s1.view.sfmc-marketing.com Open in urlscan Pro
68.232.201.168 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://view.exacttarget.com/?qs=ee7e1cf057ac2fcdba7426c1d726625d0b594ba0f3694467c26bd6304e3266e4ef58e5f94f444ed4e0675f163411...
Effective URL:
https://s1.view.sfmc-marketing.com/view_email.aspx?qs=ee7e1cf057ac2fcdba7426c1d726625d0b594ba0f3694467c26bd6304e3266e4ef58e5f94f444...
Submission: On May 03 via api (May 3rd 2023, 9:56:43 am UTC) from BE — Scanned from DE

Summary HTTP 37 Redirects Links 42 Behaviour Indicators

Summary

This website contacted 8 IPs in 3 countries across 10 domains to perform 37 HTTP transactions. The main IP is 68.232.201.168, located in United States and belongs to EXACT-7, US. The main domain is s1.view.sfmc-marketing.com.
TLS certificate: Issued by DigiCert Global G2 TLS RSA SHA256 202... on April 7th 2023. Valid for: a year.

This is the only time s1.view.sfmc-marketing.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	68.232.201.159 68.232.201.159	22606 (EXACT-7) (EXACT-7)
1	68.232.201.168 68.232.201.168	22606 (EXACT-7) (EXACT-7)
1	2a02:26f0:6c0... 2a02:26f0:6c00:1a6::416d	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
21	151.101.130.62 151.101.130.62	54113 (FASTLY) (FASTLY)
14 14	2600:9000:212... 2600:9000:2127:e00:18:f429:2240:93a1	16509 (AMAZON-02) (AMAZON-02)
11 14	3.220.30.211 3.220.30.211	14618 (AMAZON-AES) (AMAZON-AES)
8	2600:9000:220... 2600:9000:2209:e400:16:3fe3:5f80:93a1	16509 (AMAZON-02) (AMAZON-02)
1 2	104.18.16.195 104.18.16.195	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	184.73.204.212 184.73.204.212	14618 (AMAZON-AES) (AMAZON-AES)
2 3	2.23.197.190 2.23.197.190	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	2600:1f18:ed:... 2600:1f18:ed:550f:b16d:e001:514:e364	14618 (AMAZON-AES) (AMAZON-AES)
37	8

1 68.232.201.159 (United States) 1 redirects

ASN22606 (EXACT-7, US)
PTR: bb159.mta.exacttarget.com

view.exacttarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 68.232.201.168 (United States)

ASN22606 (EXACT-7, US)
PTR: bb168.mta.exacttarget.com

s1.view.sfmc-marketing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:1a6::416d (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cl.exct.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 151.101.130.62 (United States)

ASN54113 (FASTLY, US)

www.gannett-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2600:9000:2127:e00:18:f429:2240:93a1 (United States) 14 redirects

ASN16509 (AMAZON-02, US)

sli.freep.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 3.220.30.211 (Ashburn, United States) 11 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-220-30-211.compute-1.amazonaws.com

p.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2600:9000:2209:e400:16:3fe3:5f80:93a1 (United States)

ASN16509 (AMAZON-02, US)

c.licasd.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.18.16.195 (None, ) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.dianomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 184.73.204.212 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-184-73-204-212.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2.23.197.190 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-197-190.deploy.static.akamaitechnologies.com

e.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:1f18:ed:550f:b16d:e001:514:e364 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	gannett-cdn.com www.gannett-cdn.com — Cisco Umbrella Rank: 11501	3 MB
18	liadm.com 14 redirects p.liadm.com — Cisco Umbrella Rank: 9821 i.liadm.com — Cisco Umbrella Rank: 891 i6.liadm.com — Cisco Umbrella Rank: 2692	6 KB
14	freep.com 14 redirects sli.freep.com	9 KB
8	licasd.com c.licasd.com — Cisco Umbrella Rank: 11825	302 KB
2	addthis.com 2 redirects e.dlx.addthis.com — Cisco Umbrella Rank: 2889	1 KB
2	dianomi.com 1 redirects www.dianomi.com — Cisco Umbrella Rank: 10976	52 KB
1	bluekai.com stags.bluekai.com — Cisco Umbrella Rank: 842	228 B
1	exct.net cl.exct.net — Cisco Umbrella Rank: 63302	272 B
1	sfmc-marketing.com s1.view.sfmc-marketing.com	88 KB
1	exacttarget.com 1 redirects view.exacttarget.com	373 B
37	10

	Domain	Requested by
21	www.gannett-cdn.com	s1.view.sfmc-marketing.com www.gannett-cdn.com
14	p.liadm.com	11 redirects s1.view.sfmc-marketing.com
14	sli.freep.com	14 redirects
8	c.licasd.com	s1.view.sfmc-marketing.com
2	i6.liadm.com	1 redirects s1.view.sfmc-marketing.com
2	e.dlx.addthis.com	2 redirects
2	i.liadm.com	2 redirects
2	www.dianomi.com	1 redirects s1.view.sfmc-marketing.com
1	stags.bluekai.com	s1.view.sfmc-marketing.com
1	cl.exct.net	s1.view.sfmc-marketing.com
1	s1.view.sfmc-marketing.com
1	view.exacttarget.com	1 redirects
37	12

This site contains links to these domains. Also see Links.

Domain
cl.exct.net

Subject Issuer	Validity	Valid
*.view.sfmc-marketing.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-04-07` - `2024-05-07`	a year	crt.sh
akamai-san24.exacttarget.com DigiCert TLS RSA SHA256 2020 CA1	`2023-04-07` - `2024-04-05`	a year	crt.sh
usatoday.com R3	`2023-04-04` - `2023-07-03`	3 months	crt.sh

This page contains 1 frames:

Primary Page: https://s1.view.sfmc-marketing.com/view_email.aspx?qs=ee7e1cf057ac2fcdba7426c1d726625d0b594ba0f3694467c26bd6304e3266e4ef58e5f94f444ed4e0675f163411ac0793921b91c1b39ea82fb3d3fc57fdfb12ab94384a08bd4b19
Frame ID: 1BCFA24E38E6895905F8D8B041F06AF5
Requests: 37 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://view.exacttarget.com/?qs=ee7e1cf057ac2fcdba7426c1d726625d0b594ba0f3694467c26bd6304e3266e4ef58e5f9... HTTP 302
https://s1.view.sfmc-marketing.com/view_email.aspx?qs=ee7e1cf057ac2fcdba7426c1d726625d0b594ba0f3694467c26bd6304... Page URL

Detected technologies

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

\.aspx?(?:$|\?)

Page Statistics

37
Requests

62 %
HTTPS

36 %
IPv6

10
Domains

12
Subdomains

8
IPs

3
Countries

3620 kB
Transfer

3613 kB
Size

12
Cookies

42 Outgoing links

These are links going to different origins than the main page.

URL: https://cl.exct.net/?qs=b1bfa01577fe22d78de1040abd3ce9c8c11a71735492160d111af4114efde9a9990ed728ce1b902cf3ee1601a5e3859711fc882e653ff28bec549961d8f4d06a

Search URL Search Domain Scan URL

URL: https://cl.exct.net/?qs=b1bfa01577fe22d72c7c8864942557fdfaa1360b61442711d9d879632c4b8bdcca6c9a06db9085b29a766eec53cac3be8d252b45658da9215cc960f05af39a98

Search URL Search Domain Scan URL

URL: https://cl.exct.net/?qs=b1bfa01577fe22d7717d099857f207bbb1a7941e7725bb7046c8fe3638141c3556a965e8761bfd52a2196297caec3ed7420f3fade1915fc55460e05b796e4e55

Search URL Search Domain Scan URL

URL: https://cl.exct.net/?qs=b1bfa01577fe22d7aa7260d5b30ee50df69ecb7531a02af41a253989842df264ddab91df12b639cefe72f62d4fad235f3b448ffde1bd4e78eb40963b70b06b73
Title: eNewspaper

Search URL Search Domain Scan URL

URL: https://cl.exct.net/?qs=b1bfa01577fe22d71c93a12ba648a649cedb02d7e5c2d386d9cc4ccd0f8a9be8dbe69f03b12c71f4aced310a7e122952d31183abcc64515bac6bd05c3e281275
Title: Crosswords

Search URL Search Domain Scan URL

URL: https://cl.exct.net/?qs=b1bfa01577fe22d74bd633a51b28754877aad671559b15a11db70016871595ee485a2ab620dc00cb7180f8a695607d3a15db3e2b962ceec622fb7f6289732d0e
Title: Horoscopes

Search URL Search Domain Scan URL

URL: https://cl.exct.net/?qs=b1bfa01577fe22d7e87f868d9e5d7fb27062f41b643e3ae1c79e80b78d15e0036264002b49ce624c5642ac3cd7cd4cc21e9587f825e7a9fb152bba88f879a6b6
Title: Read in browser

Search URL Search Domain Scan URL

URL: https://cl.exct.net/?qs=b1bfa01577fe22d7a76143c23468d2f9cfda808c62b89690bc0ca9147fc45e8160ad40e27a21ab31c747f43e2ed9bebdb85e0973319d35a9a49151b2f5bd6676

Search URL Search Domain Scan URL

URL: https://cl.exct.net/?qs=b1bfa01577fe22d745a6f46bf8145f2155c39f7179e91918c7667dd88381f403b20133de5d1654010c405ed8f8b0a30f0466e6040268723b7e249795998fba0e

Search URL Search Domain Scan URL

URL: https://cl.exct.net/?qs=b1bfa01577fe22d71f648ccf59a0f51bfbf497d873f1ed3ecb96d0d84c822cda3c0859dcc36ddce01df77ea345f1038023173ae9937721b0bed2f5d3bd77279c
Title: the Supreme Court's decision last summer

Search URL Search Domain Scan URL

URL: https://cl.exct.net/?qs=b1bfa01577fe22d7e2e79e9290e1e77dd743b9030b342fba007fe9fb4e8a606c948d8d343370af4d642eb87b87530573af021dbc78e41ac753dd8cb5b348c087
Title: Biden's 2024 campaign can mean for Michigan is in this story

Search URL Search Domain Scan URL

URL: https://cl.exct.net/?qs=b1bfa01577fe22d74c2a45097ffee839307c745712298822a6993d42b4826c21f1bbc54efe54d3ba136cc5d3006486b67deb569f73dcc553b92cf44ef27f242a
Title: A mother has filed a lawsuit alleging that the Giant Slide at Belle Isle

Search URL Search Domain Scan URL

URL: https://cl.exct.net/?qs=b1bfa01577fe22d76b1074ee62b2911b6e6808c500c590681fded10fae241dfa4086f2d3af5172161132285eb70a116b5e38afc9335cc85a7194f6af1d32a88a
Title: General Motors will end production of its popular Chevrolet Bolt EV and EUV

Search URL Search Domain Scan URL

URL: https://cl.exct.net/?qs=b1bfa01577fe22d730907cbd26ff45d5feb2b4845cd241b1f4c9954dc1a71a956b3d0d737235dca4fc0fdacaefceab8be38a90b3dbf835303dd2deceea1ebf1d
Title: Harry Belafonte, singer, actor and activist, has died

Search URL Search Domain Scan URL

URL: https://cl.exct.net/?qs=b1bfa01577fe22d7ce1599fadbf5a71ad234ae14ade1842abd1bf83b407c337797afd2d55d4776b7f087d21dad912aa5d738cdebce14f5b89c387bcdecbac44a
Title: 51 degrees

Search URL Search Domain Scan URL

URL: https://cl.exct.net/?qs=b1bfa01577fe22d7453db8d5d264c74374c58bbb2c1557d74bc4a7e069b4608d4d680cb3d013392e7b371b387f99b9e4f87bb380eadaf0b31ce0ee12667f6f09
Title: Rapper LL Cool J will be joined by the Roots, DJ Jazzy Jeff, DJ Z-Trip and a mix of classic hip-hop stars

Search URL Search Domain Scan URL

URL: https://cl.exct.net/?qs=b1bfa01577fe22d7f97a99ad47907ec2f152ed6a1f6839051098d137c7f71b626c4d0f04e6ebcffe88468312b5200fc3901690d7436554a0cc6d9f84f6b9a0cd
Title: becoming a subscriber

Search URL Search Domain Scan URL

URL: https://cl.exct.net/?qs=b1bfa01577fe22d7289143d466b372636a4e17bc98919aabb13b4726399223862fad417bc42fc1a13c6afb31b024625c3327d035f8a25aa203a344e56313dbe7
Title: Obituaries

Search URL Search Domain Scan URL

URL: https://cl.exct.net/?qs=b1bfa01577fe22d7b22404357749a4d655eca4505693e3c17e87edc5443bc692d24ae9d96ad21b02bd20b51e3f653471feac04da618b7824bf0dfa1676cc0752
Title: Podcasts

Search URL Search Domain Scan URL

URL: https://cl.exct.net/?qs=b1bfa01577fe22d7b68d7bd53ae62f0bcd40054c1595cf26d77b8a199526634cf806754afc5bb3fca8449f0e474751d840eedd6ee4572f8d5de76fec283e068f
Title: Bill Ford revels in unveiling of Book Depository

Search URL Search Domain Scan URL

URL: https://cl.exct.net/?qs=b1bfa01577fe22d728a9a90235dd439ffe4eec1c86ab421a0bc27c0e17653736b8ab4a3e3c9fb9e48177f5a4165ab6b6bf3d5d0e774853c5ac00dd491f838819

Search URL Search Domain Scan URL

URL: https://cl.exct.net/?qs=b1bfa01577fe22d7dc824e5254bab2def3e5dd6cda7282ac0273cdddd3c303ff086e41a087792a3cca6cae71fbf9e038086dd4817b11be61f6387c61910068c7

Search URL Search Domain Scan URL

URL: https://cl.exct.net/?qs=b1bfa01577fe22d76f7fe375081e10298a8be8ded7b26341ec15e3e206688958ec8f5b3318aab9b6cbb5c39e732b17900f165c3b590f06d33c36b926430afa9c

Search URL Search Domain Scan URL

URL: https://cl.exct.net/?qs=b1bfa01577fe22d7bcf89f35ba28983bf9817b9bda77dbf683464e71c5383fbe8f22369043f6e5e43e96ef3d66983c1b2b224e830464367b53c0474801dcee52

Search URL Search Domain Scan URL

URL: https://cl.exct.net/?qs=b1bfa01577fe22d730c55dc1aa52c64c9ec1526edf32cf1399c9be5d21126dd942899c096814d479f339a3c58606484dffdcf9b3bc5092b7e0300bbde310739b

Search URL Search Domain Scan URL

URL: https://cl.exct.net/?qs=b1bfa01577fe22d734e74b898e07a3e09c4e892c34231122af0d1ead1a202d5f1066ba54f8f6c22b4ffeb47fec862b4e8e32fc4d2b7e4b4e4b62914318f86d2a

Search URL Search Domain Scan URL

URL: https://cl.exct.net/?qs=b1bfa01577fe22d7c78b8bcd333206e00478abaa6239e06cccaa63ddbee440f921543d89e6ee17efc46bc74d3656335ca8ee1211e7c1baef100533a56f28106b

Search URL Search Domain Scan URL

URL: https://cl.exct.net/?qs=0ba42cf33cd1ef339c5c8acc87dbf3dd4686bf17031b10fe5bb5fc181dcfb9f4b5288f48af3995ff1a4f7e639d6ddbada91bf22a5199b95693fcc86ebd930476

Search URL Search Domain Scan URL

URL: https://cl.exct.net/?qs=0ba42cf33cd1ef3351b796cdca0ab895763aa713d85698379703abf8eb016ef40e26e6e3ca54f29d318af541a9c7dea40cacfb63881f90e3984d62dc1715ef79

Search URL Search Domain Scan URL

URL: https://cl.exct.net/?qs=0ba42cf33cd1ef335443772ef72a6c7478dad5c36d422da35925085990a974175a0f347ffbbaff1824e8935ad6304e0cac474661546bbf5e8b4b09515e014024

Search URL Search Domain Scan URL

URL: https://cl.exct.net/?qs=0ba42cf33cd1ef3355001f70cab1ebee037f5cb5f91e99bfa085d17255f02ba1e0e65362ed95454ea2abe92d03ee6e316c4a504f57692217e2cf6a492186de14
Title: SEE ALL NEWSLETTERS ➔

Search URL Search Domain Scan URL

URL: https://cl.exct.net/?qs=0ba42cf33cd1ef336be196d5054908c633184399b1ea6f2cfaa8672d85decf1ece6b12f50e64065778adcad0bd2340a538f7bf00831633dca4fb6a5f54f62f18

Search URL Search Domain Scan URL

URL: https://cl.exct.net/?qs=0ba42cf33cd1ef331ca3b6c75970479761065ad6710bbf0572491c78c8cfe3c819bd53d264ec0246b40406ce6c0aae0fd532e97800dc53350dfaca9532cbd3ca

Search URL Search Domain Scan URL

URL: https://cl.exct.net/?qs=0ba42cf33cd1ef334dcced9d397d2f1a5913cfd34846bfab9f980426e9d994c81ecc822c93624c7a340f2066954e994d7efc3308b4e81ab43bd3ca1dc32e1ebf

Search URL Search Domain Scan URL

URL: https://cl.exct.net/?qs=0ba42cf33cd1ef33c939bedc5ce52bfc2df7ebf6f7794b344a74acedf09b992dfe2624269d87550d76c5682e0b633c09ac55c8d83c8d9db6332475677a81533f
Title: View in browser

Search URL Search Domain Scan URL

URL: https://cl.exct.net/?qs=0ba42cf33cd1ef3361c7914fdd5ed4fa320f760af53e064854958a988f2b98004b00bf32efb353cd00184148b0d1ae55698c60c6596cd74bde0f08d97f17ae94
Title: Unsubscribe

Search URL Search Domain Scan URL

URL: https://cl.exct.net/?qs=0ba42cf33cd1ef33130d3e1d585f2171ee95de0221da5ff3f71083706291b870b1ad79dd635bf3fb5ee36e60b0b2fb7ceee797ae2e555a6923a97eab59fe12de
Title: Manage Newsletters

Search URL Search Domain Scan URL

URL: https://cl.exct.net/?qs=0ba42cf33cd1ef332c4e6292665690be51dae70743dd76529772a14d2224be00cae31aae1858921f4aa6068551e56c4cf43dec0202149886defee88498d961ea
Title: Terms of Service

Search URL Search Domain Scan URL

URL: https://cl.exct.net/?qs=0ba42cf33cd1ef337414ae1e060dc57016d4abea9264fe84c49df9f3a011198f2d808b61300eb6829d482ec04b6f717f0d5db6698f2b7c07f1a5d4c9b36960ad
Title: Privacy Policy/Your California Privacy Rights

Search URL Search Domain Scan URL

URL: https://cl.exct.net/?qs=0ba42cf33cd1ef33804a9edabc4e29f26983cc18ec9d5f95a80057b2e22d16fc07ab42c7b47461865c732641f62c011cc678cf3d871cb7b1c72d9d84083cffe0
Title: Privacy Notice

Search URL Search Domain Scan URL

URL: https://cl.exct.net/?qs=0ba42cf33cd1ef3383a760d01541390018a14dd5a1dfe9bf4ceb65542e56ce3ef22d64750eff41f69d05ca60690547c3cc982cfb88de881976f48b55e0e674cd
Title: Do Not Sell My Info/Cookie Policy

Search URL Search Domain Scan URL

URL: https://cl.exct.net/?qs=0ba42cf33cd1ef330501b29a904efff6477e612c8339a5d1d089f185a89e342334283dfbfd4e40f963a8f6baf05a3db2b6214135294a9b93dd463fda1bdbab2b
Title: Feedback

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://view.exacttarget.com/?qs=ee7e1cf057ac2fcdba7426c1d726625d0b594ba0f3694467c26bd6304e3266e4ef58e5f94f444ed4e0675f163411ac0793921b91c1b39ea82fb3d3fc57fdfb12ab94384a08bd4b19 HTTP 302
https://s1.view.sfmc-marketing.com/view_email.aspx?qs=ee7e1cf057ac2fcdba7426c1d726625d0b594ba0f3694467c26bd6304e3266e4ef58e5f94f444ed4e0675f163411ac0793921b91c1b39ea82fb3d3fc57fdfb12ab94384a08bd4b19 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

https://sli.freep.com/imp?s=812308&li=26404&m=565244c5e627ff81dd0c01bbe1459267&p=May32023&stpe=default HTTP 301
https://p.liadm.com/imp?s=812308&li=26404&m=565244c5e627ff81dd0c01bbe1459267&p=May32023&stpe=default&_lc2_fpi=fc5f47392103--01gzggnptydks13c9dc5r9bbe4&i6=MmEwMTo0YTA6MmI6OjY%3D HTTP 302
https://c.licasd.com/ads/b61549aa14aa11ec909d129c48bca6c4/122df9de2916ff9c953f598edbda6a23.jpg

Request Chain 3

https://sli.freep.com/imp?s=812309&li=26404&m=565244c5e627ff81dd0c01bbe1459267&p=May32023&stpe=static HTTP 301
https://p.liadm.com/imp?s=812309&li=26404&m=565244c5e627ff81dd0c01bbe1459267&p=May32023&stpe=static&_lc2_fpi=fc5f47392103--01gzggnptyrjgcj40ke0ydbw91&i6=MmEwMTo0YTA6MmI6OjY%3D HTTP 302
https://c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/94c8cd36dc1428947beeb6283056d111.png

Request Chain 4

https://sli.freep.com/imp?s=812311&li=26404&m=565244c5e627ff81dd0c01bbe1459267&p=May32023&stpe=static HTTP 301
https://p.liadm.com/imp?s=812311&li=26404&m=565244c5e627ff81dd0c01bbe1459267&p=May32023&stpe=static&_lc2_fpi=fc5f47392103--01gzggnpty08wc22dze6jgjn42&i6=MmEwMTo0YTA6MmI6OjY%3D HTTP 302
https://c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/27e30bebaaece921293946f3c75ca02b.png

Request Chain 15

https://sli.freep.com/imp?s=695407&li=26404&m=565244c5e627ff81dd0c01bbe1459267&p=May32023&stpe=default HTTP 301
https://p.liadm.com/imp?s=695407&li=26404&m=565244c5e627ff81dd0c01bbe1459267&p=May32023&stpe=default&_lc2_fpi=fc5f47392103--01gzggnq39hxc9hwst20kb484y&i6=MmEwMTo0YTA6MmI6OjY%3D HTTP 302
https://www.dianomi.com/cgi-bin/smartads_newsletter_img.pl?id=4107&c=1&key=4029bc8f-a86f-47a9-ac37-25a9a6afbe85_2&affiliate_id=20614&size=300x250 HTTP 302
https://www.dianomi.com/img/a/savon/186494/33/300x250.png

Request Chain 16

https://sli.freep.com/imp?s=695408&li=26404&m=565244c5e627ff81dd0c01bbe1459267&p=May32023&stpe=static HTTP 301
https://p.liadm.com/imp?s=695408&li=26404&m=565244c5e627ff81dd0c01bbe1459267&p=May32023&stpe=static&_lc2_fpi=fc5f47392103--01gzggnq39wrj6jgnz7pd4z5g0&i6=MmEwMTo0YTA6MmI6OjY%3D HTTP 302
https://c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/94c8cd36dc1428947beeb6283056d111.png

Request Chain 17

https://sli.freep.com/imp?s=695410&li=26404&m=565244c5e627ff81dd0c01bbe1459267&p=May32023&stpe=static HTTP 301
https://p.liadm.com/imp?s=695410&li=26404&m=565244c5e627ff81dd0c01bbe1459267&p=May32023&stpe=static&_lc2_fpi=fc5f47392103--01gzggnq3ag1v9rwwm52ptf3nh&i6=MmEwMTo0YTA6MmI6OjY%3D HTTP 302
https://c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/27e30bebaaece921293946f3c75ca02b.png

Request Chain 23

https://sli.freep.com/imp?s=695411&li=26404&m=565244c5e627ff81dd0c01bbe1459267&p=May32023&stpe=default HTTP 301
https://p.liadm.com/imp?s=695411&li=26404&m=565244c5e627ff81dd0c01bbe1459267&p=May32023&stpe=default&_lc2_fpi=fc5f47392103--01gzggnq3aaf8hvy9em7hfb62n&i6=MmEwMTo0YTA6MmI6OjY%3D HTTP 302
https://c.licasd.com/ads/a337642cc8e211ed9f750edf16aa78e3/df6425e961877927426b130def912789.jpg

Request Chain 25

https://sli.freep.com/imp?s=695412&li=26404&m=565244c5e627ff81dd0c01bbe1459267&p=May32023&stpe=static HTTP 301
https://p.liadm.com/imp?s=695412&li=26404&m=565244c5e627ff81dd0c01bbe1459267&p=May32023&stpe=static&_lc2_fpi=fc5f47392103--01gzggnq5j8783w0cm7zy3ad9m&i6=MmEwMTo0YTA6MmI6OjY%3D HTTP 302
https://c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/94c8cd36dc1428947beeb6283056d111.png

Request Chain 26

https://sli.freep.com/imp?s=695414&li=26404&m=565244c5e627ff81dd0c01bbe1459267&p=May32023&stpe=static HTTP 301
https://p.liadm.com/imp?s=695414&li=26404&m=565244c5e627ff81dd0c01bbe1459267&p=May32023&stpe=static&_lc2_fpi=fc5f47392103--01gzggnq5jt2xpzhmyqh1hwqsm&i6=MmEwMTo0YTA6MmI6OjY%3D HTTP 302
https://c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/27e30bebaaece921293946f3c75ca02b.png

Request Chain 31

https://sli.freep.com/imp?s=125640400&li=26404&m=565244c5e627ff81dd0c01bbe1459267&p=May32023&stpe=pixel HTTP 301
https://p.liadm.com/imp?s=125640400&li=26404&m=565244c5e627ff81dd0c01bbe1459267&p=May32023&stpe=pixel&_lc2_fpi=fc5f47392103--01gzggnq5jvw2az1hvbsz7n0sf&i6=MmEwMTo0YTA6MmI6OjY%3D HTTP 302
https://i.liadm.com/s/section/125640400?m=565244c5e627ff81dd0c01bbe1459267&sh1=&sh2=&source=safe_rtb HTTP 303
https://i.liadm.com/s/section/125640400?sh2=&source=safe_rtb&m=565244c5e627ff81dd0c01bbe1459267&_li_chk=true&sh1=&previous_uuid=313381b607f54b88aff831f1c8e88924 HTTP 303
https://e.dlx.addthis.com/e/a-3491/s-7601.xgi?ret=img&na_em=565244c5e627ff81dd0c01bbe1459267 HTTP 302
https://e.dlx.addthis.com/e/a-3491/s-7601.xgi?ret=img&na_em=565244c5e627ff81dd0c01bbe1459267&rd=Y HTTP 302
https://stags.bluekai.com/site/1407?partner=1&uhint=na_id=2023050309563900079043236204&redir=https%3A%2F%2Fx.dlx.addthis.com%2Fe%2Fbk_sync.xgi%3Fna_exid%3D%24_BK_UUID

Request Chain 32

https://sli.freep.com/imp?s=125640401&li=26404&m=565244c5e627ff81dd0c01bbe1459267&p=May32023&stpe=pixel HTTP 301
https://p.liadm.com/imp?s=125640401&li=26404&m=565244c5e627ff81dd0c01bbe1459267&p=May32023&stpe=pixel&_lc2_fpi=fc5f47392103--01gzggnq5k9pr3kg61cxs9jsex&i6=MmEwMTo0YTA6MmI6OjY%3D HTTP 302
https://i6.liadm.com/s/section/125640401?m=565244c5e627ff81dd0c01bbe1459267&sh1=&sh2=&source=safe_rtb HTTP 303
https://i6.liadm.com/s/section/125640401?sh2=&source=safe_rtb&m=565244c5e627ff81dd0c01bbe1459267&_li_chk=true&sh1=&previous_uuid=adfea0af706d4f69b5778b1eed597504

Request Chain 33

https://sli.freep.com/imp?s=125640402&li=26404&m=565244c5e627ff81dd0c01bbe1459267&p=May32023&stpe=pixel HTTP 301
https://p.liadm.com/imp?s=125640402&li=26404&m=565244c5e627ff81dd0c01bbe1459267&p=May32023&stpe=pixel&_lc2_fpi=fc5f47392103--01gzggnq5k70pzdwkxd08cybth&i6=MmEwMTo0YTA6MmI6OjY%3D

Request Chain 34

https://sli.freep.com/imp?s=125640403&li=26404&m=565244c5e627ff81dd0c01bbe1459267&p=May32023&stpe=pixel HTTP 301
https://p.liadm.com/imp?s=125640403&li=26404&m=565244c5e627ff81dd0c01bbe1459267&p=May32023&stpe=pixel&_lc2_fpi=fc5f47392103--01gzggnq5kq6y4ehtpn38xzeq2&i6=MmEwMTo0YTA6MmI6OjY%3D

Request Chain 35

https://sli.freep.com/imp?s=125640404&li=26404&m=565244c5e627ff81dd0c01bbe1459267&p=May32023&stpe=pixel HTTP 301
https://p.liadm.com/imp?s=125640404&li=26404&m=565244c5e627ff81dd0c01bbe1459267&p=May32023&stpe=pixel&_lc2_fpi=fc5f47392103--01gzggnq5kg4gwtk5n39yrhbny&i6=MmEwMTo0YTA6MmI6OjY%3D

37 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

Primary Request view_email.aspx Show response
s1.view.sfmc-marketing.com/
Redirect Chain

https://view.exacttarget.com/?qs=ee7e1cf057ac2fcdba7426c1d726625d0b594ba0f3694467c26bd6304e3266e4ef58e5f94f444ed4e0675f163411ac0793921b91c1b39ea82fb3d3fc57fdfb12ab94384a08bd4b19
https://s1.view.sfmc-marketing.com/view_email.aspx?qs=ee7e1cf057ac2fcdba7426c1d726625d0b594ba0f3694467c26bd6304e3266e4ef58e5f94f444ed4e0675f163411ac0793921b91c1b39ea82fb3d3fc57fdfb12ab94384a08bd4b19

88 KB
88 KB

874ms
544ms

Document
text/html

68.232.201.168
EXACT-7

General

Check archive.org

Show headers Download Go to

Full URL: https://s1.view.sfmc-marketing.com/view_email.aspx?qs=ee7e1cf057ac2fcdba7426c1d726625d0b594ba0f3694467c26bd6304e3266e4ef58e5f94f444ed4e0675f163411ac0793921b91c1b39ea82fb3d3fc57fdfb12ab94384a08bd4b19
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 68.232.201.168 , United States, ASN22606 (EXACT-7, US),
Reverse DNS: bb168.mta.exacttarget.com
Software: /
Resource Hash: bbeefed723107d0aae1fc3027489078f17a93fdcd1d12b847bda1fd2116b94fc

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Cache-Control: private
Connection: close
Content-Length: 90351
Content-Type: text/html; charset=utf-8
Date: Wed, 03 May 2023 09:56:37 GMT

Redirect headers

Cache-Control: private
Connection: close
Content-Length: 315
Content-Type: text/html; charset=utf-8
Date: Wed, 03 May 2023 09:56:36 GMT
Location: https://s1.view.sfmc-marketing.com/view_email.aspx?qs=ee7e1cf057ac2fcdba7426c1d726625d0b594ba0f3694467c26bd6304e3266e4ef58e5f94f444ed4e0675f163411ac0793921b91c1b39ea82fb3d3fc57fdfb12ab94384a08bd4b19

GET
H/1.1 200
OK open.aspx
cl.exct.net/ 43 B
272 B 693ms
496ms Image
image/gif 2a02:26f0:6c00:1a6::416d
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cl.exct.net/open.aspx?ffcb10-fe4c137674610d747d12-fdc415767560017a7513777461-fe691570726707797615-fe8213777c63077e7c-fdee15787161007c7d12747d-ff3b17707464&d=10166&bmt=0
Requested by: Host: s1.view.sfmc-marketing.com
URL: https://s1.view.sfmc-marketing.com/view_email.aspx?qs=ee7e1cf057ac2fcdba7426c1d726625d0b594ba0f3694467c26bd6304e3266e4ef58e5f94f444ed4e0675f163411ac0793921b91c1b39ea82fb3d3fc57fdfb12ab94384a08bd4b19
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:6c00:1a6::416d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Expires: Wed, 03 May 2023 09:56:38 GMT
Pragma: no-cache
Date: Wed, 03 May 2023 09:56:38 GMT
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 unify.css
www.gannett-cdn.com/strdimgs/p/ 5 KB
841 B 61ms
9ms Stylesheet
text/css 151.101.130.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gannett-cdn.com/strdimgs/p/unify.css

Requested by

Host: s1.view.sfmc-marketing.com
URL: https://s1.view.sfmc-marketing.com/view_email.aspx?qs=ee7e1cf057ac2fcdba7426c1d726625d0b594ba0f3694467c26bd6304e3266e4ef58e5f94f444ed4e0675f163411ac0793921b91c1b39ea82fb3d3fc57fdfb12ab94384a08bd4b19

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2aeb59256a738d52758f0fc8676c7424ace0fa9e1b2810f9231acf408ec3569c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 09:56:37 GMT
content-encoding: gzip
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 526456
x-cache: HIT, HIT
content-length: 417
last-modified: Thu, 01 Dec 2022 10:21:30 GMT
etag: "fc9bc6a4c917f16f5a023c83062ea204"
vary: Accept-Encoding
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 10232, 1

GET
H2

200

122df9de2916ff9c953f598edbda6a23.jpg
c.licasd.com/ads/b61549aa14aa11ec909d129c48bca6c4/
Redirect Chain

https://sli.freep.com/imp?s=812308&li=26404&m=565244c5e627ff81dd0c01bbe1459267&p=May32023&stpe=default
https://p.liadm.com/imp?s=812308&li=26404&m=565244c5e627ff81dd0c01bbe1459267&p=May32023&stpe=default&_lc2_fpi=fc5f47392103--01gzggnptydks13c9dc5r9bbe4&i6=MmEwMTo0YTA6MmI6OjY%3D
https://c.licasd.com/ads/b61549aa14aa11ec909d129c48bca6c4/122df9de2916ff9c953f598edbda6a23.jpg

169 KB
170 KB

370ms
173ms

Image
image/jpeg

2600:9000:2209:e400:16:3fe3:5f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.licasd.com/ads/b61549aa14aa11ec909d129c48bca6c4/122df9de2916ff9c953f598edbda6a23.jpg

Requested by

Protocol

Server

2600:9000:2209:e400:16:3fe3:5f80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

a31c01ee72262e9ff887e501ae3f92f6db541f2ee30e6ccfe95bed9a5d7d63de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 09:12:28 GMT
x-amz-version-id: R96NdxPck8vGLg20ty6L5Gcmn.aXAPYD
via: 1.1 95edb2a6efdb5ee4d3c7f7aa298bb2f2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: EWR53-P1
age: 2651
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 173330
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 12 Apr 2023 19:52:44 GMT
server: AmazonS3
etag: "f5013ee78a0203ffa8d3daa3a6cb1c5b"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/jpeg
accept-ranges: bytes
x-amz-cf-id: kkSmJ9FvHT28uzNi4ceapmpf2T8CKYvsZvC7pA7MOvh_WHTcx3S4ig==

Redirect headers

Location: https://c.licasd.com/ads/b61549aa14aa11ec909d129c48bca6c4/122df9de2916ff9c953f598edbda6a23.jpg
Date: Wed, 03 May 2023 09:56:38 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

94c8cd36dc1428947beeb6283056d111.png
c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/
Redirect Chain

https://sli.freep.com/imp?s=812309&li=26404&m=565244c5e627ff81dd0c01bbe1459267&p=May32023&stpe=static
https://p.liadm.com/imp?s=812309&li=26404&m=565244c5e627ff81dd0c01bbe1459267&p=May32023&stpe=static&_lc2_fpi=fc5f47392103--01gzggnptyrjgcj40ke0ydbw91&i6=MmEwMTo0YTA6MmI6OjY%3D
https://c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/94c8cd36dc1428947beeb6283056d111.png

1 KB
2 KB

298ms
101ms

Image
image/png

2600:9000:2209:e400:16:3fe3:5f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/94c8cd36dc1428947beeb6283056d111.png

Requested by

Protocol

Server

2600:9000:2209:e400:16:3fe3:5f80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7df42999b17c3dd8039a37c41774eaa804db05245669e742e2e686b8da507bff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 16:56:52 GMT
x-amz-version-id: HN11YLzIVq66javzGXi4S3QzgCBPAuc7
via: 1.1 95edb2a6efdb5ee4d3c7f7aa298bb2f2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: EWR53-P1
age: 61187
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 1255
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 12 Apr 2023 19:40:36 GMT
server: AmazonS3
etag: "6956da20f9d008ec379926ee358e5594"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: XS4QpBuBb-CZ15vrLzKgotE7a7Ce4yA6P0pk4OAPnDwvu58q1i-OHg==

Redirect headers

Location: https://c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/94c8cd36dc1428947beeb6283056d111.png
Date: Wed, 03 May 2023 09:56:38 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

27e30bebaaece921293946f3c75ca02b.png
c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/
Redirect Chain

https://sli.freep.com/imp?s=812311&li=26404&m=565244c5e627ff81dd0c01bbe1459267&p=May32023&stpe=static
https://p.liadm.com/imp?s=812311&li=26404&m=565244c5e627ff81dd0c01bbe1459267&p=May32023&stpe=static&_lc2_fpi=fc5f47392103--01gzggnpty08wc22dze6jgjn42&i6=MmEwMTo0YTA6MmI6OjY%3D
https://c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/27e30bebaaece921293946f3c75ca02b.png

15 KB
16 KB

297ms
100ms

Image
image/png

2600:9000:2209:e400:16:3fe3:5f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/27e30bebaaece921293946f3c75ca02b.png

Requested by

Protocol

Server

2600:9000:2209:e400:16:3fe3:5f80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5417ebe6c4d945b5780b26bff7af7b190dd85ebd80a273f91bfb18c948eb20ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: iQ1zkSQH9f2qB5gRl4IvHcVzH6cXJBvh
date: Tue, 02 May 2023 23:03:19 GMT
via: 1.1 95edb2a6efdb5ee4d3c7f7aa298bb2f2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: EWR53-P1
age: 39200
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 15721
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 12 Apr 2023 19:42:22 GMT
server: AmazonS3
etag: "c56fae17aa690ac40e2a23fbf5796b60"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: z1rY824pJBe3h0iYNU757MEyBw3xK_0hdDzx2fRrUG_wjZcOCz2zsw==

Redirect headers

Location: https://c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/27e30bebaaece921293946f3c75ca02b.png
Date: Wed, 03 May 2023 09:56:38 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 200 -Qo755_IUyrIxYJN07mG5.png
www.gannett-cdn.com/strdimgs/p/6373a38e56d87ec09af7b37d/ 4 KB
5 KB 10ms
9ms Image
image/webp 151.101.130.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gannett-cdn.com/strdimgs/p/6373a38e56d87ec09af7b37d/-Qo755_IUyrIxYJN07mG5.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d4ee5b8f9a27a6bee611aace3c1a591e3a1b854b17c9fefbc23e9cd9f9a31c8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 09:56:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 672881
x-cache: HIT, HIT
fastly-stats: io=1
content-length: 4570
etag: "kL6+DEQsg6nwizBmQ+3uxRpvuDnhICfDB7MqAOGsIiw"
vary: Accept
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 13430, 1

GET
H2 200 4b761c4f-796c-4138-aba5-9dc6ba2bf257-LeahOlaijde_040622_ES01web.jpg
www.gannett-cdn.com/presto/2022/04/07/PDTF/ 99 KB
99 KB 27ms
26ms Image
image/webp 151.101.130.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gannett-cdn.com/presto/2022/04/07/PDTF/4b761c4f-796c-4138-aba5-9dc6ba2bf257-LeahOlaijde_040622_ES01web.jpg?crop=1237,1237,x0,y0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

81faa49a232aa78ca4c59977f6ee553ad2807602b2d35c1cd85ac7fe9f87ced5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 09:56:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 1364244
x-cache: HIT, HIT
fastly-stats: io=1
content-length: 101648
etag: "rTSfx9TaD0tA0c7Rc6b/vZt1nkx4PWuf2MynmBbQ5Tg"
vary: Accept
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 3557, 1

GET
H2 200 d7d21417-1bb6-4dd2-9afd-361b3ca11baa-biden_1.jpg
www.gannett-cdn.com/presto/2021/10/04/USAT/ 635 KB
635 KB 11ms
10ms Image
image/webp 151.101.130.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gannett-cdn.com/presto/2021/10/04/USAT/d7d21417-1bb6-4dd2-9afd-361b3ca11baa-biden_1.jpg?crop=4846,3635,x338,y0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d2bb2e4c3563c52c746777cf7bb13e05bc24d4e70e97f81117c300d09cabe9d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 09:56:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 915467
x-cache: HIT, HIT
fastly-stats: io=1
content-length: 650018
etag: "Zptm+FPVI0UDKXbMGiOxflNFdRqW3F6zJVewe7cPEQs"
vary: Accept
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 15327, 1

GET
H2 200 UnifySans_W_SBd.woff
www.gannett-cdn.com/gannett-web/apps/postino/fonts/WOFF/ 21 KB
22 KB 26ms
10ms Font
application/octet-stream 151.101.130.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gannett-cdn.com/gannett-web/apps/postino/fonts/WOFF/UnifySans_W_SBd.woff

Requested by

Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/strdimgs/p/unify.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4ff08086f9ad8da2e2110854a1abf0f8749ff674a08d3b68459d54d984aaff2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.gannett-cdn.com/strdimgs/p/unify.css
Origin: https://s1.view.sfmc-marketing.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 09:56:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 4241488
x-amz-meta-goog-reserved-file-mtime: 1550592258
x-cache: HIT, HIT
content-length: 21712
last-modified: Tue, 19 Feb 2019 16:04:34 GMT
etag: "66ce0be4da3c9a685c076cea5650ff06"
vary
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 54813, 1

GET
H2 200 UnifySans_W_Rg.woff
www.gannett-cdn.com/gannett-web/apps/postino/fonts/WOFF/ 20 KB
20 KB 38ms
22ms Font
application/octet-stream 151.101.130.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gannett-cdn.com/gannett-web/apps/postino/fonts/WOFF/UnifySans_W_Rg.woff

Requested by

Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/strdimgs/p/unify.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9097040c45d746c1d7608598750f31e643373074d108969ff2e9ad1861f99d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.gannett-cdn.com/strdimgs/p/unify.css
Origin: https://s1.view.sfmc-marketing.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 09:56:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 2397178
x-amz-meta-goog-reserved-file-mtime: 1550592258
x-cache: HIT, HIT
content-length: 20416
last-modified: Tue, 19 Feb 2019 16:04:34 GMT
etag: "8a0f4634cb6dc541fa325c5f82c029f9"
vary
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 23939, 1

GET
H2 200 UnifySerif_W_Rg.woff
www.gannett-cdn.com/gannett-web/apps/postino/fonts/WOFF/ 24 KB
24 KB 34ms
18ms Font
application/octet-stream 151.101.130.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gannett-cdn.com/gannett-web/apps/postino/fonts/WOFF/UnifySerif_W_Rg.woff

Requested by

Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/strdimgs/p/unify.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d08e582f613a053edebdf458131c92df774fd7f041054f7b204ab8a067c2c6f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.gannett-cdn.com/strdimgs/p/unify.css
Origin: https://s1.view.sfmc-marketing.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 09:56:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 3030886
x-amz-meta-goog-reserved-file-mtime: 1550592258
x-cache: HIT, HIT
content-length: 24784
last-modified: Tue, 19 Feb 2019 16:04:36 GMT
etag: "c1bd21943bcc1e00b853bfa083e258a8"
vary
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 27049, 1

GET
H2 200 UnifySans_W_It.woff
www.gannett-cdn.com/gannett-web/apps/postino/fonts/WOFF/ 21 KB
21 KB 27ms
11ms Font
application/octet-stream 151.101.130.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gannett-cdn.com/gannett-web/apps/postino/fonts/WOFF/UnifySans_W_It.woff

Requested by

Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/strdimgs/p/unify.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e2baa5541a07c6c70026aeaec4cfb4a41183de2c2a6f18b8a1cc6e3befd609c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.gannett-cdn.com/strdimgs/p/unify.css
Origin: https://s1.view.sfmc-marketing.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 09:56:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 1917730
x-amz-meta-goog-reserved-file-mtime: 1550592258
x-cache: HIT, HIT
content-length: 21012
last-modified: Tue, 19 Feb 2019 16:04:34 GMT
etag: "27922f3ef122dd715dfed577bea903a3"
vary
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 13518, 1

GET
H2 200 UnifySans_W_SBdIt.woff
www.gannett-cdn.com/gannett-web/apps/postino/fonts/WOFF/ 21 KB
21 KB 10ms
9ms Font
application/octet-stream 151.101.130.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gannett-cdn.com/gannett-web/apps/postino/fonts/WOFF/UnifySans_W_SBdIt.woff

Requested by

Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/strdimgs/p/unify.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4bfcf8c0c221a5179a1d821390aba94c10dc2c4467ddc5cc5631e548ee581e2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.gannett-cdn.com/strdimgs/p/unify.css
Origin: https://s1.view.sfmc-marketing.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 09:56:37 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 688814
x-amz-meta-goog-reserved-file-mtime: 1550592258
x-cache: HIT, HIT
content-length: 21724
last-modified: Tue, 19 Feb 2019 16:04:35 GMT
etag: "5e05d505ab3dd7e4f1a087a54dbb420e"
vary
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 15205, 1

GET
H2 200 031f60c1-2214-4996-aad9-cb848e86cc29-GettyImages-1463292988.jpg
www.gannett-cdn.com/presto/2023/04/25/PDTF/ 481 KB
481 KB 38ms
36ms Image
image/webp 151.101.130.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gannett-cdn.com/presto/2023/04/25/PDTF/031f60c1-2214-4996-aad9-cb848e86cc29-GettyImages-1463292988.jpg?crop=4432,3324,x250,y0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5245675dd1819af5bd19c87a5e9994e7a7441b8954ed1cc7e7977c5cbce0b7ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 09:56:38 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 670679
x-cache: HIT, HIT
fastly-stats: io=1
content-length: 492658
etag: "wP+LpwLOJvzqC7AVLQUHUdWo+34uDRYnOdd5XA8JTGA"
vary: Accept
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 15254, 1

GET
H2 200 1da47ee1-daaf-414d-96b8-e47ff419e697-MAIN-BookDepository_043523_03_MW.JPG
www.gannett-cdn.com/presto/2023/04/25/PDTF/ 818 KB
819 KB 13ms
11ms Image
image/webp 151.101.130.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gannett-cdn.com/presto/2023/04/25/PDTF/1da47ee1-daaf-414d-96b8-e47ff419e697-MAIN-BookDepository_043523_03_MW.JPG?crop=2399,1350,x0,y84

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

ea709afeb146c040a449cdea040f7ac1ec2722980fa0c5e73d84f7e146abfa7b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 09:56:38 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 602673
x-cache: HIT, HIT
fastly-stats: io=1
content-length: 837536
etag: "Q6C53yzaKJHDgodz7+VRSfZpqK9yx82LOR1PLzDEf6E"
vary: Accept
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 15377, 1

GET
H2

200

300x250.png
www.dianomi.com/img/a/savon/186494/33/
Redirect Chain

https://sli.freep.com/imp?s=695407&li=26404&m=565244c5e627ff81dd0c01bbe1459267&p=May32023&stpe=default
https://p.liadm.com/imp?s=695407&li=26404&m=565244c5e627ff81dd0c01bbe1459267&p=May32023&stpe=default&_lc2_fpi=fc5f47392103--01gzggnq39hxc9hwst20kb484y&i6=MmEwMTo0YTA6MmI6OjY%3D
https://www.dianomi.com/cgi-bin/smartads_newsletter_img.pl?id=4107&c=1&key=4029bc8f-a86f-47a9-ac37-25a9a6afbe85_2&affiliate_id=20614&size=300x250
https://www.dianomi.com/img/a/savon/186494/33/300x250.png

51 KB
52 KB

24ms
24ms

Image
image/webp

104.18.16.195
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.dianomi.com/img/a/savon/186494/33/300x250.png

Requested by

Protocol

Server

104.18.16.195 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8cff0bfbd50299c0501d5e34c0d51143e07ece586e08c31bbb84199709163a5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 09:56:38 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: HIT
age: 146407
cf-polished: origFmt=png, origSize=86442
content-disposition: inline; filename="300x250.webp"
content-length: 52678
x-xss-protection: 1; mode=block
cf-bgj: imgq:85,h2pri
last-modified: Mon, 10 Apr 2023 20:07:17 GMT
server: cloudflare
etag: "151aa-5f900ebf6d278"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=2628000
access-control-allow-credentials: true
accept-ranges: bytes
cf-ray: 7c17a29dcc423a88-FRA
expires: Fri, 02 Jun 2023 19:56:38 GMT

Redirect headers

pragma: no-cache
date: Wed, 03 May 2023 09:56:38 GMT
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
content-type: text/html; charset=iso-8859-1
location: https://www.dianomi.com/img/a/savon/186494/33/300x250.png
access-control-allow-origin: *
cache-control: private, no-cache, no-store, must-revalidate, max-age=0, pre-check=0, post-check=0
access-control-allow-credentials: true
cf-ray: 7c17a29ceb153a88-FRA
x-xss-protection: 1; mode=block

GET
H2

200

94c8cd36dc1428947beeb6283056d111.png
c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/
Redirect Chain

https://sli.freep.com/imp?s=695408&li=26404&m=565244c5e627ff81dd0c01bbe1459267&p=May32023&stpe=static
https://p.liadm.com/imp?s=695408&li=26404&m=565244c5e627ff81dd0c01bbe1459267&p=May32023&stpe=static&_lc2_fpi=fc5f47392103--01gzggnq39wrj6jgnz7pd4z5g0&i6=MmEwMTo0YTA6MmI6OjY%3D
https://c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/94c8cd36dc1428947beeb6283056d111.png

1 KB
2 KB

123ms
122ms

Image
image/png

2600:9000:2209:e400:16:3fe3:5f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/94c8cd36dc1428947beeb6283056d111.png

Requested by

Protocol

Server

2600:9000:2209:e400:16:3fe3:5f80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7df42999b17c3dd8039a37c41774eaa804db05245669e742e2e686b8da507bff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 16:56:52 GMT
x-amz-version-id: HN11YLzIVq66javzGXi4S3QzgCBPAuc7
via: 1.1 95edb2a6efdb5ee4d3c7f7aa298bb2f2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: EWR53-P1
age: 61187
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 1255
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 12 Apr 2023 19:40:36 GMT
server: AmazonS3
etag: "6956da20f9d008ec379926ee358e5594"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: YbnBLNmWO0d04IzW3XsLxksQlq3fg4x3W7rGW-bTbj1xqijEOCiS-g==

Redirect headers

Location: https://c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/94c8cd36dc1428947beeb6283056d111.png
Date: Wed, 03 May 2023 09:56:38 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

27e30bebaaece921293946f3c75ca02b.png
c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/
Redirect Chain

https://sli.freep.com/imp?s=695410&li=26404&m=565244c5e627ff81dd0c01bbe1459267&p=May32023&stpe=static
https://p.liadm.com/imp?s=695410&li=26404&m=565244c5e627ff81dd0c01bbe1459267&p=May32023&stpe=static&_lc2_fpi=fc5f47392103--01gzggnq3ag1v9rwwm52ptf3nh&i6=MmEwMTo0YTA6MmI6OjY%3D
https://c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/27e30bebaaece921293946f3c75ca02b.png

15 KB
16 KB

134ms
133ms

Image
image/png

2600:9000:2209:e400:16:3fe3:5f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/27e30bebaaece921293946f3c75ca02b.png

Requested by

Protocol

Server

2600:9000:2209:e400:16:3fe3:5f80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5417ebe6c4d945b5780b26bff7af7b190dd85ebd80a273f91bfb18c948eb20ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: iQ1zkSQH9f2qB5gRl4IvHcVzH6cXJBvh
date: Tue, 02 May 2023 23:03:19 GMT
via: 1.1 95edb2a6efdb5ee4d3c7f7aa298bb2f2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: EWR53-P1
age: 39200
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 15721
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 12 Apr 2023 19:42:22 GMT
server: AmazonS3
etag: "c56fae17aa690ac40e2a23fbf5796b60"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: uTPaIHW22wSxU8Au2GwVkTa1FJ0NucVIIMfJk9Jzoj0x-udybqJwSA==

Redirect headers

Location: https://c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/27e30bebaaece921293946f3c75ca02b.png
Date: Wed, 03 May 2023 09:56:38 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 200 1ae64f5c-77d7-4041-b258-e8fd813d1c37-5d0c2125-95eb-43f2-ab31-7aef485b260b-IMG_636644299398202192_6_1_.jpg
www.gannett-cdn.com/presto/2023/04/21/PDTF/ 11 KB
11 KB 12ms
10ms Image
image/webp 151.101.130.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gannett-cdn.com/presto/2023/04/21/PDTF/1ae64f5c-77d7-4041-b258-e8fd813d1c37-5d0c2125-95eb-43f2-ab31-7aef485b260b-IMG_636644299398202192_6_1_.jpg?crop=400,400,x133,y0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c292106df1edb8e46e8935768c1ace444a11cce60b411606e9fd6782d2505107

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 09:56:38 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 940403
x-cache: HIT, HIT
fastly-stats: io=1
content-length: 11530
etag: "3O//N7Ku1Xog66QIEk2b/rsaMRmUFU8/qu4+PZ2jY6E"
vary: Accept
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 418, 1

GET
H2 200 B9319225471Z.1_20151011195554_000_GIFC722JT.1-0.jpg
www.gannett-cdn.com/-mm-/326f7eb2019422a6859dd15bf42c2b8faee9997b/c=816-0-4080-3264/local/-/media/2015/10/11/DetroitFreePress/ 516 KB
516 KB 13ms
12ms Image
image/webp 151.101.130.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gannett-cdn.com/-mm-/326f7eb2019422a6859dd15bf42c2b8faee9997b/c=816-0-4080-3264/local/-/media/2015/10/11/DetroitFreePress/B9319225471Z.1_20151011195554_000_GIFC722JT.1-0.jpg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0dfd4d8233d396586d1f7a3c0b8ee5a03a2681cc54ddf7cd862ed8270654e298

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 09:56:38 GMT
x-served-bymoc: default
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 916874
x-cache: MISS, HIT, HIT
fastly-stats: io=1
content-length: 528012
etag: "TRJkLXtWbx7UoUsV3HfqNQ9hBFd4Ato8YMdtKSW4zTE"
vary: Accept
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-served-bycnt: 0
x-cache-hits: 15411, 1

GET
H2 200 ekUTCjL2jxSkkigYG-xs8.png
www.gannett-cdn.com/strdimgs/p/637b4e5bebe2ac0daf96d38f/ 1 KB
1 KB 12ms
10ms Image
image/webp 151.101.130.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gannett-cdn.com/strdimgs/p/637b4e5bebe2ac0daf96d38f/ekUTCjL2jxSkkigYG-xs8.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b3c8ba221ebe04d2c9002b3677e4e1c690d87ca57aa3e07de0efa5792d236b87

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 09:56:38 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 1284435
x-cache: HIT, HIT
fastly-stats: io=1
content-length: 1392
etag: "8bmenfBM1PYlK+NjAZBv0SDq5/JFhQnDLnsGBOjIpHU"
vary: Accept
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 28741, 1

GET
H2 200 b266793f-9e16-4920-ab6e-f85f8aeb3be1-Brandon.png
www.gannett-cdn.com/presto/2023/04/25/PDTF/ 460 KB
461 KB 36ms
35ms Image
image/webp 151.101.130.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gannett-cdn.com/presto/2023/04/25/PDTF/b266793f-9e16-4920-ab6e-f85f8aeb3be1-Brandon.png?crop=959,959,x0,y0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

96a22428bc5bbc35bc207f4b388b9d0951ccede3c2214e574ed2bc07b546551d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 09:56:38 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 505744
x-cache: HIT, HIT
fastly-stats: io=1
content-length: 471550
etag: "z2c3Bda+FrEU2KAjHrv4w3ryDhR1Je6PpX/V3LN4AYo"
vary: Accept
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 13350, 1

GET
H2 200 89f67ac1-1de5-41af-9169-c7be74966ac5-Elmouchi-Darryl.jpg
www.gannett-cdn.com/presto/2021/12/13/PDTF/ 6 KB
6 KB 11ms
9ms Image
image/webp 151.101.130.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gannett-cdn.com/presto/2021/12/13/PDTF/89f67ac1-1de5-41af-9169-c7be74966ac5-Elmouchi-Darryl.jpg?crop=230,230,x0,y0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e743383f193cfb0c3d1239141738fa84a4d59082a934fd409098d51752bb60d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 09:56:38 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 602162
x-cache: HIT, HIT
fastly-stats: io=1
content-length: 5976
etag: "PSp/FsfhdCaLVKMWXQWZvRyORc+ycsqP91bSpEaggNk"
vary: Accept
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 418, 1

GET
H2

200

df6425e961877927426b130def912789.jpg
c.licasd.com/ads/a337642cc8e211ed9f750edf16aa78e3/
Redirect Chain

https://sli.freep.com/imp?s=695411&li=26404&m=565244c5e627ff81dd0c01bbe1459267&p=May32023&stpe=default
https://p.liadm.com/imp?s=695411&li=26404&m=565244c5e627ff81dd0c01bbe1459267&p=May32023&stpe=default&_lc2_fpi=fc5f47392103--01gzggnq3aaf8hvy9em7hfb62n&i6=MmEwMTo0YTA6MmI6OjY%3D
https://c.licasd.com/ads/a337642cc8e211ed9f750edf16aa78e3/df6425e961877927426b130def912789.jpg

79 KB
79 KB

150ms
149ms

Image
image/jpeg

2600:9000:2209:e400:16:3fe3:5f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.licasd.com/ads/a337642cc8e211ed9f750edf16aa78e3/df6425e961877927426b130def912789.jpg

Requested by

Protocol

Server

2600:9000:2209:e400:16:3fe3:5f80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

9cb371eafbbd3454380a690da1d6e0a3950605a15517f1069636159fa8c5cfe1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: 2OxKGYaz6oK.Og1plUeF8JS0RmfM_gOf
date: Tue, 02 May 2023 23:27:08 GMT
via: 1.1 95edb2a6efdb5ee4d3c7f7aa298bb2f2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: EWR53-P1
age: 37771
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 80578
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 12 Apr 2023 20:31:23 GMT
server: AmazonS3
etag: "0791c778ad993301f8fcea73250f3e41"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: image/jpeg
accept-ranges: bytes
x-amz-cf-id: ppfG1qYyXBzobAkPsW0t5SuTy4rKeT5tUQ0S6wSK6BdlQaE-YvhfaA==

Redirect headers

Location: https://c.licasd.com/ads/a337642cc8e211ed9f750edf16aa78e3/df6425e961877927426b130def912789.jpg
Date: Wed, 03 May 2023 09:56:38 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 200 UnifySerif_W_SBd.woff
www.gannett-cdn.com/gannett-web/apps/postino/fonts/WOFF/ 24 KB
25 KB 10ms
10ms Font
application/octet-stream 151.101.130.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gannett-cdn.com/gannett-web/apps/postino/fonts/WOFF/UnifySerif_W_SBd.woff

Requested by

Host: www.gannett-cdn.com
URL: https://www.gannett-cdn.com/strdimgs/p/unify.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9155a6b73c42bc720446c0da05e1b53ed0fd4b666fe91ccac521bc0c2069b7d5

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.gannett-cdn.com/strdimgs/p/unify.css
Origin: https://s1.view.sfmc-marketing.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 09:56:38 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 2851441
x-amz-meta-goog-reserved-file-mtime: 1550592258
x-cache: HIT, HIT
content-length: 24948
last-modified: Tue, 19 Feb 2019 16:04:37 GMT
etag: "1e15c9d3f4cfe427adfa7b7783a34002"
vary
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 34888, 29

GET
H2

200

94c8cd36dc1428947beeb6283056d111.png
c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/
Redirect Chain

https://sli.freep.com/imp?s=695412&li=26404&m=565244c5e627ff81dd0c01bbe1459267&p=May32023&stpe=static
https://p.liadm.com/imp?s=695412&li=26404&m=565244c5e627ff81dd0c01bbe1459267&p=May32023&stpe=static&_lc2_fpi=fc5f47392103--01gzggnq5j8783w0cm7zy3ad9m&i6=MmEwMTo0YTA6MmI6OjY%3D
https://c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/94c8cd36dc1428947beeb6283056d111.png

1 KB
2 KB

124ms
122ms

Image
image/png

2600:9000:2209:e400:16:3fe3:5f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/94c8cd36dc1428947beeb6283056d111.png

Requested by

Protocol

Server

2600:9000:2209:e400:16:3fe3:5f80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

7df42999b17c3dd8039a37c41774eaa804db05245669e742e2e686b8da507bff

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Tue, 02 May 2023 16:56:52 GMT
x-amz-version-id: HN11YLzIVq66javzGXi4S3QzgCBPAuc7
via: 1.1 95edb2a6efdb5ee4d3c7f7aa298bb2f2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: EWR53-P1
age: 61187
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 1255
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 12 Apr 2023 19:40:36 GMT
server: AmazonS3
etag: "6956da20f9d008ec379926ee358e5594"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: x0Ks_BpQPDiw_5tam40rOyVScB9GNiRT5OEWtFQwp-chiqetMGp_ww==

Redirect headers

Location: https://c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/94c8cd36dc1428947beeb6283056d111.png
Date: Wed, 03 May 2023 09:56:38 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

27e30bebaaece921293946f3c75ca02b.png
c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/
Redirect Chain

https://sli.freep.com/imp?s=695414&li=26404&m=565244c5e627ff81dd0c01bbe1459267&p=May32023&stpe=static
https://p.liadm.com/imp?s=695414&li=26404&m=565244c5e627ff81dd0c01bbe1459267&p=May32023&stpe=static&_lc2_fpi=fc5f47392103--01gzggnq5jt2xpzhmyqh1hwqsm&i6=MmEwMTo0YTA6MmI6OjY%3D
https://c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/27e30bebaaece921293946f3c75ca02b.png

15 KB
16 KB

142ms
141ms

Image
image/png

2600:9000:2209:e400:16:3fe3:5f80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/27e30bebaaece921293946f3c75ca02b.png

Requested by

Protocol

Server

2600:9000:2209:e400:16:3fe3:5f80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

5417ebe6c4d945b5780b26bff7af7b190dd85ebd80a273f91bfb18c948eb20ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

x-amz-version-id: iQ1zkSQH9f2qB5gRl4IvHcVzH6cXJBvh
date: Tue, 02 May 2023 23:03:19 GMT
via: 1.1 95edb2a6efdb5ee4d3c7f7aa298bb2f2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: EWR53-P1
age: 39200
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 15721
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 12 Apr 2023 19:42:22 GMT
server: AmazonS3
etag: "c56fae17aa690ac40e2a23fbf5796b60"
vary: Accept-Encoding, Origin
x-frame-options: SAMEORIGIN
content-type: image/png
accept-ranges: bytes
x-amz-cf-id: i9kPIvw5BbpLWymR67WqqoBgh90KZR06lyn3HH4UUa2znYPpr4-zqA==

Redirect headers

Location: https://c.licasd.com/ads/499280149b11102e9c99d9decb5d7225/27e30bebaaece921293946f3c75ca02b.png
Date: Wed, 03 May 2023 09:56:38 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2 200 lo2XajxXXoGyz0pJFKv7s.png
www.gannett-cdn.com/strdimgs/p/6375015956d87ec09afe76da/ 5 KB
5 KB 10ms
8ms Image
image/webp 151.101.130.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gannett-cdn.com/strdimgs/p/6375015956d87ec09afe76da/lo2XajxXXoGyz0pJFKv7s.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

718f1310efdd481ecce8888b85e958e590552fa9b2ea7a3fef02efcc888876fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 09:56:38 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 1878131
x-cache: HIT, HIT
fastly-stats: io=1
content-length: 4956
etag: "OeYB/zUOyogcCHI2tREooR7ZXX3NG9rXJJYwNZK5Uh0"
vary: Accept
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 32213, 1

GET
H2 200 BdWxPY0aZ1m-EnK0ErkQF.png
www.gannett-cdn.com/strdimgs/p/637b635256d87ec09a1d96fc/ 598 B
689 B 12ms
11ms Image
image/webp 151.101.130.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gannett-cdn.com/strdimgs/p/637b635256d87ec09a1d96fc/BdWxPY0aZ1m-EnK0ErkQF.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f6f401123083f983a766bd6346dcadf52cb71c84dd611915ec36f2d6fb751c76

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 09:56:38 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 1364226
x-cache: HIT, HIT
fastly-stats: io=1
content-length: 598
etag: "W2esdlp5E6jR5gbcmWcBAQNl0N2KsekgKwdd0HIXz/M"
vary: Accept
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 21465, 1

GET
H2 200 iKDsgm4JrbVpTl-FZwsSu.png
www.gannett-cdn.com/strdimgs/p/637b635256d87ec09a1d96fc/ 822 B
915 B 11ms
9ms Image
image/webp 151.101.130.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gannett-cdn.com/strdimgs/p/637b635256d87ec09a1d96fc/iKDsgm4JrbVpTl-FZwsSu.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f27e541a387f586234f1580ab720d108d080c62defe7ac96e52563c14edbec1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 09:56:38 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 1741903
x-cache: HIT, HIT
fastly-stats: io=1
content-length: 822
etag: "KVX1bdTOIR3XyKjIQeXnE2qSlT/VtetY8/5bGfvdBX4"
vary: Accept
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 28848, 1

GET
H2 200 WtfG8kZ2IhEtS7TN4fUGt.png
www.gannett-cdn.com/strdimgs/p/637b635256d87ec09a1d96fc/ 812 B
1 KB 12ms
10ms Image
image/webp 151.101.130.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gannett-cdn.com/strdimgs/p/637b635256d87ec09a1d96fc/WtfG8kZ2IhEtS7TN4fUGt.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.130.62 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

f8dd0fcc2b38b0b79b805033539b5759323ac6935d9a485938137e6a19b2b1e1

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

date: Wed, 03 May 2023 09:56:38 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
nel: {"report_to":"default","max_age":31557600,"include_subdomains":true,"success_fraction":0.005}
age: 500405
x-cache: HIT, HIT
fastly-stats: io=1
content-length: 812
etag: "V5eHASPo5vcqgNdaViyqyEAKzCLRr0xGKf3sDlZqZkk"
vary: Accept
report-to: {"max_age":31557600,"include_subdomains":true,"endpoints":[{"url":"https://reporting-api.gannettinnovation.com"}]}
content-type: image/webp
access-control-allow-origin: *
cache-control: max-age=2592000
accept-ranges: bytes
timing-allow-origin: *
x-cache-hits: 7270, 1

GET
H2

200

1407
stags.bluekai.com/site/
Redirect Chain

https://sli.freep.com/imp?s=125640400&li=26404&m=565244c5e627ff81dd0c01bbe1459267&p=May32023&stpe=pixel
https://p.liadm.com/imp?s=125640400&li=26404&m=565244c5e627ff81dd0c01bbe1459267&p=May32023&stpe=pixel&_lc2_fpi=fc5f47392103--01gzggnq5jvw2az1hvbsz7n0sf&i6=MmEwMTo0YTA6MmI6OjY%3D
https://i.liadm.com/s/section/125640400?m=565244c5e627ff81dd0c01bbe1459267&sh1=&sh2=&source=safe_rtb
https://i.liadm.com/s/section/125640400?sh2=&source=safe_rtb&m=565244c5e627ff81dd0c01bbe1459267&_li_chk=true&sh1=&previous_uuid=313381b607f54b88aff831f1c8e88924
https://e.dlx.addthis.com/e/a-3491/s-7601.xgi?ret=img&na_em=565244c5e627ff81dd0c01bbe1459267
https://e.dlx.addthis.com/e/a-3491/s-7601.xgi?ret=img&na_em=565244c5e627ff81dd0c01bbe1459267&rd=Y
https://stags.bluekai.com/site/1407?partner=1&uhint=na_id=2023050309563900079043236204&redir=https%3A%2F%2Fx.dlx.addthis.com%2Fe%2Fbk_sync.xgi%3Fna_exid%3D%24_BK_UUID

62 B
228 B

264ms
163ms

Image
image/gif

2.23.197.190
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://stags.bluekai.com/site/1407?partner=1&uhint=na_id=2023050309563900079043236204&redir=https%3A%2F%2Fx.dlx.addthis.com%2Fe%2Fbk_sync.xgi%3Fna_exid%3D%24_BK_UUID
Requested by: Host: s1.view.sfmc-marketing.com
URL: https://s1.view.sfmc-marketing.com/view_email.aspx?qs=ee7e1cf057ac2fcdba7426c1d726625d0b594ba0f3694467c26bd6304e3266e4ef58e5f94f444ed4e0675f163411ac0793921b91c1b39ea82fb3d3fc57fdfb12ab94384a08bd4b19
Protocol: H2
Server: 2.23.197.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-23-197-190.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date: Wed, 03 May 2023 09:56:39 GMT
content-length: 62
content-type: image/gif

Redirect headers

location: https://stags.bluekai.com/site/1407?partner=1&uhint=na_id=2023050309563900079043236204&redir=https%3A%2F%2Fx.dlx.addthis.com%2Fe%2Fbk_sync.xgi%3Fna_exid%3D%24_BK_UUID
pragma: no-cache
date: Wed, 03 May 2023 09:56:39 GMT
cache-control: max-age=0, no-cache, no-store
strict-transport-security: max-age=2628000
content-length: 0
expires: Wed, 03 May 2023 09:56:39 GMT

GET
H/1.1

200
OK

125640401
i6.liadm.com/s/section/
Redirect Chain

https://sli.freep.com/imp?s=125640401&li=26404&m=565244c5e627ff81dd0c01bbe1459267&p=May32023&stpe=pixel
https://p.liadm.com/imp?s=125640401&li=26404&m=565244c5e627ff81dd0c01bbe1459267&p=May32023&stpe=pixel&_lc2_fpi=fc5f47392103--01gzggnq5k9pr3kg61cxs9jsex&i6=MmEwMTo0YTA6MmI6OjY%3D
https://i6.liadm.com/s/section/125640401?m=565244c5e627ff81dd0c01bbe1459267&sh1=&sh2=&source=safe_rtb
https://i6.liadm.com/s/section/125640401?sh2=&source=safe_rtb&m=565244c5e627ff81dd0c01bbe1459267&_li_chk=true&sh1=&previous_uuid=adfea0af706d4f69b5778b1eed597504

43 B
548 B

96ms
96ms

Image
image/gif

2600:1f18:ed:550f:b16d:e001:514:e364
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/section/125640401?sh2=&source=safe_rtb&m=565244c5e627ff81dd0c01bbe1459267&_li_chk=true&sh1=&previous_uuid=adfea0af706d4f69b5778b1eed597504

Requested by

Protocol

HTTP/1.1

Server

2600:1f18:ed:550f:b16d:e001:514:e364 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 03 May 2023 09:56:39 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 4
Content-Type: image/gif

Redirect headers

Location: /s/section/125640401?sh2=&source=safe_rtb&m=565244c5e627ff81dd0c01bbe1459267&_li_chk=true&sh1=&previous_uuid=adfea0af706d4f69b5778b1eed597504
Date: Wed, 03 May 2023 09:56:39 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 3

GET
H/1.1

200
OK

imp
p.liadm.com/
Redirect Chain

https://sli.freep.com/imp?s=125640402&li=26404&m=565244c5e627ff81dd0c01bbe1459267&p=May32023&stpe=pixel
https://p.liadm.com/imp?s=125640402&li=26404&m=565244c5e627ff81dd0c01bbe1459267&p=May32023&stpe=pixel&_lc2_fpi=fc5f47392103--01gzggnq5k70pzdwkxd08cybth&i6=MmEwMTo0YTA6MmI6OjY%3D

43 B
235 B

589ms
91ms

Image
image/gif

3.220.30.211
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.liadm.com/imp?s=125640402&li=26404&m=565244c5e627ff81dd0c01bbe1459267&p=May32023&stpe=pixel&_lc2_fpi=fc5f47392103--01gzggnq5k70pzdwkxd08cybth&i6=MmEwMTo0YTA6MmI6OjY%3D
Requested by: Host: s1.view.sfmc-marketing.com
URL: https://s1.view.sfmc-marketing.com/view_email.aspx?qs=ee7e1cf057ac2fcdba7426c1d726625d0b594ba0f3694467c26bd6304e3266e4ef58e5f94f444ed4e0675f163411ac0793921b91c1b39ea82fb3d3fc57fdfb12ab94384a08bd4b19
Protocol: HTTP/1.1
Server: 3.220.30.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-220-30-211.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 03 May 2023 09:56:38 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

date: Wed, 03 May 2023 09:56:38 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
via: 1.1 5a9253ffd4a04a82b061e7ef23f713d4.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: PRG50-C1
referrer-policy: same-origin
x-frame-options: DENY
x-cache: FunctionGeneratedResponse from cloudfront
location: https://p.liadm.com/imp?s=125640402&li=26404&m=565244c5e627ff81dd0c01bbe1459267&p=May32023&stpe=pixel&_lc2_fpi=fc5f47392103--01gzggnq5k70pzdwkxd08cybth&i6=MmEwMTo0YTA6MmI6OjY%3D
content-length: 0
x-xss-protection: 1; mode=block
x-amz-cf-id: srbZAEvl49zLUEsW2SbapMiG5E3QxWLoM2d6HIM2Cv7rQL4Ql65UWg==

GET
H/1.1

200
OK

imp
p.liadm.com/
Redirect Chain

https://sli.freep.com/imp?s=125640403&li=26404&m=565244c5e627ff81dd0c01bbe1459267&p=May32023&stpe=pixel
https://p.liadm.com/imp?s=125640403&li=26404&m=565244c5e627ff81dd0c01bbe1459267&p=May32023&stpe=pixel&_lc2_fpi=fc5f47392103--01gzggnq5kq6y4ehtpn38xzeq2&i6=MmEwMTo0YTA6MmI6OjY%3D

43 B
235 B

595ms
91ms

Image
image/gif

3.220.30.211
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.liadm.com/imp?s=125640403&li=26404&m=565244c5e627ff81dd0c01bbe1459267&p=May32023&stpe=pixel&_lc2_fpi=fc5f47392103--01gzggnq5kq6y4ehtpn38xzeq2&i6=MmEwMTo0YTA6MmI6OjY%3D
Requested by: Host: s1.view.sfmc-marketing.com
URL: https://s1.view.sfmc-marketing.com/view_email.aspx?qs=ee7e1cf057ac2fcdba7426c1d726625d0b594ba0f3694467c26bd6304e3266e4ef58e5f94f444ed4e0675f163411ac0793921b91c1b39ea82fb3d3fc57fdfb12ab94384a08bd4b19
Protocol: HTTP/1.1
Server: 3.220.30.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-220-30-211.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 03 May 2023 09:56:38 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

date: Wed, 03 May 2023 09:56:38 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
via: 1.1 5a9253ffd4a04a82b061e7ef23f713d4.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: PRG50-C1
referrer-policy: same-origin
x-frame-options: DENY
x-cache: FunctionGeneratedResponse from cloudfront
location: https://p.liadm.com/imp?s=125640403&li=26404&m=565244c5e627ff81dd0c01bbe1459267&p=May32023&stpe=pixel&_lc2_fpi=fc5f47392103--01gzggnq5kq6y4ehtpn38xzeq2&i6=MmEwMTo0YTA6MmI6OjY%3D
content-length: 0
x-xss-protection: 1; mode=block
x-amz-cf-id: 6SNqnGvi_LIo6SEkNX81q8gW1ouftiNNL1YsASK1wF1p6P0bkhEBfg==

GET
H/1.1

200
OK

imp
p.liadm.com/
Redirect Chain

https://sli.freep.com/imp?s=125640404&li=26404&m=565244c5e627ff81dd0c01bbe1459267&p=May32023&stpe=pixel
https://p.liadm.com/imp?s=125640404&li=26404&m=565244c5e627ff81dd0c01bbe1459267&p=May32023&stpe=pixel&_lc2_fpi=fc5f47392103--01gzggnq5kg4gwtk5n39yrhbny&i6=MmEwMTo0YTA6MmI6OjY%3D

43 B
235 B

596ms
91ms

Image
image/gif

3.220.30.211
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.liadm.com/imp?s=125640404&li=26404&m=565244c5e627ff81dd0c01bbe1459267&p=May32023&stpe=pixel&_lc2_fpi=fc5f47392103--01gzggnq5kg4gwtk5n39yrhbny&i6=MmEwMTo0YTA6MmI6OjY%3D
Requested by: Host: s1.view.sfmc-marketing.com
URL: https://s1.view.sfmc-marketing.com/view_email.aspx?qs=ee7e1cf057ac2fcdba7426c1d726625d0b594ba0f3694467c26bd6304e3266e4ef58e5f94f444ed4e0675f163411ac0793921b91c1b39ea82fb3d3fc57fdfb12ab94384a08bd4b19
Protocol: HTTP/1.1
Server: 3.220.30.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-220-30-211.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.5615.121 Safari/537.36

Response headers

Date: Wed, 03 May 2023 09:56:38 GMT
Cache-Control: no-cache, no-store, must-revalidate
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

Redirect headers

date: Wed, 03 May 2023 09:56:38 GMT
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-content-type-options: nosniff
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
via: 1.1 5a9253ffd4a04a82b061e7ef23f713d4.cloudfront.net (CloudFront)
server: CloudFront
x-amz-cf-pop: PRG50-C1
referrer-policy: same-origin
x-frame-options: DENY
x-cache: FunctionGeneratedResponse from cloudfront
location: https://p.liadm.com/imp?s=125640404&li=26404&m=565244c5e627ff81dd0c01bbe1459267&p=May32023&stpe=pixel&_lc2_fpi=fc5f47392103--01gzggnq5kg4gwtk5n39yrhbny&i6=MmEwMTo0YTA6MmI6OjY%3D
content-length: 0
x-xss-protection: 1; mode=block
x-amz-cf-id: fr8SdMfwsein-vwC7YjRIuUkqdN01HIDqfQaeCiqRhoOWrSyJstELg==

Verdicts & Comments Add Verdict or Comment

1 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

boolean| credentialless

12 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
i.liadm.com/s	1970-01-20 12:14:59	Name: _li_ss Value: CgASDw0a6kOrEggKBgirARD8FA
i6.liadm.com/s	1970-01-20 12:14:59	Name: _li_ss Value: CgA
.liadm.com/	1970-01-20 21:07:47	Name: lidid Value: adfea0af-706d-4f69-b577-8b1eed597504
.e.dlx.addthis.com/	1970-01-20 21:02:02	Name: na_tc Value: Y
.addthis.com/	1970-01-20 21:02:02	Name: na_id Value: 2023050309563900079043236204
.addthis.com/	1970-01-20 21:02:02	Name: na_tc Value: Y
.addthis.com/	1970-01-20 21:02:02	Name: uid Value: 64522fd7e04f9396
.addthis.com/	1970-01-20 21:02:02	Name: ouid Value: 64522fd700016065f68a7145b896541fa43e0656d9d07b1296a6
.dlx.addthis.com/	1970-01-20 12:14:59	Name: na_rn Value: 0
.dlx.addthis.com/	1970-01-20 12:14:59	Name: na_sr Value: 20230503
.dlx.addthis.com/	1970-01-20 11:31:47	Name: na_srp Value: 7601
.dlx.addthis.com/	1970-01-20 12:14:59	Name: na_sc_e Value: 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

c.licasd.com
cl.exct.net
e.dlx.addthis.com
i.liadm.com
i6.liadm.com
p.liadm.com
s1.view.sfmc-marketing.com
sli.freep.com
stags.bluekai.com
view.exacttarget.com
www.dianomi.com
www.gannett-cdn.com
104.18.16.195
151.101.130.62
184.73.204.212
2.23.197.190
2600:1f18:ed:550f:b16d:e001:514:e364
2600:9000:2127:e00:18:f429:2240:93a1
2600:9000:2209:e400:16:3fe3:5f80:93a1
2a02:26f0:6c00:1a6::416d
3.220.30.211
68.232.201.159
68.232.201.168
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0dfd4d8233d396586d1f7a3c0b8ee5a03a2681cc54ddf7cd862ed8270654e298
2aeb59256a738d52758f0fc8676c7424ace0fa9e1b2810f9231acf408ec3569c
4bfcf8c0c221a5179a1d821390aba94c10dc2c4467ddc5cc5631e548ee581e2d
4ff08086f9ad8da2e2110854a1abf0f8749ff674a08d3b68459d54d984aaff2f
5245675dd1819af5bd19c87a5e9994e7a7441b8954ed1cc7e7977c5cbce0b7ba
5417ebe6c4d945b5780b26bff7af7b190dd85ebd80a273f91bfb18c948eb20ac
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
718f1310efdd481ecce8888b85e958e590552fa9b2ea7a3fef02efcc888876fc
7df42999b17c3dd8039a37c41774eaa804db05245669e742e2e686b8da507bff
81faa49a232aa78ca4c59977f6ee553ad2807602b2d35c1cd85ac7fe9f87ced5
8cff0bfbd50299c0501d5e34c0d51143e07ece586e08c31bbb84199709163a5a
9097040c45d746c1d7608598750f31e643373074d108969ff2e9ad1861f99d80
9155a6b73c42bc720446c0da05e1b53ed0fd4b666fe91ccac521bc0c2069b7d5
96a22428bc5bbc35bc207f4b388b9d0951ccede3c2214e574ed2bc07b546551d
9cb371eafbbd3454380a690da1d6e0a3950605a15517f1069636159fa8c5cfe1
a31c01ee72262e9ff887e501ae3f92f6db541f2ee30e6ccfe95bed9a5d7d63de
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b3c8ba221ebe04d2c9002b3677e4e1c690d87ca57aa3e07de0efa5792d236b87
bbeefed723107d0aae1fc3027489078f17a93fdcd1d12b847bda1fd2116b94fc
c292106df1edb8e46e8935768c1ace444a11cce60b411606e9fd6782d2505107
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
d08e582f613a053edebdf458131c92df774fd7f041054f7b204ab8a067c2c6f4
d2bb2e4c3563c52c746777cf7bb13e05bc24d4e70e97f81117c300d09cabe9d6
d4ee5b8f9a27a6bee611aace3c1a591e3a1b854b17c9fefbc23e9cd9f9a31c8c
e2baa5541a07c6c70026aeaec4cfb4a41183de2c2a6f18b8a1cc6e3befd609c6
e743383f193cfb0c3d1239141738fa84a4d59082a934fd409098d51752bb60d5
ea709afeb146c040a449cdea040f7ac1ec2722980fa0c5e73d84f7e146abfa7b
f27e541a387f586234f1580ab720d108d080c62defe7ac96e52563c14edbec1f
f6f401123083f983a766bd6346dcadf52cb71c84dd611915ec36f2d6fb751c76
f8dd0fcc2b38b0b79b805033539b5759323ac6935d9a485938137e6a19b2b1e1

s1.view.sfmc-marketing.com Open in urlscan Pro 68.232.201.168 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

37 Requests

62 %HTTPS

36 %IPv6

10 Domains

12 Subdomains

8 IPs

3 Countries

3620 kBTransfer

3613 kBSize

12 Cookies

42 Outgoing links

Page URL History

Redirected requests

37 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

s1.view.sfmc-marketing.com Open in urlscan Pro
68.232.201.168 Public Scan

Screenshot
Live screenshot

Full Image

37
Requests

62 %
HTTPS

36 %
IPv6

10
Domains

12
Subdomains

8
IPs

3
Countries

3620 kB
Transfer

3613 kB
Size

12
Cookies

37 HTTP transactions
0 data transactions