www.northern-times.co.uk Open in urlscan Pro
13.32.110.49 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.northern-times.co.uk/subscribe/
Submission: On December 16 via api (December 16th 2022, 11:07:06 am UTC) from PL — Scanned from DE

Summary HTTP 72 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 31 IPs in 6 countries across 26 domains to perform 72 HTTP transactions. The main IP is 13.32.110.49, located in United States and belongs to AMAZON-02, US. The main domain is www.northern-times.co.uk. The Cisco Umbrella rank of the primary domain is 848188.
TLS certificate: Issued by Amazon on August 3rd 2022. Valid for: a year.

This is the only time www.northern-times.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 18	13.32.110.49 13.32.110.49	16509 (AMAZON-02) (AMAZON-02)
1	172.64.151.162 172.64.151.162	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:830::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:807::2002	15169 (GOOGLE) (GOOGLE)
5	65.9.66.52 65.9.66.52	16509 (AMAZON-02) (AMAZON-02)
3	151.101.64.176 151.101.64.176	54113 (FASTLY) (FASTLY)
2	2.18.234.190 2.18.234.190	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2606:4700:e2:... 2606:4700:e2::ac40:840f	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2600:9000:211... 2600:9000:211e:ca00:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.66.15.21 18.66.15.21	16509 (AMAZON-02) (AMAZON-02)
1	2.18.232.28 2.18.232.28	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	52.223.40.198 52.223.40.198	16509 (AMAZON-02) (AMAZON-02)
3	54.186.23.98 54.186.23.98	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	2600:9000:206... 2600:9000:206e:6e00:19:7d10:bd80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	35.166.58.247 35.166.58.247	16509 (AMAZON-02) (AMAZON-02)
1	2620:116:800d... 2620:116:800d:21:7eb1:3826:be7e:d981	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:211... 2600:9000:211e:e200:9:46dc:4700:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:211... 2600:9000:211e:3200:3:a4cd:8380:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:230... 2600:9000:2304:6e00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1 3	99.86.4.12 99.86.4.12	16509 (AMAZON-02) (AMAZON-02)
1	3.123.67.158 3.123.67.158	16509 (AMAZON-02) (AMAZON-02)
1	34.120.133.55 34.120.133.55	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
2	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
1	18.193.98.173 18.193.98.173	16509 (AMAZON-02) (AMAZON-02)
1	37.252.171.149 37.252.171.149	29990 (ASN-APPNEX) (ASN-APPNEX)
2	104.18.33.19 104.18.33.19	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2602:803:c003... 2602:803:c003:200::51	26667 (RUBICONPR...) (RUBICONPROJECT)
1	2a00:1450:400... 2a00:1450:400c:c04::9a	15169 (GOOGLE) (GOOGLE)
72	31

18 13.32.110.49 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-32-110-49.vie50.r.cloudfront.net

www.northern-times.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.64.151.162 (United States)

ASN13335 (CLOUDFLARENET, US)

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:830::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:807::2002 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 65.9.66.52 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-52.fra56.r.cloudfront.net

www.inverness-courier.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
highlandnews-the-inverness-courier.cdn.zephr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.64.176 (United States)

ASN54113 (FASTLY, US)

js.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-190.deploy.static.akamaitechnologies.com

widgets.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
widget-pixels.outbrain.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:e2::ac40:840f (United States)

ASN13335 (CLOUDFLARENET, US)

use.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2600:9000:211e:ca00:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.15.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-15-21.vie50.r.cloudfront.net

dashboard.presspatron.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.232.28 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-28.deploy.static.akamaitechnologies.com

tcheck.outbrainimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.186.23.98 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ip-54-186-23-98.stripe.com

q.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:206e:6e00:19:7d10:bd80:93a1 (United States)

ASN16509 (AMAZON-02, US)

m.stripe.network	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.166.58.247 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-166-58-247.us-west-2.compute.amazonaws.com

m.stripe.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:7eb1:3826:be7e:d981 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:e200:9:46dc:4700:93a1 (United States)

ASN16509 (AMAZON-02, US)

quantcast.mgr.consensu.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:211e:3200:3:a4cd:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)

test.cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2304:6e00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 99.86.4.12 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-12.fra6.r.cloudfront.net

sb.scorecardresearch.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.123.67.158 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-67-158.eu-central-1.compute.amazonaws.com

audit-tcfv2.cmp.quantcast.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.193.98.173 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-98-173.eu-central-1.compute.amazonaws.com

hb.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.171.149 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.33.19 (None, )

ASN13335 (CLOUDFLARENET, US)

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2602:803:c003:200::51 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)

fastlane.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
18	northern-times.co.uk 1 redirects www.northern-times.co.uk — Cisco Umbrella Rank: 848188	483 KB
7	stripe.com js.stripe.com — Cisco Umbrella Rank: 982 q.stripe.com — Cisco Umbrella Rank: 6290 m.stripe.com — Cisco Umbrella Rank: 976	101 KB
6	quantcast.com cmp.quantcast.com — Cisco Umbrella Rank: 2900 test.cmp.quantcast.com — Cisco Umbrella Rank: 10570 audit-tcfv2.cmp.quantcast.com — Cisco Umbrella Rank: 12285	148 KB
5	rubiconproject.com fastlane.rubiconproject.com — Cisco Umbrella Rank: 462	3 KB
3	scorecardresearch.com 1 redirects sb.scorecardresearch.com — Cisco Umbrella Rank: 154	2 KB
3	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 192 stats.g.doubleclick.net — Cisco Umbrella Rank: 77	131 KB
3	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2623 www.google-analytics.com — Cisco Umbrella Rank: 29	20 KB
3	fontawesome.com use.fontawesome.com — Cisco Umbrella Rank: 857	106 KB
3	inverness-courier.co.uk www.inverness-courier.co.uk — Cisco Umbrella Rank: 895842	59 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 51	201 KB
2	casalemedia.com htlb.casalemedia.com — Cisco Umbrella Rank: 482 as-sec.casalemedia.com — Cisco Umbrella Rank: 1488	1 KB
2	stripe.network m.stripe.network — Cisco Umbrella Rank: 1099	16 KB
2	zephr.com highlandnews-the-inverness-courier.cdn.zephr.com	7 KB
2	outbrain.com widgets.outbrain.com — Cisco Umbrella Rank: 1353 widget-pixels.outbrain.com — Cisco Umbrella Rank: 3225	74 KB
1	adnxs.com ib.adnxs.com — Cisco Umbrella Rank: 210	1 KB
1	emxdgt.com hb.emxdgt.com — Cisco Umbrella Rank: 4961	166 B
1	rlcdn.com api.rlcdn.com — Cisco Umbrella Rank: 802	367 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 868	642 B
1	consensu.org quantcast.mgr.consensu.org — Cisco Umbrella Rank: 2837	44 KB
1	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 939	10 KB
1	adsrvr.org match.adsrvr.org — Cisco Umbrella Rank: 315	397 B
1	outbrainimg.com tcheck.outbrainimg.com — Cisco Umbrella Rank: 8965	464 B
1	presspatron.com dashboard.presspatron.com — Cisco Umbrella Rank: 68173	12 KB
1	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 188	27 KB
1	indexww.com js-sec.indexww.com — Cisco Umbrella Rank: 599	37 KB
0	grapeshot.co.uk Failed mediaforce.grapeshot.co.uk Failed
72	26

	Domain	Requested by
18	www.northern-times.co.uk	1 redirects www.northern-times.co.uk
5	fastlane.rubiconproject.com	js-sec.indexww.com
4	cmp.quantcast.com	www.northern-times.co.uk quantcast.mgr.consensu.org
3	sb.scorecardresearch.com	1 redirects www.northern-times.co.uk
3	q.stripe.com	www.northern-times.co.uk
3	use.fontawesome.com	www.northern-times.co.uk use.fontawesome.com
3	js.stripe.com	www.northern-times.co.uk js.stripe.com
3	www.inverness-courier.co.uk	www.northern-times.co.uk
3	www.googletagmanager.com	www.northern-times.co.uk www.googletagmanager.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	m.stripe.network	js.stripe.com m.stripe.network
2	securepubads.g.doubleclick.net	www.googletagservices.com
2	highlandnews-the-inverness-courier.cdn.zephr.com	www.northern-times.co.uk
1	as-sec.casalemedia.com	js-sec.indexww.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	htlb.casalemedia.com	js-sec.indexww.com
1	ib.adnxs.com	js-sec.indexww.com
1	hb.emxdgt.com	js-sec.indexww.com
1	api.rlcdn.com	js-sec.indexww.com
1	audit-tcfv2.cmp.quantcast.com	cmp.quantcast.com
1	rules.quantcount.com	secure.quantserve.com
1	test.cmp.quantcast.com	quantcast.mgr.consensu.org
1	quantcast.mgr.consensu.org	cmp.quantcast.com
1	secure.quantserve.com	cmp.quantcast.com
1	m.stripe.com	m.stripe.network
1	match.adsrvr.org	js-sec.indexww.com
1	region1.google-analytics.com	www.googletagmanager.com
1	widget-pixels.outbrain.com	www.northern-times.co.uk
1	tcheck.outbrainimg.com	widgets.outbrain.com
1	dashboard.presspatron.com	www.northern-times.co.uk
1	widgets.outbrain.com	www.northern-times.co.uk
1	www.googletagservices.com	www.northern-times.co.uk
1	js-sec.indexww.com	www.northern-times.co.uk
0	mediaforce.grapeshot.co.uk Failed	www.northern-times.co.uk
72	34

This site contains links to these domains. Also see Links.

Domain
www.jobs-north.co.uk
twitter.com
www.facebook.com
www.inverness-courier.co.uk
www.hnmedia.co.uk
www.ipso.co.uk

Subject Issuer	Validity	Valid
www.inverness-courier.co.uk Amazon	`2022-08-03` - `2023-09-01`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-10-06` - `2023-10-05`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
a.stripecdn.com DigiCert SHA2 Extended Validation Server CA	`2022-12-15` - `2024-01-11`	a year	crt.sh
*.outbrain.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-03` - `2023-04-04`	a year	crt.sh
cmp.quantcast.com R3	`2022-11-10` - `2023-02-08`	3 months	crt.sh
dashboard.presspatron.com Amazon	`2022-02-16` - `2023-03-17`	a year	crt.sh
*.cdn.zephr.com Amazon	`2022-04-06` - `2023-05-04`	a year	crt.sh
*.outbrainimg.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-03-11` - `2023-03-15`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2022-03-31` - `2023-05-02`	a year	crt.sh
*.stripe.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-11-12` - `2023-03-09`	4 months	crt.sh
m.stripe.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-15` - `2023-01-26`	4 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
quantserve.com R3	`2022-11-11` - `2023-02-09`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.scorecardresearch.com Amazon	`2022-01-29` - `2023-02-27`	a year	crt.sh
*.emxdgt.com Amazon	`2022-06-02` - `2023-07-01`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2022-02-11` - `2023-03-14`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2022-03-08` - `2023-04-04`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.northern-times.co.uk/subscribe/
Frame ID: 6A44BEB0DFD7D8A2163E46AA04DB6322
Requests: 68 HTTP requests in this frame

Frame: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Frame ID: 79AA1E4CB863A928C377CB410BF0476A
Requests: 4 HTTP requests in this frame

Frame: https://m.stripe.network/inner.html
Frame ID: FD1067EC61FDA0FCE88FDB8F747333A2
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Subscribe now to the Northern Times and join our Rewards Club

Detected technologies

Stripe (Payment Processors) Expand

Overall confidence: 100%
Detected patterns

js\.stripe\.com

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick for Publishers (DFP) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googletagservices\.com/tag/js/gpt(?:_mobile)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Outbrain (Widgets) Expand

Overall confidence: 100%
Detected patterns

widgets\.outbrain\.com/outbrain\.js

Prebid (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.com/[^"]*(?:prebid|/pb\.js)

Quantcast Choice (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

quantcast\.mgr\.consensu\.org

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

Page Statistics

72
Requests

96 %
HTTPS

47 %
IPv6

26
Domains

34
Subdomains

31
IPs

6
Countries

1485 kB
Transfer

4187 kB
Size

16
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: http://www.jobs-north.co.uk/
Title: Jobs

Search URL Search Domain Scan URL

URL: https://twitter.com/NTnewspaper

Search URL Search Domain Scan URL

URL: https://www.facebook.com/pages/Northern-Times/180083262044972

Search URL Search Domain Scan URL

URL: https://www.inverness-courier.co.uk/news/energy-north/
Title: Energy North

Search URL Search Domain Scan URL

URL: https://www.inverness-courier.co.uk/lifestyle/
Title: Lifestyle

Search URL Search Domain Scan URL

URL: https://www.inverness-courier.co.uk/podcasts/
Title: Podcasts

Search URL Search Domain Scan URL

URL: https://www.hnmedia.co.uk/highlandheroes/
Title: Highland Heroes

Search URL Search Domain Scan URL

URL: https://www.hnmedia.co.uk/

Search URL Search Domain Scan URL

URL: https://www.hnmedia.co.uk/about-us
Title: About Us

Search URL Search Domain Scan URL

URL: https://www.hnmedia.co.uk/terms-and-conditions/
Title: Terms & Conditions

Search URL Search Domain Scan URL

URL: https://www.hnmedia.co.uk/privacy-policy/
Title: Cookie Policy

Search URL Search Domain Scan URL

URL: https://www.ipso.co.uk/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://www.northern-times.co.uk/Panels/Most-Read/ HTTP 301
https://www.northern-times.co.uk/panels/most-read/

Request Chain 54

https://sb.scorecardresearch.com/cs/6035892/beacon.js HTTP 302
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

72 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.northern-times.co.uk/subscribe/ 94 KB
19 KB 502ms
360ms Document
text/html 13.32.110.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.northern-times.co.uk/subscribe/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-110-49.vie50.r.cloudfront.net

Software

KM Galileo @ MDC-WEBIIS06 /

Resource Hash

e347fdec57c301dec8d26add8d7a7e85a65484665f2fd53ae2de5d2eaa3b8fff

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: blob: 'unsafe-eval' 'unsafe-inline'; object-src 'none'
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache, no-store, no-transform
content-encoding: gzip
content-language: en-gb, en
content-length: 18165
content-security-policy: default-src https: data: blob: 'unsafe-eval' 'unsafe-inline'; object-src 'none'
content-type: text/html; charset=UTF-8
date: Fri, 16 Dec 2022 11:07:00 GMT
expect-ct: max-age=0, report-uri="http://www.northern-times.co.uk/_report/"
expires: 0
last-modified: Thu, 03 Nov 2022 15:28:46 GMT
pragma: no-cache
server: KM Galileo @ MDC-WEBIIS06
strict-transport-security: max-age=63072000; preload
via: 1.1 0b727ed0f0558ba8e12453bfc7ff4906.cloudfront.net (CloudFront)
x-amz-cf-id: 2-rPsqC1vpljp3G1D6MrmWeYaXYsqbzV91KSZNUEMp8_UmUtB9t4Kw==
x-amz-cf-pop: VIE50-C2
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: deny
x-zephr-cache: miss

GET
H2 200 bundle-v6803505.css
www.northern-times.co.uk/_site/ 191 KB
32 KB 15ms
14ms Stylesheet
text/css 13.32.110.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.northern-times.co.uk/_site/bundle-v6803505.css

Requested by

Host: www.northern-times.co.uk
URL: https://www.northern-times.co.uk/subscribe/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-110-49.vie50.r.cloudfront.net

Software

KM Galileo @ MDC-WEBIIS07 /

Resource Hash

896e17239c75598caf74b5c442dd0c635031a4787e34da188c2c2cc007101b51

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.northern-times.co.uk/subscribe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-zephr-cache: miss
date: Thu, 08 Dec 2022 15:54:14 GMT
strict-transport-security: max-age=63072000; preload
content-encoding: gzip
via: 1.1 0b727ed0f0558ba8e12453bfc7ff4906.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 673966
x-cache: Hit from cloudfront
content-length: 31854
last-modified: Thu, 08 Dec 2022 15:45:59 GMT
server: KM Galileo @ MDC-WEBIIS07
expect-ct: max-age=0, report-uri="http://www.northern-times.co.uk/_report/"
content-type: text/css; charset=UTF-8
cache-control: public
x-amz-cf-id: wTFposoMCHZ0C-SljRjJWNRyEi6JPU7FXk0ZIVx5HA6QatZ_QaHGRw==
expires: Fri, 08 Dec 2023 15:54:15 GMT

GET
H2 200 bundle-v6759996.js Show response
www.northern-times.co.uk/_site/ 553 KB
158 KB 15ms
14ms Script
text/javascript 13.32.110.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.northern-times.co.uk/_site/bundle-v6759996.js

Requested by

Host: www.northern-times.co.uk
URL: https://www.northern-times.co.uk/subscribe/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-110-49.vie50.r.cloudfront.net

Software

KM Galileo @ MDC-WEBIIS07 /

Resource Hash

8fd759e1b4d2ec17bf3e5d2b0799d51384325b172b6b79ed55c767bee0f28d43

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.northern-times.co.uk/subscribe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-zephr-cache: miss
date: Thu, 08 Dec 2022 02:09:13 GMT
strict-transport-security: max-age=63072000; preload
content-encoding: gzip
via: 1.1 0b727ed0f0558ba8e12453bfc7ff4906.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
age: 723467
x-cache: Hit from cloudfront
content-length: 161173
last-modified: Tue, 08 Nov 2022 10:36:36 GMT
server: KM Galileo @ MDC-WEBIIS07
expect-ct: max-age=0, report-uri="http://www.northern-times.co.uk/_report/"
content-type: text/javascript; charset=UTF-8
cache-control: public
x-amz-cf-id: 1m0Bpgua423k3z84v19h_RE_ITSrbZP5TVGRhdsVerJEGMd6VuA3zQ==
expires: Fri, 08 Dec 2023 02:09:13 GMT

GET
H2 200 185246-104928780726738.js Show response
js-sec.indexww.com/ht/p/ 123 KB
37 KB 90ms
37ms Script
text/javascript 172.64.151.162
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/ht/p/185246-104928780726738.js
Requested by: Host: www.northern-times.co.uk
URL: https://www.northern-times.co.uk/subscribe/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 172.64.151.162 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4033405cb20bf1182028fb8d0a00bb37639fb2d7d4e64c48482f06f82711d4d1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.northern-times.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 11:07:00 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Fri, 16 Dec 2022 10:56:05 GMT
server: cloudflare
age: 410
etag: W/"764b59-1ea81-5efefd0f89047"
vary: Accept-Encoding
content-type: text/javascript
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control: cache-maxage=1h
cache-control: public, max-age=14400
cf-ray: 77a6f3f25e939a0c-FRA
expires: Fri, 16 Dec 2022 15:07:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 216 KB
76 KB 56ms
32ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-980ST4875B

Requested by

Host: www.northern-times.co.uk
URL: https://www.northern-times.co.uk/subscribe/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

15eb658b59b2e445c6abd3e2268009d23fc41542fd136c6a82a80bc989ba8cbb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.northern-times.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 11:07:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 77295
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 16 Dec 2022 11:07:00 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 80 KB
27 KB 136ms
72ms Script
text/javascript 2a00:1450:400d:807::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.northern-times.co.uk
URL: https://www.northern-times.co.uk/subscribe/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:807::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0648dd60b72161450eb93d6fa81bb6ec46bb9dffb2d2d0c6f3b5d4ac1e01dda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.northern-times.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 11:07:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27542
x-xss-protection: 0
server: sffe
etag: "1422 / 726 of 1000 / last-modified: 1670587517"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Fri, 16 Dec 2022 11:07:00 GMT

GET
H2 200 wp-banners.js Show response
www.northern-times.co.uk/ 112 B
758 B 150ms
149ms Script
text/javascript 13.32.110.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.northern-times.co.uk/wp-banners.js
Requested by: Host: www.northern-times.co.uk
URL: https://www.northern-times.co.uk/subscribe/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-49.vie50.r.cloudfront.net
Software: KM Galileo @ MDC-WEBIIS06 /
Resource Hash: b7d2421cd16ef24475fe9cc16b97d1793e659f5f2ea75f9a5fa6ec36812b5f82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.northern-times.co.uk/subscribe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-zephr-cache: miss
date: Fri, 16 Dec 2022 11:07:00 GMT
content-encoding: gzip
via: 1.1 0b727ed0f0558ba8e12453bfc7ff4906.cloudfront.net (CloudFront)
server: KM Galileo @ MDC-WEBIIS06
x-amz-cf-pop: VIE50-C2
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: private
content-length: 117
x-amz-cf-id: RmgclV0GPhT6h_2kHfJdOsbJhwcB1i7-wOVi3sniHgVUGI9X7RiBDg==

GET
H2 200 northerntimes_1.jpg
www.northern-times.co.uk/_assets/ 8 KB
8 KB 31ms
28ms Image
image/jpeg 13.32.110.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.northern-times.co.uk/_assets/northerntimes_1.jpg

Requested by

Host: www.northern-times.co.uk
URL: https://www.northern-times.co.uk/subscribe/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-110-49.vie50.r.cloudfront.net

Software

KM Galileo @ MDC-WEBIIS06 /

Resource Hash

025bfec0904b46791f8b94fdfe5891e8b97a59968a893be5341e2af832b4c0af

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.northern-times.co.uk/subscribe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-zephr-cache: miss
date: Mon, 05 Dec 2022 10:19:24 GMT
strict-transport-security: max-age=63072000; preload
via: 1.1 0b727ed0f0558ba8e12453bfc7ff4906.cloudfront.net (CloudFront)
last-modified: Wed, 05 Dec 2018 14:10:26 GMT
server: KM Galileo @ MDC-WEBIIS06
x-amz-cf-pop: VIE50-C2
age: 953256
expect-ct: max-age=0, report-uri="http://www.northern-times.co.uk/_report/"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public
content-length: 7744
x-amz-cf-id: Wbsuai2GoUm2L6vAlV7I5_aXEsvNukJ-2CqhObKbzFj8alg-G7FmkA==
expires: Tue, 05 Dec 2023 10:19:24 GMT

GET
H2 200 digital2.png
www.inverness-courier.co.uk/_assets/ 7 KB
8 KB 74ms
8ms Image
image/png 65.9.66.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.inverness-courier.co.uk/_assets/digital2.png

Requested by

Host: www.northern-times.co.uk
URL: https://www.northern-times.co.uk/subscribe/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-52.fra56.r.cloudfront.net

Software

KM Galileo @ MDC-WEBIIS06 /

Resource Hash

ab16ceb1de51064afcf9aadc8c954b4e65814d15b083278010a1cf2447ab337f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.northern-times.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-zephr-cache: miss
date: Tue, 29 Nov 2022 07:49:08 GMT
strict-transport-security: max-age=63072000; preload
via: 1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
last-modified: Tue, 20 Jul 2021 11:39:39 GMT
server: KM Galileo @ MDC-WEBIIS06
x-amz-cf-pop: FRA56-C1
age: 1480672
expect-ct: max-age=0, report-uri="http://www.inverness-courier.co.uk/_report/"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public
content-length: 7667
x-amz-cf-id: UmFxztbYOqunCwrbd0_1OKPUZypaYvZ4JVVVUq9_zl5nqjlH2v8amQ==
expires: Wed, 29 Nov 2023 07:49:08 GMT

GET
H2 200 digitalapp2.png
www.inverness-courier.co.uk/_assets/ 23 KB
24 KB 75ms
9ms Image
image/png 65.9.66.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.inverness-courier.co.uk/_assets/digitalapp2.png

Requested by

Host: www.northern-times.co.uk
URL: https://www.northern-times.co.uk/subscribe/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-52.fra56.r.cloudfront.net

Software

KM Galileo @ MDC-WEBIIS07 /

Resource Hash

4ac3344b7f07674a5c27a01bdc983e324a7fe499cb98de966768c99e295d6464

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.northern-times.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-zephr-cache: miss
date: Sat, 26 Nov 2022 18:21:41 GMT
strict-transport-security: max-age=63072000; preload
via: 1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
last-modified: Tue, 20 Jul 2021 11:39:39 GMT
server: KM Galileo @ MDC-WEBIIS07
x-amz-cf-pop: FRA56-C1
age: 1701919
expect-ct: max-age=0, report-uri="http://www.inverness-courier.co.uk/_report/"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public
content-length: 23841
x-amz-cf-id: -W5xlczhKOhnRGQWk18rqzeoU4G1HZkU4kP55sAQUlRJKTXJQwXyww==
expires: Sun, 26 Nov 2023 18:21:42 GMT

GET
H2 200 digitalapppaper2.png
www.inverness-courier.co.uk/_assets/ 26 KB
27 KB 80ms
14ms Image
image/png 65.9.66.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.inverness-courier.co.uk/_assets/digitalapppaper2.png

Requested by

Host: www.northern-times.co.uk
URL: https://www.northern-times.co.uk/subscribe/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-52.fra56.r.cloudfront.net

Software

KM Galileo @ MDC-WEBIIS06 /

Resource Hash

b37964667a3cbda197836e455a591d9fd890892620822f5c690ba3fe027de12a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.northern-times.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-zephr-cache: miss
date: Wed, 14 Dec 2022 16:52:01 GMT
strict-transport-security: max-age=63072000; preload
via: 1.1 35a6ad9a7597ea2f4dacbdb5dc66a66c.cloudfront.net (CloudFront)
last-modified: Tue, 20 Jul 2021 11:39:38 GMT
server: KM Galileo @ MDC-WEBIIS06
x-amz-cf-pop: FRA56-C1
age: 152099
expect-ct: max-age=0, report-uri="http://www.inverness-courier.co.uk/_report/"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public
content-length: 26405
x-amz-cf-id: oeqKTZ0djcPAJTWxFXpSXp8Q6GjP_J7OHt8LGoQRoTG14v98HKWLvw==
expires: Thu, 14 Dec 2023 16:52:02 GMT

GET
H2 200 / Show response
js.stripe.com/v3/ 405 KB
98 KB 73ms
7ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/

Requested by

Host: www.northern-times.co.uk
URL: https://www.northern-times.co.uk/subscribe/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

54a439f601a103b6dee5a7fe81a15c2daa0380612ec9dc219fddd55fd694562a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.northern-times.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 16 Dec 2022 11:07:00 GMT
via: 1.1 varnish
age: 46
x-cache: HIT
content-length: 99828
x-request-id: 7bde525a-8138-40d0-95ac-683a20e234eb
x-served-by: cache-hhn-etou8220093-HHN
last-modified: Thu, 15 Dec 2022 17:17:37 GMT
server: Fastly
etag: "f5195829e851cd843ea13cf55f1141b9"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=60
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3

GET
H2 200 hnm-white-logo.png
www.northern-times.co.uk/_assets/ 2 KB
2 KB 31ms
30ms Image
image/png 13.32.110.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.northern-times.co.uk/_assets/hnm-white-logo.png

Requested by

Host: www.northern-times.co.uk
URL: https://www.northern-times.co.uk/subscribe/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-110-49.vie50.r.cloudfront.net

Software

KM Galileo @ MDC-WEBIIS06 /

Resource Hash

a3fd934617c4c8268b954211cb7e03f8b68bd3709146ff16967cef827b14f35b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.northern-times.co.uk/subscribe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-zephr-cache: miss
date: Thu, 01 Dec 2022 12:54:39 GMT
strict-transport-security: max-age=63072000; preload
via: 1.1 0b727ed0f0558ba8e12453bfc7ff4906.cloudfront.net (CloudFront)
last-modified: Wed, 11 Dec 2019 11:01:37 GMT
server: KM Galileo @ MDC-WEBIIS06
x-amz-cf-pop: VIE50-C2
age: 1289541
expect-ct: max-age=0, report-uri="http://www.northern-times.co.uk/_report/"
x-cache: Hit from cloudfront
content-type: image/png
cache-control: public
content-length: 1547
x-amz-cf-id: aRA3s7Znze__fXvr3ELOW2HhfmT1h-bUtH3QFhk1_MmhPsAOJElMlQ==
expires: Fri, 01 Dec 2023 12:54:39 GMT

GET
H2 200 ipso_regulated_footer.jpg
www.northern-times.co.uk/_assets/ 17 KB
18 KB 32ms
30ms Image
image/jpeg 13.32.110.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.northern-times.co.uk/_assets/ipso_regulated_footer.jpg

Requested by

Host: www.northern-times.co.uk
URL: https://www.northern-times.co.uk/subscribe/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-110-49.vie50.r.cloudfront.net

Software

KM Galileo @ MDC-WEBIIS07 /

Resource Hash

2d77fa8aadc7ffd71afe00698125a4fd1f0955085e7213ede62710ec9b4c12ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.northern-times.co.uk/subscribe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-zephr-cache: miss
date: Fri, 09 Dec 2022 02:06:17 GMT
strict-transport-security: max-age=63072000; preload
via: 1.1 0b727ed0f0558ba8e12453bfc7ff4906.cloudfront.net (CloudFront)
last-modified: Tue, 24 Sep 2019 12:13:50 GMT
server: KM Galileo @ MDC-WEBIIS07
x-amz-cf-pop: VIE50-C2
age: 637243
expect-ct: max-age=0, report-uri="http://www.northern-times.co.uk/_report/"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public
content-length: 17373
x-amz-cf-id: 0pr0XOms1aB0xv2jP8d6Prhkj-4P3E3e6p9OxLtRQECZiEIXXYWGpA==
expires: Sat, 09 Dec 2023 02:06:17 GMT

GET
H2 200 outbrain.js Show response
widgets.outbrain.com/ 214 KB
74 KB 47ms
9ms Script
application/x-javascript 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://widgets.outbrain.com/outbrain.js
Requested by: Host: www.northern-times.co.uk
URL: https://www.northern-times.co.uk/subscribe/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 9372f48cbd25c4cb3617bad47adacf1ec5b9ed0825d1408186773f1d79049fa0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.northern-times.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 11:07:00 GMT
content-encoding: gzip
last-modified: Thu, 15 Dec 2022 08:14:38 GMT
etag: "16-jkjv4xs2U6RzaR8b30Bvctr57qc"
vary: Accept-Encoding
edge-cache-tag: widget-cheetah
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET,POST
cache-control: max-age=14400
access-control-allow-credentials: false
x-traceid: 7e86f7db13e88d87ed71be017015d53e
timing-allow-origin: *, *
content-length: 75005

GET
H2 200 1x1.gif
www.northern-times.co.uk/ 42 B
823 B 32ms
31ms Image
image/gif 13.32.110.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.northern-times.co.uk/1x1.gif

Requested by

Host: www.northern-times.co.uk
URL: https://www.northern-times.co.uk/subscribe/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-110-49.vie50.r.cloudfront.net

Software

KM Galileo @ MDC-WEBIIS06 /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.northern-times.co.uk/subscribe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-zephr-cache: miss
date: Sun, 11 Dec 2022 09:40:27 GMT
strict-transport-security: max-age=63072000; preload
via: 1.1 0b727ed0f0558ba8e12453bfc7ff4906.cloudfront.net (CloudFront)
last-modified: Wed, 14 Nov 2018 14:20:10 GMT
server: KM Galileo @ MDC-WEBIIS06
x-amz-cf-pop: VIE50-C2
age: 437193
expect-ct: max-age=0, report-uri="http://www.northern-times.co.uk/_report/"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: public
content-length: 42
x-amz-cf-id: _NpeZx7Ya98RQEd4Ld2my77grp6q1mhWJD3GPE7-KZMHcaS_31PlRw==
expires: Mon, 11 Dec 2023 09:40:28 GMT

GET
H2 200 all.css
use.fontawesome.com/releases/v5.0.9/css/ 36 KB
9 KB 39ms
21ms Stylesheet
text/css 2606:4700:e2::ac40:840f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.0.9/css/all.css
Requested by: Host: www.northern-times.co.uk
URL: https://www.northern-times.co.uk/_site/bundle-v6803505.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a3f65921afd556d3e8917b214d5324c6d62849a9f0608c53556f3792a6ce9d36

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.northern-times.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 11:07:00 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: WZH974JG6PG3FNWS
age: 748536
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-id-2: c/2RxBdmn6hqNthuR+1gMCclARPhyaEr+x9BdtpYDeGs1cuwQOo3iMyO0wkxGPULjUBq1GZCuns=
last-modified: Wed, 30 Jun 2021 15:28:17 GMT
server: cloudflare
etag: W/"bee5a66d62a031345fd944787f05f538"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gw9WCPVXBGs8ibHhCS6b36GmksbCnI4BNmzXZNz7Q1odyapcSF54JuBzReSj0CyLNIjzsoY%2FIhX0%2BsWSxNERA1ZrXpkbKO5w5SvdyEJwbnXkjoZ6s7pq6Reg%2FOWleqrRAJPLbPV%2BlD%2BPSoZsa5q2rL%2F6"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31556926
cf-ray: 77a6f3f1bcb990fb-FRA

GET
DATA 200
OK truncated
/ 44 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 82 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 90 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/webp

GET
DATA 200
OK truncated
/ 38 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 choice.js Show response
cmp.quantcast.com/choice/Hn-a_zK9d2v3p/northern-times.co.uk/ 5 KB
2 KB 436ms
403ms Script
application/javascript 2600:9000:211e:ca00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/choice/Hn-a_zK9d2v3p/northern-times.co.uk/choice.js?tag_version=V2
Requested by: Host: www.northern-times.co.uk
URL: https://www.northern-times.co.uk/_site/bundle-v6759996.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:ca00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0396d6409ed2eef01415deb94877313449d045efea2ce46febb8789e27551e68

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.northern-times.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 11:07:02 GMT
content-encoding: br
via: 1.1 3298c44116035984c2fac24b89183c4e.cloudfront.net (CloudFront)
last-modified: Fri, 03 Dec 2021 10:13:37 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-C2
x-amz-server-side-encryption: AES256
etag: W/"e2081339f4f09c8b5635272f83d11e83"
vary: Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript
cache-control: max-age=3600
cross-origin-resource-policy: cross-origin
x-amz-cf-id: rUsSJdk-CDxTwuBcDZLMX-_JbxUMaOwhYWd_6WkG4ZXqrwwrK5EaUA==

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 139 KB
51 KB 44ms
21ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5Q9XXRB

Requested by

Host: www.northern-times.co.uk
URL: https://www.northern-times.co.uk/subscribe/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

2cb5cf9d67b8515b96e6f633239617ca751fe7603ac2a83e518dd31abba559a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.northern-times.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 11:07:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 52028
x-xss-protection: 0
last-modified: Fri, 16 Dec 2022 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 16 Dec 2022 11:07:00 GMT

GET
H2 200 banner Show response
dashboard.presspatron.com/dev/ 11 KB
12 KB 55ms
13ms Script
text/javascript 18.66.15.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dashboard.presspatron.com/dev/banner?b=YaaPAtiDGVzX4PEdGEEEYjiW

Requested by

Host: www.northern-times.co.uk
URL: https://www.northern-times.co.uk/subscribe/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.15.21 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-15-21.vie50.r.cloudfront.net

Software

Resource Hash

63bedae1e9a8ec67b898efd5f0fdf2886b9f71568238bb42bb83269b5c5c54ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.northern-times.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 07:50:48 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 3e0d912790c2cd730e222487cbb10f98.cloudfront.net (CloudFront)
x-permitted-cross-domain-policies: none
x-amz-cf-pop: VIE50-P1
age: 11772
x-cache: Hit from cloudfront
x-xss-protection: 1; mode=block
x-request-id: d6055e4c-d148-4d54-b94f-6f2846e9b120
x-runtime: 0.011605
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 17 Apr 2020 07:55:19 GMT
etag: W/"0234ff362ab687b05a14de0d71be24ab"
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=utf-8
cache-control: max-age=86400, public
x-amz-cf-id: tbKXgU9QlPdjWD-OaSgQSUrX9o6SqFTwUhFNoPIeORiF-oxuTFIn9g==

GET
H2 200 datalayer Show response
www.northern-times.co.uk/blaize/ 310 B
931 B 144ms
143ms XHR
application/json 13.32.110.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.northern-times.co.uk/blaize/datalayer
Requested by: Host: www.northern-times.co.uk
URL: https://www.northern-times.co.uk/subscribe/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.32.110.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-32-110-49.vie50.r.cloudfront.net
Software: /
Resource Hash: 3e156677fb5c30e490f98a06a41b25fb48f94a1b7378cf61690b9c7b5f9d68ee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.northern-times.co.uk/subscribe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 11:07:00 GMT
via: 1.1 0b727ed0f0558ba8e12453bfc7ff4906.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
x-cache: Miss from cloudfront
content-type: application/json; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
content-length: 310
x-amz-cf-id: 3WjoqBIfNU2FJZip6HdP33TwvSNGT_Uv_HlQ9F6MYQnUNoGkM4NeBQ==
x-blaize-request: 57f5f8b

GET
H2 200 pinktick.jpg
highlandnews-the-inverness-courier.cdn.zephr.com/_assets/ 4 KB
4 KB 26ms
9ms Image
image/jpeg 65.9.66.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://highlandnews-the-inverness-courier.cdn.zephr.com/_assets/pinktick.jpg

Requested by

Host: www.northern-times.co.uk
URL: https://www.northern-times.co.uk/subscribe/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-52.fra56.r.cloudfront.net

Software

KM Galileo @ MDC-WEBIIS06 /

Resource Hash

3494ae53e3856bc78533b33c38f99a797fd74f221a58078f610642b28319e065

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.northern-times.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-zephr-cache: miss
date: Sat, 03 Dec 2022 20:14:48 GMT
strict-transport-security: max-age=63072000; preload
via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 1090332
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 3762
last-modified: Thu, 15 Jul 2021 07:20:45 GMT
server: KM Galileo @ MDC-WEBIIS06
expect-ct: max-age=0, report-uri="http://www.inverness-courier.co.uk/_report/"
content-type: image/jpeg
cache-control: public
x-amz-cf-id: 5AQ5YNHhZx-hENxS5XMHxkESe4t4k95jARw7EDmdZ6WrvyYcqp5CfQ==
expires: Sun, 03 Dec 2023 20:14:48 GMT

GET
H2 200 whitetick.png
highlandnews-the-inverness-courier.cdn.zephr.com/_assets/ 1 KB
2 KB 26ms
9ms Image
image/png 65.9.66.52
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://highlandnews-the-inverness-courier.cdn.zephr.com/_assets/whitetick.png

Requested by

Host: www.northern-times.co.uk
URL: https://www.northern-times.co.uk/subscribe/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

65.9.66.52 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-65-9-66-52.fra56.r.cloudfront.net

Software

KM Galileo @ MDC-WEBIIS06 /

Resource Hash

90b05bed35e95d817b214a19c2ffe15235579cce9fcab69da13f10af007ced79

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.northern-times.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-zephr-cache: miss
date: Sat, 10 Dec 2022 09:57:55 GMT
strict-transport-security: max-age=63072000; preload
via: 1.1 afcdbc9d4d397c4a65e6b312552ff7ee.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
age: 522545
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 1330
last-modified: Tue, 20 Jul 2021 07:18:32 GMT
server: KM Galileo @ MDC-WEBIIS06
expect-ct: max-age=0, report-uri="http://www.inverness-courier.co.uk/_report/"
content-type: image/png
cache-control: public
x-amz-cf-id: pOJBeG0i4nNqijm_PUVkqD6es4nAyCZmjUg9PQTyI5oF14bTkOS5TQ==
expires: Sun, 10 Dec 2023 09:57:55 GMT

GET
H3 200 fa-solid-900.woff2
use.fontawesome.com/releases/v5.0.9/webfonts/ 43 KB
44 KB 33ms
23ms Font
font/woff2 2606:4700:e2::ac40:840f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.0.9/webfonts/fa-solid-900.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.0.9/css/all.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 08f7874f8336b47e49d9719c38cea16cdea6362962f5001db3f2d0bb47332357

Request headers

Referer: https://use.fontawesome.com/releases/v5.0.9/css/all.css
Origin: https://www.northern-times.co.uk
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 11:07:00 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 5YHJPX8V53RCT1F9
age: 1074937
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44004
x-amz-id-2: 6u23pYWFjz/NDhhHfS6PYG2kq2XVXZnMYvVMe2q27DZIX+XLBceItbuVPTrteq0baxzudKQWPbc7X0kmOsoyRQ==
last-modified: Wed, 30 Jun 2021 15:28:31 GMT
server: cloudflare
etag: "9f3c8f805668d4182d2173b660a7a21e"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LzDIsUJhRW%2BeZSwYWOSVIc3Vv2YnXzt0V1j2BYigcNC4rYjRnWNqhW8QiA91oxFLfY0%2FN25iWyoCoy02Hsu9ABQ1oZVKw%2BYkW5SP%2FqP95%2FjV1ZkJfe7Ih%2BcitdmvWuEjTmyAUHvf4I%2FG0egbfp9CipBl"}],"group":"cf-nel","max_age":604800}
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 77a6f3f2ae4d9b2e-FRA

GET
H3 200 fa-brands-400.woff2
use.fontawesome.com/releases/v5.0.9/webfonts/ 53 KB
54 KB 40ms
30ms Font
font/woff2 2606:4700:e2::ac40:840f
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://use.fontawesome.com/releases/v5.0.9/webfonts/fa-brands-400.woff2
Requested by: Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.0.9/css/all.css
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:e2::ac40:840f , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9ae2326c389ddbc93a2636b121456333152931549bd5bd16a5cd2ee24e601c16

Request headers

Referer: https://use.fontawesome.com/releases/v5.0.9/css/all.css
Origin: https://www.northern-times.co.uk
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 11:07:00 GMT
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: 948KMX5Q49EQMDKJ
age: 48375
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 54684
x-amz-id-2: 3PSJbOzLLhbkzzwanNIF/w0/IB5bbOraFO6gyxGfdbcYCNcfHOwD2E8JYYjiNdoiyCcYcGnFpnM=
last-modified: Wed, 30 Jun 2021 15:28:31 GMT
server: cloudflare
etag: "4019e2ef5746b8baa1ca57ff6afd6bed"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: font/woff2
access-control-allow-origin: *
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EKJwvcMaK3m3u%2BzTZXxdqRidyAmEh6J%2FZc9pUgOw%2F6xjLHOSUaKcB0pMRB%2B%2FmokLpu%2BH%2BlPLqZwe%2FgRbzru%2FRL0qi36fX6XqWSQSnoLripUMN6%2BxVqGtLy5J9DRPUAs1%2FxfkUMn2Mx2We8MujBiIppWe"}],"group":"cf-nel","max_age":604800}
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 77a6f3f2ae4b9b2e-FRA

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 213 KB
75 KB 43ms
25ms Script
application/javascript 2a00:1450:4001:830::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-980ST4875B&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Q9XXRB

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ee2990dca69cbe7e1df0f1a91d82a58e030dd2d35637e6d58786d110da0c28d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.northern-times.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 11:07:00 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 76318
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Fri, 16 Dec 2022 11:07:00 GMT

GET
H/1.1 200
OK d3d3Lm5vcnRoZXJuLXRpbWVzLmNvLnVr Show response
tcheck.outbrainimg.com/tcheck/check/ 16 B
464 B 61ms
9ms XHR
application/json 2.18.232.28
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://tcheck.outbrainimg.com/tcheck/check/d3d3Lm5vcnRoZXJuLXRpbWVzLmNvLnVr
Requested by: Host: widgets.outbrain.com
URL: https://widgets.outbrain.com/outbrain.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.28 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-28.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.northern-times.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Fri, 16 Dec 2022 11:07:01 GMT
ETag: W/"10-us8lSJutAxKqLzf8c1+n5XstcwY"
Access-Control-Max-Age: 43200
Access-Control-Allow-Methods: GET,POST
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=33907
Access-Control-Allow-Credentials: false
Connection: keep-alive
X-TraceId: 37f3a2abbbfaf4b2099852fe543ca6c2
Content-Length: 16
Expires: Fri, 16 Dec 2022 20:32:08 GMT

GET
H2 200 px.gif
widget-pixels.outbrain.com/widget/detect/ 43 B
341 B 12ms
11ms Image
image/gif 2.18.234.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://widget-pixels.outbrain.com/widget/detect/px.gif?ch=1
Requested by: Host: www.northern-times.co.uk
URL: https://www.northern-times.co.uk/subscribe/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-190.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.northern-times.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 11:07:00 GMT
last-modified: Wed, 30 Sep 2020 14:22:29 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1601475749.911431"
access-control-allow-methods: GET,POST
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=2592000
access-control-allow-credentials: false
accept-ranges: bytes
timing-allow-origin: *, *
content-length: 43
expires: Sun, 15 Jan 2023 11:07:00 GMT

GET
H2 200 m-outer-93afeeb17bc37e711759584dbfc50d47.html Show response
js.stripe.com/v3/ Frame 79AA 200 B
786 B 10ms
10ms Document
text/html 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.northern-times.co.uk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 723717
cache-control: max-age=31536000
content-encoding: br
content-length: 122
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 16 Dec 2022 11:07:00 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
last-modified: Wed, 07 Dec 2022 23:30:12 GMT
server: Fastly
strict-transport-security: max-age=31556926; includeSubDomains; preload
timing-allow-origin: *
vary: Accept-Encoding
via: 1.1 varnish
x-cache: HIT
x-cache-hits: 384400
x-content-type-options: nosniff
x-request-id: 6746e73b-7b1e-4aa9-9f0e-86385a725860
x-served-by: cache-hhn-etou8220093-HHN

POST
H2 204 collect
region1.google-analytics.com/g/ 0
354 B 38ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-980ST4875B&gtm=2oebu0&_p=1869255879&cid=1352051152.1671188821&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1671188820&sct=1&seg=0&dl=https%3A%2F%2Fwww.northern-times.co.uk%2Fsubscribe%2F&dt=Subscribe%20now%20to%20the%20Northern%20Times%20and%20join%20our%20Rewards%20Club&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-980ST4875B
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.northern-times.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 11:07:01 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.northern-times.co.uk
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

/ Show response
www.northern-times.co.uk/panels/most-read/
Redirect Chain

https://www.northern-times.co.uk/Panels/Most-Read/
https://www.northern-times.co.uk/panels/most-read/

5 KB
2 KB

106ms
106ms

XHR
text/html

13.32.110.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.northern-times.co.uk/panels/most-read/

Requested by

Host: www.northern-times.co.uk
URL: https://www.northern-times.co.uk/subscribe/

Protocol

Server

13.32.110.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-110-49.vie50.r.cloudfront.net

Software

KM Galileo @ MDC-WEBIIS06 /

Resource Hash

63294caa8902de3e0f710f88498ec5261f646de44825f0d340a70c0c924b8e5f

Security Headers

Name	Value
Content-Security-Policy	default-src https: data: blob: 'unsafe-eval' 'unsafe-inline'; object-src 'none'
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.northern-times.co.uk/subscribe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-zephr-cache: miss
date: Fri, 16 Dec 2022 11:07:01 GMT
strict-transport-security: max-age=63072000; preload
x-content-type-options: nosniff
content-security-policy: default-src https: data: blob: 'unsafe-eval' 'unsafe-inline'; object-src 'none'
content-encoding: gzip
via: 1.1 0b727ed0f0558ba8e12453bfc7ff4906.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
x-cache: Miss from cloudfront
content-length: 1120
pragma: no-cache
last-modified: Wed, 19 Feb 2020 07:36:14 GMT
server: KM Galileo @ MDC-WEBIIS06
expect-ct: max-age=0, report-uri="http://www.northern-times.co.uk/_report/"
x-frame-options: deny
content-language: en-gb, en
content-type: text/html; charset=UTF-8
cache-control: no-cache, no-store, must-revalidate
x-amz-cf-id: Tsl1dmlqJ0fm_sT4WSqvQXSx_1xxxSbhmyZuiMbj4_U2_UgLdqK8Fg==
expires: 0

Redirect headers

x-zephr-cache: hit
date: Fri, 16 Dec 2022 11:07:01 GMT
strict-transport-security: max-age=63072000; preload
content-encoding: gzip
via: 1.1 0b727ed0f0558ba8e12453bfc7ff4906.cloudfront.net (CloudFront)
server: KM Galileo @ MDC-WEBIIS07
x-amz-cf-pop: VIE50-C2
expect-ct: max-age=0, report-uri="http://www.northern-times.co.uk/_report/"
x-cache: Miss from cloudfront
content-type: text/html; charset=utf-8
location: https://www.northern-times.co.uk/panels/most-read/
cache-control: private
x-zephr-origin-timestamp: 2022-12-16T10:57:54.283Z
content-length: 1378
x-amz-cf-id: A506vMqConPFK7s3YCCB0MQNyAe_29JgOHqfsQIsKjIuwxFCawBfWw==

GET
H2 200 rid Show response
match.adsrvr.org/track/ 63 B
397 B 134ms
32ms XHR
application/json 52.223.40.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=185246&gdpr=1
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185246-104928780726738.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a6370ebea231e0c9a.awsglobalaccelerator.com
Software: /
Resource Hash: 7a2fee0d255d39264c64399f0c123c4366bc7db400c6f88bef53d182c046e3f3

Request headers

Referer: https://www.northern-times.co.uk/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 16 Dec 2022 11:07:01 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.northern-times.co.uk
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 63
expires: Sun, 15 Jan 2023 11:07:01 GMT

POST
H2 200 csp-report
q.stripe.com/ Frame 79AA 0
570 B 563ms
179ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.northern-times.co.uk
URL: https://www.northern-times.co.uk/subscribe/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 16 Dec 2022 11:07:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

POST
H2 200 csp-report
q.stripe.com/ Frame 79AA 0
571 B 561ms
178ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.northern-times.co.uk
URL: https://www.northern-times.co.uk/subscribe/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/csp-report

Response headers

date: Fri, 16 Dec 2022 11:07:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-envoy-upstream-service-time: 1
content-length: 0
pragma: no-cache
referrer-policy: strict-origin-when-cross-origin
server: nginx
cross-origin-opener-policy: same-origin
access-control-max-age: 3600
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://js.stripe.com
access-control-expose-headers: Server, Range, Content-Type
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-robots-tag: none
access-control-allow-headers: Authorization, Content-Type, Accept, Origin, User-Agent, DNT, Cache-Control, Keep-Alive, X-Requested-With, If-Modified-Since, Range, X-Stripe-Csrf-Token
expires: 0

GET
H2 200 m-outer-8cb24ab2d649fd36a488d04d8c457933.js Show response
js.stripe.com/v3/fingerprinted/js/ Frame 79AA 631 B
484 B 11ms
11ms Script
text/javascript 151.101.64.176
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.64.176 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Fastly /

Resource Hash

250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 16 Dec 2022 11:07:01 GMT
via: 1.1 varnish
age: 723717
x-cache: HIT
content-length: 332
x-request-id: c0736e94-784a-41d7-b426-9e7866069c4a
x-served-by: cache-hhn-etou8220093-HHN
last-modified: Wed, 07 Dec 2022 23:30:11 GMT
server: Fastly
etag: "f8f6a4584135f737b26927596ce6e0a7"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 346681

GET
H2 200 pubads_impl_2022120501.js Show response
securepubads.g.doubleclick.net/gpt/ 380 KB
129 KB 30ms
8ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022120501.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.northern-times.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 08:29:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9478
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 131905
x-xss-protection: 0
last-modified: Mon, 05 Dec 2022 09:36:10 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sat, 16 Dec 2023 08:29:03 GMT

GET
H2 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 112 B
709 B 70ms
47ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.northern-times.co.uk

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c24ab4c44a0ec466a4d802c876b82f057dbc894c8528ef00803e58947faf3650

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.northern-times.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 11:07:01 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 74
x-xss-protection: 0
expires: Fri, 16 Dec 2022 11:07:01 GMT

GET
H2 200 inner.html Show response
m.stripe.network/ Frame FD10 930 B
2 KB 84ms
14ms Document
text/html 2600:9000:206e:6e00:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/inner.html

Requested by

Host: js.stripe.com
URL: https://js.stripe.com/v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206e:6e00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35

Security Headers

Name	Value
Content-Security-Policy	base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 58
cache-control: max-age=300, public
content-length: 930
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
content-type: text/html; charset=utf-8
date: Fri, 16 Dec 2022 11:06:12 GMT
etag: "fc2e029628f163bb59adc6fa5a31161c"
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
strict-transport-security: max-age=31556926; includeSubDomains; preload
vary: Accept-Encoding
via: 1.1 7b574fc6db5d0840d90b97dd76cc56ec.cloudfront.net (CloudFront)
x-amz-cf-id: zISZuqh89-g7YpyXM6CU8NzRAQw-RzSc1ByK_V0iNVXECbx0fUEVhw==
x-amz-cf-pop: VIE50-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff

POST
H2 200 csp-report
q.stripe.com/ Frame FD10 0
344 B 447ms
179ms Other
text/plain 54.186.23.98
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://q.stripe.com/csp-report

Requested by

Host: www.northern-times.co.uk
URL: https://www.northern-times.co.uk/subscribe/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

54.186.23.98 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-54-186-23-98.stripe.com

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/csp-report

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 11:07:01 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload, max-age=31556926; includeSubDomains; preload
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
server: nginx
cross-origin-opener-policy: same-origin
cache-control: max-age=0, no-cache, no-store, must-revalidate
x-envoy-upstream-service-time: 1
x-robots-tag: none
content-length: 0
expires: 0

GET
H2 200 out-4.5.42.js Show response
m.stripe.network/ Frame FD10 86 KB
14 KB 15ms
15ms Script
text/javascript 2600:9000:206e:6e00:19:7d10:bd80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.network/out-4.5.42.js

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/inner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:206e:6e00:19:7d10:bd80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Cloudfront /

Resource Hash

f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://m.stripe.network/inner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
x-content-type-options: nosniff
date: Fri, 16 Dec 2022 11:06:18 GMT
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
via: 1.1 7b574fc6db5d0840d90b97dd76cc56ec.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C1
etag: W/"21df7244385e5c0bdf32da01d0dad6c0"
age: 45
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript; charset=utf-8
cache-control: max-age=300, public
x-amz-cf-id: 8L2S4d0_3WO44QmKzFgrePJMwE8ltW0O6XkLQg18P2rBJRQ-3buj9g==

POST
H2 200 6 Show response
m.stripe.com/ Frame FD10 156 B
522 B 560ms
179ms XHR
application/json 35.166.58.247
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://m.stripe.com/6

Requested by

Host: m.stripe.network
URL: https://m.stripe.network/out-4.5.42.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

35.166.58.247 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-35-166-58-247.us-west-2.compute.amazonaws.com

Software

nginx /

Resource Hash

6a3ac091040739cb7490ce2f53ef6176f77497f6b504f696f57f52918c28336f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31556926; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://m.stripe.network/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 16 Dec 2022 11:07:01 GMT
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
server: nginx
content-type: application/json;charset=utf-8
access-control-allow-origin: https://m.stripe.network
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 156

GET
H2 200 694PS4HSPY17C3Z5NZ7B.jpg
www.northern-times.co.uk/_media/img/750x0/ 77 KB
77 KB 30ms
29ms Image
image/jpeg 13.32.110.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.northern-times.co.uk/_media/img/750x0/694PS4HSPY17C3Z5NZ7B.jpg

Requested by

Host: www.northern-times.co.uk
URL: https://www.northern-times.co.uk/subscribe/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-110-49.vie50.r.cloudfront.net

Software

KM Galileo @ MDC-WEBIIS07 /

Resource Hash

3d7f1e646f5f063037b628e06243180e29d2d0f3bea7e9594e233688e4bbb9d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.northern-times.co.uk/subscribe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-zephr-cache: miss
date: Fri, 16 Dec 2022 05:46:49 GMT
strict-transport-security: max-age=63072000; preload
via: 1.1 0b727ed0f0558ba8e12453bfc7ff4906.cloudfront.net (CloudFront)
last-modified: Fri, 16 Dec 2022 05:46:49 GMT
server: KM Galileo @ MDC-WEBIIS07
x-amz-cf-pop: VIE50-C2
age: 19212
expect-ct: max-age=0, report-uri="http://www.northern-times.co.uk/_report/"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public
content-length: 78336
x-amz-cf-id: iImEEeHfy_qTKu73tqYL_tgpAmCnn972bUCJRc6_2-wxb3P8HvShCQ==
expires: Sat, 16 Dec 2023 05:46:49 GMT

GET
H2 200 8JOMIYUI1CTGDB87LSB3.jpg
www.northern-times.co.uk/_media/img/750x0/ 20 KB
21 KB 35ms
34ms Image
image/jpeg 13.32.110.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.northern-times.co.uk/_media/img/750x0/8JOMIYUI1CTGDB87LSB3.jpg

Requested by

Host: www.northern-times.co.uk
URL: https://www.northern-times.co.uk/subscribe/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-110-49.vie50.r.cloudfront.net

Software

KM Galileo @ MDC-WEBIIS06 /

Resource Hash

9f9981cfb411b6429639e1c8e0d52fad802c95a1e79ca9175d28cb5c967082f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.northern-times.co.uk/subscribe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-zephr-cache: miss
date: Fri, 16 Dec 2022 05:46:49 GMT
strict-transport-security: max-age=63072000; preload
via: 1.1 0b727ed0f0558ba8e12453bfc7ff4906.cloudfront.net (CloudFront)
last-modified: Fri, 16 Dec 2022 05:46:49 GMT
server: KM Galileo @ MDC-WEBIIS06
x-amz-cf-pop: VIE50-C2
age: 19212
expect-ct: max-age=0, report-uri="http://www.northern-times.co.uk/_report/"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public
content-length: 20796
x-amz-cf-id: v9HfLVmuMUqKv6G0g2C2xxpV8FqDICEDQAbrcZiTxum7b33LKAFQkg==
expires: Sat, 16 Dec 2023 05:46:49 GMT

GET
H2 200 L5OHLML5KWVY7YTDP5PP.jpg
www.northern-times.co.uk/_media/img/750x0/ 51 KB
52 KB 33ms
32ms Image
image/jpeg 13.32.110.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.northern-times.co.uk/_media/img/750x0/L5OHLML5KWVY7YTDP5PP.jpg

Requested by

Host: www.northern-times.co.uk
URL: https://www.northern-times.co.uk/subscribe/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-110-49.vie50.r.cloudfront.net

Software

KM Galileo @ MDC-WEBIIS06 /

Resource Hash

879ece4cf1972a25643f74a6c788a7481f6615368c13ee4572bf368f009acaf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.northern-times.co.uk/subscribe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-zephr-cache: miss
date: Fri, 16 Dec 2022 05:46:49 GMT
strict-transport-security: max-age=63072000; preload
via: 1.1 0b727ed0f0558ba8e12453bfc7ff4906.cloudfront.net (CloudFront)
last-modified: Fri, 16 Dec 2022 00:04:58 GMT
server: KM Galileo @ MDC-WEBIIS06
x-amz-cf-pop: VIE50-C2
age: 19212
expect-ct: max-age=0, report-uri="http://www.northern-times.co.uk/_report/"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public
content-length: 52657
x-amz-cf-id: KhiT40aC1CrBhnFRRZHibqHGmc9O3PCUGq2hZNhr-mKTcf6J1SLZ2Q==
expires: Sat, 16 Dec 2023 05:46:49 GMT

GET
H2 200 HLQ43TQ46B4BZUYRWLQ0.jpg
www.northern-times.co.uk/_media/img/750x0/ 32 KB
33 KB 38ms
37ms Image
image/jpeg 13.32.110.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.northern-times.co.uk/_media/img/750x0/HLQ43TQ46B4BZUYRWLQ0.jpg

Requested by

Host: www.northern-times.co.uk
URL: https://www.northern-times.co.uk/subscribe/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-110-49.vie50.r.cloudfront.net

Software

KM Galileo @ MDC-WEBIIS07 /

Resource Hash

177a38b14119e15ed210b1db090cbdc9ef7089dbee3672e2bec0e094bc9d7698

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.northern-times.co.uk/subscribe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-zephr-cache: miss
date: Fri, 16 Dec 2022 05:46:49 GMT
strict-transport-security: max-age=63072000; preload
via: 1.1 0b727ed0f0558ba8e12453bfc7ff4906.cloudfront.net (CloudFront)
last-modified: Fri, 16 Dec 2022 05:46:49 GMT
server: KM Galileo @ MDC-WEBIIS07
x-amz-cf-pop: VIE50-C2
age: 19212
expect-ct: max-age=0, report-uri="http://www.northern-times.co.uk/_report/"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public
content-length: 32552
x-amz-cf-id: GpostWLZGDRqlmp6o1VsJe2ofLKdY6AyN_ZgXNcAgid7G5OeEXz4qw==
expires: Sat, 16 Dec 2023 05:46:49 GMT

GET
H2 200 JSNL8X1PIDNM17C72OE4.jpg
www.northern-times.co.uk/_media/img/750x0/ 49 KB
50 KB 36ms
35ms Image
image/jpeg 13.32.110.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.northern-times.co.uk/_media/img/750x0/JSNL8X1PIDNM17C72OE4.jpg

Requested by

Host: www.northern-times.co.uk
URL: https://www.northern-times.co.uk/subscribe/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-110-49.vie50.r.cloudfront.net

Software

KM Galileo @ MDC-WEBIIS07 /

Resource Hash

2f9c13a719894566c322915d24659b7921e5a4011faefd298fde0a414e2ab6d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.northern-times.co.uk/subscribe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-zephr-cache: miss
date: Fri, 16 Dec 2022 05:46:49 GMT
strict-transport-security: max-age=63072000; preload
via: 1.1 0b727ed0f0558ba8e12453bfc7ff4906.cloudfront.net (CloudFront)
last-modified: Fri, 16 Dec 2022 05:46:49 GMT
server: KM Galileo @ MDC-WEBIIS07
x-amz-cf-pop: VIE50-C2
age: 19212
expect-ct: max-age=0, report-uri="http://www.northern-times.co.uk/_report/"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public
content-length: 50480
x-amz-cf-id: iEIP8VUKAcuEXjKbi_ttSxyxohqH4tJuXlZjqpvKhfJaRbk4ZhM6RA==
expires: Sat, 16 Dec 2023 05:46:49 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 25 KB
10 KB 66ms
10ms Script
application/javascript 2620:116:800d:21:7eb1:3826:be7e:d981
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/Hn-a_zK9d2v3p/northern-times.co.uk/choice.js?tag_version=V2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: d854082be0173c977aad8f65cdb9b88fd005f3dd3f34f894ab9fdba5a283780f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.northern-times.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 11:07:01 GMT
content-encoding: gzip
etag: "StHfV9prSwQMxjKWocWEFw=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Fri, 23 Dec 2022 11:07:01 GMT

GET
H2 200 cmp2.js Show response
quantcast.mgr.consensu.org/tcfv2/ 177 KB
44 KB 50ms
8ms Script
text/javascript 2600:9000:211e:e200:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=northern-times.co.uk
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/Hn-a_zK9d2v3p/northern-times.co.uk/choice.js?tag_version=V2
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:e200:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2bd23d1a6781e5c15a107f6d5e2fd7b55ae061d92180e3c9b099ccfe6e2b7f01

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.northern-times.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 10:30:04 GMT
content-encoding: br
via: 1.1 0c0a9358491c37c184a221ad07b92016.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 2218
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 10 Nov 2022 18:23:42 GMT
server: AmazonS3
etag: W/"37fdfbac0c6ef64496f7d86258c934a8"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-meta-qc-ineu: True
vary: Accept-Encoding
x-amz-cf-id: rGN3C5z5uENdEDCo2vIq4q0Nds3iK4iFJteLAYWyJcYVWAFRSeGhqA==

GET
H2 200 cmp-list.json Show response
test.cmp.quantcast.com/GVL-v2/ 10 KB
3 KB 54ms
8ms XHR
application/json 2600:9000:211e:3200:3:a4cd:8380:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://test.cmp.quantcast.com/GVL-v2/cmp-list.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=northern-times.co.uk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:3200:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 853a1f973e0c7d05b846cb408953ca4c5a00be5410f030c37f25dcccaf2c7bf1

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.northern-times.co.uk/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 03:00:40 GMT
x-amz-version-id: 1z0UoXMJ9xzbs2qI0bEVqRIwlX6l1fM5
content-encoding: gzip
via: 1.1 7d3c59ee1b45f72158a8cbce053c8978.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 29182
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Thu, 15 Dec 2022 19:53:40 GMT
server: AmazonS3
etag: W/"1fcb7b340973662b8c72821035297be8"
access-control-max-age: 86400
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=172800
vary: Accept-Encoding
x-amz-cf-id: l39OSXcE6FBg9nxr_vL0yEGY24ajGNG-2wmh80OSgExqUXtpeVN5Yg==

GET
H2 200 rules-p-Hn-a_zK9d2v3p.js Show response
rules.quantcount.com/ 160 B
642 B 65ms
14ms Script
application/javascript 2600:9000:2304:6e00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-Hn-a_zK9d2v3p.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2304:6e00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 435f597f243f0574c08ff3a5980dd52af81b42c69d26d55d0b13f217b1f6c918

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.northern-times.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 10:52:42 GMT
via: 1.1 6d125e47c290f30bf760f976c0325c98.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-P1
age: 918
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 160
last-modified: Thu, 13 Oct 2022 14:45:04 GMT
server: AmazonS3
etag: "0b3472b72fe0165cdfb5d71fea9696f4"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
x-amz-cf-id: aVD5PiyYo4tK_ifiMYBZ2eOC_MmQtJ5LipG8oqiugZ0IzwI9AFoIfA==

GET
H2 200 cmp2ui-en.js Show response
cmp.quantcast.com/tcfv2/45/ 248 KB
65 KB 10ms
8ms Script
text/javascript 2600:9000:211e:ca00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/tcfv2/45/cmp2ui-en.js
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=northern-times.co.uk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:ca00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1411268d26be0a8e9200cb1b62fc2252dd389902e94a88cc951a307053487628

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.northern-times.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 14 Dec 2022 18:35:30 GMT
content-encoding: gzip
via: 1.1 3298c44116035984c2fac24b89183c4e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 145892
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Thu, 10 Nov 2022 18:23:24 GMT
server: AmazonS3
etag: W/"39d0cac7e548f81f1e1e1c36db3c775e"
access-control-max-age: 604800
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=172800
vary: Accept-Encoding
x-amz-cf-id: Ag7gy4X4-ZtFEurTaOP2xIdH0wODoIOG_ThU58cRsqI3wGaEIwc5Gg==

GET
H2

200

beacon.js Show response
sb.scorecardresearch.com/internal-cs/default/
Redirect Chain

https://sb.scorecardresearch.com/cs/6035892/beacon.js
https://sb.scorecardresearch.com/internal-cs/default/beacon.js

4 KB
2 KB

7ms
7ms

Script
application/javascript

99.86.4.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sb.scorecardresearch.com/internal-cs/default/beacon.js
Requested by: Host: www.northern-times.co.uk
URL: https://www.northern-times.co.uk/subscribe/
Protocol: H2
Server: 99.86.4.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-12.fra6.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.northern-times.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 11:02:27 GMT
content-encoding: gzip
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
last-modified: Thu, 04 Mar 2021 13:31:34 GMT
server: AmazonS3
x-amz-cf-pop: FRA6-C1
age: 335
x-amz-server-side-encryption: AES256
etag: W/"5b0f9f0704a703b8da651007721fac57"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
x-amz-cf-id: DZIlQKeemtew6hTdzkvPHwOW9Ciloif-RKVqhU-KNazgtGbToNYxTw==

Redirect headers

location: /internal-cs/default/beacon.js
date: Fri, 16 Dec 2022 11:07:01 GMT
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
content-length: 0
x-amz-cf-id: wguApunUBLJUXB8Ys5WOBL1EJ8NNrEyNEtsEnn8ZHo6oknUIZqKe8g==
x-cache: Miss from cloudfront

GET channels.cgi
mediaforce.grapeshot.co.uk/kent/ 0
0

POST
H2 200 ab Show response
www.northern-times.co.uk/_api/visitors/ 0
755 B 176ms
176ms XHR
text/plain 13.32.110.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.northern-times.co.uk/_api/visitors/ab

Requested by

Host: www.northern-times.co.uk
URL: https://www.northern-times.co.uk/_site/bundle-v6759996.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-110-49.vie50.r.cloudfront.net

Software

KM Galileo @ MDC-WEBIIS06 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload

Request headers

Accept: */*
Referer: https://www.northern-times.co.uk/subscribe/
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 11:07:01 GMT
strict-transport-security: max-age=63072000; preload
x-zephr-cache: miss
last-modified: Fri, 16 Dec 2022 11:07:01 GMT
server: KM Galileo @ MDC-WEBIIS06
via: 1.1 0b727ed0f0558ba8e12453bfc7ff4906.cloudfront.net (CloudFront)
x-amz-cf-pop: VIE50-C2
expect-ct: max-age=0, report-uri="http://www.northern-times.co.uk/_report/"
x-cache: Miss from cloudfront
cache-control: no-cache, no-store, must-revalidate
content-length: 0
x-amz-cf-id: 4evYSKlT6R8B7xD5AcyiuPION1Mo4U_LIyQiCZeYo1f-mPJt4MJIVA==
expires: 0

GET
H2 200 vendor-list-trimmed-v1.json Show response
cmp.quantcast.com/GVL-v2/ 348 KB
43 KB 24ms
8ms XHR
application/json 2600:9000:211e:ca00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/GVL-v2/vendor-list-trimmed-v1.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=northern-times.co.uk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:ca00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b549ac81a403b341ae4cae145d2d80e8ed3bd7b8211ad893f30908c4baca04ae

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.northern-times.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 03:00:35 GMT
content-encoding: br
via: 1.1 08b9c2fd11813ffdb8fa03129d0a465c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 29187
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 16 Dec 2022 03:00:32 GMT
server: AmazonS3
etag: W/"e7d8b0f974119caf720679ec234db47d"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=172800
access-control-allow-credentials: true
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: aONCgPp-6QCHKFPE8Os_fSn7nTKX4GCDou6bQn5vsBAxYu8E579uxg==

GET
H2 200 google-atp-list.json Show response
cmp.quantcast.com/tcfv2/ 152 KB
36 KB 30ms
15ms XHR
application/json 2600:9000:211e:ca00:9:46dc:4700:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cmp.quantcast.com/tcfv2/google-atp-list.json
Requested by: Host: quantcast.mgr.consensu.org
URL: https://quantcast.mgr.consensu.org/tcfv2/cmp2.js?referer=northern-times.co.uk
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:211e:ca00:9:46dc:4700:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7f97c395d8c7383e543f30158f6b577a4161dc6f87b79a0878feb7ebd4ee845f

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.northern-times.co.uk/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 03:03:38 GMT
content-encoding: br
via: 1.1 08b9c2fd11813ffdb8fa03129d0a465c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C2
age: 29004
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
last-modified: Fri, 16 Dec 2022 03:03:33 GMT
server: AmazonS3
etag: W/"505447daad0efff5e3d0fa9fe62f05e2"
access-control-max-age: 3000
access-control-allow-methods: GET
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=172800
access-control-allow-credentials: true
vary: Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id: nKrdv4uhBXZu9RHAvM5YentfDFZtQNYplT_p3rtsxAnZTe8nVMvHcA==

GET
H2 200 / Show response
audit-tcfv2.cmp.quantcast.com/ 2 B
101 B 41ms
8ms XHR
text/plain 3.123.67.158
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://audit-tcfv2.cmp.quantcast.com/?log=%7B%22accountId%22%3A%22Hn-a_zK9d2v3p%22%2C%22domain%22%3A%22www.northern-times.co.uk%22%2C%22publisher%22%3A%22Northern%20Times%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.45%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22pv8jObCfylexbVmNzHuI6Q%22%2C%22tagVersion%22%3A%22V2%22%2C%22clientTimestamp%22%3A1671188821472%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-fslfphw02oic0ynsd1f5%22%7D
Requested by: Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/45/cmp2ui-en.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.67.158 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-67-158.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.northern-times.co.uk/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 16 Dec 2022 11:07:01 GMT
content-length: 2
content-type: text/plain; charset=utf-8

GET
H2 200 northern-times-cmp-logo.jpg
www.northern-times.co.uk/_assets/ 5 KB
6 KB 29ms
29ms Image
image/jpeg 13.32.110.49
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.northern-times.co.uk/_assets/northern-times-cmp-logo.jpg

Requested by

Host: www.northern-times.co.uk
URL: https://www.northern-times.co.uk/subscribe/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.32.110.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-32-110-49.vie50.r.cloudfront.net

Software

KM Galileo @ MDC-WEBIIS07 /

Resource Hash

87e9de5c6df74f5abfc2361579215fbb162d26f70b06c8c37c094fd4c32e8adf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.northern-times.co.uk/subscribe/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-zephr-cache: miss
date: Mon, 05 Dec 2022 14:11:29 GMT
strict-transport-security: max-age=63072000; preload
via: 1.1 0b727ed0f0558ba8e12453bfc7ff4906.cloudfront.net (CloudFront)
last-modified: Mon, 15 Apr 2019 09:17:40 GMT
server: KM Galileo @ MDC-WEBIIS07
x-amz-cf-pop: VIE50-C2
age: 939332
expect-ct: max-age=0, report-uri="http://www.northern-times.co.uk/_report/"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: public
content-length: 5146
x-amz-cf-id: MGrp82Wk1dTH1tEtH9LTMTEtdCJ0kg-cIezrq082ywr6tD6SdGOFaQ==
expires: Tue, 05 Dec 2023 14:11:29 GMT

GET
H2 451 identity Show response
api.rlcdn.com/api/ 44 B
367 B 44ms
18ms XHR
text/plain 34.120.133.55
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity?pid=2&rt=envelope

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185246-104928780726738.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

55.133.120.34.bc.googleusercontent.com

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.northern-times.co.uk/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Fri, 16 Dec 2022 11:07:01 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.northern-times.co.uk
access-control-allow-credentials: true
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length: 44
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2 204 b2
sb.scorecardresearch.com/ 0
191 B 8ms
8ms Image
text/plain 99.86.4.12
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sb.scorecardresearch.com/b2?c1=2&c2=6035892&cs_ucfr=&gdpr=1&gdpr_p1t=0&gdpr_li=0&gdpr_purps=&gdpr_pcc=AA&cs_cmp_nc=0&cs_cmp_id=10&cs_cmp_sv=45&cs_cmp_rt=0&cs_it=b2&cv=3.8.0.210223&ns__t=1671188821522&ns_c=UTF-8&c7=https%3A%2F%2Fwww.northern-times.co.uk%2Fsubscribe%2F&c8=Subscribe%20now%20to%20the%20Northern%20Times%20and%20join%20our%20Rewards%20Club&c9=
Requested by: Host: www.northern-times.co.uk
URL: https://www.northern-times.co.uk/subscribe/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 99.86.4.12 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-99-86-4-12.fra6.r.cloudfront.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.northern-times.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Fri, 16 Dec 2022 11:07:01 GMT
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA6-C1
x-amz-cf-id: -pZ8VXoNrJi65rF-HKV398ZPJ9XNZXR9iyO6P7v7TIFVOUnVWqLbCQ==
x-cache: Miss from cloudfront

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 34ms
7ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5Q9XXRB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.northern-times.co.uk/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 16 Dec 2022 09:15:46 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 6675
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Fri, 16 Dec 2022 11:15:46 GMT

POST
H2 204 / Show response
hb.emxdgt.com/ 0
166 B 54ms
28ms XHR
text/plain 18.193.98.173
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=1000&ts=1671188821564
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185246-104928780726738.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.193.98.173 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-193-98-173.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.northern-times.co.uk/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.northern-times.co.uk
date: Fri, 16 Dec 2022 11:07:01 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 592 B
1 KB 122ms
93ms XHR
application/json 37.252.171.149
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185246-104928780726738.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.171.149 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

43b4d94b74792dc3aee0f9cc1e440f4421178d453201176455c3211328bceee5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.northern-times.co.uk/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 16 Dec 2022 11:07:01 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 80.255.10.199; 80.255.10.199; 984.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 5bd91aa1-aa74-4ab1-a088-df7f7e02d9f0
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.northern-times.co.uk
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 cygnus Show response
htlb.casalemedia.com/ 30 B
563 B 190ms
144ms XHR
application/json 104.18.33.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=217238
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185246-104928780726738.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bb40ab35cf7d60c826fd1e1af35ff8c091961b995e43fbde1998bdbf3f67735f

Request headers

Referer: https://www.northern-times.co.uk/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 11:07:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gg836e%2BwiHekVVobsctyVPeozLePBi1p7LAuPXtboH9PE3HVN6G%2BlHezEJG4q5ALGoRVqIKMZUQaEAD9Hxz5Dt90buzBhT2a5cSnBfJDhXDRmfQhGkNlVedAB3ykoLEomYDS10yw"}],"group":"cf-nel","max_age":604800}
content-type: application/json
access-control-allow-origin: https://www.northern-times.co.uk
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 77a6f3f71ac19b4b-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 30
expires: 0

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
580 B 229ms
120ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11022&size_id=15&rp_floor=0.01&rf=https%3A%2F%2Fwww.northern-times.co.uk%2Fsubscribe%2F&p_screen_res=1600x1200&site_id=311288&zone_id=1580256&kw=rp.fastlane&tk_flint=index&rand=0.901259213010517&gdpr=1&gdpr_consent=
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185246-104928780726738.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 03ac6103c359c71ffa002839c6d79a0c75e82c06779091e72e177b6285373bdd

Request headers

Referer: https://www.northern-times.co.uk/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 11:07:01 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.northern-times.co.uk
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 241
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
815 B 199ms
90ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11022&size_id=15&rp_floor=0.01&rf=https%3A%2F%2Fwww.northern-times.co.uk%2Fsubscribe%2F&p_screen_res=1600x1200&site_id=311288&zone_id=1580254&kw=rp.fastlane&tk_flint=index&rand=0.7850645427873661&gdpr=1&gdpr_consent=
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185246-104928780726738.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 2d7c1276dfbbe7af748e130304339cbbb0b6acc801b39b242267d34f88db6c88

Request headers

Referer: https://www.northern-times.co.uk/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 11:07:01 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.northern-times.co.uk
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 241
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
581 B 231ms
123ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11022&size_id=15&rp_floor=0.01&rf=https%3A%2F%2Fwww.northern-times.co.uk%2Fsubscribe%2F&p_screen_res=1600x1200&site_id=311288&zone_id=1580252&kw=rp.fastlane&tk_flint=index&rand=0.33076192073465327&gdpr=1&gdpr_consent=
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185246-104928780726738.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 30500f676a8e5c2614faee912ef35087e3d077546664d5f29ed81e9c6e6879ed

Request headers

Referer: https://www.northern-times.co.uk/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 11:07:01 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.northern-times.co.uk
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 241
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 241 B
580 B 220ms
112ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11022&size_id=15&rp_floor=0.01&rf=https%3A%2F%2Fwww.northern-times.co.uk%2Fsubscribe%2F&p_screen_res=1600x1200&site_id=311288&zone_id=1580250&kw=rp.fastlane&tk_flint=index&rand=0.3651793821189304&gdpr=1&gdpr_consent=
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185246-104928780726738.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: d75d10e2b3f7d5f431bf45d4c250fa4c7b6ca87f9b73557f263b8c93ec2fe8f4

Request headers

Referer: https://www.northern-times.co.uk/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 11:07:01 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.northern-times.co.uk
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 241
expires: Wed, 17 Sep 1975 21:32:10 GMT

GET
H2 200 fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 240 B
579 B 200ms
92ms XHR
application/json 2602:803:c003:200::51
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11022&size_id=2&rp_floor=0.01&rf=https%3A%2F%2Fwww.northern-times.co.uk%2Fsubscribe%2F&p_screen_res=1600x1200&site_id=311288&zone_id=1580258&kw=rp.fastlane&tk_flint=index&rand=0.8289579572257859&gdpr=1&gdpr_consent=
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185246-104928780726738.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2602:803:c003:200::51 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.21.4 /
Resource Hash: 1568e745c9be721b320869589d067576cea95fed817acd38a0674a721f5a91fa

Request headers

Referer: https://www.northern-times.co.uk/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 11:07:01 GMT
server: nginx/1.21.4
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.northern-times.co.uk
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-length: 240
expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 32ms
14ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1869255879&t=pageview&_s=1&dl=https%3A%2F%2Fwww.northern-times.co.uk%2Fsubscribe%2F&ul=en-us&de=UTF-8&dt=Subscribe%20now%20to%20the%20Northern%20Times%20and%20join%20our%20Rewards%20Club&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=2034118041&gjid=184625756&cid=1352051152.1671188821&tid=UA-25496687-8&_gid=1431771195.1671188822&_r=1&gtm=2wgbu05Q9XXRB&cd4=fa041f15-c771-466c-bdc9-1355f7ee674c&cm6=fa041f15-c771-466c-bdc9-1355f7ee674c&z=1201957241

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.northern-times.co.uk/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 11:07:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.northern-times.co.uk
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
446 B 62ms
21ms XHR
text/plain 2a00:1450:400c:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-25496687-8&cid=1352051152.1671188821&jid=2034118041&gjid=184625756&_gid=1431771195.1671188822&_u=YADAAEAAAAAAACAAI~&z=406545620

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.northern-times.co.uk/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 16 Dec 2022 11:07:01 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.northern-times.co.uk
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 headerstats Show response
as-sec.casalemedia.com/ 0
508 B 102ms
70ms XHR
text/plain 104.18.33.19
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headerstats?s=217238&u=https%3A%2F%2Fwww.northern-times.co.uk%2Fsubscribe%2F&v=3
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/185246-104928780726738.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.18.33.19 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.northern-times.co.uk/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 16 Dec 2022 11:07:01 GMT
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l73GtIYZQ%2FhyCytkfn8L4Gv00K%2Bq9lpBY6ch1HF3FNLdmVL1UmYkIGla1lsaNIp%2BtQTNiLhwB2AFOyHp7WaXlBkcYawBuAm7tCPCeVsJSOr08CzZAcnPoEP7xYaXEYr%2FtebeCb4mvTY%3D"}],"group":"cf-nel","max_age":604800}
access-control-allow-origin: https://www.northern-times.co.uk
cache-control: no-cache
access-control-allow-credentials: true
cf-ray: 77a6f3f8af5f6913-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
expires: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: mediaforce.grapeshot.co.uk
URL: https://mediaforce.grapeshot.co.uk/kent/channels.cgi?url=https%3A%2F%2Fwww.northern-times.co.uk%2Fsubscribe%2F

Verdicts & Comments Add Verdict or Comment

72 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.northern-times.co.uk/	1969-12-31 23:59:59	Name: KMG_C_S Value: e1ee842a-8814-4a4b-8c13-24e151506f96
www.northern-times.co.uk/	1970-01-20 11:34:44	Name: blaize_session Value: f2902289-0a1d-44b9-9cfc-45afaa760ae9
www.northern-times.co.uk/	1970-01-20 17:49:08	Name: blaize_tracking_id Value: fa041f15-c771-466c-bdc9-1355f7ee674c
www.inverness-courier.co.uk/	1970-01-20 08:23:13	Name: AWSALBCORS Value: 6tGR/Owd9oK8FoqGBX1iu0Urc29G3z1ln+X7qOi97H/veXLO/vHKFIttJfS4ef09FUENpKqwlZq17rTG+YLNRAbhz1WVaF/I63+bR2sZKTGDw5oobgE+MjcpOjne
highlandnews-the-inverness-courier.cdn.zephr.com/	1970-01-20 08:23:13	Name: AWSALBCORS Value: Np7SjoB3iyP7pve/Xso4Yg1iE/zLLs23QB/jdIlus9Hh6kl/ZOMLp2Ps0rasklMjV3IScOkTW6y/wDlKEOKuq46ymwYF5vnI2+dKae+sCMbQsfkPBYYiiI1/slCN
.northern-times.co.uk/	1970-01-20 17:49:08	Name: _ga_980ST4875B Value: GS1.1.1671188820.1.1.1671188821.0.0.0
.northern-times.co.uk/	1970-01-20 17:49:08	Name: _ga Value: GA1.3.1352051152.1671188821
.northern-times.co.uk/	1970-01-20 08:14:35	Name: _gid Value: GA1.3.1431771195.1671188822
.northern-times.co.uk/	1970-01-20 08:13:08	Name: _gat_UA-25496687-8 Value: 1
www.northern-times.co.uk/	1970-01-20 08:23:13	Name: AWSALB Value: qIj6Cx2dMzaIYIfD3YwT8nwTmHoWmPMG9vco3GNdPjlfNi2+pVCFFXai7ZWglCD6XHyKltdy8HHOeidJDwzotZibG2+RmvnmGS0kNdmqgyoxU/d3yU+y4zaVliOO
www.northern-times.co.uk/	1970-01-20 08:23:13	Name: AWSALBCORS Value: qIj6Cx2dMzaIYIfD3YwT8nwTmHoWmPMG9vco3GNdPjlfNi2+pVCFFXai7ZWglCD6XHyKltdy8HHOeidJDwzotZibG2+RmvnmGS0kNdmqgyoxU/d3yU+y4zaVliOO
m.stripe.com/	1970-01-20 17:49:08	Name: m Value: 67702fe3-378d-4d8c-b796-c72547921a252a9ab2
.www.northern-times.co.uk/	1970-01-20 16:58:44	Name: __stripe_mid Value: 3fccab54-0dfe-4514-8a83-65246395cd3682aebe
.www.northern-times.co.uk/	1970-01-20 08:13:10	Name: __stripe_sid Value: b99e3c45-2844-4de4-83ef-91f92011b1451ce7ea
.rubiconproject.com/	1970-01-20 16:58:44	Name: khaos Value: LBQEOBLF-1D-3VQN
.rubiconproject.com/	1970-01-20 16:58:44	Name: audit Value: 1\|naVuGyos1qo3+sgajD4KkuQFbWGgM44fR/rFJVNr6iKePzsaxN2h5pQLulyE1/qL4jJtxqyyP3UqI0vxL+0S00c/zbPdVITpJhsHlJbldDfZLlkKIFZ+RaZr5ZVxLWDe

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	(Line 6) Message: [Report Only] Refused to evaluate a string as JavaScript because 'unsafe-eval' is not an allowed source of script in the following Content Security Policy directive: "script-src 'self'".
network	error	URL: https://mediaforce.grapeshot.co.uk/kent/channels.cgi?url=https%3A%2F%2Fwww.northern-times.co.uk%2Fsubscribe%2F Message: Failed to load resource: net::ERR_NAME_NOT_RESOLVED
network	error	URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	default-src https: data: blob: 'unsafe-eval' 'unsafe-inline'; object-src 'none'
Strict-Transport-Security	max-age=63072000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	deny

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

api.rlcdn.com
as-sec.casalemedia.com
audit-tcfv2.cmp.quantcast.com
cmp.quantcast.com
dashboard.presspatron.com
fastlane.rubiconproject.com
hb.emxdgt.com
highlandnews-the-inverness-courier.cdn.zephr.com
htlb.casalemedia.com
ib.adnxs.com
js-sec.indexww.com
js.stripe.com
m.stripe.com
m.stripe.network
match.adsrvr.org
mediaforce.grapeshot.co.uk
q.stripe.com
quantcast.mgr.consensu.org
region1.google-analytics.com
rules.quantcount.com
sb.scorecardresearch.com
secure.quantserve.com
securepubads.g.doubleclick.net
stats.g.doubleclick.net
tcheck.outbrainimg.com
test.cmp.quantcast.com
use.fontawesome.com
widget-pixels.outbrain.com
widgets.outbrain.com
www.google-analytics.com
www.googletagmanager.com
www.googletagservices.com
www.inverness-courier.co.uk
www.northern-times.co.uk
mediaforce.grapeshot.co.uk
104.18.33.19
13.32.110.49
151.101.64.176
172.64.151.162
18.193.98.173
18.66.15.21
2.18.232.28
2.18.234.190
2001:4860:4802:34::36
2600:9000:206e:6e00:19:7d10:bd80:93a1
2600:9000:211e:3200:3:a4cd:8380:93a1
2600:9000:211e:ca00:9:46dc:4700:93a1
2600:9000:211e:e200:9:46dc:4700:93a1
2600:9000:2304:6e00:6:44e3:f8c0:93a1
2602:803:c003:200::51
2606:4700:e2::ac40:840f
2620:116:800d:21:7eb1:3826:be7e:d981
2a00:1450:4001:802::200e
2a00:1450:4001:810::2002
2a00:1450:4001:830::2008
2a00:1450:400c:c04::9a
2a00:1450:400d:807::2002
3.123.67.158
34.120.133.55
35.166.58.247
37.252.171.149
52.223.40.198
54.186.23.98
65.9.66.52
99.86.4.12
025bfec0904b46791f8b94fdfe5891e8b97a59968a893be5341e2af832b4c0af
0396d6409ed2eef01415deb94877313449d045efea2ce46febb8789e27551e68
03ac6103c359c71ffa002839c6d79a0c75e82c06779091e72e177b6285373bdd
08f7874f8336b47e49d9719c38cea16cdea6362962f5001db3f2d0bb47332357
1411268d26be0a8e9200cb1b62fc2252dd389902e94a88cc951a307053487628
1568e745c9be721b320869589d067576cea95fed817acd38a0674a721f5a91fa
15eb658b59b2e445c6abd3e2268009d23fc41542fd136c6a82a80bc989ba8cbb
177a38b14119e15ed210b1db090cbdc9ef7089dbee3672e2bec0e094bc9d7698
1e288c4dc57f72a69a497baef524f41c57e1c6a414b09a5bde22cd5b2f1b7cdf
250a0782da875705bd206ee23c2a46abf90656645a81e084126c5e8c53eeb9d6
2bd23d1a6781e5c15a107f6d5e2fd7b55ae061d92180e3c9b099ccfe6e2b7f01
2cb5cf9d67b8515b96e6f633239617ca751fe7603ac2a83e518dd31abba559a7
2d77fa8aadc7ffd71afe00698125a4fd1f0955085e7213ede62710ec9b4c12ce
2d7c1276dfbbe7af748e130304339cbbb0b6acc801b39b242267d34f88db6c88
2f9c13a719894566c322915d24659b7921e5a4011faefd298fde0a414e2ab6d5
30500f676a8e5c2614faee912ef35087e3d077546664d5f29ed81e9c6e6879ed
345a7f619e726c9ed21fa1e83646623f3491056eb1c9e0f3af797c42d38255c1
3494ae53e3856bc78533b33c38f99a797fd74f221a58078f610642b28319e065
3d7f1e646f5f063037b628e06243180e29d2d0f3bea7e9594e233688e4bbb9d0
3e156677fb5c30e490f98a06a41b25fb48f94a1b7378cf61690b9c7b5f9d68ee
4033405cb20bf1182028fb8d0a00bb37639fb2d7d4e64c48482f06f82711d4d1
435f597f243f0574c08ff3a5980dd52af81b42c69d26d55d0b13f217b1f6c918
43b4d94b74792dc3aee0f9cc1e440f4421178d453201176455c3211328bceee5
4ac3344b7f07674a5c27a01bdc983e324a7fe499cb98de966768c99e295d6464
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0
54a439f601a103b6dee5a7fe81a15c2daa0380612ec9dc219fddd55fd694562a
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
63294caa8902de3e0f710f88498ec5261f646de44825f0d340a70c0c924b8e5f
63bedae1e9a8ec67b898efd5f0fdf2886b9f71568238bb42bb83269b5c5c54ef
6838420e13959ecffe73d3576ee2125a66c9315237394a23e3dd4a5181e80cda
6a3ac091040739cb7490ce2f53ef6176f77497f6b504f696f57f52918c28336f
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7a2fee0d255d39264c64399f0c123c4366bc7db400c6f88bef53d182c046e3f3
7ce23bb169d56e3dc218181172c5d318dc16526e035b539e038f605a893ea551
7f97c395d8c7383e543f30158f6b577a4161dc6f87b79a0878feb7ebd4ee845f
853a1f973e0c7d05b846cb408953ca4c5a00be5410f030c37f25dcccaf2c7bf1
879ece4cf1972a25643f74a6c788a7481f6615368c13ee4572bf368f009acaf2
87e9de5c6df74f5abfc2361579215fbb162d26f70b06c8c37c094fd4c32e8adf
896e17239c75598caf74b5c442dd0c635031a4787e34da188c2c2cc007101b51
8fd759e1b4d2ec17bf3e5d2b0799d51384325b172b6b79ed55c767bee0f28d43
90b05bed35e95d817b214a19c2ffe15235579cce9fcab69da13f10af007ced79
929701ed632814943e3df803ddd9e3f179ccf889c0ad7b7f3392bd8d109b174f
9372f48cbd25c4cb3617bad47adacf1ec5b9ed0825d1408186773f1d79049fa0
9ae2326c389ddbc93a2636b121456333152931549bd5bd16a5cd2ee24e601c16
9f9981cfb411b6429639e1c8e0d52fad802c95a1e79ca9175d28cb5c967082f6
a3f65921afd556d3e8917b214d5324c6d62849a9f0608c53556f3792a6ce9d36
a3fd934617c4c8268b954211cb7e03f8b68bd3709146ff16967cef827b14f35b
a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
ab16ceb1de51064afcf9aadc8c954b4e65814d15b083278010a1cf2447ab337f
b37964667a3cbda197836e455a591d9fd890892620822f5c690ba3fe027de12a
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b549ac81a403b341ae4cae145d2d80e8ed3bd7b8211ad893f30908c4baca04ae
b7d2421cd16ef24475fe9cc16b97d1793e659f5f2ea75f9a5fa6ec36812b5f82
bb40ab35cf7d60c826fd1e1af35ff8c091961b995e43fbde1998bdbf3f67735f
bd25bde9fc4427cd6f3babcb8f888fe6174ca48881c103e243d4c6f83f30aab6
c24ab4c44a0ec466a4d802c876b82f057dbc894c8528ef00803e58947faf3650
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d75d10e2b3f7d5f431bf45d4c250fa4c7b6ca87f9b73557f263b8c93ec2fe8f4
d854082be0173c977aad8f65cdb9b88fd005f3dd3f34f894ab9fdba5a283780f
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e347fdec57c301dec8d26add8d7a7e85a65484665f2fd53ae2de5d2eaa3b8fff
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ee2990dca69cbe7e1df0f1a91d82a58e030dd2d35637e6d58786d110da0c28d0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0648dd60b72161450eb93d6fa81bb6ec46bb9dffb2d2d0c6f3b5d4ac1e01dda
f22005da41e15b7adb453814b37a794f7c6b955f086a6c5fc9980e3c3f6c8bca
f445ee14f2454d974293d28677213ae002e9ac17721fc04b2fdeb037e083b083

www.northern-times.co.uk Open in urlscan Pro 13.32.110.49 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

72 Requests

96 %HTTPS

47 %IPv6

26 Domains

34 Subdomains

31 IPs

6 Countries

1485 kBTransfer

4187 kBSize

16 Cookies

12 Outgoing links

Redirected requests

72 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.northern-times.co.uk Open in urlscan Pro
13.32.110.49 Public Scan

Screenshot
Live screenshot

Full Image

72
Requests

96 %
HTTPS

47 %
IPv6

26
Domains

34
Subdomains

31
IPs

6
Countries

1485 kB
Transfer

4187 kB
Size

16
Cookies

72 HTTP transactions
4 data transactions