/227583/0/ 0
175 B 67ms
19ms XHR
text/plain 213.19.147.42
LEVEL3

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/227583/0/mvo?z=1r&hbv=3.26,2.1
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN3356 (LEVEL3, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://bangordailynews.com
pragma: no-cache
date: Mon, 26 Apr 2021 21:47:44 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 87 B
670 B 346ms
111ms XHR
application/json 52.21.43.22
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.43.22 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: / 33Across
Resource Hash: 1cb76105c57c25792be83395ef0416e771374aa41cbe28b6d3c905ffce866083

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Mon, 26 Apr 2021 21:47:45 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bangordailynews.com
access-control-allow-credentials: true

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
117 B 131ms
74ms XHR
text/plain 35.158.21.212
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=VRocGdvPjMoAvAZb5Hd7q3fB&bidId=VRocGdvPjMoAvAZb5Hd7q3fB&bidfloor=0.1&consent_required=true&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&us_privacy=1---&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5961d07-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.21.212 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://bangordailynews.com
date: Mon, 26 Apr 2021 21:47:44 GMT
access-control-allow-credentials: true
vary: Origin

GET
H/1.1 200
OK headertag Show response
as-sec.casalemedia.com/ 4 KB
2 KB 94ms
94ms Script
text/javascript 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headertag?v=9&s=161112&r=%7B%22id%22%3A%22622777113%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F%22%2C%22ref%22%3A%22%22%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22300x250-1-MBoVF%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22300x250-1-MBoVF%22%2C%22siteID%22%3A641802%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5961d07-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%2C%22us_privacy%22%3A%221---%22%7D%7D%7D&t=300&fn=window.proper_cbfd2810_6cdc76c4_3
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b95bb6f53d1533de53c74b0161685981184d5a4b259cd4b031ab8976e72ab20e

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 21:47:44 GMT
Content-Encoding: gzip
Server: Apache
Vary: Is-Traffic-Invalid,Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 1462
Expires: Mon, 26 Apr 2021 21:47:44 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 136 B
839 B 34ms
33ms XHR
application/json 185.33.223.178
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.223.178 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

824.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4ca989ee0dea87bdd3052760f72b9095b6e9b2b57b4a3e8212bde7e61f3c0978

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Mon, 26 Apr 2021 21:47:44 GMT
X-Proxy-Origin: 194.187.251.57; 194.187.251.57; 824.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.69:80
AN-X-Request-Uuid: 016feb87-16aa-4308-a349-0b58275c9985
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://bangordailynews.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 136
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29 200 pubads_impl_2021042201.js Show response
securepubads.g.doubleclick.net/gpt/ Frame BECC 301 KB
106 KB 30ms
30ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js?31060892

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

f9f40e5aa6d80e385e5c15593748db7bfb50fd07cc45c8239a6fad053f63affe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 08:39:18 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108299
x-xss-protection: 0
expires: Mon, 26 Apr 2021 21:47:44 GMT

GET
H2 200 sellers.json Show response
contango-cdn.technoratimedia.com/ Frame F53B 16 KB
3 KB 145ms
33ms Fetch
application/json 152.199.22.191
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://contango-cdn.technoratimedia.com/sellers.json
Requested by: Host: synacor.autoplay-plugins.static-origin.syn-cdn.com
URL: https://synacor.autoplay-plugins.static-origin.syn-cdn.com/vpaid/vpaid.1.0.6.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.191 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (mrs/CB6D) / Express
Resource Hash: 149427d1e2fd50d4b32620d1a4e8b0e583fc8fb521c39c763c053c055cf0b83c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:47:44 GMT
content-encoding: gzip
etag: W/"3fb7-cwp67UcanPz01TchkJaDZBXNtVY"
last-modified: Mon, 26 Apr 2021 21:15:25 GMT
server: ECAcc (mrs/CB6D)
age: 89
x-powered-by: Express
vary: Accept-Encoding
x-cache: HIT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=86400
content-length: 3299

POST
H/1.1 200
OK g Show response
capi.connatix.com/rtb/ Frame B0FE 117 B
425 B 145ms
144ms XHR
multipart/form-data 3.143.119.104
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/rtb/g?v=115064
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.143.119.104 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ab2e858f7499fcb3d8b72cd2ae160ce6d51a9e5f6f48aaebfd33c732585aae39

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Mon, 26 Apr 2021 21:47:45 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://bangordailynews.com
transfer-encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H2 200 1553 Show response
vid.springserve.com/rt/ Frame F53B 2 KB
1 KB 35ms
34ms Fetch
application/xml 52.210.137.162
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/rt/1553?w=640&h=360&cb=9610058045832026&ap=1&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&crossdomain=0&testbucket=39&ud=0&bt=0&sec=1&nc=0&domain=bangordailynews.com&sid=82378%2F89209&adunit=82378%2F89209&client=82378&payid=e108f11b2cdf7d5b&is_inview=1&inview=1&avs=1&vp=100&vw=1&sizebucket=large&mute=1&schain=1.0%2C0!synacor.com%2C82378%2C1&usp=1---&us_privacy=1---
Requested by: Host: synacor.autoplay-plugins.static-origin.syn-cdn.com
URL: https://synacor.autoplay-plugins.static-origin.syn-cdn.com/vpaid/vpaid.1.0.6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.210.137.162 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-210-137-162.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: bb9bc8b532c8d1ffafdc351cbc9190235cf7d3d8a94347769c2e17a557132031

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://bangordailynews.com
date: Mon, 26 Apr 2021 21:47:45 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-encoding: gzip
content-type: application/xml;charset=UTF-8

GET
H2 200 vpaid_982cce59.js Show response
vpaid.springserve.com/production/ Frame 4DA7 483 KB
86 KB 7ms
7ms Script
application/javascript 2600:9000:2156:ce00:15:6f6c:b180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_982cce59.js
Requested by: Host: synacor.autoplay-plugins.static-origin.syn-cdn.com
URL: https://synacor.autoplay-plugins.static-origin.syn-cdn.com/vpaid/vpaid.1.0.6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:ce00:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 917a243df62d59505a727f26b2d8c554c02ba074e678fb4f0386a3e58f6df1a2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 18:42:00 GMT
content-encoding: br
last-modified: Tue, 20 Apr 2021 18:40:58 GMT
server: AmazonS3
age: 529546
etag: W/"f71e7ede41bd33d400f47552243c4827"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 0d37b2e69745cd9f0c5457fbf1a83129.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: jed6K2uBhl7LVCXZWZK0q8S1Immg51k--_PR-Gjjfsn37316A_dEgA==

POST
H2 204 springserve Show response
uat-net.technoratimedia.com/openrtb/bids/ Frame 4DA7 0
297 B 319ms
100ms XHR
text/plain 150.136.156.92
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://uat-net.technoratimedia.com/openrtb/bids/springserve
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_982cce59.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 150.136.156.92 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Mon, 26 Apr 2021 21:47:45 GMT
via: 1.1 varnish
server: nginx
age: 0
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 154642302
access-control-allow-origin: https://bangordailynews.com
access-control-allow-credentials: true

POST
H2 200 s2s Show response
eb.proper.io/ 199 B
699 B 310ms
309ms XHR
application/json 2606:4700::6811:4e22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eb.proper.io/s2s?proper_uid=68ab0439-5790-4af2-98cf-cbf2a541d44a
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4e22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: beb720b20fe413eb86d9f29c44350d2d762fa782fdc56051c7d4a2f6eeb16b3f

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 21:47:45 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://bangordailynews.com
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 646302e848aed711-FRA
cf-request-id: 09b1c025310000d7116888a000000001
expires: -1

POST
H2 200 i
vid-io-dub.springserve.com/vd/ Frame 4DA7 0
0 35ms
35ms XHR
text/plain 54.195.68.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io-dub.springserve.com/vd/i?suuid=5f9f45cc&ps_id=623440&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_982cce59.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.195.68.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://bangordailynews.com
date: Mon, 26 Apr 2021 21:47:45 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0

POST csi
csi.gstatic.com/ Frame 5FF7 0
0

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 102ms
102ms Image
image/gif 52.45.183.189
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=bangordailynews.com&p=%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&u=DRMttgC0SoHNlFPW4&d=bangordailynews.com&g=14550&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0.25&x=0&m=0&y=5938&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=5&r=&b=2170&t=xH8xTBEByvJBdOj4pBB2dBMk8jAx&V=126&tz=-120&sn=2&sv=LXDQSCVvXAKDCo9ywBSr6cM3DkX6&sd=1&im=067b2fff&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.183.189 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 21:47:48 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

POST st
capi.connatix.com/tr/ Frame B0FE 0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: trk.vidible.tv
URL: https://trk.vidible.tv/trk/ad-engine-response.gif?bcid=59b6c8917cdce075232fe0e3&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.63&r=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&s=true&sid=bba61d23-c40c-4b8b-9f7d-208656f224df&vvuid=5bc8a2c1-afc4-46c3-899e-c68a3fce6fa6&orgId=24140&plcid=1003583&vrid=7656f8f8-6293-4cab-84f4-c7e47cf48643&at=preroll&adIdx=-1&pbl=true&ps=html5-vpaid&seq=-1&spaceid=793604934&v=593fb311c214e33ec50202f0&w=0&aert=116&ar=no&fo=0&ft=0&h=0&cb=0.0929416975602324

Domain: csi.gstatic.com
URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~knz4sxxr&c=8634930156092&slotId=4317465078046&fb=ima-html5&sdkv=h.3.453.0&mrd=4&aab=1&itv=1&uet=2&met.4=err.knz4sy7q&aec=901&rec=loaded-1%7Cshow_ad-1%7Cerror-1

Domain: trk.vidible.tv
URL: https://trk.vidible.tv/trk/ad-engine-response.gif?bcid=59b6c8917cdce075232fe0e3&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.63&r=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&s=true&sid=776d556a-21b4-41c2-9ddf-59edee5982bc&vvuid=486b7aea-8a35-4d65-b520-34b6bbb9041d&orgId=24140&plcid=1003578&vrid=af13b321-d0bf-4ae6-8022-076994eecea4&at=preroll&adIdx=-1&pbl=true&ps=html5-vpaid&seq=-1&spaceid=793604934&v=593fb311c214e33ec50202f0&w=0&aert=33&ar=no&fo=0&ft=0&h=0&cb=0.5234137026689782

Domain: csi.gstatic.com
URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~knz4synn&c=8634930156092&slotId=4317465078046&fb=ima-html5&sdkv=h.3.453.0&mrd=4&aab=1&itv=1&uet=2&met.4=err.knz4sz39&aec=901&rec=loaded-1%7Cshow_ad-1%7Cerror-1

Domain: csi.gstatic.com
URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~knz4t0hm&c=8634930156092&slotId=4317465078046&fb=ima-html5&sdkv=h.3.453.0&mrd=4&aab=1&itv=1&uet=2&met.4=err.knz4t1rx&aec=901&rec=loaded-1%7Cshow_ad-1%7Cerror-1

Domain: capi.connatix.com
URL: https://capi.connatix.com/tr/st?v=115064

Verdicts & Comments Add Verdict or Comment

340 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

39 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tinypass.com/	1970-01-21 05:51:13	Name: LANG Value: en_US
.bangordailynews.com/	1970-01-20 11:22:25	Name: _ml_id Value: 897f9ce940136859.1619473654.1.1619473656.1619473654
.bangordailynews.com/	1970-01-19 18:34:25	Name: __pat Value: -14400000
.bangordailynews.com/	1970-01-20 11:22:25	Name: __tbc Value: %7Bjzx%7D8jDEHxOqpL8qr2PEo4tolP-k3tou9WT9XJQFea-VlesqASKSf8oGSDlu0LbPn9jtGHetfHoc4A22KQGL-fqja36vGo1s22ASegeLACnDXhpF6_DagKYJw4NrLP_MX6N9T7yOLjkew0vrrlYWyqoNDA
bangordailynews.com/	1970-01-20 03:12:56	Name: cto_bidid Value: OKR9KF9KQk9uZ1lyRlBoT3Fpa24lMkY5MmRuaE1EOTZ2VFdWMDRrcjJCdGhjSjdIeiUyRk9CWENxcnpndlpJTGMlMkY2JTJCSjBic1ByMmVlSXFta0xuSmdBVUZJTnFJJTJGUUElM0QlM0Q
bangordailynews.com/	1969-12-31 23:59:59	Name: pnespsdk_ssn Value: %7B%22%24s%22%3A1619473654484%2C%22visitNumber%22%3A1%7D
.bangordailynews.com/	1970-01-19 17:52:40	Name: _gid Value: GA1.2.1530301968.1619473654
bangordailynews.com/	1970-01-19 18:34:25	Name: _pbjs_userid_consent_data Value: 3524755945110770
bangordailynews.com/	1970-01-19 18:34:25	Name: ac_user_id Value: ack3e5n5sxagjpp9fe69d77ca4cde48c82e91ee882d446fb2ac6ce8f9c9cc9d9bf97b825a7a977e
bangordailynews.com/	1970-01-19 20:00:49	Name: __pnahc Value: 0
.bangordailynews.com/	1970-01-19 20:00:49	Name: _fbp Value: fb.1.1619473654082.1628960792
.bangordailynews.com/	1970-01-19 17:51:15	Name: _ml_ses Value: *
.bangordailynews.com/	1970-01-20 11:22:25	Name: xbc Value: %7Bjzx%7Dbu9A7cF1ztcg_QCL7z-SdT1BngLXcmOScO3W8AUljieSA2DWFifdhbc_n54Oiyf8Kh2tw2lUpvkgUyAX0gMfWCbXZgjZ9E_j9m6sDTCT5xJ3-DMxJ5527NeB1BNB2nyb2Axob_YzdqlSngqJMutiujB_EYZNaVLUwi5XzAxEbI_buGftdnygPQMMn118Bn0KD7CS9KDs_-YuALkSpiU9S6OrLQ1N31dgwCVHlyPutnBWBKZK2I4gptvvNFebhsSZ-V2qaPK_9XjFPaQ0jX-dnDYCPmvJnpAGt6S1Nwy_ach8jVPi6mZ1syTdVbNNehP9oILsUujbe9inChsu6BKuyHeH56wX0rZlBwlQI_pJz3E6OYIOZAhtT8SCYf7sqeqfloYxE_VGXXzbYAvDnA5ipw
bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft	1970-01-23 09:27:13	Name: ls___tp-metricsGAAccount Value: disabled
bangordailynews.com/	1970-01-20 03:20:01	Name: _chartbeat2 Value: .1619473653881.1619473653881.1.LXDQSCVvXAKDCo9ywBSr6cM3DkX6.1
bangordailynews.com/	1970-01-20 03:20:01	Name: _cb Value: DRMttgC0SoHNlFPW4
.bangordailynews.com/	1970-01-19 22:10:25	Name: _pubcid Value: 68ab0439-5790-4af2-98cf-cbf2a541d44a
.bangordailynews.com/	1970-01-19 17:51:13	Name: _dc_gtm_UA-5329647-52 Value: 1
bangordailynews.com/	1970-01-20 02:36:49	Name: ntv_as_us_privacy Value: 1---
bangordailynews.com/	1970-01-20 03:12:56	Name: cto_bundle Value: p8jnAl8xV1pMM3doSVVqR2NxNFMwYXB0QUw2bURaaWJWMHpLZzNGdHdnNkw2WTE2SU1UViUyRmZuVU1YJTJGSUZFZCUyRlVBN2ltdlVreW9hbzBFSDVNbzVRWGZ2QWZwTGVuVUltazQ4JTJCUzVQa0w0anhEUFJPbkh5b0V5T2tvMm9Hd08yWlY0UUI3
.bangordailynews.com/	1970-01-19 17:51:56	Name: FCCDCF Value: [null,null,["[[],[],[],[],null,null,true]",1619473653291]]
bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft	1970-01-23 09:27:13	Name: ls___tp-trackOnlyAids-expiration Value: 1619560055
.bangordailynews.com/	1970-01-20 03:20:37	Name: _parsely_visitor Value: {%22id%22:%22pid=81e51acc8eb9cf052137836c7bcef971%22%2C%22session_count%22:1%2C%22last_session_ts%22:1619473653380}
.tinypass.com/	1970-01-19 17:51:17	Name: ch_sid Value: 5NOUkoLx0B3OdfJ
bangordailynews.com/	1970-01-20 02:36:49	Name: pnespsdk_visitor Value: dj1jrpqtqoftim7z
bangordailynews.com/	1970-01-23 09:27:13	Name: advanced_ads_page_impressions Value: 1
bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft	1970-01-23 09:27:13	Name: ls___tp-metricsGAAccount-expiration Value: 1619560055
.bangordailynews.com/	1970-01-20 11:22:25	Name: _ga Value: GA1.2.67365718.1619473654
.tinypass.com/	1970-01-19 17:52:40	Name: LANG_CHANGED Value: en_US
bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft	1970-01-23 09:27:13	Name: ls___tp-trackOnlyAids Value: %5B%5D
.bangordailynews.com/	1970-01-19 18:34:25	Name: __pil Value: en_US
.bangordailynews.com/	1970-01-19 17:52:40	Name: __pvi Value: %7B%22id%22%3A%22v-2021-04-26-23-47-33-816-ld4CB3lIXarCdaTe-d2ad19a1efd03d0e145f58606f9b778c%22%2C%22domain%22%3A%22.bangordailynews.com%22%2C%22time%22%3A1619473654569%7D
bangordailynews.com/	1970-01-20 03:20:01	Name: _cb_ls Value: 1
.bangordailynews.com/	1970-01-19 17:51:15	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/%22%2C%22sref%22:%22%22%2C%22sts%22:1619473653380%2C%22slts%22:0}
bangordailynews.com/	1970-01-19 17:51:13	Name: __adblocker Value: false
bangordailynews.com/	1970-01-19 17:51:15	Name: _cb_svref Value: null
.bangordailynews.com/	1970-01-19 17:51:17	Name: AMP_TOKEN Value: %24NOT_FOUND
bangordailynews.com/	1970-01-20 02:36:49	Name: _pubcid Value: 68ab0439-5790-4af2-98cf-cbf2a541d44a
bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft	1969-12-31 23:59:59	Name: ntvSession Value: {}

21 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://hubspot.fedscoop.com/e2t/tc/VVtbbF268JrwW42vy7Q5XWCP5W99f7mw4qLW2MN5_C1nX2-G_BV1-WJV7CgCv-W3dT5MB76BL5JW4GxGHC8_ZvbkW7yppvy6wPgF4W2X4Qd77xsMTbW8K1xyF6zXJmqW20Tjyk5R12PHV14ldv4WmkTsW4K1V_f9lsZcnW8Tc4CT9kbXq-N2PWbrrNycVmW1q584c5SrcXhW31MlGl3m0CynW3hCQt-76m50LN7JYH_VrXv3dW47ShYY77Y7pkW6fJs4t17jfsSW4cshDg39jRbgW968q3F2J345PW87T-vV3vttDyW6ttyL52v3QQbW6Z-87j43kBffW45TQtw70GH3BW1yH1Fm5-DplsW83lQ3b4vG4q7W1F6GRr52fh7pW3fw4TJ7sCBg1VpYCBK7YHZ-3W94YHRR8fl63tW34Y5r54DGLrbW60XdWX4k87px3kz91(Line 13) Message: toS
console-api	log	URL: https://c0.wp.com/c/5.7.1/wp-includes/js/jquery/jquery-migrate.min.js(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2
console-api	log	(Line 1) Message: undefined
console-api	log	URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/(Line 2075) Message: Remove cookie
console-api	warning	URL: https://ads.pubmatic.com/AdServer/js/pwt/158127/2642/pwt.js(Line 1) Message: fun-hooks: referenced 'registerAdserver' but it was never created
console-api	warning	URL: https://serv-vdo.pixfuture.com/vpaid/vast_prebid_init.php?zoneid=11&siteid=231&keywords=holden,brothers,sue,northern,light,over,data,breach,they,claim,left,them,vulnerable,identity,theft&url=https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/&ads_counter=not_started(Line 241) Message: CMP had been found
console-api	log	URL: https://global.proper.io/payloads/latest.js(Line 1) Message: Received a response from CMP [object Object]
console-api	log	URL: https://global.proper.io/payloads/latest.js(Line 1) Message: USP CMP found.
console-api	log	URL: https://global.proper.io/payloads/latest.js(Line 1) Message: Detected CMP API is directly accessible, calling it now...
console-api	log	URL: https://global.proper.io/payloads/latest.js(Line 1) Message: Received a response from CMP [object Object] true
console-api	log	URL: https://global.proper.io/payloads/latest.js(Line 1) Message: USPAPI workflow exceeded timeout threshold.
console-api	warning	URL: https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3ISQrAIAwAwA_VBD31N8Ul2NgQoYn0-715GwY_bp0cG5tjvak-czkO24aytAmBcL_9QOFimLUvyW-IkCAl5HjqPpk1C12kYRkM-wFw5y1kYAAAAA?compressed=true&v=12.167.0(Line 1) Message: Can't configure errorHandler: TypeError: Cannot read property 'getItem' of null
console-api	log	URL: https://serv-vdo.pixfuture.com/vpaid/push_player.js(Line 4) Message: Pushing Player
console-api	log	URL: https://serv-vdo.pixfuture.com/vpaid/ads-iframe.js(Line 857) Message: Plays ads
console-api	error	URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/0.js(Line 52) Message: 23:47:40.978 [ERROR] EventBus: TypeError: Cannot read property 'length' of undefined event [object Object]
console-api	error	URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/0.js(Line 52) Message: 23:47:40.978 [ERROR] EventBus: TypeError: Cannot read property 'length' of undefined event [object Object]
console-api	log	URL: https://serv-vdo.pixfuture.com/vpaid/ads-iframe.js(Line 857) Message: Plays ads
console-api	error	URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/0.js(Line 52) Message: 23:47:42.116 [ERROR] EventBus: TypeError: Cannot read property 'length' of undefined event [object Object]
console-api	error	URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/0.js(Line 52) Message: 23:47:42.116 [ERROR] EventBus: TypeError: Cannot read property 'length' of undefined event [object Object]
console-api	log	URL: https://serv-vdo.pixfuture.com/vpaid/ads-iframe.js(Line 857) Message: Plays ads
console-api	log	URL: https://global.proper.io/payloads/latest.js(Line 1) Message: CMP workflow exceeded timeout threshold.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acds.prod.vidible.tv
ads.adaptv.advertising.com
ads.pubmatic.com
ampcid.google.com
ampcid.google.de
anyclip-d.openx.net
ap.lijit.com
apex.go.sonobi.com
api-esp.piano.io
api.rlcdn.com
as-sec.casalemedia.com
assets.anyclip.com
assets.revcontent.com
bangordailynews.com
bangordailynews.coral.coralproject.net
bc-ssb-dub.springserve.com
bdn-data.s3.amazonaws.com
bids.proper.io
btlr.sharethrough.com
buy.tinypass.com
c.amazon-adsystem.com
c0.wp.com
capi.connatix.com
cd.connatix.com
cdn-ssl.vidible.tv
cdn.parsely.com
cdn.pixfuture.com
cdn.revcontent.com
cdn5.anyclip.com
cds.connatix.com
config.anyclip.com
connect.facebook.net
contango-cdn.technoratimedia.com
csi.gstatic.com
d25dfknw9ghxs6.cloudfront.net
d2s8wlbatk24s7.cloudfront.net
dmx.districtm.io
eb.proper.io
experience.tinypass.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
global.proper.io
graph.facebook.com
gum.criteo.com
hb-api.omnitagjs.com
hb.emxdgt.com
hbopenbid.pubmatic.com
hubspot.fedscoop.com
i.piano.io
i0.wp.com
i1.wp.com
i2.wp.com
ib.adnxs.com
ice.360yield.com
id.tinypass.com
image6.pubmatic.com
images.revcontent.com
imasdk.googleapis.com
img.connatix.com
img.revcontent.com
jadserve.postrelease.com
js.matheranalytics.com
lreprx-server.anyclip.com
match.adsrvr.org
mug.criteo.com
p1.parsely.com
pagead2.googlesyndication.com
ping.chartbeat.net
pixel.anyclip.com
pixel.quantserve.com
pixel.wp.com
pixfuture2-d.openx.net
player.anyclip.com
propermedia-d.openx.net
px.moatads.com
reflex.media.syn-cdn.com
rules.quantcount.com
s.ntv.io
s0.2mdn.net
search.spotxchange.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
serv-vdo.pixfuture.com
ssc.33across.com
static.chartbeat.com
stats.g.doubleclick.net
stats.wp.com
synacor.autoplay-plugins.static-origin.syn-cdn.com
tag.1rx.io
trafficmanager.anyclip.com
trends.revcontent.com
trk.vidible.tv
uat-net.technoratimedia.com
ups.analytics.yahoo.com
usync.proper.io
vid-io-dub.springserve.com
vid.connatix.com
vid.springserve.com
vpaid.springserve.com
web.hb.ad.cpe.dotomi.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.i.matheranalytics.com
www.npttech.com
x.bidswitch.net
z.moatads.com
capi.connatix.com
csi.gstatic.com
trk.vidible.tv
104.16.190.66
107.178.250.234
13.224.105.229
13.224.112.38
142.250.185.98
150.136.156.92
151.101.114.137
151.101.14.137
151.139.128.11
152.199.22.185
152.199.22.191
178.162.133.150
178.250.0.157
178.79.242.139
18.196.230.57
185.255.84.151
185.33.221.52
185.33.223.178
185.64.189.112
185.64.189.115
185.94.180.124
192.0.76.3
192.0.77.2
192.0.77.37
192.0.78.250
199.60.103.225
2.18.233.180
2.18.234.163
2.18.234.21
2.18.235.40
204.48.28.205
213.19.147.42
2600:9000:20c8:6400:6:44e3:f8c0:93a1
2600:9000:20c8:9000:18:1fcd:34e:d2a1
2600:9000:20eb:f200:9:4c16:5180:21
2600:9000:2156:ce00:15:6f6c:b180:93a1
2600:9000:21f3:6e00:d:77c3:2dc0:21
2606:4700:20::ac43:4671
2606:4700:3031::ac43:9eaa
2606:4700::6810:2a41
2606:4700::6811:4e22
2606:4700::6811:b8b1
2607:f8b0:400a:80a::2003
2620:116:800d:21:f916:5049:f87f:108e
2a00:1288:80:800::7001
2a00:1450:4001:803::2006
2a00:1450:4001:803::200e
2a00:1450:4001:808::2003
2a00:1450:4001:809::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:810::200e
2a00:1450:4001:811::2004
2a00:1450:4001:812::2008
2a00:1450:4001:813::2008
2a00:1450:4001:827::2003
2a00:1450:4001:827::200a
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::200a
2a00:1450:400c:c0c::9b
2a00:1450:400c:c0d::9d
2a02:2638::1c
2a02:fa8:8806:16::1460
2a03:2880:f01c:800e:face:b00c:0:2
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.122.87.145
3.126.56.137
3.143.119.104
34.120.133.55
34.225.120.49
34.96.85.105
34.98.64.218
35.158.21.212
35.168.95.93
35.244.159.8
44.238.170.237
52.203.28.84
52.208.222.238
52.21.43.22
52.210.137.162
52.217.14.124
52.24.184.198
52.28.120.199
52.28.122.36
52.30.73.5
52.45.183.189
52.52.166.208
52.59.160.25
52.70.144.100
54.144.144.142
54.194.230.135
54.195.68.175
54.195.94.143
69.168.106.81
72.251.249.13
01a8d3f4c7e0263845c2480b92812b0c50b72123c8e2bdeb5ac594ffb9a6679c
0229f14664a32188093a1a51d29e46adc411815c87946cf2dc994468c0d91e0f
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
037e5dcb1d7da4aac30d513c9ea7c0e4b4c679ffc9c362db8405a5513e839128
03fa924099182c607c33fb7877f50e7de0ae3522e1bcff8f7247ae5e88a2b25b
040ab9cfebe5a15501871bfbb5114a19eb3541545559141774e2877ea51b6097
04b25bf1bce048c6c1ee2b85818b0c335193bef7bfcc62a2bb9a58c021de28b8
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0595e7d433e3e142736ce98a4df9b8193ee226f392dcb7d8ed6291def1bd970a
064f4bac94e9ff6a1a83ad14389745dfdb762132ffd6fb21cea533c72abb6f24
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
074e983a3f30d6842f672e0bfb8f30b3fdb2847c856b39bfec3fe0fe06e5b6ab
08d19de9a8d2d436a8f65e2cfe40c15937761b17d76e77b8edc29529f15b6b2c
0ae5ed57dc48abbee125d5f915e37110c9f2bb6a95d1aa5ccf3c141f8fe10db3
0b055fc99fafd870c8d7f9faf18e16a26d51d3075b9f2f6278442b843d5b9c0b
0b7b74a139779fba8e1d17d597aa7cbffa27bd33d2b5c43d8039264c2a627412
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0e15782517f2a5d7cbf2d88e2e861b518ee4794e3bf7a09cfc72ff420c8e5d06
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
0f2aa0b48a55e5bada7d08c3a536a9c3d33cf0b4a6cd600a9b3a9aa743dd9ff1
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
115c7b67d5ef5d6fac8f12989a63efc39f2ccc39855b33e031a2a65519040e0b
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
1441bff79eb18764087ec481fa0018adb219abe2bf3178ece73aa8e0d35f12f3
144bc702fd7d0201a22691d071e63a96f65412ed61b2bc30eb6c1a5d481e2ad0
1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc
149427d1e2fd50d4b32620d1a4e8b0e583fc8fb521c39c763c053c055cf0b83c
1550346cc4acb90924ac38fd0a7157a20e8750c2df0fa0cfab411980c9bc1cfe
15545d12a24bc9e8a8f459860336b85734f18632692e5bbc1b79982a4a28bdb3
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1711edcf9f24fffab7f631a0f721dd91bccc3d72217d13b67e01de9245481ecb
18bd9979ced86ec37946bfd5d2d1ba858d261aca517a54948a33b0fbda732e92
19cff09123b7c8f052b5fcf83f97eda885abeceac7abac7d9f6e1a286a2f40dc
19d4be410718dd0076125613c4e97b3592a26a431e45a7cbacb41d79c0a2330a
19e2865bd7db7c880dd243813491ea938f7767eaedaaab21bf8e00fb1223e1aa
1a2f415894088c48d895ce6549090ee756a6f1b3e05699bbf0547b005b3b68d3
1b3f47c88cda76867aaf6d622b230307763d73eb759601b447b2c4deb912904f
1bfa7496d4e8a27073043404e89689baeef79860d8499563ddd557824f556d5a
1cb76105c57c25792be83395ef0416e771374aa41cbe28b6d3c905ffce866083
1eab91f81bf81819c8832c3a70044b09fc8a6c73fd75df3eda4b0decda03da4f
2197820c8ec59d71befa274a43dd7b5d573d59bd720313e83610c997316d3d6c
22397b41dbe5333180c07d20dbc2d3dac3742e1e1cd2cbeb9fc3126d9a249b51
22f33d9c97ff6f997646879b8859e8f7613938db6d57268412c75e9830ba8900
2391cc30306861b59fcdb16b83a8f427ee342e5f5d6e8299a91d586687e8bef2
24c0e9f44162bbae5a0426d68c0c36368f3c945a96043cc6cb1ccfe8ec12f8cd
25234bf0138f056ab8b0706a3f5d76bcee06a5bfa500f3bb04e715c252476c6c
26a8833b3f616d42ce16ba186e2283f43aaca6b97ce2231d38e8789bfc6f0798
2ab14c47a35ef3a991d65c82b0b818a5a4e3fdc1baaf38d67a45adae8f8068eb
2bf4b5202559dbe01d8188a3adb26d68755a69064f233ef63f284b08efaed6ad
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
2cdd1d2d549597ecf5f8f17be52448747fb37fb9fe68300f541b4267349d0974
2e7b2f65513824006a79d016b562b1f24f0662cd52886b67afe8665ee6ac21c9
3160d60bd35ec46668de0789dd5566aff8a9182ef7896e68ef98550d24211426
323f943895e805f04f271088b7b68b235526666436ce7e1da3076aa8cd8fbe6c
326d0bda74e1b897845728260dafccd9ec8847ce2180eb0cae0255097308f688
3284132fdb7ccdd0ccc87aa0b7651fea00583f9900d25915b834567b6afae59b
342d06b17e371f4fe8da24cb7e8748c56eddcf232b65f1e4eb7e377aaf71465d
34a076e639ab3a82f7aabf481baea42f28f323dd18176be527f7a64e8f528ade
35093baf103e71966e4a720b9f6785024df6ac9be544e6411c696b438957b74b
3755d95c7e731819ba231813d9f769b66e091cb4896c01e776043b41460caf1e
37b3fcaac2fff52fcc1a8fd979c1fe36f23477f9800b4a6474f37b8bbcaa74da
38f4cafad6d235a057eb945e6f6e0cc55bb1a34eb0a3c77acc216df43db1221d
3aaf702c0f3b57c8d8ae99a8c98336e838c9fe4a6fa33cb4bbe5b268f4200963
3cc9389c9cfdbc0fb7c282c3026c3cd9c11894913f4cf60cf9d1140a1415ad0a
3cf8879544d3f8a9d430ef9e2116e4dd27df189b983b4e3d6a6bebf4e5ea33fb
3ebd30a29a8df5a32c81526db897a1a34fd567a6f6743fef70a02171e911c2c9
3ee638689e343730a82027d03714f274b6c665cf7e3bf60b5208a3a0cdb3581d
3fa54e29f88aee644eaaac38e11681ea07858eb1ea76b1baae12597aae83fe82
453e9cc6fc295196d8914da9858a388ce58a1dcb9b033aab9037aa2badbbc0d9
45bbfd99fca390a49d911efb4ce8e728828afddc736e1e950e291a20378dce75
4818ee6ad6d1167b02d5d560cbcebabbe23414debce3ee661c661f5fc7f0d87c
4ca989ee0dea87bdd3052760f72b9095b6e9b2b57b4a3e8212bde7e61f3c0978
4d8c0efbdf5e45fa5383d08d690203d0d499e7a8279600f5aec0e264d7134ea3
5114f133f3dfedc2a71446c82e538a75ad141325609d87164e8db709c2f19f7c
51e78e904c795ed5b0154a9995d1ab0b7e3667f5aede719bda86ba38236c5989
52374f169cc0b3ea3759d3d472a71b1fd493377c5de0ec0beaa7ccfb4bf397a0
55255cb11b3ec899f616cf39ebdb309a4af82996918d9324a539f97b22f6693e
55775baf70d2f1d40bac3a60de82e8e42b7e34687802f73671f25f2f60fdc6d4
56e08d9805d2273ad1d88eccd2a9ab07d98a2df54936d049bb73483ceb2ad398
573a89ca120aefa174231f8ac23a259f089f0ef0304a7f23b7cd05d3c1187e2e
59c35f54d601301c5ad4ac4d92d0d60f8c09e264cafe2e61a756c059889b6da9
5a4e707bf57a8ff7474bf343837e5b2123ccf8d63245e9e29cc0a21788440d1d
5a64273784272cba22f7eaafbf9ceb7af1b18992291214a218d85ac5d809f7e2
5bb1dbff0830b6ff798a95ceb6d01d9c04ead26188e18da619699bc3135a1e47
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5d25942b7da85bc7cdb258cdb436227b1de7e3a2b50c61f7d7050eff911f88f1
5fe68142c54c445608347635bf9501e0dc95e3b774659bf900a3acd2c1cff5d6
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
61c08be466a49ad1612b95a5d57048744ba6490a0a0a4ff0bafe302ef51dd3a8
63212c3f7b2974ad304272eae4a980c5913ac2c220d0bb47f396f46544b0e128
66e0312cb1c8f068831abec6de6c5c6e8e7b6134881cc245c3fd99744619aec1
67386f7f6c11079518c59fdca44b5a6c5b17f4b8cda8ead4e993f3b2dfda0e5d
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b59ddfb5e523c6ba40ed6fb7b912da7aef494812b9ae95767df2aef6a42a26b
6bb02f4b3e234d03c30f0a6c214ea2a851709f607db2edbb7cf4ad66a35561a3
6bd40ddeee3347941e62e54a12e1534a71c45517a8c5f61be6790feb1be4fee9
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
6c73cf3d94d29e498f66facb6891a9be80ef4f5caee6c9b09e6128b167b3c966
6d8673cdf4ca9648f88a93ef5e7286ba32b6f777ccb7a82eae62b6a95af3d51b
6daed25e26348fc9aeee5aa201a510bfaba41d7ad8cc6ea0c06719b608890bc5
70e67c0213f0fee73cacda44952405471a2b391281a858876d1ffa5302490aeb
70e8c747ad5c9f53e7bf3527205a4b52be647725291de7b25b1aa8820c48db5b
719d8b1d77fd1f103d9d3a46e4b96e5122d0edeb80b85565b5a6882f0b50d573
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
733f87f07bd9fe3cb01564f66523fbbcc3bb54614363eda52236e5cd32ca3d5e
737786f290221d12ae8613dadd87f7189d417e282c05c0c3d389f889ed1f978c
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b
765244a9d9480279a211240fe7711355809133b249d40f9cac66655164c3c667
7714d73fcc1a3b4c32128e054028e81044a98b1830a3609288a1a2e08e1d8783
77c575a970d17c4249957b51211e13c941644394ec552656b38df05e81cae41a
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d
7c1d63e26285cc21e133de0ecdb2364c797317e45fd3405ddd49930a1e949a11
7cd95461f1915f7955a9fa168745fdff91b4c30058495667bc2429a60d2ccbab
8000d797097e74bfff377d2f3fca7e046ee4490ea4edb70c2c0b189575847629
80cd6ac0459d15cced43979a151e45593c20956be4852e185727cbace76ea840
80ee2d8ce5d2a3f78fc3b8eaa67bc266645c58b96d8a804556f1e6cb8737d0cf
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84a81507549904bca8c739183162c261a1e499b8d7ae0645ae63eddb4903fd36
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86d709ed3d0fa7661628cccb805bd44c2ca985af4bc07a9a0f0576f633fae69c
872454cbfd47b444a3fa6cfa9a74b0f57e5f6b3a47b9870108d2b0e5ce4aace5
88264adf3d3193fb56c229f0b92e2a6096770eb76996d1fedc95f5bcb208ccda
899b61009408aba9841ec24a771b49af19197e5ef2c02451f47e5ae7aa252f05
8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7
8e73a30d35c83ea6a597c3343324d2b7df097ad26e67b62efb5266ee12d317b5
8f958dca7921982c0e587c0606cf48887865fea588a623bdab97a33211c74726
8f9eabbbe1ef45f35dd6d674a81bb8be753c566e72c2db7fffed4e617c341e00
90542f9de6cab010087ab4bcab0e3b0a2ec1e449e445434dc1bb5c852033f046
90a6c1119e64439672d3060b7a67c8387a236515704fdae29ed9ea534e2eeedf
9120fc5e7b83f3083c39b6ee71d2cd0322451890f95440289b32dca28294e68f
917a243df62d59505a727f26b2d8c554c02ba074e678fb4f0386a3e58f6df1a2
941f7cae4a21e86311620e7174e9c7f77c153a29da372b2af0f64fc49aca5a6e
9451b6a3cdd0cdb92edab30292bd02e5a841fc9f27133ba127ee9717db70cff4
95939c9262bfe892fddf8fd1214c6dc6c811ce6a57c1ba9f1ac4574d737078eb
989f8d4c8cb3c69644f338fd1c860ad92300a155472c096619befde19f6adc96
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
992224de1fc2af7964f26e6f191525d0a844fcb391707631d058c86105dfe329
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
9e5a3984c873d9f7009795b85f0d9bfa38e8f9dddc2309d83556aea4d7ee41a0
9ee528fae3270a18f9ef02e08baa054b2a428d449190346a68afefeb047fa6a6
9fbdae1e16979edef66c565f906870e34777c649e206e9046c597ec0100dd144
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a10e468908f0836c577b2231649534f718e802fb941221bf488a6f8fcef5d186
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a24cc1d44b3023d00ab2d32622623c7dbf0b87727974904107b30bcbd3933d79
a31b7ab30243c47d8f7e54d1975b8d9906aa698a82ab0f4f4ed4fcc4f5731be4
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f
a6d89c61ae4e065be516a293445f877f26955224a5547dca4988b6362f73c9dc
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
a7489b6f2773a0dd600f00b553502e707e0d953176140a223964900f5627110d
a76c8b8ecd594c086cc4849151090ad114d1688e039d33f0a6df1cb67b6ee277
a81ac9c01d11b5ff2ba40cf04af8ed6a38c341044b9bfc659d93211454ba9380
a8246c5b90bc189edde422a0d23fdae94abeea1bd6c39942c449794c98c1eebe
a9face165b5af8cc8cd1aef61858dc946c4296ee34ef63790747394d4f25c38b
aae052537cca186d41aba50426e6215456365c53c57b6c019c1a355bb2f1c328
ab2e858f7499fcb3d8b72cd2ae160ce6d51a9e5f6f48aaebfd33c732585aae39
ae2e6561ced3a7de5d3d9e66dddbffd15b8d0e6fc676f1b018916992755c8332
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
b17a1dde76cbfa8f7e19a7121ecde1ad3d2cc9fca6bbd795042d3f484b53d2a3
b2662757e77781a39210c37b7a5abc104e460d682416f70584b6eb19dfbdea67
b47ea457146a75df3b104a01ca95875cefeac7088fc7d262ea19e045ff7c9399
b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad
b6db63b6014953a7991620f514075c07119d72bebd6a6fa19e987162cb2b7f2e
b71963704e136edf961e62f8293a52e71ec294d069270d5108d41001a1aeea79
b958e0f47861dde13a175cc69494bdb54f08e2b5e78cecf6abd16470d2085257
b95bb6f53d1533de53c74b0161685981184d5a4b259cd4b031ab8976e72ab20e
baac72a1bfa929ed13fe7e4ad64195bc0f9015c467c190eab6b06d67110e00df
bb705299f61aeec4baf4a54ed4621c97f86270f9fccc894e23e260285c4613aa
bb9bc8b532c8d1ffafdc351cbc9190235cf7d3d8a94347769c2e17a557132031
bdf1f7ba8a88449f240ab2af46cb4acea2a25cbb6d4eb6747198c7655e518577
beb720b20fe413eb86d9f29c44350d2d762fa782fdc56051c7d4a2f6eeb16b3f
bf703578eb834003b0842361af8dc657656357cad0843d4871d484fa9c7b8bbd
bf8a3d71354828a837da5f234fdeab608b2e535b11b4851e89d75b1686686635
c1c45358e23710e17cc8f7efdc30edfa2ab217cbb843f445b39921eaa1ae530e
c280a532f1bfe942302340b698487d9fc32c8f5f0916fb27b3dc528d43226802
c340f2fc9103b3a383daf2262c4c58829e4acd29f2e18e02675a823f89eef33b
c82a1236ca4bb9ea6ff08cd32e75e3059ba365e60c873ec803fb828e8adb0614
c842ab9a59af3f3d62511fdb5488ad527d2193c3371b5561ade4a2a19a8e7062
c8e4a27e6f793df7f0d93f11973224c9bdc0a6b182276ee211c2c140e87ff0db
c9caf66159cb30ccddae214c368c7c0333ac63a039c7b847d9a02a61681c8ce9
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caceb5c6afee7548a5281cfe5be7af62aee13db7652c5425af34a7d2661dd9fd
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cd1c57063478b82f0dbf91525785d7dd35115da8a1cee2aba6472bab7e069c7a
cdf3f88beb166e98d2656e957b247c886d1702027559a290e74a02d58d950c8c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d16d5e3a0aff3f3b11fb37c313e172797ff9e25f4298537beb8bb58038f81424
d225211fdc556dd164992c9b3fc91e398f326ff6fe42159a04291bb45f475b42
d2ab45aba734c6f2bd5cf4b106d5890152b22011f063358e0fa2dac3aa4145d6
d3154353d46d52fb4f4b3ca5832d8f0d30ca387dc03d1d754b8dc3404facde06
d46cdf5cd6827461ac61fcff2768bfff82203c047c7c93e1c82091f1232610fb
d544eae637d61ee786c0a45bb0a7f250f9280bcd2ea1576655a761f1d397b8df
d5b949958171ec2adc2c5b926aa13d7a8db03067efe7a65844aabdac707074f0
d69200ecd775ae2003fadc754b232fd999de09c3ee62dc20f4cc8138937e3c10
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
d8503c041e7f21942aa95fcd5992a29989cb49116d3cb3bf096455658498417a
d9d56ba371a99b5c76a73f85319718e8ac8c0bbac5fcc5eccd52656061f02e6d
db1c3fd8de820be33718bc917afd8ce71094d03040b644dfb0624b4405559d61
db4b253272b2002cec9f281c1444d5c0efea44dfaceb3dde7df26259f1ab96c1
dbdf77316101cc3b934e7f5499baa34d0ffb4aeefc00003327cc339e8ecdd23a
dd1be805fb7b6b55ba270703ce9e23cf5ba35bc271a2bcb7a65b321facf4ab9c
dd209c8b96b55de842b9a2ea39c082ed2fd84b2999cf71d90d9e3afbb2cb1746
dddf93969bc7f91490c6b902806a3075b10640d48cf44d2f8ca625bf81baeca8
df6dd02b859376bb36a9774f1e2681559c348effe7c09fbac9916e81269ad0c1
e0d35d6dbb592d007fb01391192ceba3f770da765c13e83b555c07e1e9facc13
e13fd0b97f78a3ae877dca686386bbb70c8b144e1585a02bbb04d1cebec156d5
e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e
e36527928f911df99992584d1e7c8969dae2f20e19a4d56b835931a25bfc1d0e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4c6fdab9a48f0a27f4bd33993a1b824c68d26ef992eace91e0650833c059e33
e5b874cb5c9f3a822335797b9ce5ef7a08fc29ec8e14d84c5662d41745e24b12
e6f388e9eae391c1de0edd3510f4df5cef223a0d4cae535a460ca4738e076cae
e8f1356fc872c07c400d3c261fc3a667e08f019eb2448626caa01a14d1417308
e98e8d723dd2eaca28bade949628d27e81e6cf8c9b3e0fd8091fe4b3843f78ce
eb20b25bccd61ce9602de4ea1a9ceb31f6f65a945ba5da6ed9e91c88486288bd
ebb072f8da4eb66f646b547ac6951e7de18e63c9165871d100a96f69327b38d2
ec93813683cccb74a7896a34a2ed1b2163288620f6959ae06de3ded30cf518b9
ece8d21fc724b18df3d459e6932c68f067eedeea76f65e6e3c575173eb4e332e
ee5cf9111ad49f7f2de82277cfb3f825a54444269d7bc7724292582efbff6265
eeab69fe0fb6bd777609e74ee6e777f6f2aadef3cd2a3e11f5177e04a09eca5a
ef0b6e589e662ef1b9c44e23acea2320db067ebaf821d262febe0e4d576013f1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efcb8aca4bc2b04d1a21bb234010fc5afe5e912e4fe6af020ef9f92f2797c529
f14fdd346b1ec64d40a6a03c7cfb4561f784e8249c1fde667bf018ccff66c238
f1c022aff023cba27a95c593e440595dfb6f16413a18483866e74a56e2563db5
f2a6dd482e5b6b27519d7e0f7530b29e1f779ffe681030a677ddc67b85c10fee
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f6ab38c80589bb5c0c5a3019da49047c6d1aadcb9feac43450f2d7769d662ace
f83993e9f4eebf9e0e6041fec8768042b9ae0761e683b39e5c6bf3c3406c2e6a
f9f40e5aa6d80e385e5c15593748db7bfb50fd07cc45c8239a6fad053f63affe
fa180e0c5c49d672e65b866e3f0809042cc76209788f323267ab5e51ca386b3b
fc2e4fd761c3a7833d11973c14ace3a38828e52a56f1be8c5ba3ab7fe0376bcc
fdd12761bc6e5a46c20a2e0053e3b53c7df5efae0e2aebd0eeb70b41bdfa75f8

bangordailynews.com Open in urlscan Pro 192.0.78.250 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

417 Requests

98 %HTTPS

36 %IPv6

61 Domains

112 Subdomains

95 IPs

7 Countries

11361 kBTransfer

32100 kBSize

39 Cookies

28 Outgoing links

Page URL History

Redirected requests

417 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 9 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

bangordailynews.com Open in urlscan Pro
192.0.78.250 Public Scan

Screenshot
Live screenshot

Full Image

417
Requests

98 %
HTTPS

36 %
IPv6

61
Domains

112
Subdomains

95
IPs

7
Countries

11361 kB
Transfer

32100 kB
Size

39
Cookies

417 HTTP transactions
9 data transactions