bangordailynews.com Open in urlscan Pro
192.0.78.146 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-...
Submission: On April 27 via api (April 27th 2021, 12:16:39 am UTC) from US

Summary HTTP 423 Redirects Links 28 Behaviour Indicators

Summary

This website contacted 87 IPs in 7 countries across 60 domains to perform 423 HTTP transactions. The main IP is 192.0.78.146, located in United States and belongs to AUTOMATTIC, US. The main domain is bangordailynews.com.
TLS certificate: Issued by R3 on April 23rd 2021. Valid for: 3 months.

This is the only time bangordailynews.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
42	192.0.78.146 192.0.78.146	2635 (AUTOMATTIC) (AUTOMATTIC)
15	192.0.77.37 192.0.77.37	2635 (AUTOMATTIC) (AUTOMATTIC)
4	2a00:1450:400... 2a00:1450:4001:827::200a	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20c... 2600:9000:20c8:3600:9:4c16:5180:21	16509 (AMAZON-02) (AMAZON-02)
6	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
1	2.18.234.163 2.18.234.163	16625 (AKAMAI-AS) (AKAMAI-AS)
16	204.48.28.205 204.48.28.205	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
24	178.79.242.139 178.79.242.139	22822 (LLNW) (LLNW)
12	192.0.77.2 192.0.77.2	2635 (AUTOMATTIC) (AUTOMATTIC)
7	151.139.128.11 151.139.128.11	20446 (HIGHWINDS3) (HIGHWINDS3)
1	13.224.112.38 13.224.112.38	16509 (AMAZON-02) (AMAZON-02)
3	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
1	2600:9000:20c... 2600:9000:20c8:e400:d:77c3:2dc0:21	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
2 7	151.101.194.137 151.101.194.137	54113 (FASTLY) (FASTLY)
1	2606:4700:303... 2606:4700:3031::ac43:9eaa	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
4	2606:4700:20:... 2606:4700:20::681a:a9c	13335 (CLOUDFLAR...) (CLOUDFLARENET)
24	52.70.144.100 52.70.144.100	14618 (AMAZON-AES) (AMAZON-AES)
1	34.96.85.105 34.96.85.105	15169 (GOOGLE) (GOOGLE)
1	52.205.167.202 52.205.167.202	14618 (AMAZON-AES) (AMAZON-AES)
11	2606:4700::68... 2606:4700::6811:bab1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	13.224.105.229 13.224.105.229	16509 (AMAZON-02) (AMAZON-02)
1	2a03:2880:f01... 2a03:2880:f01c:800e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
1	52.21.23.66 52.21.23.66	14618 (AMAZON-AES) (AMAZON-AES)
1	52.217.138.97 52.217.138.97	16509 (AMAZON-02) (AMAZON-02)
7	34.248.121.96 34.248.121.96	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:82f::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:20c... 2600:9000:20c8:4c00:18:1fcd:34e:d2a1	16509 (AMAZON-02) (AMAZON-02)
1 2	107.178.250.234 107.178.250.234	15169 (GOOGLE) (GOOGLE)
10	3.139.208.140 3.139.208.140	16509 (AMAZON-02) (AMAZON-02)
28	2a00:1450:400... 2a00:1450:4001:82b::200a	15169 (GOOGLE) (GOOGLE)
4	52.215.252.139 52.215.252.139	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:803::2006	15169 (GOOGLE) (GOOGLE)
11	2606:4700::68... 2606:4700::6810:2a41	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
2	34.237.68.53 34.237.68.53	14618 (AMAZON-AES) (AMAZON-AES)
1	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
3	35.168.95.93 35.168.95.93	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
3	2606:4700::68... 2606:4700::6811:4e22	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::2003	15169 (GOOGLE) (GOOGLE)
1 1	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
4	52.203.28.84 52.203.28.84	14618 (AMAZON-AES) (AMAZON-AES)
27	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
12	2620:116:800d... 2620:116:800d:21:51e4:db4b:4436:b305	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:20c... 2600:9000:20c8:b600:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	34.225.120.49 34.225.120.49	14618 (AMAZON-AES) (AMAZON-AES)
1	34.120.133.55 34.120.133.55	15169 (GOOGLE) (GOOGLE)
1	52.30.50.112 52.30.50.112	16509 (AMAZON-02) (AMAZON-02)
5	2607:f8b0:400... 2607:f8b0:4001:c13::5e	15169 (GOOGLE) (GOOGLE)
4 9	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
3	2600:9000:20c... 2600:9000:20c8:6e00:15:6f6c:b180:93a1	16509 (AMAZON-02) (AMAZON-02)
3	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	52.208.222.238 52.208.222.238	16509 (AMAZON-02) (AMAZON-02)
5	185.33.220.242 185.33.220.242	29990 (ASN-APPNEX) (ASN-APPNEX)
2	185.94.180.124 185.94.180.124	35220 (SPOTX-AMS) (SPOTX-AMS)
2	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1	18.194.102.50 18.194.102.50	16509 (AMAZON-02) (AMAZON-02)
2	18.194.69.169 18.194.69.169	16509 (AMAZON-02) (AMAZON-02)
3	54.195.68.175 54.195.68.175	16509 (AMAZON-02) (AMAZON-02)
5	18.159.16.69 18.159.16.69	16509 (AMAZON-02) (AMAZON-02)
2	54.195.94.143 54.195.94.143	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1288:80:... 2a00:1288:80:800::7001	203220 (YAHOO-DEB) (YAHOO-DEB)
9	35.156.201.148 35.156.201.148	16509 (AMAZON-02) (AMAZON-02)
4	2.18.235.40 2.18.235.40	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	35.157.168.25 35.157.168.25	16509 (AMAZON-02) (AMAZON-02)
2	35.164.25.130 35.164.25.130	16509 (AMAZON-02) (AMAZON-02)
2 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1	44.239.227.210 44.239.227.210	16509 (AMAZON-02) (AMAZON-02)
1	52.45.248.59 52.45.248.59	14618 (AMAZON-AES) (AMAZON-AES)
1	185.255.84.150 185.255.84.150	200271 (IGUANE-) (IGUANE-)
1	72.251.249.13 72.251.249.13	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
1	178.162.133.150 178.162.133.150	60781 (LEASEWEB-...) (LEASEWEB-NL-AMS-01 Netherlands)
1	104.16.68.69 104.16.68.69	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	3.123.167.229 3.123.167.229	16509 (AMAZON-02) (AMAZON-02)
1	2a02:fa8:8806... 2a02:fa8:8806:16::1460	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1	213.19.147.42 213.19.147.42	26120 (RHYTHMONE) (RHYTHMONE)
1	152.199.22.185 152.199.22.185	15133 (EDGECAST) (EDGECAST)
1	69.168.106.81 69.168.106.81	36271 (SYNACOR-C...) (SYNACOR-CLUSTER)
1	152.199.22.191 152.199.22.191	15133 (EDGECAST) (EDGECAST)
1	193.122.128.135 193.122.128.135	31898 (ORACLE-BM...) (ORACLE-BMC-31898)
423	87

42 192.0.78.146 (United States)

ASN2635 (AUTOMATTIC, US)

bangordailynews.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 192.0.77.37 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: wordpress.com

c0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20c8:3600:9:4c16:5180:21 (United States)

ASN16509 (AMAZON-02, US)

d25dfknw9ghxs6.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.234.163 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-163.deploy.static.akamaitechnologies.com

s.ntv.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

16 204.48.28.205 (North Bergen, United States)

ASN14061 (DIGITALOCEAN-ASN, US)

serv-vdo.pixfuture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 178.79.242.139 (United States)

ASN22822 (LLNW, US)
PTR: https-178-79-242-139.fra.llnw.net

player.anyclip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
config.anyclip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
assets.anyclip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn5.anyclip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 192.0.77.2 (United States)

ASN2635 (AUTOMATTIC, US)
PTR: i1.wp.com

i1.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i2.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i0.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.139.128.11 (United States)

ASN20446 (HIGHWINDS3, US)

assets.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.224.112.38 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-112-38.mad50.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 192.0.76.3 (United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20c8:e400:d:77c3:2dc0:21 (United States)

ASN16509 (AMAZON-02, US)

d2s8wlbatk24s7.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fundingchoicesmessages.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.101.194.137 (United States) 2 redirects

ASN54113 (FASTLY, US)

cd.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cds.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
vid.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3031::ac43:9eaa (United States)

ASN13335 (CLOUDFLARENET, US)

www.npttech.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700:20::681a:a9c (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.pixfuture.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 52.70.144.100 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-70-144-100.compute-1.amazonaws.com

pixel.anyclip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.96.85.105 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 105.85.96.34.bc.googleusercontent.com

bangordailynews.coral.coralproject.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.205.167.202 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-167-202.compute-1.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6811:bab1 (United States)

ASN13335 (CLOUDFLARENET, US)

buy.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
experience.tinypass.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.224.105.229 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-105-229.mad50.r.cloudfront.net

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:800e:face:b00c:0:2 (United States)

ASN32934 (FACEBOOK, US)

graph.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.21.23.66 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-23-66.compute-1.amazonaws.com

jadserve.postrelease.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.217.138.97 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1-w.amazonaws.com

bdn-data.s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 34.248.121.96 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-248-121-96.eu-west-1.compute.amazonaws.com

trends.revcontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20c8:4c00:18:1fcd:34e:d2a1 (United States)

ASN16509 (AMAZON-02, US)

static.chartbeat.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 107.178.250.234 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 234.250.178.107.bc.googleusercontent.com

js.matheranalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 3.139.208.140 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-139-208-140.us-east-2.compute.amazonaws.com

capi.connatix.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 2a00:1450:4001:82b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

imasdk.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.215.252.139 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-252-139.eu-west-1.compute.amazonaws.com

vid.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:803::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2606:4700::6810:2a41 (United States)

ASN13335 (CLOUDFLARENET, US)

api-esp.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
i.piano.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.237.68.53 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-237-68-53.compute-1.amazonaws.com

ping.chartbeat.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ampcid.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.168.95.93 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-168-95-93.compute-1.amazonaws.com

www.i.matheranalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700::6811:4e22 (United States)

ASN13335 (CLOUDFLARENET, US)

global.proper.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eb.proper.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.203.28.84 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

trafficmanager.anyclip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

27 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2620:116:800d:21:51e4:db4b:4436:b305 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20c8:b600:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.225.120.49 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

lreprx-server.anyclip.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.120.133.55 (Kansas City, United States)

ASN15169 (GOOGLE, US)

api.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.30.50.112 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2607:f8b0:4001:c13::5e (Council Bluffs, United States)

ASN15169 (GOOGLE, US)

csi.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 34.98.64.218 (Kansas City, United States) 4 redirects

ASN15169 (GOOGLE, US)

pixfuture2-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
propermedia-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:20c8:6e00:15:6f6c:b180:93a1 (United States)

ASN16509 (AMAZON-02, US)

vpaid.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.208.222.238 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

bc-ssb-dub.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.33.220.242 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.124 (United States)

ASN35220 (SPOTX-AMS, US)

search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

as-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.194.102.50 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

ice.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.194.69.169 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

hb.emxdgt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.195.68.175 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

vid-io-dub.springserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 18.159.16.69 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

ads.adaptv.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.195.94.143 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

acds.prod.vidible.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1288:80:800::7001 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

cdn-ssl.vidible.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 35.156.201.148 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

trk.vidible.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.235.40 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-40.deploy.static.akamaitechnologies.com

z.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
px.moatads.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.168.25 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.164.25.130 (Boardman, United States)

ASN16509 (AMAZON-02, US)

usync.proper.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.239.227.210 (Boardman, United States)

ASN16509 (AMAZON-02, US)

bids.proper.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.45.248.59 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

ssc.33across.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.255.84.150 (Paris, France)

ASN200271 (IGUANE-, FR)

hb-api.omnitagjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.251.249.13 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.162.133.150 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-apex.go.sonobi.com

apex.go.sonobi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.16.68.69 (United States)

ASN13335 (CLOUDFLARENET, US)

dmx.districtm.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.123.167.229 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)

btlr.sharethrough.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:16::1460 (United States)

ASN41041 (VCLK-EU-SE, US)

web.hb.ad.cpe.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.147.42 (United Kingdom)

ASN26120 (RHYTHMONE, US)

tag.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.22.185 (United States)

ASN15133 (EDGECAST, US)

reflex.media.syn-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.168.106.81 (United States)

ASN36271 (SYNACOR-CLUSTER, US)

synacor.autoplay-plugins.static-origin.syn-cdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 152.199.22.191 (United States)

ASN15133 (EDGECAST, US)

contango-cdn.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.122.128.135 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)

uat-net.technoratimedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
54	anyclip.com player.anyclip.com config.anyclip.com pixel.anyclip.com assets.anyclip.com trafficmanager.anyclip.com cdn5.anyclip.com lreprx-server.anyclip.com	628 KB
42	bangordailynews.com bangordailynews.com	344 KB
32	googleapis.com fonts.googleapis.com imasdk.googleapis.com	4 MB
30	wp.com c0.wp.com i1.wp.com i2.wp.com i0.wp.com stats.wp.com pixel.wp.com	320 KB
27	googlesyndication.com pagead2.googlesyndication.com	198 KB
20	pixfuture.com serv-vdo.pixfuture.com cdn.pixfuture.com	446 KB
17	connatix.com 2 redirects cd.connatix.com cds.connatix.com capi.connatix.com vid.connatix.com img.connatix.com	474 KB
15	vidible.tv acds.prod.vidible.tv cdn-ssl.vidible.tv trk.vidible.tv	221 KB
14	revcontent.com assets.revcontent.com trends.revcontent.com img.revcontent.com cdn.revcontent.com images.revcontent.com	160 KB
12	quantserve.com secure.quantserve.com pixel.quantserve.com	12 KB
12	springserve.com vid.springserve.com vpaid.springserve.com bc-ssb-dub.springserve.com vid-io-dub.springserve.com	264 KB
11	piano.io api-esp.piano.io i.piano.io	33 KB
11	tinypass.com buy.tinypass.com id.tinypass.com experience.tinypass.com	2 MB
10	gstatic.com fonts.gstatic.com csi.gstatic.com	160 KB
9	openx.net 4 redirects pixfuture2-d.openx.net propermedia-d.openx.net	3 KB
8	google-analytics.com www.google-analytics.com	80 KB
8	google.com fundingchoicesmessages.google.com ampcid.google.com www.google.com	96 KB
8	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net	361 KB
6	proper.io global.proper.io usync.proper.io bids.proper.io eb.proper.io	88 KB
6	2mdn.net s0.2mdn.net	82 KB
5	advertising.com ads.adaptv.advertising.com	5 KB
5	adnxs.com secure.adnxs.com ib.adnxs.com	6 KB
5	matheranalytics.com 1 redirects js.matheranalytics.com www.i.matheranalytics.com	41 KB
4	moatads.com z.moatads.com px.moatads.com	88 KB
4	pubmatic.com ads.pubmatic.com hbopenbid.pubmatic.com	84 KB
3	google.de ampcid.google.de www.google.de	638 B
3	facebook.com graph.facebook.com www.facebook.com	1 KB
3	amazon-adsystem.com c.amazon-adsystem.com	35 KB
3	googletagmanager.com www.googletagmanager.com	112 KB
2	technoratimedia.com contango-cdn.technoratimedia.com uat-net.technoratimedia.com	4 KB
2	syn-cdn.com reflex.media.syn-cdn.com synacor.autoplay-plugins.static-origin.syn-cdn.com	93 KB
2	yahoo.com 2 redirects ups.analytics.yahoo.com	2 KB
2	bidswitch.net 2 redirects x.bidswitch.net	1018 B
2	emxdgt.com hb.emxdgt.com	323 B
2	casalemedia.com as-sec.casalemedia.com	2 KB
2	spotxchange.com search.spotxchange.com	2 KB
2	criteo.com 1 redirects gum.criteo.com mug.criteo.com	1 KB
2	chartbeat.net ping.chartbeat.net	337 B
2	facebook.net connect.facebook.net	97 KB
2	parsely.com cdn.parsely.com p1.parsely.com	19 KB
2	cloudfront.net d25dfknw9ghxs6.cloudfront.net d2s8wlbatk24s7.cloudfront.net	29 KB
1	1rx.io tag.1rx.io	175 B
1	dotomi.com web.hb.ad.cpe.dotomi.com	372 B
1	sharethrough.com btlr.sharethrough.com	117 B
1	districtm.io dmx.districtm.io	429 B
1	sonobi.com apex.go.sonobi.com	743 B
1	lijit.com ap.lijit.com	778 B
1	omnitagjs.com hb-api.omnitagjs.com	557 B
1	33across.com ssc.33across.com	659 B
1	360yield.com ice.360yield.com	505 B
1	adsrvr.org match.adsrvr.org	547 B
1	rlcdn.com api.rlcdn.com	331 B
1	quantcount.com rules.quantcount.com	427 B
1	googletagservices.com www.googletagservices.com	21 KB
1	chartbeat.com static.chartbeat.com	14 KB
1	amazonaws.com bdn-data.s3.amazonaws.com	9 KB
1	postrelease.com jadserve.postrelease.com	600 B
1	coralproject.net bangordailynews.coral.coralproject.net	15 KB
1	npttech.com www.npttech.com	3 KB
1	ntv.io s.ntv.io	103 KB
423	60

	Domain	Requested by
42	bangordailynews.com	bangordailynews.com c0.wp.com
28	imasdk.googleapis.com	player.anyclip.com cd.connatix.com imasdk.googleapis.com serv-vdo.pixfuture.com vpaid.springserve.com
27	pagead2.googlesyndication.com	srcdoc imasdk.googleapis.com
24	pixel.anyclip.com	bangordailynews.com
16	serv-vdo.pixfuture.com	bangordailynews.com serv-vdo.pixfuture.com
15	c0.wp.com	bangordailynews.com
11	pixel.quantserve.com	serv-vdo.pixfuture.com
11	assets.anyclip.com	player.anyclip.com bangordailynews.com
10	capi.connatix.com	cd.connatix.com
9	trk.vidible.tv
9	api-esp.piano.io	buy.tinypass.com c0.wp.com api-esp.piano.io
9	buy.tinypass.com	bangordailynews.com buy.tinypass.com
8	pixfuture2-d.openx.net	4 redirects
8	cdn5.anyclip.com	bangordailynews.com player.anyclip.com
8	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com bangordailynews.com
7	trends.revcontent.com	assets.revcontent.com
6	s0.2mdn.net	player.anyclip.com imasdk.googleapis.com
6	securepubads.g.doubleclick.net	bangordailynews.com securepubads.g.doubleclick.net www.googletagservices.com global.proper.io
5	ads.adaptv.advertising.com	imasdk.googleapis.com cdn-ssl.vidible.tv
5	csi.gstatic.com	imasdk.googleapis.com
5	fonts.gstatic.com	fonts.googleapis.com
5	fundingchoicesmessages.google.com	bangordailynews.com
5	i2.wp.com	bangordailynews.com
4	cdn-ssl.vidible.tv	acds.prod.vidible.tv cdn-ssl.vidible.tv
4	images.revcontent.com	bangordailynews.com
4	trafficmanager.anyclip.com	player.anyclip.com
4	vid.springserve.com	player.anyclip.com synacor.autoplay-plugins.static-origin.syn-cdn.com
4	cdn.pixfuture.com	serv-vdo.pixfuture.com
4	i1.wp.com	bangordailynews.com
4	player.anyclip.com	bangordailynews.com player.anyclip.com imasdk.googleapis.com
4	fonts.googleapis.com	bangordailynews.com
3	vid-io-dub.springserve.com	vpaid.springserve.com
3	secure.adnxs.com	imasdk.googleapis.com
3	hbopenbid.pubmatic.com	vpaid.springserve.com global.proper.io
3	vpaid.springserve.com	player.anyclip.com synacor.autoplay-plugins.static-origin.syn-cdn.com
3	www.i.matheranalytics.com	bangordailynews.com
3	c.amazon-adsystem.com	bangordailynews.com c.amazon-adsystem.com
3	cds.connatix.com	bangordailynews.com cd.connatix.com
3	www.googletagmanager.com	bangordailynews.com www.googletagmanager.com
3	i0.wp.com	bangordailynews.com
2	ups.analytics.yahoo.com	2 redirects
2	usync.proper.io
2	x.bidswitch.net	2 redirects
2	px.moatads.com
2	z.moatads.com	cdn-ssl.vidible.tv
2	acds.prod.vidible.tv	imasdk.googleapis.com
2	hb.emxdgt.com	vpaid.springserve.com global.proper.io
2	ib.adnxs.com	vpaid.springserve.com global.proper.io
2	as-sec.casalemedia.com	vpaid.springserve.com global.proper.io
2	search.spotxchange.com	vpaid.springserve.com
2	bc-ssb-dub.springserve.com	vpaid.springserve.com
2	lreprx-server.anyclip.com	imasdk.googleapis.com
2	i.piano.io	buy.tinypass.com
2	www.google.de	bangordailynews.com
2	www.google.com	bangordailynews.com
2	global.proper.io	assets.revcontent.com global.proper.io
2	www.facebook.com	bangordailynews.com connect.facebook.net
2	stats.g.doubleclick.net	www.google-analytics.com
2	ping.chartbeat.net	bangordailynews.com
2	js.matheranalytics.com	1 redirects bangordailynews.com
2	connect.facebook.net	bangordailynews.com connect.facebook.net
2	pixel.wp.com	bangordailynews.com
2	cd.connatix.com	2 redirects
1	uat-net.technoratimedia.com	vpaid.springserve.com
1	contango-cdn.technoratimedia.com	synacor.autoplay-plugins.static-origin.syn-cdn.com
1	synacor.autoplay-plugins.static-origin.syn-cdn.com	imasdk.googleapis.com
1	reflex.media.syn-cdn.com	imasdk.googleapis.com
1	eb.proper.io	global.proper.io
1	tag.1rx.io	global.proper.io
1	web.hb.ad.cpe.dotomi.com	global.proper.io
1	btlr.sharethrough.com	global.proper.io
1	dmx.districtm.io	global.proper.io
1	apex.go.sonobi.com	global.proper.io
1	propermedia-d.openx.net	global.proper.io
1	ap.lijit.com	global.proper.io
1	hb-api.omnitagjs.com	global.proper.io
1	ssc.33across.com	global.proper.io
1	bids.proper.io	global.proper.io
1	ice.360yield.com	vpaid.springserve.com
1	match.adsrvr.org	ads.pubmatic.com
1	api.rlcdn.com	ads.pubmatic.com
1	rules.quantcount.com	secure.quantserve.com
1	secure.quantserve.com	global.proper.io
1	mug.criteo.com	bangordailynews.com
1	gum.criteo.com	1 redirects
1	experience.tinypass.com	buy.tinypass.com
1	cdn.revcontent.com	bangordailynews.com
1	img.revcontent.com	bangordailynews.com
1	www.googletagservices.com	serv-vdo.pixfuture.com
1	img.connatix.com	bangordailynews.com
1	ampcid.google.de	www.google-analytics.com
1	ads.pubmatic.com	serv-vdo.pixfuture.com
1	vid.connatix.com	cd.connatix.com
1	id.tinypass.com	buy.tinypass.com
1	ampcid.google.com	www.google-analytics.com
1	static.chartbeat.com	bangordailynews.com
1	bdn-data.s3.amazonaws.com	bangordailynews.com
1	jadserve.postrelease.com	s.ntv.io
1	graph.facebook.com	c0.wp.com
1	p1.parsely.com	bangordailynews.com
1	bangordailynews.coral.coralproject.net	bangordailynews.com
1	config.anyclip.com	player.anyclip.com
1	www.npttech.com	bangordailynews.com
1	d2s8wlbatk24s7.cloudfront.net	d25dfknw9ghxs6.cloudfront.net
1	stats.wp.com	bangordailynews.com
1	cdn.parsely.com	bangordailynews.com
1	assets.revcontent.com	bangordailynews.com
1	s.ntv.io	bangordailynews.com
1	d25dfknw9ghxs6.cloudfront.net	bangordailynews.com
423	109

This site contains links to these domains. Also see Links.

Domain
obituaries.bangordailynews.com
www.mainenotices.com
classifieds.bangordailynews.com
jobs.bangordailynews.com
eedition.bangordailynews.com
bangordailynews.zendesk.com
anyclip.com
trends.revcontent.com
help.revcontent.com
www.revcontent.com
store.bangordailynews.com
pulsemarketingagency.com
s3.amazonaws.com
newspack.pub

Subject Issuer	Validity	Valid
tls.automattic.com R3	`2021-04-23` - `2021-07-22`	3 months	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.cloudfront.net DigiCert Global CA G2	`2021-02-22` - `2022-02-21`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.ntv.io DigiCert SHA2 Secure Server CA	`2021-01-25` - `2022-02-01`	a year	crt.sh
*.pixfuture.com Sectigo RSA Domain Validation Secure Server CA	`2019-12-03` - `2021-12-02`	2 years	crt.sh
*.anyclip.com Go Daddy Secure Certificate Authority - G2	`2020-07-13` - `2022-07-13`	2 years	crt.sh
assets.revcontent.com R3	`2021-03-15` - `2021-06-13`	3 months	crt.sh
*.parsely.com Amazon	`2020-08-02` - `2021-09-02`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.connatix.com Go Daddy Secure Certificate Authority - G2	`2020-09-29` - `2021-10-19`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-05` - `2021-08-05`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
bangordailynews.coral.coralproject.net GTS CA 1D4	`2021-04-01` - `2021-06-30`	3 months	crt.sh
*.piano.io Sectigo RSA Domain Validation Secure Server CA	`2020-09-17` - `2021-09-17`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2020-08-04` - `2021-08-02`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-04-06` - `2021-07-03`	3 months	crt.sh
*.postrelease.com Amazon	`2021-01-28` - `2022-02-25`	a year	crt.sh
*.s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2021-01-11` - `2022-02-11`	a year	crt.sh
revcontent.com Amazon	`2020-07-08` - `2021-08-08`	a year	crt.sh
*.chartbeat.com Thawte RSA CA 2018	`2020-06-01` - `2021-06-02`	a year	crt.sh
js.matheranalytics.com Sectigo RSA Domain Validation Secure Server CA	`2021-03-19` - `2022-04-19`	a year	crt.sh
*.springserve.com Amazon	`2021-04-23` - `2022-05-22`	a year	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.chartbeat.net Thawte RSA CA 2018	`2020-12-01` - `2021-12-30`	a year	crt.sh
*.pubmatic.com DigiCert SHA2 Secure Server CA	`2021-03-30` - `2022-04-04`	a year	crt.sh
*.google.de GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
www.i.matheranalytics.com Sectigo RSA Domain Validation Secure Server CA	`2020-01-28` - `2022-01-27`	2 years	crt.sh
proper.io Cloudflare Inc ECC CA-3	`2020-07-03` - `2021-07-03`	a year	crt.sh
img.revcontent.com R3	`2021-03-16` - `2021-06-14`	3 months	crt.sh
cdn.revcontent.com R3	`2021-03-17` - `2021-06-15`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
images.revcontent.com R3	`2021-03-15` - `2021-06-13`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.spotxchange.com GeoTrust RSA CA 2018	`2021-03-10` - `2022-03-29`	a year	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.360yield.com Amazon	`2020-08-26` - `2021-09-26`	a year	crt.sh
*.emxdgt.com Amazon	`2020-07-31` - `2021-08-30`	a year	crt.sh
*.v.ssp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-12-26` - `2021-06-22`	6 months	crt.sh
acds.prod.vidible.tv DigiCert SHA2 High Assurance Server CA	`2021-01-26` - `2021-07-20`	6 months	crt.sh
cdn-ycs.vidible.tv DigiCert SHA2 High Assurance Server CA	`2020-12-19` - `2021-06-15`	6 months	crt.sh
trk.vidible.tv DigiCert SHA2 High Assurance Server CA	`2021-02-09` - `2021-08-03`	6 months	crt.sh
moatads.com DigiCert SHA2 Secure Server CA	`2021-01-21` - `2022-01-25`	a year	crt.sh
*.proper.io Sectigo RSA Domain Validation Secure Server CA	`2020-12-20` - `2022-01-20`	a year	crt.sh
*.33across.com Sectigo RSA Domain Validation Secure Server CA	`2019-10-01` - `2021-09-30`	2 years	crt.sh
omnitagjs.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-18` - `2021-06-18`	a year	crt.sh
*.lijit.com Go Daddy Secure Certificate Authority - G2	`2021-03-11` - `2022-04-12`	a year	crt.sh
*.go.sonobi.com Go Daddy Secure Certificate Authority - G2	`2020-12-06` - `2022-01-07`	a year	crt.sh
districtm.io Cloudflare Inc ECC CA-3	`2020-07-01` - `2021-07-01`	a year	crt.sh
*.sharethrough.com Amazon	`2020-09-09` - `2021-10-11`	a year	crt.sh
ad.cpe.dotomi.com GlobalSign RSA OV SSL CA 2018	`2020-03-30` - `2022-06-25`	2 years	crt.sh
*.1rx.io Sectigo RSA Domain Validation Secure Server CA	`2019-06-28` - `2021-06-27`	2 years	crt.sh
*.media.syn-cdn.com DigiCert TLS RSA SHA256 2020 CA1	`2021-03-01` - `2022-04-01`	a year	crt.sh
sa.static-origin.syn-cdn.com DigiCert SHA2 High Assurance Server CA	`2020-04-21` - `2021-06-02`	a year	crt.sh
*.technoratimedia.com DigiCert SHA2 High Assurance Server CA	`2020-07-28` - `2021-10-01`	a year	crt.sh

This page contains 46 frames:

Primary Page: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Frame ID: E346B036B78FC412BC16BFBB79B71E0D
Requests: 243 HTTP requests in this frame

Frame: https://cds.connatix.com/p/115064/connatix.playspace.dc.js
Frame ID: 756627BF0B15D408FC758CE441C5541E
Requests: 1 HTTP requests in this frame

Frame: https://cds.connatix.com/p/115064/connatix.player.dc.js
Frame ID: C89EE9D5B707C7A2B8A1FFB135DB553B
Requests: 14 HTTP requests in this frame

Frame: https://cdn.pixfuture.com/jquery.min.js
Frame ID: D7A809935006C05E26ED188F6E0708A1
Requests: 40 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Frame ID: 5CE896EE67A59ECA644D5054E346253B
Requests: 5 HTTP requests in this frame

Frame: https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=%23piano-bottom&templateId=OT4SMJA264JI&offerId=OFTT8RQJHOEV&formNameByTermId=%7B%7D&hideCompletedFields=true&showCloseButton=false&experienceId=EXTQ1E06385B&activeMeters=%5B%7B%22meterName%22%3A%22MeteredExperience%22%2C%22views%22%3A1%2C%22viewsLeft%22%3A2%2C%22maxViews%22%3A3%2C%22totalViews%22%3A1%7D%5D&widget=offer&iframeId=offer-0-bJ5nZ&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=U1S2txQ29t&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=bd13320126
Frame ID: 7B99F0D4F096ACC9B348B0E9703160E0
Requests: 13 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 20421B15672263B00451FA68575162D6
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Frame ID: 5B59AAB4115D492168AE12BD17415123
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 7E0A0DB17420CF9B28940B124A107362
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/loader.js
Frame ID: 67F002BDCD948295C4D7327FA355A52C
Requests: 16 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Frame ID: AE990E1D3DC77C910CB0B6884463BB2C
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 83D6C3C152F8285F3AFF3AB43AEC3DB7
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Frame ID: 10EC50AC784982CE83036213573FFB8E
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 6EDC73B97942ED70E16A36F9E9D9E34B
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Frame ID: C4E2AE1AE2877F5D3166646D1ACC804F
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 07E97C050EAEBCE15F22D26AD1018026
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Frame ID: A317A51AC3B04833B3F7C8D39637E0AF
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: D8CFC204086D98E815CB0F305D0203DF
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Frame ID: D24FED557CFA38B36A46CF7CC690EB69
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 84FBFA06E27FF93CBF9DE7909A1745EB
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Frame ID: BD3B3B32F3B447575093779EACF37D75
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 7FFEFD1B2076143915D7F6ED2CBC7A59
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Frame ID: C8A8F4561511085C6A040A9EFFF346B4
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 2C8BB5824D4B0548F3A5BE51E11C0506
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Frame ID: AB3E4B543F49C1C4C7EEAE960A3A84F7
Requests: 9 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 55339BF1CC425E73A42D2E8A3547FAE8
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Frame ID: D74A7450AF9AF1AFD3AA9B622212F0E3
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 8D70702D517F103F96F51889B457DF54
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/loader.js
Frame ID: E9509AB887DAEFEEFD9EDEFC1758571A
Requests: 9 HTTP requests in this frame

Frame: https://cdn-ssl.vidible.tv/prod/player/ad-time/local-storage.html
Frame ID: 11D7F9C668886A61FF5D8FE3D4B302B7
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Frame ID: 6A05A59AC39404405A0991365856E573
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 2B082F01B97E916630B5EACD0EBE8D2A
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/loader.js
Frame ID: CD374E9B2D3DA11D9E64984FBEF5859B
Requests: 9 HTTP requests in this frame

Frame: https://cdn-ssl.vidible.tv/prod/player/ad-time/local-storage.html
Frame ID: 90C9B25D201DD361F5295A24984E184A
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Frame ID: 1AAB2A07122EFE78D2174EE1B7D69578
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: C3B4B575F41D376DD931548629EC5EA0
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Frame ID: F11421ADE370E612D149CC020FAA0A26
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: A34F448391DCDA554C0F88644374CB8C
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Frame ID: 7AC36DACC179FBB169A47C5E3AE83915
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Frame ID: 41A036AF8E14FB07EBD18E0BC037289E
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: FA7376B64F520D350379862D9E52BD6F
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/loader.js
Frame ID: 9E15E75D2738170926C9F36B23ED1D1E
Requests: 4 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/loader.js
Frame ID: 460520D3A63F16DFC9673F0B782E98E3
Requests: 8 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Frame ID: 9C8E0270602AF8BB6DFD1DB33108889E
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: C753BC2EF3E858BE53A692C80BF60DFD
Requests: 1 HTTP requests in this frame

Frame: https://vpaid.springserve.com/production/vpaid_982cce59.js
Frame ID: FB67BEE0109FF17816E3CFFFB70939B6
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

423
Requests

99 %
HTTPS

36 %
IPv6

60
Domains

109
Subdomains

87
IPs

7
Countries

11376 kB
Transfer

31851 kB
Size

6
Cookies

28 Outgoing links

These are links going to different origins than the main page.

URL: https://obituaries.bangordailynews.com/
Title: Obituaries

Search URL Search Domain Scan URL

URL: http://www.mainenotices.com/
Title: Public Notices

Search URL Search Domain Scan URL

URL: https://classifieds.bangordailynews.com/
Title: Classifieds

Search URL Search Domain Scan URL

URL: https://classifieds.bangordailynews.com/bangor/transportation/search/
Title: Autos

Search URL Search Domain Scan URL

URL: https://classifieds.bangordailynews.com/me-bangor/real-estate/search
Title: Real Estate

Search URL Search Domain Scan URL

URL: http://jobs.bangordailynews.com/
Title: Jobs

Search URL Search Domain Scan URL

URL: https://www.mainenotices.com/
Title: Public Notices

Search URL Search Domain Scan URL

URL: http://eedition.bangordailynews.com/Olive/ODN/BangorDailyNews/default.aspx
Title: E-edition

Search URL Search Domain Scan URL

URL: https://bangordailynews.zendesk.com/hc/en-us/
Title: Customer service

Search URL Search Domain Scan URL

URL: https://anyclip.com/
Title: AnyClip

Search URL Search Domain Scan URL

URL: https://anyclip.com/?source=logo&wid=0011r00002SRK6m_6242

Search URL Search Domain Scan URL

URL: https://anyclip.com/?source=powered&wid=0011r00002SRK6m_6242
Title: Powered by AnyClip

Search URL Search Domain Scan URL

URL: https://anyclip.com/privacy-policy/?source=policy&wid=0011r00002SRK6m_6242
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=NaP7eLyg36e331qWAilN9O5qmAZRF6N%2B%2Bu34YpKoIt8coFFbkb7EEbWQz3rGYblFNnhdxcqycjP4FcjGzEiFUAsvD5ypXpmefuTUaIglggZkUNzAOQWnsid%2FPw2JsOhVxWIo96ov7bhoCj2BA%2B2IOgksCnakgOrodnfW4pExE0E8AcJCMVdXkJqaFP%2BJz7qP8kuCM8fpl7iluW3D38cnhsceISUbD04Niu42ga2Gqa7g3GHV%2FSZx9ji%2BdVj1dwnMt8gh0goBKDZ8kHjT4TeFTa5J6RA2wwoXkmXKSqlnQgzd623WSp70RKwTwW8iHAqSy9SqNJvmO2Pr4703Y1nAN6Y1U%2F7AqKNZM464QCfPViXgsMqCWrp64Y7OxpgDDHEV7CX%2BrQHFKqMJitsblWZkgFXmJGmjAVjNRUbsTRzqHWMUkIhmaXxAhxIKHKI98LBtZP1oHvAD3mex%2B5D7nuGtfjQMzPT1Xa9bzl23Ghg00pt0jCR7UNdQkF7j4tZDZZLGfzvqESqsH3XfBh8LqNtpeCz4i8Qz%2BPb%2BjFLyVHS5u7rUgXERAw7tBaGMyOgo9ZQHzUSW95ItpNpdkUtPZTbNQ%2BFYE8Nd7gVmJdMIgbLtsWmR1mTztvbcttUqywJfQTUum7d%2BMC8UymWCwGKlYY2fV4Orucz9%2FXXq69tMihrgTU4FfdY%2BXhN7iXMEFDYm9%2BJ4QKfLIo7jqVr23Bq%2BgblOUW%2B4xlrJoXx2evLQ%2BywWB7Sf2CUwvrOrSFgxv1KnNbTQX3IumvLZp%2FyPd1Q%2F0oy%2F7w3yI5jJZPaVCLyKRXpceujQiAE4lUjO%2FrnSaeMdLRd5oc5JB0%2FDyPGyQJWrELg0mJaaGSYEyHBH7eCc9iEgv9zq61AftsWe92Q%2FClL2hxnAzNZ7i6i7YoEEAsdCfmlshKFAufCSXPxjC5NpX3pJluEZFA45BUS%2Bh6uWoqjVpc7UuL%2BxPCxKgVTC2YOIuu7V47H5a8R1Djc%2Fr9nedIkb90EokTq9lpktmd8EJoBKrdZXX1hHAzTKH%2FYESMG1yL5vnarEPFV2jmv2mZsoKfaUqffgXQTE3AW%2F7EMZmv42CJzWedeXG9TKACuAtXqkmWt9c8CHIOT%2FKxfEN1ApR8p9mherfuen%2BghGiM4Aa7NV87IXmUsgkOOSFKFad2EJAdNCNYVjg0HIQS2ejTnS0HGoeqDND4rNSBCgTqSrgv7qOPXu3ExfJxT7tKFxU9%2BjAaohH%2BA06bUg1ff1W3ye9RFmNr7IQOkQee%2FX5GJ%2FD3bxAjOtf3XMm%2FIQzDFzssBMTQdagcq3sjVJ0oWkbWdjmpSjrPAg5v5PpTSGvraHwNBaq6Cl&s2s=1
Title: Doctors Stunned: Mole & Skin Tag Removal Has Never Been Easier (No Surgery)Essential Health

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=WczdPfqR3mo5ImXwNtfMBx9mY4ouPIV%2FOrpeKkNBmz1a50d%2F69LQf0kvB1SXXoLlRtmD1iabFfNCKgqugvAQE4tIV4SVPGtPPy%2Fnjfn1J7zM0Qxm9oQdEpfYqU1y2ThIfy%2BR%2FJr70ApiA8wrJrQKviRCuOLA6u7y669k2S0tpXF6L%2FrKtgHsIopGTA7zSQ9UvENBcBwx5u8PiZ2cFqwVhme77KBbfjOZyF87tVNESGX0jQauy5qS6hiQywk9uPtIiSRwGVfkxIJCHf0pB%2BwdtD4a6AHPeNQ4lIOGyAAo8nlknws8oYFpDKgJt8NwsZBmyDL9KI8JckniPKilmKa5ThLSDmB%2BWBr1mliEEyTbxcBUnA0WVuomTcmYrNYDPsx8DFCLg7tsLz%2FO0vDFIbTTfw7OMB0jEsknqerMFDPA0BcQ0Cbn6xt%2Bc2Gu4%2BCwwHPp0DCVaQBIl3E5Us0DbhJ2tGwSALVmjPZyY0eYDS2EqgQ0u%2BmjgGVZSlG6VrsLLOFKXN5hVWVyKatsDjnPXLWR3MPoy9U6vvitvpZZ%2F3qM%2FcC7fcFQ8tdsfB2vLvvDZZaHgvEJ84RLrPtdSGzuUnS9INGP9vV%2BnuU5HQD%2F2CN5t%2F5jdifN6TYbut7rsdyrZh7kPv31%2Funaow3P6Az1D%2BuMSBpn5fs1uBIGIZLcntSsWOvJssWq%2FcotAT3NrZ4XGe%2BzHHV5J46As0E3Cp%2FMWrxJlQp9eWFotfla2blgvGRnF%2B2eNiW6ZDwEQJG6Clm9NOT9cRt2yJfuszhmt3cz35eLWsp0%2FfVl9kvs2g5s8yEJLOP1hqqISVUsaaHg7g97b0mTikk9v66%2F60%2F%2FDh2aZ%2BYmSbpQ2xZCnjnGTvvqerYoWWwfDtOoXQmyxKMp90SiXW9Vdi7FanI0x2g1x2ZoCxvjBD3seLWazq5PM6ksLhIAZB1lUHwt%2BzWk2TzHb9uaN882PNdX4eVPp1u6uFxp%2FUNwBvqv%2FCuBAB4YJK1krtXNfuE%2BsR21agrgmWf8903vhvaEnKBt2SluggwC6ZIxdqZ4sVPEl6i6Z49UlSuNQoRhVCCCwZqGPLMPqmys05b%2FAWqQY45Q8DZWJXS2KnIrqUjuOHKJe4MmKUKI%2Fn2RX81p1KwxyVPQMx5QP4Lf65soQB2eAyZtG5rzj8z2S4FIS261yfV8dV8QL%2FOHsBxVFwzZY8D48vSrKJ2TpCW3Z8WaeOnaivPd%2Ble2vDT%2FoXFTXoXNPeq2Y1fWpuT%2BQjynapHxMmeUD8C%2BPHAH2BQNBydkO0HwQhO31FtT6TMU8y64vVAyZecaZMcC4Bv24GYV1egnKOI%3D
Title: You Won't Believe What the World's Most Beautiful Girl Looks Like TodayNueey

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=ptv9sl9Egx04ElbdTpv7z%2F2Ihc4cEKEOh5hOdoqSaawFqNXt7gHr7ZNFggtc87cvo6kOsEFBaaSH1eIkJmhsz3gPkj7C0AhzUwcmwkcf0hPmuJ6UZW0YeY4B61FeCQ2v8%2FGJgsQxmnW2rN2cIwcWsqci47I%2BsF9hM4qMBlV5mLRLa21%2Fhy2XvWJCGFJnpXmopvdwTBghHZM8%2BftP0n5PXZpFv0DsropOAypr5dAMRoM9bSvsnHw2%2FisAt62dZkQ5b4x19dwVsmLg6gOfnz4cNT7Oh03mKxfFq96T6JisyuMtfW0lqoIJmfNWSydm6Gnoi9y5%2F4UDJ6PoMUOCQZU74vKWZ5Ugz0092TJxb%2FlqGYSFti59lb2bu7lhQbYpy81ZKQ7gVFzv78Qh%2BNs%2BJ8OLK8odY%2BRvkywnBdlQ1RFhQv%2BFvKKdtrPT%2Btif2X%2FQBYjyDF4%2FR8ExY2WL2gO11cL%2F58vj9WggDDbku8k%2B5K19%2F%2FnQvwquf6sWMoQg4KwkCBVC0VF5P6pZM54sMPHGda%2Bzml92MC14CJp3uqiu67a2PVJdhHz%2BemEaVIHxP9qGFV8Sso%2BN9K6DQmv%2B%2B3iVdYAlVHTT0QKoocVuWv1P%2BjJCzsdNazpJ%2BpvGRyQfU0igPu73h8iYACap1dc4%2FOAXKZBu%2F7%2FdxogvthCQ63trXBSuaDmj9Pw0Kiw9dIWom2Jf0G%2BzGBn1f3UEwpX6Z4GfQCaDc%2BcRWAvteY0ekwOTeTWEjH%2FC1fSf4nRBHk9%2BeUahXObPnmWzpYRRF5qEAVGSygnL%2B%2FxQlPtcJP8h9%2BDvq7P19CKhOCvpT4w7fP6pwtHSIQJBxapd4fVqW7dZ8rlFrSQwfdvA0Q6I7ZlJN2bQiaTL4YzX0dOvKancYnULpyLXJua2b%2Fh12ciwFRs69d4PdxZTEJbZLFxazu8CgVvVSZ10qXrSvkI7u9vR18G0zvX3RHgMZxn1ZvT0hhBipltP6v7jAXeouzXZGUhjPf8Cn5%2FRb5d4kVLiXy9n1uOBtlQhLuHBS65STOhaKggJPd24fqtja8IKe1OtCMJwLK0RDJuSFCkmhVr%2BmeG091qSpUXh6bX9IbG1S%2ByZKwpMh%2FwJ4X5CN4JspYZDd26V0l%2FhVYbxETQJgvmAKXNRMNQLUZPn9kpWfZnEvOFAvBI%2FpQdcth1S%2Fj9kw79GvBY1nv4ZUco7JxTz%2Fadlwplf%2BZq09ReIIR4CCHzeJYT408CZLAWmB23IgcWHUJFDSH5l%2FG2aWFnTEMY%3D&s2s=1
Title: Women Only: Stretch This Muscle to Stop Bladder Leakage (Watch)Patriot Health Zone

Search URL Search Domain Scan URL

URL: https://trends.revcontent.com/click.php?d=oYA4geb%2BZzgBBNuRPb508qEfdz1jMAvTKvhHJ%2BuZD5W8le1B5P6w9YnGoZTy6DVgfsBlEtlK0zhZ8%2FVuPC%2FgsT6AXesIYlVTInOuXXnCdmU1Bx2MxawYs3jjBq9G7tk81DnwgRFZcoVuRXvkGmMCmOWCQ6Fy65S6h6zWGpdwuoi%2FypPLBtNNUCyWabgjSFkQN5eFRc3lDPefzUHMVDtirHiyqE%2FchGfyx8iHZGTclce4itIyHRb9tGfzCw%2BM%2FYamDEjhnMN5OikUafQ%2BEXdBMKdEs24Jq374X31pJS00DmbmEAdwwGlRDVgVs2WTSdtUxz7L3HNei94FnQHfx3VXkp5Y1AUDApbSSRBFR%2BPSmO5CZSMCRnH3KchFnCct5r1LbweJZm5MI58vQGedO6mb3fG63Ui3O5sehybtJOS8x%2FrgsssZ9n%2FpOCucM5wOys7yB52kGwq8wDe7Yf0kbxO6vfObURtEoesUMKmKzyextGfTgEAqC0hC6KJanpyNlNjyz9SLSxQcopx7u3YWop1HFHznYUsG1EaDeHbdYHRjCI4bzy7v7YkwO5Hdk3PDW%2FsM2BeRxIcPmrYjSHeVKr%2Fy8JN1dQwDamz%2FCvYgolhYaPCBfBeufj5v17D8%2Fp9ijcNF1%2Fh%2Bl7bhAdzn5a9tlYzSPYtU30YkZyEqKjkYnLp%2BWwAC5PI3gaIM9nnQj%2FEOOfQbkJ3qS6MS1CyzE1%2BIDotqImKJiAhdT783ByL94HUOdJWXbShUNqu7MwT668M5Duc1FN%2FVZowG0GQDne1h48ZU%2BOGIX5D%2FFdWtXKLJG73fWOR4HrZc%2BdRN7JZQPVG%2FWMEEhjT0%2FOcjkm3oFaZ713RMrrj7jHJe%2BSA5wkwsWWO3TTc13VF5pOG4C%2F5jrxZ9N75BLTzKWPWlyDBI9e%2BpA3cyt6%2BhJvlekQ4HX3L3JJeo8E5YN8jFkyoKyVvL9R%2FIUy1bOjcCYjlbY79%2B2Rr24BhY8EsWMabDzSSJGi%2BrYNC3Nl34VTR6dUw2IaJiEPO0rqYtH9M5go964mqtsuRr0G0JzOW%2BRKVOdYaNx66Vfv0R8bEsMLw2olimpbqu0P4%2FmnMKZwSxwAeTmHheyfv6dD%2FgF5iejFYy3emxyrCDapmcPqmeqE195MG4MeHwi3BmUQ6TiA68iQwhjwTIGz85ElhxpYXpQYjBsamBXVRUof1DZgEZ867j%2FKFTTKgW9o9zlO4sget0juKfEL%2F4huScOnMHFUdXnxirUtdajfXxPjhj1UA%3D&s2s=1
Title: Drink This Before Bed, Watch Your Body Fat Melt Like CrazyAlka Weight Loss Secret

Search URL Search Domain Scan URL

URL: https://help.revcontent.com/en/knowledge/revcontent-privacy-policy
Title: Revcontent's Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.revcontent.com/
Title: Increase Your Engagement Now!

Search URL Search Domain Scan URL

URL: https://help.revcontent.com/en/knowledge/fake-news-complaints
Title: Submit a Report

Search URL Search Domain Scan URL

URL: https://bangordailynews.zendesk.com/hc/en-us/articles/360042380972-The-history-of-the-BDN
Title: About Us

Search URL Search Domain Scan URL

URL: https://classifieds.bangordailynews.com/?ref=footer&_ga=2.128907657.425825190.1592087148-346633731.1589997382
Title: Classifieds

Search URL Search Domain Scan URL

URL: https://classifieds.bangordailynews.com/bangor/transportation/search/?ref=footer&_ga=2.123772175.425825190.1592087148-346633731.1589997382
Title: Autos

Search URL Search Domain Scan URL

URL: https://classifieds.bangordailynews.com/me-bangor/real-estate/search/?ref=footer&_ga=2.127785992.425825190.1592087148-346633731.1589997382
Title: Real Estate

Search URL Search Domain Scan URL

URL: https://store.bangordailynews.com/?ref=footer
Title: Photo & Video Store

Search URL Search Domain Scan URL

URL: https://pulsemarketingagency.com/
Title: Pulse Marketing Agency

Search URL Search Domain Scan URL

URL: https://s3.amazonaws.com/bdn-data/uploads/PDFs/2019_print_digital_creative_specs.pdf
Title: Creative Guide

Search URL Search Domain Scan URL

URL: https://newspack.pub/
Title: Proudly powered by Newspack by Automattic

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 75

https://cd.connatix.com/connatix.playspace.js HTTP 302
https://cds.connatix.com/p/115064/connatix.playspace.dc.js

Request Chain 81

https://cd.connatix.com/connatix.player.js HTTP 302
https://cds.connatix.com/p/115064/connatix.player.dc.js

Request Chain 108

https://js.matheranalytics.com/s/ma63069/92760912/ml.js?cb=1562 HTTP 301
https://js.matheranalytics.com/static/ltm/ma63069/92760912/12/ml.br.js

Request Chain 171

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fbangordailynews.com%2F&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=yiq_vXxCb2Rtd1pvSUVpYkF0S2JQMEdtTDNjdHFYb0tjeVMzWW1XZmVFZDAwanAraXhlZCtVQUREaUkwRGhyTjNyWi8wbGUxMFJkSzNQVS9sR2pjVVBDdGM0U0JZY2h6bm9nbzRZVUJFdFZ4ejBNZzFqbGRBRTBYRUtPZFo1bUoxUnYwc2lBcVVSdVRjSU1HSGtJZXFkRVdrdTg1RlJLdk5rUmhVUEpzTTZoeGpHT1YxVUNqTnErYXlQMlhjOEsxTGpuRUxMT3U0LzYvL0dKNExaZGNHZERKdm43L2NmZzNIY01ucXJzR3puL0JSOTdZPXw&cppv=2

Request Chain 254

https://pixfuture2-d.openx.net/v/1.0/av?auid=540462321&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&vht=360&vwd=640&cb=dc48515f86&us_privacy=1---&schain=1.0,1!pixfuture.com,231,1,MTEyMDIxLTA0LTI3IDEyMTI6MTYxNjoxODE4 HTTP 302
https://pixfuture2-d.openx.net/v/1.0/av?cc=1&auid=540462321&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&vht=360&vwd=640&cb=dc48515f86&us_privacy=1---&schain=1.0,1!pixfuture.com,231,1,MTEyMDIxLTA0LTI3IDEyMTI6MTYxNjoxODE4

Request Chain 277

https://pixfuture2-d.openx.net/v/1.0/av?auid=540453138&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&vht=360&vwd=640&cb=cd0892603b&us_privacy=1---&schain=1.0,1!pixfuture.com,231,1,MTEyMDIxLTA0LTI3IDEyMTI6MTYxNjoxODE4 HTTP 302
https://pixfuture2-d.openx.net/v/1.0/av?cc=1&auid=540453138&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&vht=360&vwd=640&cb=cd0892603b&us_privacy=1---&schain=1.0,1!pixfuture.com,231,1,MTEyMDIxLTA0LTI3IDEyMTI6MTYxNjoxODE4

Request Chain 312

https://pixfuture2-d.openx.net/v/1.0/av?auid=540453133&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&vht=360&vwd=640&cb=d9d0505b5f&us_privacy=1---&schain=1.0,1!pixfuture.com,231,1,MTEyMDIxLTA0LTI3IDEyMTI6MTYxNjoxODE4 HTTP 302
https://pixfuture2-d.openx.net/v/1.0/av?cc=1&auid=540453133&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&vht=360&vwd=640&cb=d9d0505b5f&us_privacy=1---&schain=1.0,1!pixfuture.com,231,1,MTEyMDIxLTA0LTI3IDEyMTI6MTYxNjoxODE4

Request Chain 378

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D849afab8-54dd-4a63-989e-7edec032fbd7%26uid%3D%24%7BBSW_UUID%7D?gdpr=true&us_privacy=1---&callback=window.proper_780d1f00_9bad8740_1 HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D849afab8-54dd-4a63-989e-7edec032fbd7%26uid%3D%24%7BBSW_UUID%7D?gdpr=true&us_privacy=1---&callback=window.proper_780d1f00_9bad8740_1 HTTP 302
https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=849afab8-54dd-4a63-989e-7edec032fbd7&uid=a19eb708-2fa9-42d4-9d27-a4cf5c32a34b

Request Chain 379

https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_9b812553_eff5c936_2 HTTP 302
https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_9b812553_eff5c936_2&verify=true HTTP 302
https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-x3WtSAdE2uFu02jar63Nyfq29MvuPyvK~A

Request Chain 396

https://pixfuture2-d.openx.net/v/1.0/av?auid=540453114&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&vht=360&vwd=640&cb=066758399f&us_privacy=1---&schain=1.0,1!pixfuture.com,231,1,MTEyMDIxLTA0LTI3IDEyMTI6MTYxNjoxODE4 HTTP 302
https://pixfuture2-d.openx.net/v/1.0/av?cc=1&auid=540453114&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&vht=360&vwd=640&cb=066758399f&us_privacy=1---&schain=1.0,1!pixfuture.com,231,1,MTEyMDIxLTA0LTI3IDEyMTI6MTYxNjoxODE4

423 HTTP transactions
10 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/ 154 KB
35 KB 959ms
893ms Document
text/html 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

fa99f0b52fa189640250e340f299a125d78f245a4857a63863f65aa6e6cb59f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: bangordailynews.com
:scheme: https
:path: /2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server: nginx
date: Tue, 27 Apr 2021 00:16:12 GMT
content-type: text/html; charset=UTF-8
strict-transport-security: max-age=31536000
vary: Accept-Encoding Cookie
host-header: Newspack
link: <https://bangordailynews.com/wp-json/>; rel="https://api.w.org/" <https://bangordailynews.com/wp-json/wp/v2/posts/3087062>; rel="alternate"; type="application/json" <https://bangordailynews.com/?p=3087062>; rel=shortlink
x-tec-api-version: v1
x-tec-api-root: https://bangordailynews.com/wp-json/tribe/events/v1/
x-tec-api-origin: https://bangordailynews.com
set-cookie: bdn_subscriber=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0; path=/; domain=.bangordailynews.com bdn_subscriber=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT; Max-Age=0
content-encoding: gzip
x-ac: 2.hhn _atomic_ams EXPIRED

GET
H2 200 common-skeleton.min.css
bangordailynews.com/wp-content/plugins/the-events-calendar/common/src/resources/css/ 12 KB
2 KB 45ms
30ms Stylesheet
text/css 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/the-events-calendar/common/src/resources/css/common-skeleton.min.css?ver=4.13.0

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

cd1c57063478b82f0dbf91525785d7dd35115da8a1cee2aba6472bab7e069c7a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/the-events-calendar/common/src/resources/css/common-skeleton.min.css?ver=4.13.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 30 Mar 2021 14:21:33 GMT
server: nginx
etag: W/"606333ed-3144"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
date: Tue, 27 Apr 2021 00:16:12 GMT
x-ac: 2.hhn _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tooltip.min.css
bangordailynews.com/wp-content/plugins/the-events-calendar/common/src/resources/css/ 2 KB
623 B 46ms
31ms Stylesheet
text/css 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/the-events-calendar/common/src/resources/css/tooltip.min.css?ver=4.13.0

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

872454cbfd47b444a3fa6cfa9a74b0f57e5f6b3a47b9870108d2b0e5ce4aace5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/the-events-calendar/common/src/resources/css/tooltip.min.css?ver=4.13.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 30 Mar 2021 14:21:33 GMT
server: nginx
etag: W/"606333ed-662"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
date: Tue, 27 Apr 2021 00:16:12 GMT
x-ac: 2.hhn _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.min.css
c0.wp.com/c/5.7.1/wp-includes/css/dist/block-library/ 57 KB
8 KB 109ms
21ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.7.1/wp-includes/css/dist/block-library/style.min.css

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT cdg 1
date: Tue, 27 Apr 2021 00:16:12 GMT
content-encoding: br
last-modified: Tue, 06 Apr 2021 23:50:28 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Wed, 27 Apr 2022 00:16:12 GMT

GET
H2 200 theme.min.css
c0.wp.com/c/5.7.1/wp-includes/css/dist/block-library/ 3 KB
706 B 109ms
22ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.7.1/wp-includes/css/dist/block-library/theme.min.css

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

3ee638689e343730a82027d03714f274b6c665cf7e3bf60b5208a3a0cdb3581d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT cdg 1
date: Tue, 27 Apr 2021 00:16:12 GMT
content-encoding: br
last-modified: Tue, 02 Feb 2021 05:17:13 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Wed, 27 Apr 2022 00:16:12 GMT

GET
H2 200 style.min.css
c0.wp.com/c/5.7.1/wp-includes/css/dist/components/ 109 KB
15 KB 109ms
22ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.7.1/wp-includes/css/dist/components/style.min.css

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

326d0bda74e1b897845728260dafccd9ec8847ce2180eb0cae0255097308f688

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT cdg 1
date: Tue, 27 Apr 2021 00:16:12 GMT
content-encoding: br
last-modified: Wed, 24 Feb 2021 15:57:54 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Wed, 27 Apr 2022 00:16:12 GMT

GET
H2 200 style.min.css
c0.wp.com/c/5.7.1/wp-includes/css/dist/block-editor/ 91 KB
11 KB 109ms
22ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.7.1/wp-includes/css/dist/block-editor/style.min.css

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

26a8833b3f616d42ce16ba186e2283f43aaca6b97ce2231d38e8789bfc6f0798

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT cdg 1
date: Tue, 27 Apr 2021 00:16:12 GMT
content-encoding: br
last-modified: Wed, 24 Feb 2021 15:57:54 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Wed, 27 Apr 2022 00:16:12 GMT

GET
H2 200 style.min.css
c0.wp.com/c/5.7.1/wp-includes/css/dist/nux/ 3 KB
729 B 109ms
22ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.7.1/wp-includes/css/dist/nux/style.min.css

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

f14fdd346b1ec64d40a6a03c7cfb4561f784e8249c1fde667bf018ccff66c238

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT cdg 1
date: Tue, 27 Apr 2021 00:16:12 GMT
content-encoding: br
last-modified: Thu, 28 Jan 2021 02:04:13 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Wed, 27 Apr 2022 00:16:12 GMT

GET
H2 200 style.min.css
c0.wp.com/c/5.7.1/wp-includes/css/dist/editor/ 22 KB
4 KB 109ms
23ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.7.1/wp-includes/css/dist/editor/style.min.css

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

caceb5c6afee7548a5281cfe5be7af62aee13db7652c5425af34a7d2661dd9fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT cdg 1
date: Tue, 27 Apr 2021 00:16:12 GMT
content-encoding: br
last-modified: Tue, 02 Feb 2021 05:17:13 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Wed, 27 Apr 2022 00:16:12 GMT

GET
H2 200 blocks.style.build.css
bangordailynews.com/wp-content/plugins/simple-iframe/dist/ 0
62 B 45ms
31ms Stylesheet
text/css 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/simple-iframe/dist/blocks.style.build.css?ver=5.7.1

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/simple-iframe/dist/blocks.style.build.css?ver=5.7.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:12 GMT
x-ac: 2.hhn _atomic_ams HIT
last-modified: Tue, 25 Aug 2020 17:41:56 GMT
server: nginx
etag: "5f454d64-0"
strict-transport-security: max-age=31536000
content-type: text/css
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 0
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 frontend.css
bangordailynews.com/wp-content/plugins/ad-lite-experience/assets/css/ 18 B
85 B 45ms
31ms Stylesheet
text/css 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/ad-lite-experience/assets/css/frontend.css?ver=1.0.0

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

737786f290221d12ae8613dadd87f7189d417e282c05c0c3d389f889ed1f978c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/ad-lite-experience/assets/css/frontend.css?ver=1.0.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:12 GMT
x-ac: 2.hhn _atomic_ams HIT
last-modified: Mon, 01 Mar 2021 17:14:51 GMT
server: nginx
etag: "603d210b-12"
strict-transport-security: max-age=31536000
content-type: text/css
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 18
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 frontend.css
bangordailynews.com/wp-content/plugins/bdn-misc-tweaks/assets/css/ 586 B
338 B 45ms
32ms Stylesheet
text/css 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/bdn-misc-tweaks/assets/css/frontend.css?ver=1.0.11

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

3ebd30a29a8df5a32c81526db897a1a34fd567a6f6743fef70a02171e911c2c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/bdn-misc-tweaks/assets/css/frontend.css?ver=1.0.11
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 09 Apr 2021 14:23:29 GMT
server: nginx
etag: W/"60706361-24a"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
date: Tue, 27 Apr 2021 00:16:12 GMT
x-ac: 2.hhn _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.css
bangordailynews.com/wp-content/plugins/covid-19-dashboard/assets/css/ 14 KB
3 KB 184ms
171ms Stylesheet
text/css 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/covid-19-dashboard/assets/css/style.css?ver=194028536

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

18bd9979ced86ec37946bfd5d2d1ba858d261aca517a54948a33b0fbda732e92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/covid-19-dashboard/assets/css/style.css?ver=194028536
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Thu, 02 Jul 2020 17:41:36 GMT
server: nginx
etag: W/"5efe1c50-3875"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
date: Tue, 27 Apr 2021 00:16:12 GMT
x-ac: 2.hhn _atomic_ams MISS
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Chart.css
bangordailynews.com/wp-content/plugins/covid-19-dashboard/assets/chartjs/ 811 B
433 B 46ms
33ms Stylesheet
text/css 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/covid-19-dashboard/assets/chartjs/Chart.css?ver=1.0.0

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

22f33d9c97ff6f997646879b8859e8f7613938db6d57268412c75e9830ba8900

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/covid-19-dashboard/assets/chartjs/Chart.css?ver=1.0.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 28 Apr 2020 12:21:15 GMT
server: nginx
etag: W/"5ea81fbb-32b"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
date: Tue, 27 Apr 2021 00:16:12 GMT
x-ac: 2.hhn _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 block_styles.css
bangordailynews.com/wp-content/plugins/newspack-blocks/dist/ 2 KB
558 B 46ms
34ms Stylesheet
text/css 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/newspack-blocks/dist/block_styles.css?ver=1.24.0

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

265a9021a7dab4a38e6f910cebc316b99f48a3f526ce54a1d3b880fd6461a72c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/newspack-blocks/dist/block_styles.css?ver=1.24.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 13 Apr 2021 20:46:33 GMT
server: nginx
etag: W/"60760329-809"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
date: Tue, 27 Apr 2021 00:16:12 GMT
x-ac: 2.hhn _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 style.css
bangordailynews.com/wp-content/plugins/newspack-header-widget-area/ 284 B
353 B 47ms
35ms Stylesheet
text/css 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/newspack-header-widget-area/style.css?ver=1591911793

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

6b59ddfb5e523c6ba40ed6fb7b912da7aef494812b9ae95767df2aef6a42a26b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/newspack-header-widget-area/style.css?ver=1591911793
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:12 GMT
x-ac: 2.hhn _atomic_ams HIT
last-modified: Thu, 11 Jun 2020 21:43:13 GMT
server: nginx
etag: "5ee2a571-11c"
strict-transport-security: max-age=31536000
content-type: text/css
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 284
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 assets.css
bangordailynews.com/wp-content/plugins/newspack-listings/dist/ 6 KB
1 KB 47ms
35ms Stylesheet
text/css 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/newspack-listings/dist/assets.css?ver=0.0.1

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

db4b253272b2002cec9f281c1444d5c0efea44dfaceb3dde7df26259f1ab96c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/newspack-listings/dist/assets.css?ver=0.0.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 18 Dec 2020 21:49:20 GMT
server: nginx
etag: W/"5fdd23e0-18ae"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
date: Tue, 27 Apr 2021 00:16:12 GMT
x-ac: 2.hhn _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-parsely.css
bangordailynews.com/wp-content/plugins/wp-parsely/ 2 KB
601 B 60ms
48ms Stylesheet
text/css 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/wp-parsely/wp-parsely.css?ver=1618956761

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

115c7b67d5ef5d6fac8f12989a63efc39f2ccc39855b33e031a2a65519040e0b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/wp-parsely/wp-parsely.css?ver=1618956761
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 20 Apr 2021 18:20:38 GMT
server: nginx
etag: W/"607f1b76-706"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
date: Tue, 27 Apr 2021 00:16:12 GMT
x-ac: 2.hhn _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
799 B 27ms
15ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=IBM+Plex+Serif%3A400%2C400i%2C700%2C700i&subset=latin%2Clatin-ext&display=swap

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3284132fdb7ccdd0ccc87aa0b7651fea00583f9900d25915b834567b6afae59b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 27 Apr 2021 00:16:12 GMT
server: ESF
date: Tue, 27 Apr 2021 00:16:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 27 Apr 2021 00:16:12 GMT

GET
H2 200 style.css
bangordailynews.com/wp-content/themes/newspack-sacha/ 149 KB
24 KB 62ms
51ms Stylesheet
text/css 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/themes/newspack-sacha/style.css?ver=1.36.0

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

e8f1356fc872c07c400d3c261fc3a667e08f019eb2448626caa01a14d1417308

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/themes/newspack-sacha/style.css?ver=1.36.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 20 Apr 2021 22:12:49 GMT
server: nginx
etag: W/"607f51e1-25265"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
date: Tue, 27 Apr 2021 00:16:12 GMT
x-ac: 2.hhn _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 css2
fonts.googleapis.com/ 2 KB
629 B 26ms
14ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Oswald&display=swap

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dbdf77316101cc3b934e7f5499baa34d0ffb4aeefc00003327cc339e8ecdd23a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 26 Apr 2021 23:58:10 GMT
server: ESF
date: Tue, 27 Apr 2021 00:16:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 27 Apr 2021 00:16:12 GMT

GET
H2 200 css
fonts.googleapis.com/ 2 KB
619 B 25ms
15ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c340f2fc9103b3a383daf2262c4c58829e4acd29f2e18e02675a823f89eef33b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 26 Apr 2021 23:11:16 GMT
server: ESF
date: Tue, 27 Apr 2021 00:16:12 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 27 Apr 2021 00:16:12 GMT

GET
H2 200 newspack-sponsors.css
bangordailynews.com/wp-content/themes/newspack-theme/styles/ 6 KB
2 KB 65ms
55ms Stylesheet
text/css 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/themes/newspack-theme/styles/newspack-sponsors.css?ver=1.36.0

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

56e08d9805d2273ad1d88eccd2a9ab07d98a2df54936d049bb73483ceb2ad398

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/themes/newspack-theme/styles/newspack-sponsors.css?ver=1.36.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 20 Apr 2021 22:12:41 GMT
server: nginx
etag: W/"607f51d9-164b"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
date: Tue, 27 Apr 2021 00:16:12 GMT
x-ac: 2.hhn _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 tablepress-combined.min.css
bangordailynews.com/wp-content/ 5 KB
2 KB 66ms
56ms Stylesheet
text/css 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/tablepress-combined.min.css?ver=6

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

5fe68142c54c445608347635bf9501e0dc95e3b774659bf900a3acd2c1cff5d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/tablepress-combined.min.css?ver=6
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 09 Mar 2021 22:18:20 GMT
server: nginx
etag: W/"6047f42c-14a5"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
date: Tue, 27 Apr 2021 00:16:12 GMT
x-ac: 2.hhn _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 social-logos.min.css
c0.wp.com/p/jetpack/9.6.1/_inc/social-logos/ 12 KB
8 KB 105ms
22ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/9.6.1/_inc/social-logos/social-logos.min.css

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

b958e0f47861dde13a175cc69494bdb54f08e2b5e78cecf6abd16470d2085257

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT cdg 1
date: Tue, 27 Apr 2021 00:16:12 GMT
content-encoding: br
last-modified: Tue, 30 Jun 2020 14:24:10 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Wed, 27 Apr 2022 00:16:12 GMT

GET
H2 200 jetpack.css
c0.wp.com/p/jetpack/9.6.1/css/ 75 KB
13 KB 105ms
23ms Stylesheet
text/css 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/9.6.1/css/jetpack.css

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

b17a1dde76cbfa8f7e19a7121ecde1ad3d2cc9fca6bbd795042d3f484b53d2a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT cdg 1
date: Tue, 27 Apr 2021 00:16:12 GMT
content-encoding: br
last-modified: Tue, 30 Mar 2021 16:59:40 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Wed, 27 Apr 2022 00:16:12 GMT

GET
H2 200 related-posts.min.js Show response
c0.wp.com/p/jetpack/9.6.1/_inc/build/related-posts/ 6 KB
2 KB 137ms
55ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/9.6.1/_inc/build/related-posts/related-posts.min.js

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

fc2e4fd761c3a7833d11973c14ace3a38828e52a56f1be8c5ba3ab7fe0376bcc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT cdg 1
date: Tue, 27 Apr 2021 00:16:12 GMT
content-encoding: br
last-modified: Tue, 23 Feb 2021 16:08:42 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Wed, 27 Apr 2022 00:16:12 GMT

GET
H2 200 jquery.min.js Show response
c0.wp.com/c/5.7.1/wp-includes/js/jquery/ 87 KB
30 KB 137ms
56ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.7.1/wp-includes/js/jquery/jquery.min.js

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT cdg 1
date: Tue, 27 Apr 2021 00:16:12 GMT
content-encoding: br
last-modified: Wed, 07 Oct 2020 16:33:25 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Wed, 27 Apr 2022 00:16:12 GMT

GET
H2 200 jquery-migrate.min.js Show response
c0.wp.com/c/5.7.1/wp-includes/js/jquery/ 11 KB
4 KB 137ms
55ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.7.1/wp-includes/js/jquery/jquery-migrate.min.js

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT cdg 1
date: Tue, 27 Apr 2021 00:16:12 GMT
content-encoding: br
last-modified: Wed, 18 Nov 2020 09:06:06 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Wed, 27 Apr 2022 00:16:12 GMT

GET
H2 200 advanced.min.js Show response
bangordailynews.com/wp-content/plugins/advanced-ads/public/assets/js/ 11 KB
4 KB 69ms
62ms Script
application/javascript 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/advanced-ads/public/assets/js/advanced.min.js?ver=1.24.1

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

c280a532f1bfe942302340b698487d9fc32c8f5f0916fb27b3dc528d43226802

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/advanced-ads/public/assets/js/advanced.min.js?ver=1.24.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 30 Mar 2021 14:31:12 GMT
server: nginx
etag: W/"60633630-2a54"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
date: Tue, 27 Apr 2021 00:16:12 GMT
x-ac: 2.hhn _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 conditions.min.js Show response
bangordailynews.com/wp-content/plugins/advanced-ads-pro/modules/advanced-visitor-conditions/inc/ 776 B
276 B 70ms
63ms Script
application/javascript 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/advanced-ads-pro/modules/advanced-visitor-conditions/inc/conditions.min.js?ver=2.11.0

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

34a076e639ab3a82f7aabf481baea42f28f323dd18176be527f7a64e8f528ade

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/advanced-ads-pro/modules/advanced-visitor-conditions/inc/conditions.min.js?ver=2.11.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 19 Feb 2021 18:41:06 GMT
server: nginx
etag: W/"60300642-308"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
date: Tue, 27 Apr 2021 00:16:12 GMT
x-ac: 2.hhn _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 advanced-ads-pro.js Show response
bangordailynews.com/wp-content/plugins/advanced-ads-pro/assets/ 9 KB
3 KB 70ms
63ms Script
application/javascript 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/advanced-ads-pro/assets/advanced-ads-pro.js?ver=2.11.0

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

7cd95461f1915f7955a9fa168745fdff91b4c30058495667bc2429a60d2ccbab

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/advanced-ads-pro/assets/advanced-ads-pro.js?ver=2.11.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 19 Feb 2021 18:40:23 GMT
server: nginx
etag: W/"60300617-2328"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
date: Tue, 27 Apr 2021 00:16:12 GMT
x-ac: 2.hhn _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 base.min.js Show response
bangordailynews.com/wp-content/plugins/advanced-ads-pro/modules/cache-busting/inc/ 90 KB
26 KB 75ms
68ms Script
application/javascript 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/advanced-ads-pro/modules/cache-busting/inc/base.min.js?ver=2.11.0

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

3755d95c7e731819ba231813d9f769b66e091cb4896c01e776043b41460caf1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/advanced-ads-pro/modules/cache-busting/inc/base.min.js?ver=2.11.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 19 Feb 2021 18:41:18 GMT
server: nginx
etag: W/"6030064e-168ac"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
date: Tue, 27 Apr 2021 00:16:12 GMT
x-ac: 2.hhn _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sp.js Show response
d25dfknw9ghxs6.cloudfront.net/ 36 KB
11 KB 136ms
40ms Script
application/javascript 2600:9000:20c8:3600:9:4c16:5180:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d25dfknw9ghxs6.cloudfront.net/sp.js
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c8:3600:9:4c16:5180:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: dd1be805fb7b6b55ba270703ce9e23cf5ba35bc271a2bcb7a65b321facf4ab9c

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: JCe5I2lNvuti8Cl.nqdofRN.76AQPq.e
content-encoding: gzip
last-modified: Tue, 20 Apr 2021 17:12:31 GMT
server: AmazonS3
age: 13231
etag: W/"43eefb7f4eb22e1ecc914737224f37ed"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 a6f1f6a7cb5a93f6f494d1d5945d867c.cloudfront.net (CloudFront)
date: Mon, 26 Apr 2021 20:35:42 GMT
x-amz-cf-pop: MAD50-C1
x-amz-cf-id: MnovDFUE-fVrTOeOgKE0eXIElLf7UJbBRlxvT62pCf-IB70MpPZEDA==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 62 KB
21 KB 210ms
37ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

60c0c27d0598b405ab145e08a5ee568387bbf3a186f118cbca63ff02549055bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "854 / 16 of 1000 / last-modified: 1619475282"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21009
x-xss-protection: 0
expires: Tue, 27 Apr 2021 00:16:12 GMT

GET
H/1.1 200
OK load.js Show response
s.ntv.io/serve/ 353 KB
103 KB 217ms
47ms Script
application/x-javascript 2.18.234.163
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://s.ntv.io/serve/load.js
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.163 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-163.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 1550346cc4acb90924ac38fd0a7157a20e8750c2df0fa0cfab411980c9bc1cfe

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 00:16:12 GMT
Content-Encoding: gzip
x-amz-request-id: 5BE94SRWFAVGV6KN
x-amz-server-side-encryption: AES256
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
x-amz-id-2: UHZ1M7Ew2kMfC0OOdUcDgpivU6fMYEDCTASgK41blK6kjlk4fUQ8DjDXNIAFTEux8/fej9hjTrc=
Last-Modified: Tue, 13 Apr 2021 17:19:57 GMT
Server: AmazonS3
ETag: "4330b9a8c8acd8b7385eb09575a0f098"
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=3600
Accept-Ranges: bytes
Access-Control-Allow-Headers: *

GET
H2 200 wp-emoji-release.min.js Show response
bangordailynews.com/wp-includes/js/ 14 KB
5 KB 161ms
153ms Script
application/javascript 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.1

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-includes/js/wp-emoji-release.min.js?ver=5.7.1
pragma: no-cache
cookie: advanced_ads_page_impressions=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Wed, 06 Jan 2021 15:29:24 GMT
server: nginx
etag: W/"5ff5d754-3795"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
date: Tue, 27 Apr 2021 00:16:12 GMT
x-ac: 2.hhn _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 print.css
bangordailynews.com/wp-content/themes/newspack-theme/styles/ 3 KB
1 KB 170ms
165ms Stylesheet
text/css 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/themes/newspack-theme/styles/print.css?ver=1.36.0

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

992224de1fc2af7964f26e6f191525d0a844fcb391707631d058c86105dfe329

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/themes/newspack-theme/styles/print.css?ver=1.36.0
pragma: no-cache
cookie: advanced_ads_page_impressions=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 20 Apr 2021 22:12:41 GMT
server: nginx
etag: W/"607f51d9-ad9"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=315360000
date: Tue, 27 Apr 2021 00:16:12 GMT
x-ac: 2.hhn _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK ads.js Show response
serv-vdo.pixfuture.com/vpaid/ 8 KB
9 KB 440ms
108ms Script
application/javascript 204.48.28.205
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://serv-vdo.pixfuture.com/vpaid/ads.js
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.48.28.205 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 074e983a3f30d6842f672e0bfb8f30b3fdb2847c856b39bfec3fe0fe06e5b6ab

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 00:16:12 GMT
Last-Modified: Wed, 03 Feb 2021 18:56:08 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "601af1c8-2148"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800, public, no-transform
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 8520
Expires: Thu, 29 Apr 2021 00:16:12 GMT

GET
H/1.1 200
OK lre.js Show response
player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/ 1 MB
343 KB 122ms
46ms Script
application/javascript 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash: 24c0e9f44162bbae5a0426d68c0c36368f3c945a96043cc6cb1ccfe8ec12f8cd

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 00:16:12 GMT
Content-Encoding: gzip
Age: 11877
Connection: keep-alive
Content-Length: 350817
x-amz-id-2: /HcllLcxBTrONYCeMclqB7RPWNTbD3jMC5/DTP3dWsRiVEUwscZiqUTG8DYcTu0fEvVf/sufLCM=
Last-Modified: Tue, 13 Apr 2021 08:15:51 GMT
Server: AmazonS3
Vary: Accept-Encoding
x-amz-request-id: 9JDQAVGY90SCPKG4
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=60
x-amz-version-id: qgVhjFjc0SAIfYby.bjZb.FjcikqUUqc
Accept-Ranges: bytes
Content-Type: application/javascript
X-LLID: 4d20d7fca3a8c7fed8195d33d55d0fb4
Expires: Mon, 26 Apr 2021 20:59:15 GMT

GET
H2 200 munye-mohamed-shine-portland-maine-troy-bennett-3-1.jpg
i1.wp.com/bdn-data.s3.amazonaws.com/uploads/2021/04/ 790 B
1 KB 118ms
0ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/bdn-data.s3.amazonaws.com/uploads/2021/04/munye-mohamed-shine-portland-maine-troy-bennett-3-1.jpg?fit=1024%2C683&ssl=1&resize=40%2C40

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

f83993e9f4eebf9e0e6041fec8768042b9ae0761e683b39e5c6bf3c3406c2e6a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT cdg 4
date: Tue, 27 Apr 2021 00:16:12 GMT
x-content-type-options: nosniff
last-modified: Mon, 26 Apr 2021 13:12:36 GMT
server: nginx
etag: "0eab8683b173c728"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://bdn-data.s3.amazonaws.com/uploads/2021/04/munye-mohamed-shine-portland-maine-troy-bennett-3-1.jpg>; rel="canonical"
content-length: 790
expires: Thu, 27 Apr 2023 01:12:36 GMT

GET
H2 200 natashairving-A-LCO-1.jpg
i2.wp.com/bdn-data.s3.amazonaws.com/uploads/2021/04/ 494 B
813 B 201ms
29ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/bdn-data.s3.amazonaws.com/uploads/2021/04/natashairving-A-LCO-1.jpg?fit=1024%2C696&ssl=1&resize=40%2C40

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

37b3fcaac2fff52fcc1a8fd979c1fe36f23477f9800b4a6474f37b8bbcaa74da

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 3
date: Tue, 27 Apr 2021 00:16:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 25 Apr 2021 15:48:49 GMT
server: nginx
etag: "9bb265cb21bf43f2"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://bdn-data.s3.amazonaws.com/uploads/2021/04/natashairving-A-LCO-1.jpg>; rel="canonical"
content-length: 494
expires: Wed, 26 Apr 2023 03:48:49 GMT

GET
H2 200 hpt_border_crossing_canada-2-1.jpg
i2.wp.com/bdn-data.s3.amazonaws.com/uploads/2021/04/ 558 B
743 B 201ms
30ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/bdn-data.s3.amazonaws.com/uploads/2021/04/hpt_border_crossing_canada-2-1.jpg?fit=1024%2C640&ssl=1&resize=40%2C40

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

e6f388e9eae391c1de0edd3510f4df5cef223a0d4cae535a460ca4738e076cae

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Tue, 27 Apr 2021 00:16:12 GMT
x-content-type-options: nosniff
last-modified: Sat, 24 Apr 2021 18:43:53 GMT
server: nginx
etag: "c3fcf8d65afcde48"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://bdn-data.s3.amazonaws.com/uploads/2021/04/hpt_border_crossing_canada-2-1.jpg>; rel="canonical"
content-length: 558
expires: Tue, 25 Apr 2023 06:43:53 GMT

GET
H2 200 Police-lights-7.jpg
i2.wp.com/bdn-data.s3.amazonaws.com/uploads/2021/04/ 460 B
626 B 202ms
31ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/bdn-data.s3.amazonaws.com/uploads/2021/04/Police-lights-7.jpg?fit=1200%2C800&ssl=1&resize=40%2C40

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

ae2e6561ced3a7de5d3d9e66dddbffd15b8d0e6fc676f1b018916992755c8332

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 1
date: Tue, 27 Apr 2021 00:16:12 GMT
x-content-type-options: nosniff
last-modified: Mon, 26 Apr 2021 04:07:07 GMT
server: nginx
etag: "0fccee74b6607706"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://bdn-data.s3.amazonaws.com/uploads/2021/04/Police-lights-7.jpg>; rel="canonical"
content-length: 460
expires: Wed, 26 Apr 2023 16:07:07 GMT

GET
H2 200 BorderPatrol020320_NAW1.jpg
i1.wp.com/bdn-data.s3.amazonaws.com/uploads/2021/04/ 464 B
645 B 117ms
0ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/bdn-data.s3.amazonaws.com/uploads/2021/04/BorderPatrol020320_NAW1.jpg?fit=1024%2C640&ssl=1&resize=40%2C40

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

0e15782517f2a5d7cbf2d88e2e861b518ee4794e3bf7a09cfc72ff420c8e5d06

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT cdg 2
date: Tue, 27 Apr 2021 00:16:12 GMT
x-content-type-options: nosniff
last-modified: Mon, 26 Apr 2021 21:08:38 GMT
server: nginx
etag: "cf5ebdd25c7962ea"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://bdn-data.s3.amazonaws.com/uploads/2021/04/BorderPatrol020320_NAW1.jpg>; rel="canonical"
content-length: 464
expires: Thu, 27 Apr 2023 09:08:38 GMT

GET
H2 200 Food-Truck-A-LCO-1.jpg
i2.wp.com/bdn-data.s3.amazonaws.com/uploads/2021/04/ 958 B
1 KB 201ms
30ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/bdn-data.s3.amazonaws.com/uploads/2021/04/Food-Truck-A-LCO-1.jpg?fit=1024%2C612&ssl=1&resize=40%2C40

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

e4c6fdab9a48f0a27f4bd33993a1b824c68d26ef992eace91e0650833c059e33

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 3
date: Tue, 27 Apr 2021 00:16:12 GMT
x-content-type-options: nosniff
last-modified: Sat, 24 Apr 2021 13:52:48 GMT
server: nginx
etag: "70eb61fd119fb191"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://bdn-data.s3.amazonaws.com/uploads/2021/04/Food-Truck-A-LCO-1.jpg>; rel="canonical"
content-length: 958
expires: Tue, 25 Apr 2023 01:52:48 GMT

GET
H2 200 Virus-Outbreak-Schools-1.jpg
i0.wp.com/bdn-data.s3.amazonaws.com/uploads/2021/04/ 868 B
1 KB 25ms
20ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/bdn-data.s3.amazonaws.com/uploads/2021/04/Virus-Outbreak-Schools-1.jpg?fit=1024%2C684&ssl=1&resize=40%2C40

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

2197820c8ec59d71befa274a43dd7b5d573d59bd720313e83610c997316d3d6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT cdg 1
date: Tue, 27 Apr 2021 00:16:12 GMT
x-content-type-options: nosniff
last-modified: Sun, 25 Apr 2021 17:00:27 GMT
server: nginx
etag: "0341a2d80de52759"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://bdn-data.s3.amazonaws.com/uploads/2021/04/Virus-Outbreak-Schools-1.jpg>; rel="canonical"
content-length: 868
expires: Wed, 26 Apr 2023 05:00:27 GMT

GET
H2 200 delivery.js Show response
assets.revcontent.com/master/ 358 KB
101 KB 80ms
23ms Script
application/x-javascript 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.revcontent.com/master/delivery.js
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d9d56ba371a99b5c76a73f85319718e8ac8c0bbac5fcc5eccd52656061f02e6d

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:12 GMT
content-encoding: gzip
last-modified: Tue, 13 Apr 2021 16:20:23 GMT
server: AmazonS3
x-amz-request-id: A6KAYDPPJNBYCGW2
etag: "c75fba731f8a2c6605eca5cabf593e6c"
x-hw: 1619482572.cds009.pa1.hn,1619482572.cds047.pa1.c
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public,max-age=60
accept-ranges: bytes
content-length: 103064
x-amz-id-2: 2362xHjGJRqwzvTxtbG3xLFKhRT15miRoe/MWEggZawBlQYN5uR+dDEOe+QfUAGl/bhJXpu9lhc=

GET
H2 200 p.js Show response
cdn.parsely.com/keys/bangordailynews.com/ 50 KB
19 KB 224ms
44ms Script
application/x-javascript 13.224.112.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/bangordailynews.com/p.js
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.112.38 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-112-38.mad50.r.cloudfront.net
Software: nginx /
Resource Hash: 989f8d4c8cb3c69644f338fd1c860ad92300a155472c096619befde19f6adc96

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: public
date: Mon, 26 Apr 2021 21:37:28 GMT
content-encoding: gzip
last-modified: Wed, 03 Mar 2021 18:34:21 GMT
server: nginx
age: 9524
etag: W/"603fd6ad-c8bd"
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 e9e9ef2b004f5c4a430ab05e0f919051.cloudfront.net (CloudFront)
cache-control: max-age=86400, public
x-amz-cf-pop: MAD50-C1
x-amz-cf-id: jzV59iyVpDG_7fEEWgCQIO5FNn1PhB9qs7fWRoXTlUWW8f2kARazpg==
expires: Tue, 27 Apr 2021 21:37:28 GMT

GET
H2 200 loading.gif
bangordailynews.com/wp-content/plugins/jetpack/modules/sharedaddy/images/ 2 KB
3 KB 170ms
164ms Image
image/gif 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bangordailynews.com/wp-content/plugins/jetpack/modules/sharedaddy/images/loading.gif

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

3fa54e29f88aee644eaaac38e11681ea07858eb1ea76b1baae12597aae83fe82

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/jetpack/modules/sharedaddy/images/loading.gif
pragma: no-cache
cookie: advanced_ads_page_impressions=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:12 GMT
x-ac: 2.hhn _atomic_ams HIT
last-modified: Wed, 09 Mar 2011 16:12:50 GMT
server: nginx
etag: "4d77a702-9e2"
strict-transport-security: max-age=31536000
content-type: image/gif
cache-control: max-age=604800
accept-ranges: bytes
content-length: 2530
expires: Thu, 12 Nov 2020 08:10:39 GMT

GET
H2 200 photon.min.js Show response
c0.wp.com/p/jetpack/9.6.1/_inc/build/photon/ 758 B
425 B 33ms
19ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/9.6.1/_inc/build/photon/photon.min.js

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT cdg 1
date: Tue, 27 Apr 2021 00:16:12 GMT
content-encoding: br
last-modified: Tue, 31 Mar 2020 17:26:38 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Wed, 27 Apr 2022 00:16:12 GMT

GET
H2 200 frontend.min.js Show response
bangordailynews.com/wp-content/plugins/ad-lite-experience/assets/js/ 37 B
105 B 43ms
29ms Script
application/javascript 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/ad-lite-experience/assets/js/frontend.min.js?ver=1.0.0

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

9120fc5e7b83f3083c39b6ee71d2cd0322451890f95440289b32dca28294e68f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/ad-lite-experience/assets/js/frontend.min.js?ver=1.0.0
pragma: no-cache
cookie: advanced_ads_page_impressions=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:12 GMT
x-ac: 2.hhn _atomic_ams HIT
last-modified: Mon, 01 Mar 2021 17:14:53 GMT
server: nginx
etag: "603d210d-25"
strict-transport-security: max-age=31536000
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 37
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 frontend.min.js Show response
bangordailynews.com/wp-content/plugins/bdn-misc-tweaks/assets/js/ 37 B
102 B 43ms
30ms Script
application/javascript 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/bdn-misc-tweaks/assets/js/frontend.min.js?ver=1.0.11

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

9120fc5e7b83f3083c39b6ee71d2cd0322451890f95440289b32dca28294e68f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/bdn-misc-tweaks/assets/js/frontend.min.js?ver=1.0.11
pragma: no-cache
cookie: advanced_ads_page_impressions=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:12 GMT
x-ac: 2.hhn _atomic_ams HIT
last-modified: Fri, 02 Apr 2021 11:04:58 GMT
server: nginx
etag: "6066fa5a-25"
strict-transport-security: max-age=31536000
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 37
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 frontend.min.js Show response
bangordailynews.com/wp-content/plugins/covid-19-dashboard/assets/js/ 37 B
104 B 43ms
30ms Script
application/javascript 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/covid-19-dashboard/assets/js/frontend.min.js?ver=1.0.0

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

9120fc5e7b83f3083c39b6ee71d2cd0322451890f95440289b32dca28294e68f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/covid-19-dashboard/assets/js/frontend.min.js?ver=1.0.0
pragma: no-cache
cookie: advanced_ads_page_impressions=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:12 GMT
x-ac: 2.hhn _atomic_ams HIT
last-modified: Tue, 28 Apr 2020 12:21:07 GMT
server: nginx
etag: "5ea81fb3-25"
strict-transport-security: max-age=31536000
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 37
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 Chart.js Show response
bangordailynews.com/wp-content/plugins/covid-19-dashboard/assets/chartjs/ 418 KB
105 KB 44ms
31ms Script
application/javascript 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/covid-19-dashboard/assets/chartjs/Chart.js?ver=1.0.0

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

c8e4a27e6f793df7f0d93f11973224c9bdc0a6b182276ee211c2c140e87ff0db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/covid-19-dashboard/assets/chartjs/Chart.js?ver=1.0.0
pragma: no-cache
cookie: advanced_ads_page_impressions=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 28 Apr 2020 12:21:15 GMT
server: nginx
etag: W/"5ea81fbb-68824"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
date: Tue, 27 Apr 2021 00:16:12 GMT
x-ac: 2.hhn _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 utils.js Show response
bangordailynews.com/wp-content/plugins/covid-19-dashboard/assets/chartjs/ 3 KB
1 KB 64ms
51ms Script
application/javascript 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/covid-19-dashboard/assets/chartjs/utils.js?ver=1.0.0

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

0f2aa0b48a55e5bada7d08c3a536a9c3d33cf0b4a6cd600a9b3a9aa743dd9ff1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/covid-19-dashboard/assets/chartjs/utils.js?ver=1.0.0
pragma: no-cache
cookie: advanced_ads_page_impressions=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 28 Apr 2020 12:21:16 GMT
server: nginx
etag: W/"5ea81fbc-cf6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
date: Tue, 27 Apr 2021 00:16:12 GMT
x-ac: 2.hhn _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 raphael.min.js Show response
bangordailynews.com/wp-content/plugins/covid-19-dashboard/assets/map/ 91 KB
32 KB 64ms
52ms Script
application/javascript 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/covid-19-dashboard/assets/map/raphael.min.js?ver=1.0.0

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

ebb072f8da4eb66f646b547ac6951e7de18e63c9165871d100a96f69327b38d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/covid-19-dashboard/assets/map/raphael.min.js?ver=1.0.0
pragma: no-cache
cookie: advanced_ads_page_impressions=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 28 Apr 2020 12:20:59 GMT
server: nginx
etag: W/"5ea81fab-16c43"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
date: Tue, 27 Apr 2021 00:16:12 GMT
x-ac: 2.hhn _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 mousewheel.min.js Show response
bangordailynews.com/wp-content/plugins/covid-19-dashboard/assets/map/ 3 KB
1 KB 65ms
53ms Script
application/javascript 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/covid-19-dashboard/assets/map/mousewheel.min.js?ver=1.0.0

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

8e73a30d35c83ea6a597c3343324d2b7df097ad26e67b62efb5266ee12d317b5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/covid-19-dashboard/assets/map/mousewheel.min.js?ver=1.0.0
pragma: no-cache
cookie: advanced_ads_page_impressions=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 28 Apr 2020 12:20:59 GMT
server: nginx
etag: W/"5ea81fab-ad3"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
date: Tue, 27 Apr 2021 00:16:12 GMT
x-ac: 2.hhn _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 chroma.min.js Show response
bangordailynews.com/wp-content/plugins/covid-19-dashboard/assets/map/ 33 KB
13 KB 65ms
53ms Script
application/javascript 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/covid-19-dashboard/assets/map/chroma.min.js?ver=1.0.0

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

baac72a1bfa929ed13fe7e4ad64195bc0f9015c467c190eab6b06d67110e00df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/covid-19-dashboard/assets/map/chroma.min.js?ver=1.0.0
pragma: no-cache
cookie: advanced_ads_page_impressions=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Thu, 26 Mar 2020 17:01:14 GMT
server: nginx
etag: W/"5e7cdfda-8309"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
date: Tue, 27 Apr 2021 00:16:12 GMT
x-ac: 2.hhn _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 jquery.mapael.js Show response
bangordailynews.com/wp-content/plugins/covid-19-dashboard/assets/map/ 120 KB
24 KB 67ms
57ms Script
application/javascript 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/covid-19-dashboard/assets/map/jquery.mapael.js?ver=1.0.0

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

55255cb11b3ec899f616cf39ebdb309a4af82996918d9324a539f97b22f6693e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/covid-19-dashboard/assets/map/jquery.mapael.js?ver=1.0.0
pragma: no-cache
cookie: advanced_ads_page_impressions=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 28 Apr 2020 12:20:58 GMT
server: nginx
etag: W/"5ea81faa-1e07a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
date: Tue, 27 Apr 2021 00:16:12 GMT
x-ac: 2.hhn _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 maine-counties.js Show response
bangordailynews.com/wp-content/plugins/covid-19-dashboard/assets/map/maps/ 23 KB
10 KB 67ms
57ms Script
application/javascript 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/covid-19-dashboard/assets/map/maps/maine-counties.js?ver=1.0.0

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

064f4bac94e9ff6a1a83ad14389745dfdb762132ffd6fb21cea533c72abb6f24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/covid-19-dashboard/assets/map/maps/maine-counties.js?ver=1.0.0
pragma: no-cache
cookie: advanced_ads_page_impressions=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Thu, 26 Mar 2020 17:01:14 GMT
server: nginx
etag: W/"5e7cdfda-5cdf"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
date: Tue, 27 Apr 2021 00:16:12 GMT
x-ac: 2.hhn _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 usa_states.js Show response
bangordailynews.com/wp-content/plugins/covid-19-dashboard/assets/map/maps/ 64 KB
24 KB 130ms
119ms Script
application/javascript 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/covid-19-dashboard/assets/map/maps/usa_states.js?ver=1.0.0

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

144bc702fd7d0201a22691d071e63a96f65412ed61b2bc30eb6c1a5d481e2ad0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/covid-19-dashboard/assets/map/maps/usa_states.js?ver=1.0.0
pragma: no-cache
cookie: advanced_ads_page_impressions=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 21 Apr 2020 16:14:13 GMT
server: nginx
etag: W/"5e9f1bd5-100f8"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
date: Tue, 27 Apr 2021 00:16:12 GMT
x-ac: 2.hhn _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 assets.js Show response
bangordailynews.com/wp-content/plugins/newspack-listings/dist/ 14 KB
4 KB 131ms
120ms Script
application/javascript 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/newspack-listings/dist/assets.js?ver=0.0.1

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

b47ea457146a75df3b104a01ca95875cefeac7088fc7d262ea19e045ff7c9399

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/newspack-listings/dist/assets.js?ver=0.0.1
pragma: no-cache
cookie: advanced_ads_page_impressions=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 18 Dec 2020 21:49:20 GMT
server: nginx
etag: W/"5fdd23e0-37e6"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
date: Tue, 27 Apr 2021 00:16:12 GMT
x-ac: 2.hhn _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 sticky.js Show response
bangordailynews.com/wp-content/plugins/advanced-ads-sticky-ads/public/assets/js/ 6 KB
2 KB 131ms
121ms Script
application/javascript 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/advanced-ads-sticky-ads/public/assets/js/sticky.js?ver=1.8.1

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

d8503c041e7f21942aa95fcd5992a29989cb49116d3cb3bf096455658498417a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/advanced-ads-sticky-ads/public/assets/js/sticky.js?ver=1.8.1
pragma: no-cache
cookie: advanced_ads_page_impressions=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 19 Feb 2021 18:42:54 GMT
server: nginx
etag: W/"603006ae-171a"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
date: Tue, 27 Apr 2021 00:16:12 GMT
x-ac: 2.hhn _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 comment-reply.min.js Show response
c0.wp.com/c/5.7.1/wp-includes/js/ 3 KB
1 KB 30ms
20ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.7.1/wp-includes/js/comment-reply.min.js

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT cdg 1
date: Tue, 27 Apr 2021 00:16:12 GMT
content-encoding: br
last-modified: Thu, 25 Mar 2021 20:02:19 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Wed, 27 Apr 2022 00:16:12 GMT

GET
H2 200 amp-fallback.js Show response
bangordailynews.com/wp-content/themes/newspack-theme/js/dist/ 12 KB
3 KB 131ms
121ms Script
application/javascript 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/themes/newspack-theme/js/dist/amp-fallback.js?ver=1.36.0

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

84a81507549904bca8c739183162c261a1e499b8d7ae0645ae63eddb4903fd36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/themes/newspack-theme/js/dist/amp-fallback.js?ver=1.36.0
pragma: no-cache
cookie: advanced_ads_page_impressions=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 20 Apr 2021 22:12:44 GMT
server: nginx
etag: W/"607f51dc-3143"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
date: Tue, 27 Apr 2021 00:16:12 GMT
x-ac: 2.hhn _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 amp-fallback-newspack-sponsors.js Show response
bangordailynews.com/wp-content/themes/newspack-theme/js/dist/ 5 KB
2 KB 131ms
122ms Script
application/javascript 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/themes/newspack-theme/js/dist/amp-fallback-newspack-sponsors.js?ver=1.36.0

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

4d8c0efbdf5e45fa5383d08d690203d0d499e7a8279600f5aec0e264d7134ea3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/themes/newspack-theme/js/dist/amp-fallback-newspack-sponsors.js?ver=1.36.0
pragma: no-cache
cookie: advanced_ads_page_impressions=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 20 Apr 2021 22:12:44 GMT
server: nginx
etag: W/"607f51dc-14f0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
date: Tue, 27 Apr 2021 00:16:12 GMT
x-ac: 2.hhn _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 intersectionobserver-polyfill.min.js Show response
bangordailynews.com/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/src/js/ 8 KB
3 KB 132ms
122ms Script
application/javascript 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/src/js/intersectionobserver-polyfill.min.js?ver=1.1.2

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

88264adf3d3193fb56c229f0b92e2a6096770eb76996d1fedc95f5bcb208ccda

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/src/js/intersectionobserver-polyfill.min.js?ver=1.1.2
pragma: no-cache
cookie: advanced_ads_page_impressions=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 05 Jan 2021 15:42:42 GMT
server: nginx
etag: W/"5ff488f2-1e63"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
date: Tue, 27 Apr 2021 00:16:12 GMT
x-ac: 2.hhn _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 lazy-images.min.js Show response
bangordailynews.com/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/src/js/ 3 KB
1 KB 132ms
123ms Script
application/javascript 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/src/js/lazy-images.min.js?ver=1.1.2

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

51e78e904c795ed5b0154a9995d1ab0b7e3667f5aede719bda86ba38236c5989

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/jetpack/vendor/automattic/jetpack-lazy-images/src/js/lazy-images.min.js?ver=1.1.2
pragma: no-cache
cookie: advanced_ads_page_impressions=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Tue, 05 Jan 2021 15:42:42 GMT
server: nginx
etag: W/"5ff488f2-cb7"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
date: Tue, 27 Apr 2021 00:16:12 GMT
x-ac: 2.hhn _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 script.js Show response
bangordailynews.com/wp-content/plugins/advanced-ads-tracking/public/assets/js/ 13 KB
3 KB 146ms
137ms Script
application/javascript 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-content/plugins/advanced-ads-tracking/public/assets/js/script.js?ver=1.21.0

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

719d8b1d77fd1f103d9d3a46e4b96e5122d0edeb80b85565b5a6882f0b50d573

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:path: /wp-content/plugins/advanced-ads-tracking/public/assets/js/script.js?ver=1.21.0
pragma: no-cache
cookie: advanced_ads_page_impressions=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
last-modified: Fri, 16 Oct 2020 09:13:41 GMT
server: nginx
etag: W/"5f896445-333b"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
date: Tue, 27 Apr 2021 00:16:12 GMT
x-ac: 2.hhn _atomic_ams HIT
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 wp-embed.min.js Show response
c0.wp.com/c/5.7.1/wp-includes/js/ 1 KB
719 B 29ms
20ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/c/5.7.1/wp-includes/js/wp-embed.min.js

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT cdg 1
date: Tue, 27 Apr 2021 00:16:12 GMT
content-encoding: br
last-modified: Wed, 06 Jan 2021 15:29:24 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Wed, 27 Apr 2022 00:16:12 GMT

GET
H2 200 sharing.min.js Show response
c0.wp.com/p/jetpack/9.6.1/_inc/build/sharedaddy/ 12 KB
4 KB 29ms
20ms Script
application/javascript 192.0.77.37
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://c0.wp.com/p/jetpack/9.6.1/_inc/build/sharedaddy/sharing.min.js

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.37 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

wordpress.com

Software

nginx /

Resource Hash

80ee2d8ce5d2a3f78fc3b8eaa67bc266645c58b96d8a804556f1e6cb8737d0cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT cdg 1
date: Tue, 27 Apr 2021 00:16:12 GMT
content-encoding: br
last-modified: Tue, 26 Jan 2021 16:25:48 GMT
server: nginx
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
strict-transport-security: max-age=15552000
timing-allow-origin: *
expires: Wed, 27 Apr 2022 00:16:12 GMT

GET
H2 200 e-202117.js Show response
stats.wp.com/ 9 KB
3 KB 93ms
28ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202117.js
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn
date: Tue, 27 Apr 2021 00:16:12 GMT
content-encoding: gzip
server: nginx
etag: W/"5c6340e3-350a"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sun, 17 Apr 2022 18:54:34 GMT

GET
H2 200 e3bf52b8-991a-41fe-9bb4-1acf24a22d27.js Show response
d2s8wlbatk24s7.cloudfront.net/service/js/ 51 KB
17 KB 240ms
162ms XHR
application/javascript 2600:9000:20c8:e400:d:77c3:2dc0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2s8wlbatk24s7.cloudfront.net/service/js/e3bf52b8-991a-41fe-9bb4-1acf24a22d27.js
Requested by: Host: d25dfknw9ghxs6.cloudfront.net
URL: https://d25dfknw9ghxs6.cloudfront.net/sp.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c8:e400:d:77c3:2dc0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.10.3 (Ubuntu) /
Resource Hash: 573a89ca120aefa174231f8ac23a259f089f0ef0304a7f23b7cd05d3c1187e2e

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 23:02:29 GMT
content-encoding: gzip
server: nginx/1.10.3 (Ubuntu)
age: 4423
vary: Accept-Encoding
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 14400
cache-control: public, max-age=14400
x-cache: Hit from cloudfront
x-amz-cf-pop: MAD50-C1
access-control-allow-headers: *
x-amz-cf-id: JW9TdrjUwbVakpwPm8f3Bz4KIpxynVMGPCUs_Yi6Bp1PJZdKKKb8eg==
via: 1.1 86b86f43445d5446c8b16910b2a9b8f9.cloudfront.net (CloudFront)

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 137 KB
47 KB 30ms
29ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W3QLSF

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ba10b6474aab8a10deb05a5437fb8ad720f6afc510bfbd5dbc82b44dc55a77ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:12 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47554
x-xss-protection: 0
last-modified: Tue, 27 Apr 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 27 Apr 2021 00:16:12 GMT

GET
H2 200 AGSKWxW-2D-NpOj-Hh67ZS7JVI4_Q0GEMemkPkF9m__v_6YFUh1r7KgeU9oTjsajdLc_nxARZIXW4BDHXowiQDVBBI8= Show response
fundingchoicesmessages.google.com/f/ 83 KB
31 KB 55ms
33ms Script
application/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxW-2D-NpOj-Hh67ZS7JVI4_Q0GEMemkPkF9m__v_6YFUh1r7KgeU9oTjsajdLc_nxARZIXW4BDHXowiQDVBBI8=

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

457ce06d0d3a6171a5153268b64a1122de93b8e2aa530d20210168f0709f21be

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-kjukVLAnxcqmEsE/in2u8A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-kjukVLAnxcqmEsE/in2u8A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 00:16:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-kjukVLAnxcqmEsE/in2u8A' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-kjukVLAnxcqmEsE/in2u8A' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

connatix.playspace.dc.js Show response
cds.connatix.com/p/115064/ Frame 7566
Redirect Chain

https://cd.connatix.com/connatix.playspace.js
https://cds.connatix.com/p/115064/connatix.playspace.dc.js

1 MB
230 KB

31ms
22ms

Script
application/javascript

151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/115064/connatix.playspace.dc.js
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: d2ab45aba734c6f2bd5cf4b106d5890152b22011f063358e0fa2dac3aa4145d6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:13 GMT
content-encoding: br
last-modified: Mon, 26 Apr 2021 15:04:09 GMT
age: 27929
etag: "133862d2c2cd044139eae0f492f54fc3"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 234968

Redirect headers

location: https://cds.connatix.com/p/115064/connatix.playspace.dc.js
date: Tue, 27 Apr 2021 00:16:12 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
age: 0
accept-ranges: bytes
content-length: 0
retry-after: 0

GET
H2 200 advertising.js Show response
www.npttech.com/ 7 KB
3 KB 44ms
19ms Script
application/javascript 2606:4700:3031::ac43:9eaa
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.npttech.com/advertising.js
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3031::ac43:9eaa , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:12 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 6360
content-type: application/javascript
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
x-amz-request-id: MY9S0PJDNWKA0N4N
x-amz-id-2: u+L7370psI8SIxAmhNpCXyD7oSJ5Mvj4UhFctRtjgqEQW9IRVxx/Z0CAHkLIPiAPTAks5+rBcUw=
last-modified: Wed, 19 Jun 2019 08:25:01 GMT
server: cloudflare
etag: W/"3d6f80c860866175f58a84bbbc9217c6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sHEFRM%2BBoK0%2BdPEvMFFhj4zgaOjHsQ89vPMCLv3xFjAAIyWqSvFAbeWtzV7NCY8aiE2b1qv4skaIJXNJgUTs78JlnleDpVC7DW2Wo7niUD1JCgtJVTjnA9aoq1w%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: hXQWgdpwSBM26VgKOeTSlm.4VT89.h9w
cache-control: max-age=28800
cf-request-id: 09b248109500001f41b5ade000000001
cf-ray: 6463dc60effb1f41-FRA

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ 14 KB
14 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://bangordailynews.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 21 Apr 2021 23:50:57 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:22 GMT
server: sffe
age: 433515
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14380
x-xss-protection: 0
expires: Thu, 21 Apr 2022 23:50:57 GMT

GET
DATA 200
OK truncated
/ 7 KB
7 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cdf3f88beb166e98d2656e957b247c886d1702027559a290e74a02d58d950c8c

Request headers

Origin: https://bangordailynews.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2 200 logo-1.png
i2.wp.com/bdn-data.s3.amazonaws.com/uploads/2020/06/ 4 KB
4 KB 32ms
28ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i2.wp.com/bdn-data.s3.amazonaws.com/uploads/2020/06/logo-1.png?resize=480%2C128&ssl=1

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

a76c8b8ecd594c086cc4849151090ad114d1688e039d33f0a6df1cb67b6ee277

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT hhn 3
date: Tue, 27 Apr 2021 00:16:13 GMT
x-content-type-options: nosniff
last-modified: Thu, 05 Nov 2020 10:33:47 GMT
server: nginx
etag: "fd050e12eb6f93f9"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://bdn-data.s3.amazonaws.com/uploads/2020/06/logo-1.png>; rel="canonical"
content-length: 3640
expires: Sat, 05 Nov 2022 22:33:47 GMT

GET
H2

200

connatix.player.dc.js Show response
cds.connatix.com/p/115064/ Frame C89E
Redirect Chain

https://cd.connatix.com/connatix.player.js
https://cds.connatix.com/p/115064/connatix.player.dc.js

1007 KB
219 KB

35ms
31ms

Script
application/javascript

151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/115064/connatix.player.dc.js
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3aaf702c0f3b57c8d8ae99a8c98336e838c9fe4a6fa33cb4bbe5b268f4200963

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:13 GMT
content-encoding: br
last-modified: Mon, 26 Apr 2021 15:04:08 GMT
age: 27929
etag: "5567d457731d7b3e403bd22f5842235e"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 223850

Redirect headers

location: https://cds.connatix.com/p/115064/connatix.player.dc.js
date: Tue, 27 Apr 2021 00:16:13 GMT
cache-control: no-cache, no-store, must-revalidate, max-age=0
age: 0
accept-ranges: bytes
content-length: 0
retry-after: 0

GET
H2 200 jquery.min.js Show response
cdn.pixfuture.com/ Frame D7A8 85 KB
30 KB 45ms
16ms Script
application/javascript 2606:4700:20::681a:a9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/jquery.min.js
Requested by: Host: serv-vdo.pixfuture.com
URL: https://serv-vdo.pixfuture.com/vpaid/ads.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:13 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 14704
cf-request-id: 09b24812b600001f117faf9000000001
last-modified: Wed, 12 Aug 2020 19:49:59 GMT
server: cloudflare
etag: W/"5f3447e7-1538f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=LQTD08hPxkMF3byXS7eokJXcAtZX2P9wxdR%2BY%2B33GcfrwRZNBwRk2eHhxYHOlncCiOa2%2BF%2Bp0IjF4kCOrpApaTjm5QaHim1Z60vjL0dbgsKuNCN57k9vglrQN3A2Lg%3D%3D"}]}
content-type: application/javascript
cache-control: public, max-age=2678400, no-transform
cf-ray: 6463dc645c9b1f11-FRA
expires: Wed, 28 Apr 2021 20:11:08 GMT

GET
H/1.1 200
OK conf.js Show response
config.anyclip.com/anyclip-widget/config/bangordailynewscom/0011r00002SRK6m_6242/ 8 KB
3 KB 1334ms
28ms Script
application/javascript 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://config.anyclip.com/anyclip-widget/config/bangordailynewscom/0011r00002SRK6m_6242/conf.js?cb=357836
Requested by: Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash: dd209c8b96b55de842b9a2ea39c082ed2fd84b2999cf71d90d9e3afbb2cb1746

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 00:16:14 GMT
Content-Encoding: gzip
Age: 11167
x-amz-meta-updatedby: adela@anyclip.com
Connection: keep-alive
x-amz-request-id: 8CWASXPAVZE990X4
x-amz-id-2: o9LfWzD9YGOyXpZX9gyYYtJNj2FWxyjeqn7VxPLEStG5PSoKKRgjWAySkIZOnRJbL1voeW/rN9o=
Accept-Ranges: bytes
Last-Modified: Thu, 22 Apr 2021 13:27:14 GMT
Server: AmazonS3
Vary: Accept-Encoding
x-amz-version-id: UZf6SjhF.vAO11.UZZPGoZapYnemoCnV
Access-Control-Allow-Origin: *
Content-Length: 2226
Content-Type: application/javascript;charset=UTF-8
X-LLID: c8a2f13e8d4e8cf167c4c6fc536f1ed5

GET
H/1.1 200
OK rules.js Show response
player.anyclip.com/anyclip-widget/lre-widget/sps-flow/ 474 B
959 B 31ms
30ms Script
application/javascript 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://player.anyclip.com/anyclip-widget/lre-widget/sps-flow/rules.js
Requested by: Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash: bf8a3d71354828a837da5f234fdeab608b2e535b11b4851e89d75b1686686635

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 00:16:13 GMT
Content-Encoding: gzip
Age: 66308
x-amz-meta-sha256: bf8a3d71354828a837da5f234fdeab608b2e535b11b4851e89d75b1686686635
Connection: keep-alive
Content-Length: 216
x-amz-id-2: 7HkPI7+B5C7IcunixJO7C4idNtfQ8FLMqRRWbLD82w87FYgtWGA4i7/NoLd6iFqdZ0VFgy7r+uk=
Last-Modified: Thu, 30 Apr 2020 15:11:24 GMT
Server: AmazonS3
Vary: Accept-Encoding
x-amz-request-id: 0AD2C118F7F81FB1
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=60
x-amz-meta-s3b-last-modified: 20200430T151051Z
x-amz-version-id: Dnob.rNfaHkFPCA9eGou8IS.DrpBU9EH
Accept-Ranges: bytes
Content-Type: application/javascript
X-LLID: 18a412a4db086490d9c6c78a3df3a965
Expires: Mon, 26 Apr 2021 05:52:05 GMT

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
180 B 1409ms
97ms Image
image/gif 52.70.144.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=126&val=vjs&wnx=0&abc=&ty=wlo&v=0&ext=0&ta=1&lnx=0&sid=VjWJdR29ro6xwBDA91XCoUkc17c7ZRsk&pid=bangordailynewscom&wid=0011r00002SRK6m_6242&pt=a
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.144.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-144-100.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:15 GMT
last-modified: Wed, 30 Dec 2020 14:34:46 GMT
server: nginx
accept-ranges: bytes
etag: "5fec9006-23"
content-length: 35
content-type: image/gif

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 1409ms
97ms Image
image/gif 52.70.144.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?dom=bangordailynews.com&cke=true&lan=en-US&plat=Linux+x86_64&net=-&ver=js4.0.4.1.923&dev=desktop&os=Windows&bw=Chrome%2C89&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&ty=data&rt=127&sid=VjWJdR29ro6xwBDA91XCoUkc17c7ZRsk&pid=bangordailynewscom&wid=0011r00002SRK6m_6242&pt=a
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.144.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-144-100.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:15 GMT
last-modified: Wed, 30 Dec 2020 14:34:46 GMT
server: nginx
accept-ranges: bytes
etag: "5fec9006-23"
content-length: 35
content-type: image/gif

GET
H2 200 embed.js Show response
bangordailynews.coral.coralproject.net/assets/js/ 52 KB
15 KB 1313ms
20ms Script
application/javascript 34.96.85.105
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.coral.coralproject.net/assets/js/embed.js

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.96.85.105 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

105.85.96.34.bc.googleusercontent.com

Software

Resource Hash

fa180e0c5c49d672e65b866e3f0809042cc76209788f323267ab5e51ca386b3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
x-content-type-options: nosniff
age: 314107
alt-svc: clear
content-length: 15359
x-xss-protection: 1; mode=block
x-trace-id: 70db29f0-a412-11eb-a72b-f181332c6e9e
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 11 Feb 2021 21:23:31 GMT
date: Fri, 23 Apr 2021 09:01:07 GMT
vary: Accept-Encoding
content-language: en-US
via: 1.1 google
cache-control: public, max-age=604800
etag: W/"3bff-17792fa4438"
accept-ranges: bytes
content-type: application/javascript; charset=UTF-8

GET
H3-29 200 pubads_impl_2021042201.js Show response
securepubads.g.doubleclick.net/gpt/ 301 KB
106 KB 72ms
36ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

f9f40e5aa6d80e385e5c15593748db7bfb50fd07cc45c8239a6fad053f63affe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 08:39:18 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108299
x-xss-protection: 0
expires: Tue, 27 Apr 2021 00:16:13 GMT

GET
H3-29 200 config_2_5__24.json Show response
securepubads.g.doubleclick.net/pagead/managed/js/ 2 KB
724 B 109ms
72ms XHR
application/json 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/config_2_5__24.json?domain=bangordailynews.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

2ad0fe009b4e278bb28a800aab0b3c420a783b400fc57c869d15452012bc583a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 697
x-xss-protection: 0
server: cafe
etag: 6332091875858825310
vary: Accept-Encoding, Origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 27 Apr 2021 00:16:13 GMT

GET
BLOB 200
OK 424a642d-8079-40ad-ae4b-f89fc75b32b3
https://bangordailynews.com/ 417 B
0 Other
text/plain

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://bangordailynews.com/424a642d-8079-40ad-ae4b-f89fc75b32b3
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7c1d63e26285cc21e133de0ecdb2364c797317e45fd3405ddd49930a1e949a11

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Length: 417

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
258 B 1252ms
106ms Image
image/gif 52.205.167.202
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1619482573928&plid=43595057&idsite=bangordailynews.com&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&sref=&sts=1619482573922&slts=0&title=Holden+brothers+sue+Northern+Light+over+data+breach+they+claim+left+them+vulnerable+to+identity+theft&date=Tue+Apr+27+2021+02%3A16%3A13+GMT%2B0200+(Central+European+Summer+Time)&action=pageview&pvid=31675016&u=pid%3Df0855e03e84e47aa5ee722917447b11b
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.205.167.202 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-205-167-202.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 00:16:15 GMT
Cache-Control: no-cache
Last-Modified: Tuesday, 27-Apr-2021 00:16:15 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 tinypass.min.js Show response
buy.tinypass.com/api/ 1009 KB
234 KB 1139ms
93ms Script
application/javascript 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/tinypass.min.js

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ee5cf9111ad49f7f2de82277cfb3f825a54444269d7bc7724292582efbff6265

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:15 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 144
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 09b2481890000097baf31aa000000001
wn: prod-dash-10-0-124-91
last-modified: Fri, 23 Apr 2021 17:53:42 GMT
server: cloudflare
etag: W/"1033310-1619200422000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
content-type: application/javascript
server-time: 0.001
cache-control: public, max-age=300
cf-ray: 6463dc6dba9297ba-FRA
expires: Tue, 27 Apr 2021 00:21:15 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 119 KB
31 KB 1055ms
89ms Script
application/javascript 13.224.105.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.105.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-105-229.mad50.r.cloudfront.net
Software: Server /
Resource Hash: 9e5a3984c873d9f7009795b85f0d9bfa38e8f9dddc2309d83556aea4d7ee41a0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: FUA623DCjlDRvcvJxerHmi4TRUp1BV44
content-encoding: gzip
server: Server
age: 49
etag: 433bd8b9aebf928ab8f51e43abc531d2
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 fcb5d6664fcce90309288d9ff2cfb9a5.cloudfront.net (CloudFront)
cache-control: public, max-age=900
date: Tue, 27 Apr 2021 00:15:26 GMT
x-amz-cf-pop: MAD50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: 1p3PbA3pu0VgG2IYNzzguwR75JdsqZ35t07_lfeCBjAIzT03BMYOSg==

GET
H2 200 g.gif
pixel.wp.com/ 50 B
115 B 73ms
28ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A9.6.1&blog=38606143&post=3087062&tz=-4&srv=bangordailynews.com&host=bangordailynews.com&ref=&fcp=1812&rand=0.4280001873226422
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:14 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 / Show response
bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/ 2 KB
1 KB 661ms
661ms XHR
application/json 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/?relatedposts=1

Requested by

Host: c0.wp.com
URL: https://c0.wp.com/p/jetpack/9.6.1/_inc/build/related-posts/related-posts.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

19cff09123b7c8f052b5fcf83f97eda885abeceac7abac7d9f6e1a286a2f40dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff

Request headers

sec-fetch-mode: cors
accept-encoding: gzip, deflate, br
accept-language: en-US
x-requested-with: XMLHttpRequest
sec-fetch-dest: empty
cookie: test; _parsely_session={%22sid%22:1%2C%22surl%22:%22https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/%22%2C%22sref%22:%22%22%2C%22sts%22:1619482573922%2C%22slts%22:0}; _parsely_visitor={%22id%22:%22pid=f0855e03e84e47aa5ee722917447b11b%22%2C%22session_count%22:1%2C%22last_session_ts%22:1619482573922}
:path: /2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/?relatedposts=1
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
x-requested-with: XMLHttpRequest

Response headers

x-nananana: Batcache-Set
strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 27 Apr 2021 00:16:14 GMT
server: nginx
date: Tue, 27 Apr 2021 00:16:14 GMT
vary: Accept-Encoding Cookie
content-type: application/json; charset=utf-8
cache-control: max-age=300, must-revalidate
x-ac: 2.hhn _atomic_ams MISS
host-header: Newspack

GET
H2 200 / Show response
graph.facebook.com/ 244 B
639 B 909ms
37ms Script
text/javascript 2a03:2880:f01c:800e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/?callback=WPCOMSharing.update_facebook_count&ids=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F

Requested by

Host: c0.wp.com
URL: https://c0.wp.com/p/jetpack/9.6.1/_inc/build/sharedaddy/sharing.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:800e:face:b00c:0:2 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d1013479fc14b59eed58c8a1ca5c302e2423c86682c4b6fb25920528d2ca62e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
www-authenticate: OAuth "Facebook Platform" "invalid_request" "(#2) Service temporarily unavailable"
x-fb-rev: 1003686179
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 182
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: 6NbKVzXc3wKXI3+oygirifzFwqFuKD6mrWefXD1rnzZY1V+oLr1fPVAozMReoP6Yi5Hc5o+vsEZKtgwOMywPyw==
x-fb-trace-id: CuqcAc4x8hV
date: Tue, 27 Apr 2021 00:16:15 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-fb-request-id: AfmpRqV6CUI3ik6hutq4V0G
cache-control: no-store
facebook-api-version: v3.2
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 g.gif
pixel.wp.com/ 50 B
74 B 30ms
30ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=wpcom-no-pv&x_sharing-count-request=facebook&r=0.3931905417153154
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:14 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 t Show response
jadserve.postrelease.com/ 223 B
600 B 482ms
265ms Script
text/javascript 52.21.23.66
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://jadserve.postrelease.com/t?ntv_url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&ntv_mvi
Requested by: Host: s.ntv.io
URL: https://s.ntv.io/serve/load.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.23.66 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-23-66.compute-1.amazonaws.com
Software: nginx/1.12.1 /
Resource Hash: 1eab91f81bf81819c8832c3a70044b09fc8a6c73fd75df3eda4b0decda03da4f

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 00:16:15 GMT
content-encoding: gzip
server: nginx/1.12.1
p3p: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: text/javascript;charset=UTF-8
content-length: 184
expires: Mon, 1 Jan 1990 12:00:00 GMT

POST
H3-29 204 AGSKWxW792pZCmg9sp4lDmoBdxO2Zg068XIaHLUC3PjP8U-JtM6eHRKDP7daCbTKcOLPnmxle-z0Lg--aFG3uqwHgBI= Show response
fundingchoicesmessages.google.com/l/ 0
27 B 34ms
20ms XHR
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/l/AGSKWxW792pZCmg9sp4lDmoBdxO2Zg068XIaHLUC3PjP8U-JtM6eHRKDP7daCbTKcOLPnmxle-z0Lg--aFG3uqwHgBI=?pvid=6FDEEF10-4923-4E8E-93E5-893B59079533&anonid=C70CA81E-C8BB-4BC7-99EE-AE335A3E09C2

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.en_US.yBB4d6BTfRc.es5.O/d=1/rs=AJlcJMxclVqNNZ5tV-63qo4lEWKqY67sDg/m=loader_js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Xo0XZueuBqbFs/BS80pblg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-Xo0XZueuBqbFs/BS80pblg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 27 Apr 2021 00:16:15 GMT
access-control-allow-methods: POST, GET, OPTIONS
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: text/html; charset=utf-8
access-control-allow-origin: https://bangordailynews.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-Xo0XZueuBqbFs/BS80pblg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-Xo0XZueuBqbFs/BS80pblg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 AGSKWxXMJwQmtkMZNjjfgdQewrItSZxY0mPGStBCFEm935o2ATus5s5iJ_5FqyTahV13XO-gcvY5I6FZ0JHVZRx8_XY= Show response
fundingchoicesmessages.google.com/f/ 283 KB
63 KB 58ms
42ms Script
application/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxXMJwQmtkMZNjjfgdQewrItSZxY0mPGStBCFEm935o2ATus5s5iJ_5FqyTahV13XO-gcvY5I6FZ0JHVZRx8_XY=?fccs=W251bGwsW1tdLFtdXSxudWxsLG51bGwsbnVsbCwyLFsxNjE5NDgyNTc1LDIwMDAwMDAwMF0sIjZGREVFRjEwLTQ5MjMtNEU4RS05M0U1LTg5M0I1OTA3OTUzMyIsIkM3MENBODFFLUM4QkItNEJDNy05OUVFLUFFMzM1QTNFMDlDMiIsbnVsbCxbbnVsbCxbN11dXQ

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.en_US.yBB4d6BTfRc.es5.O/d=1/rs=AJlcJMxclVqNNZ5tV-63qo4lEWKqY67sDg/m=loader_js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9b1232dfeae992b6a1f34877634259c41864721497d1374626dca4f3662f6209

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-POBcFYSQWq08HZH/IHQEeA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-POBcFYSQWq08HZH/IHQEeA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 00:16:15 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'report-sample' 'nonce-POBcFYSQWq08HZH/IHQEeA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-POBcFYSQWq08HZH/IHQEeA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Harrison-Judy-employee-headshot-JCR-1-200x200.jpg
bdn-data.s3.amazonaws.com/uploads/2020/06/ 8 KB
9 KB 445ms
126ms Image
image/jpeg 52.217.138.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bdn-data.s3.amazonaws.com/uploads/2020/06/Harrison-Judy-employee-headshot-JCR-1-200x200.jpg
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.138.97 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1-w.amazonaws.com
Software: AmazonS3 /
Resource Hash: d46cdf5cd6827461ac61fcff2768bfff82203c047c7c93e1c82091f1232610fb

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 00:16:17 GMT
Last-Modified: Thu, 18 Jun 2020 02:58:23 GMT
Server: AmazonS3
x-amz-request-id: TC0NB0FPVT7TTD8H
ETag: "268b990f7103e86c2be5a8cbedbb9b53"
x-amz-version-id: HtSq84lLDSsbDF.It5rdjSpKWYffj93A
Cache-Control: max-age=2592000
x-amz-replication-status: COMPLETED
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 8413
x-amz-id-2: 5+kr8h2mf5+UHNSy7zJM2n6VYJTJEsiW71I9mNCFbkk+oJH3G9rgYhQRW1C/fQKlR2Wu6ZGdXcA=

GET
H2 200 016-EMHS-Brewer-06-16-2014-090-14-293-x-1.jpg
i0.wp.com/bdn-data.s3.amazonaws.com/uploads/2021/04/ 185 KB
186 KB 27ms
27ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/bdn-data.s3.amazonaws.com/uploads/2021/04/016-EMHS-Brewer-06-16-2014-090-14-293-x-1.jpg?w=1024&ssl=1

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

6bb02f4b3e234d03c30f0a6c214ea2a851709f607db2edbb7cf4ad66a35561a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT cdg 1
date: Tue, 27 Apr 2021 00:16:15 GMT
x-content-type-options: nosniff
last-modified: Fri, 23 Apr 2021 05:05:02 GMT
server: nginx
etag: "6825ac0c6211e0cc"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://bdn-data.s3.amazonaws.com/uploads/2021/04/016-EMHS-Brewer-06-16-2014-090-14-293-x-1.jpg>; rel="canonical"
content-length: 189820
expires: Sun, 23 Apr 2023 17:05:02 GMT

GET
H2 200 / Show response
trends.revcontent.com/api/demand/ 52 B
269 B 147ms
47ms Fetch
text/html 34.248.121.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/api/demand/?w=165643

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.248.121.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-248-121-96.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://bangordailynews.com
date: Tue, 27 Apr 2021 00:16:16 GMT
access-control-allow-credentials: true
server: Apache/2.4.25 (Debian)
content-length: 52
strict-transport-security: max-age=931536000; includeSubDomains
content-type: text/html; charset=UTF-8

GET
H2 204 sync
trends.revcontent.com/ 0
0 137ms
37ms Fetch 34.248.121.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trends.revcontent.com/sync
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.121.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-121-96.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://bangordailynews.com
date: Tue, 27 Apr 2021 00:16:16 GMT
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W3QLSF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 3213
date: Mon, 26 Apr 2021 23:22:43 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Tue, 27 Apr 2021 01:22:43 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 92 KB
24 KB 25ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0ae5ed57dc48abbee125d5f915e37110c9f2bb6a95d1aa5ccf3c141f8fe10db3

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23961
x-fb-rlafr: 0
pragma: public
x-fb-debug: tSQ9txFQ+koFf0l/BRIEukq+Q89t+kgayKwJpBCU8D/V5nFVhkV1yDdGkbArXg6MaSCCuReYQsVaE+I5O3Wr9A==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 27 Apr 2021 00:16:16 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 129ms
46ms Script
application/x-javascript 2600:9000:20c8:4c00:18:1fcd:34e:d2a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c8:4c00:18:1fcd:34e:d2a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: ec93813683cccb74a7896a34a2ed1b2163288620f6959ae06de3ded30cf518b9

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 16:18:05 GMT
content-encoding: gzip
last-modified: Fri, 02 Apr 2021 00:04:46 GMT
server: nginx
age: 28691
etag: W/"60665f9e-8e96"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 bba411d0a1e93905fdec1b327205fbe0.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: MAD50-C1
x-amz-cf-id: YkAo0-s7_Z2srgs4vq8hP5envhtR2kkL4l5SWq7nRUNkhpeQNTh7dw==
expires: Tue, 27 Apr 2021 16:18:05 GMT

GET
H2

200

ml.br.js Show response
js.matheranalytics.com/static/ltm/ma63069/92760912/12/
Redirect Chain

https://js.matheranalytics.com/s/ma63069/92760912/ml.js?cb=1562
https://js.matheranalytics.com/static/ltm/ma63069/92760912/12/ml.br.js

136 KB
40 KB

22ms
21ms

Script
application/x-javascript

107.178.250.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://js.matheranalytics.com/static/ltm/ma63069/92760912/12/ml.br.js
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.250.234 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 234.250.178.107.bc.googleusercontent.com
Software: nginx /
Resource Hash: 5bb1dbff0830b6ff798a95ceb6d01d9c04ead26188e18da619699bc3135a1e47

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 13:22:13 GMT
content-encoding: br
last-modified: Wed, 12 Aug 2020 16:26:04 GMT
server: nginx
age: 39243
etag: "88fbdebeb74ed488bdf0ebada228f578"
vary: Accept-Encoding
x-cache: HIT Wed, 12 Aug 2020 16:39:09 GMT
content-type: application/x-javascript
via: 1.1 google
cache-control: public,max-age=3600
alt-svc: clear
content-length: 40740

Redirect headers

date: Tue, 27 Apr 2021 00:16:16 GMT
via: 1.1 google
server: nginx
vary: Accept-Encoding
location: https://js.matheranalytics.com/static/ltm/ma63069/92760912/12/ml.br.js
cache-control: public, max-age=269200
alt-svc: clear
x-served-by: 8-gc-euw1-10928

GET
H/1.1 200
OK ads-iframe.js Show response
serv-vdo.pixfuture.com/vpaid/ Frame D7A8 49 KB
49 KB 406ms
197ms Script
application/javascript 204.48.28.205
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://serv-vdo.pixfuture.com/vpaid/ads-iframe.js
Requested by: Host: serv-vdo.pixfuture.com
URL: https://serv-vdo.pixfuture.com/vpaid/ads.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.48.28.205 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 04b25bf1bce048c6c1ee2b85818b0c335193bef7bfcc62a2bb9a58c021de28b8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 00:16:16 GMT
Last-Modified: Wed, 17 Mar 2021 20:57:13 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "60526d29-c2f6"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800, public, no-transform
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 49910
Expires: Thu, 29 Apr 2021 00:16:16 GMT

GET
H/1.1 200
OK push_player.js Show response
serv-vdo.pixfuture.com/vpaid/ Frame D7A8 1 KB
2 KB 313ms
105ms Script
application/javascript 204.48.28.205
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://serv-vdo.pixfuture.com/vpaid/push_player.js
Requested by: Host: serv-vdo.pixfuture.com
URL: https://serv-vdo.pixfuture.com/vpaid/ads.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.48.28.205 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1441bff79eb18764087ec481fa0018adb219abe2bf3178ece73aa8e0d35f12f3

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 00:16:16 GMT
Last-Modified: Mon, 08 Feb 2021 16:32:36 GMT
Server: nginx/1.14.0 (Ubuntu)
ETag: "602167a4-50e"
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800, public, no-transform
Access-Control-Allow-Credentials: true
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Content-Length: 1294
Expires: Thu, 29 Apr 2021 00:16:16 GMT

GET
H2 200 connatix.player.css
cds.connatix.com/p/115064/ 54 KB
8 KB 33ms
27ms Stylesheet
text/css 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cds.connatix.com/p/115064/connatix.player.css
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: f1c022aff023cba27a95c593e440595dfb6f16413a18483866e74a56e2563db5

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:16 GMT
content-encoding: br
last-modified: Mon, 26 Apr 2021 15:04:09 GMT
age: 27932
etag: "fcaa0ea82bb0765612e6ce7eef717e24"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 8363

GET
H2 200 Perkins_Wrigley.jpg
i1.wp.com/bdn-data.s3.amazonaws.com/uploads/2021/04/ 4 KB
4 KB 28ms
27ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/bdn-data.s3.amazonaws.com/uploads/2021/04/Perkins_Wrigley.jpg?fit=1024%2C768&ssl=1&resize=350%2C200

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

63212c3f7b2974ad304272eae4a980c5913ac2c220d0bb47f396f46544b0e128

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT cdg 5
date: Tue, 27 Apr 2021 00:16:16 GMT
x-content-type-options: nosniff
last-modified: Mon, 26 Apr 2021 21:11:20 GMT
server: nginx
etag: "39ceb2929b2d89f0"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://bdn-data.s3.amazonaws.com/uploads/2021/04/Perkins_Wrigley.jpg>; rel="canonical"
content-length: 4190
expires: Thu, 27 Apr 2023 09:11:20 GMT

GET
H2 200 Spring-Snow-042221-LCO-1.jpg
i0.wp.com/bdn-data.s3.amazonaws.com/uploads/2021/04/ 7 KB
7 KB 29ms
28ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i0.wp.com/bdn-data.s3.amazonaws.com/uploads/2021/04/Spring-Snow-042221-LCO-1.jpg?fit=1024%2C635&ssl=1&resize=350%2C200

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

a24cc1d44b3023d00ab2d32622623c7dbf0b87727974904107b30bcbd3933d79

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT cdg 3
date: Tue, 27 Apr 2021 00:16:16 GMT
x-content-type-options: nosniff
last-modified: Mon, 26 Apr 2021 19:15:45 GMT
server: nginx
etag: "ff9d6217721150ae"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://bdn-data.s3.amazonaws.com/uploads/2021/04/Spring-Snow-042221-LCO-1.jpg>; rel="canonical"
content-length: 7386
expires: Thu, 27 Apr 2023 07:15:45 GMT

GET
H2 200 BHHospital4.jpg
i1.wp.com/bdn-data.s3.amazonaws.com/uploads/2021/03/ 8 KB
8 KB 30ms
28ms Image
image/webp 192.0.77.2
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i1.wp.com/bdn-data.s3.amazonaws.com/uploads/2021/03/BHHospital4.jpg?fit=1024%2C683&ssl=1&resize=350%2C200

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.77.2 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

i1.wp.com

Software

nginx /

Resource Hash

fdd12761bc6e5a46c20a2e0053e3b53c7df5efae0e2aebd0eeb70b41bdfa75f8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-nc: HIT cdg 1
date: Tue, 27 Apr 2021 00:16:16 GMT
x-content-type-options: nosniff
last-modified: Mon, 26 Apr 2021 21:11:21 GMT
server: nginx
etag: "2959686461b60540"
vary: Accept
access-control-allow-methods: GET, HEAD
content-type: image/webp
access-control-allow-origin: *
cache-control: public, max-age=63115200
timing-allow-origin: *
link: <https://bdn-data.s3.amazonaws.com/uploads/2021/03/BHHospital4.jpg>; rel="canonical"
content-length: 7980
expires: Thu, 27 Apr 2023 09:11:21 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 76 KB
31 KB 23ms
18ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

05b4aeada635e360f83307e47f81ed9f16d40c629fc2f8f8680d29594cfe022f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:16 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31129
x-xss-protection: 0
last-modified: Tue, 27 Apr 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 27 Apr 2021 00:16:16 GMT

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
373 B 81ms
81ms XHR
text/javascript 13.224.105.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&pid=UB30HHMyOvITb&cb=0&ws=1600x1200&v=7.61.00&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22180x80%22%5D%2C%22sn%22%3A%22%2F21682974628%2Fbangordailynews%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22180x80%22%5D%2C%22sn%22%3A%22%2F21682974628%2Fbangordailynews%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F21682974628%2Fbangordailynews%22%7D%2C%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22300x600%22%2C%22160x600%22%5D%2C%22sn%22%3A%22%2F21682974628%2Fbangordailynews%22%7D%5D&cfgv=0&pubid=b9cc9a74-23ed-483b-9eb8-000dee4af668&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.105.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-105-229.mad50.r.cloudfront.net
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:16 GMT
via: 1.1 fcb5d6664fcce90309288d9ff2cfb9a5.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: MAD50-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://bangordailynews.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 62UlQ4Bx8puCOe8pBMHNeRQ9eLztx4vo539kS3I8X95TOF1_e3hoBg==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 123ms
46ms XHR
application/javascript 13.224.105.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.105.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-105-229.mad50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 15:17:53 GMT
content-encoding: gzip
vary: Accept-Encoding,Origin
age: 32304
x-cache: Hit from cloudfront
access-control-allow-origin: *
last-modified: Wed, 07 Apr 2021 05:49:36 GMT
server: AmazonS3
etag: W/"a4d296427fc806b21335359e398c025c"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: eEYYOb32LZFr6yGAi8hXG4401uAIPew2
via: 1.1 ce47d0f1e1d762a58db0f679e6a5cdeb.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: MAD50-C1
content-type: application/javascript
x-amz-cf-id: odEjF7j_fLnqpaGMflQ8w1rsAbqoBiflKxDf4v8-dS1H4OouABGiOA==

GET
H2 200 css
fonts.googleapis.com/ 52 KB
3 KB 17ms
17ms Stylesheet
text/css 2a00:1450:4001:827::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabTcfV2ClientJs.en_US.8ep3xi8CkMA.es5.O/d=1/rs=AJlcJMyFrSO2jIY22_vIzSxZlBSR8QB5HA/m=iabtcfv2wallscript

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4818ee6ad6d1167b02d5d560cbcebabbe23414debce3ee661c661f5fc7f0d87c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 27 Apr 2021 00:16:16 GMT
server: ESF
date: Tue, 27 Apr 2021 00:16:16 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 27 Apr 2021 00:16:16 GMT

POST
H/1.1 200
OK pls Show response
capi.connatix.com/core/ Frame C89E 3 KB
2 KB 450ms
122ms XHR
multipart/form-data 3.139.208.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/core/pls?v=115064
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.139.208.140 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-139-208-140.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: d56b73cb0ed35dce0ae274ae1b5650d6a6779efe988de00bb27777b0628777ba

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Tue, 27 Apr 2021 00:16:17 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://bangordailynews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 2006

HEAD
H/1.1 200
OK advertising.js
assets.anyclip.com/anyclip-widget/lre-widget/assets/js/ 0
0 90ms
30ms Fetch
application/javascript 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.anyclip.com/anyclip-widget/lre-widget/assets/js/advertising.js
Requested by: Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 00:16:17 GMT
Age: 12136
Connection: keep-alive
Content-Length: 32
x-amz-id-2: TE1LlP6v1FuIediBAbvTJcntLB8pPizYnSPlkqUirghQVEOX1bexc3GTdkReCz0S+EpD9BG1G0E=
Last-Modified: Mon, 10 Dec 2018 11:26:45 GMT
Server: AmazonS3
x-amz-request-id: H7CK13QB0N1H5GE0
Access-Control-Allow-Origin: *
Expires: Tue, 27 Apr 2021 00:54:01 GMT
Cache-Control: public,max-age=14400
x-amz-version-id: yQR7I__mdWlTGiugUbenyyFFuDDzo_a4
Accept-Ranges: bytes
Content-Type: application/javascript
X-LLID: 9420909f2866fe42290ba30ba49b8835
x-amz-meta-s3b-last-modified: 20181210T110233Z

HEAD
H2 200 ima3.js
imasdk.googleapis.com/js/sdkloader/ 0
0 38ms
15ms Fetch
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Tue, 27 Apr 2021 00:16:17 GMT

GET
H2 200 362290
vid.springserve.com/vast/ 22 B
0 154ms
53ms Fetch
application/xml 52.215.252.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/362290
Requested by: Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.252.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-252-139.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 27 Apr 2021 00:16:17 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-length: 22
content-type: application/xml;charset=UTF-8

HEAD
H2 200 loader.js
imasdk.googleapis.com/js/sdkloader/ 0
0 23ms
7ms Fetch
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/loader.js

Requested by

Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:10:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 21 Apr 2021 20:57:11 GMT
server: sffe
age: 357
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18070
x-xss-protection: 0
expires: Tue, 27 Apr 2021 00:25:20 GMT

HEAD
H2 200 client.js
s0.2mdn.net/instream/video/ 0
0 41ms
19ms Fetch
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Tue, 27 Apr 2021 00:16:17 GMT

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 334 KB
115 KB 36ms
16ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d25942b7da85bc7cdb258cdb436227b1de7e3a2b50c61f7d7050eff911f88f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117044
x-xss-protection: 0
expires: Tue, 27 Apr 2021 00:16:17 GMT

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 100ms
100ms Image
image/gif 52.70.144.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=3590&val=0&wnx=0&abc=&ty=blo&v=0&ext=0&ta=1&lnx=0&sid=VjWJdR29ro6xwBDA91XCoUkc17c7ZRsk&pid=bangordailynewscom&wid=0011r00002SRK6m_6242&pt=a
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.144.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-144-100.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:17 GMT
last-modified: Wed, 30 Dec 2020 14:34:46 GMT
server: nginx
accept-ranges: bytes
etag: "5fec9006-23"
content-length: 35
content-type: image/gif

GET
H2 200 sdk.js Show response
api-esp.piano.io/public/sdk/v04/ 43 KB
14 KB 52ms
26ms Script
application/javascript 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1a2f415894088c48d895ce6549090ee756a6f1b3e05699bbf0547b005b3b68d3

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:17 GMT
content-encoding: gzip
x-tq-node: x
cf-cache-status: HIT
age: 1014
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=60; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09b24821c9000017622f030000000001
last-modified: Wed, 21 Apr 2021 11:16:56 GMT
server: cloudflare
etag: W/"1bbec-178f425b840"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: api-esp.piano.io
vary: Accept-Encoding
cache-control: public, max-age=14400
access-control-allow-credentials: true
cf-ray: 6463dc7c78061762-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Tue, 27 Apr 2021 04:16:17 GMT

GET
H2 200 get.js Show response
buy.tinypass.com/api/v3/anon/captcha/ 153 B
410 B 477ms
475ms Script
application/javascript 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/v3/anon/captcha/get.js?callback=jsonpCallback&aid=U1S2txQ29t

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e963ddca0b1e8f814a1710e897c00948d9479280c6c0b1bda1ef51e370ae3dc1

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:17 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: EXPIRED
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 09b24821cf000097ba11139000000001
x-request-id: C5r47sqd8bS
pragma
wn: prod-dash-10-0-121-63
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
content-type: application/javascript
server-time: 0.001
cache-control: public, max-age=1200
cf-ray: 6463dc7c7d6b97ba-FRA
expires: Tue, 27 Apr 2021 00:36:17 GMT

POST
H2 204 AGSKWxW792pZCmg9sp4lDmoBdxO2Zg068XIaHLUC3PjP8U-JtM6eHRKDP7daCbTKcOLPnmxle-z0Lg--aFG3uqwHgBI= Show response
fundingchoicesmessages.google.com/l/ 0
942 B 48ms
28ms XHR
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingLoaderClientJs.en_US.yBB4d6BTfRc.es5.O/d=1/rs=AJlcJMxclVqNNZ5tV-63qo4lEWKqY67sDg/m=loader_js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nrLn36H79kkpwXKcyL+nQQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-nrLn36H79kkpwXKcyL+nQQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 27 Apr 2021 00:16:17 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://bangordailynews.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-nrLn36H79kkpwXKcyL+nQQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-nrLn36H79kkpwXKcyL+nQQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://bangordailynews.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 25 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:00 GMT
server: sffe
age: 137559
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15056
x-xss-protection: 0
expires: Mon, 25 Apr 2022 10:03:38 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v85/ 100 KB
100 KB 10ms
9ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v85/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9ee528fae3270a18f9ef02e08baa054b2a428d449190346a68afefeb047fa6a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://bangordailynews.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 22 Apr 2021 23:45:10 GMT
x-content-type-options: nosniff
last-modified: Thu, 15 Apr 2021 23:28:06 GMT
server: sffe
age: 347467
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 102728
x-xss-protection: 0
expires: Fri, 22 Apr 2022 23:45:10 GMT

GET
H2 200 mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ 15 KB
15 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhp.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://bangordailynews.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 23 Apr 2021 03:56:55 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:47 GMT
server: sffe
age: 332362
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14880
x-xss-protection: 0
expires: Sat, 23 Apr 2022 03:56:55 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://bangordailynews.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 21:15:20 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
age: 10857
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
expires: Tue, 26 Apr 2022 21:15:20 GMT

POST
H3-29 204 AGSKWxUjLkau6agCBfgramZ-FUZsTOE6HDimkwPmDyIw640uFiPmeyKMw1izeYu3UTEPhztqcogjZNwKeWjKDfoANYuB-12hd7bHEi0uo-YmKz1bLpyswPPcQZSDydUcenkAPsgdfejBWXNVrowIiGA-llnsD51u4TRU5-vI-ZhSkrtUrK37qVvr4AfWTeWQ Show response
fundingchoicesmessages.google.com/l/ 0
26 B 20ms
20ms XHR
text/html 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/l/AGSKWxUjLkau6agCBfgramZ-FUZsTOE6HDimkwPmDyIw640uFiPmeyKMw1izeYu3UTEPhztqcogjZNwKeWjKDfoANYuB-12hd7bHEi0uo-YmKz1bLpyswPPcQZSDydUcenkAPsgdfejBWXNVrowIiGA-llnsD51u4TRU5-vI-ZhSkrtUrK37qVvr4AfWTeWQ?dmid=9a88d2cd9a80bfe2

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-L/sXlhIRU6KcEhktp37PxA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-L/sXlhIRU6KcEhktp37PxA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 27 Apr 2021 00:16:17 GMT
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
access-control-max-age: 86400
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://bangordailynews.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: script-src 'report-sample' 'nonce-L/sXlhIRU6KcEhktp37PxA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-L/sXlhIRU6KcEhktp37PxA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 23:53:52 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
age: 1345
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2779
x-xss-protection: 0
expires: Tue, 27 Apr 2021 00:53:52 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.com/v1/ 74 B
539 B 45ms
13ms XHR
application/json 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.com/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 27 Apr 2021 00:16:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://bangordailynews.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 94
x-xss-protection: 0

POST
H2 204 generic
trends.revcontent.com/event/ 0
0 124ms
39ms Fetch 34.248.121.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trends.revcontent.com/event/generic
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.121.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-121-96.eu-west-1.compute.amazonaws.com
Software: Grizzly/2.4.4 /
Resource Hash

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://bangordailynews.com
date: Tue, 27 Apr 2021 00:16:17 GMT
access-control-allow-credentials: true
server: Grizzly/2.4.4
access-control-allow-headers: Content-Type

GET
H2 200 / Show response
trends.revcontent.com/api/delivery/ 17 KB
7 KB 205ms
203ms Fetch
text/html 34.248.121.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://trends.revcontent.com/api/delivery/?is_blocked=false&w=165643&width=1600&rev_allow_cookies=0&site_url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&icr_url=&va=1&time=1619482577858&up=pc&bn=chrome&bv=89&widget_width=780

Requested by

Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.248.121.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-248-121-96.eu-west-1.compute.amazonaws.com

Software

Apache/2.4.25 (Debian) /

Resource Hash

0bf427adbc53efd4ba26d658968693e970de8bd26a1290fa2ab366426bc09cb9

Security Headers

Name	Value
Strict-Transport-Security	max-age=931536000; includeSubDomains

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:18 GMT
content-encoding: gzip
server: Apache/2.4.25 (Debian)
vary: Accept-Encoding
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://bangordailynews.com
access-control-allow-credentials: true
strict-transport-security: max-age=931536000; includeSubDomains
content-length: 7345

GET
H3-29 200 733394673714818 Show response
connect.facebook.net/signals/config/ 254 KB
72 KB 63ms
55ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/733394673714818?v=2.9.39&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ef0b6e589e662ef1b9c44e23acea2320db067ebaf821d262febe0e4d576013f1

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: Ki0WvWKpMN6YO6v14p0fK/pNX5sqzMoV920L7Wg4UuhhuVKzfe2QJoGV90p6Xb0FOC6A892EAz3nDe3/lHLT3Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
date: Tue, 27 Apr 2021 00:16:17 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ping
ping.chartbeat.net/ 43 B
169 B 368ms
107ms Image
image/gif 34.237.68.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=bangordailynews.com&p=%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&u=CLkJvdDa5os0D_CFKE&d=bangordailynews.com&g=14550&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0&x=0&m=0&y=4897&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=6504&t=B97SzaBKxEnVBkPYKlBqTaAXCo3qHm&V=126&i=Holden%20brothers%20sue%20Northern%20Light%20over%20data%20breach%20they%20claim%20left%20them%20vulnerable%20to%20identity%20thef&tz=-120&sn=1&sv=C4lCbNCjguX2BW3rAUDM1XJBCS1t27&sd=1&im=067b2fff&_
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.237.68.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-68-53.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 00:16:18 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H2 200 verify Show response
id.tinypass.com/id/api/v1/identity/token/ 207 B
989 B 171ms
157ms Script
application/javascript 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://id.tinypass.com/id/api/v1/identity/token/verify?callback=jQuery112406633006023556334_1619482576856&client_id=U1S2txQ29t&site=https%3A%2F%2Fbangordailynews.com&_=1619482576857

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

64db446ae444d407b8d6f13c73a1e01379b2f29ec102a3a51acdfcc3cd9b6c61

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:18 GMT
content-encoding: br
cf-cache-status: DYNAMIC
p3p: CP="ALL ADM DEV PSAi COM OUR OTRo STP IND ONL", CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 09b24824e9000097baeb26c000000001
x-request-id: C6r47sqevFs
pragma: no-cache
wn: prod-id-10-0-128-53
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-cache="set-cookie"
access-control-allow-credentials: true
server-time: 0.000
cf-ray: 6463dc817e2a97ba-FRA
access-control-allow-headers: origin, content-type, accept, authorization
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK sr Show response
capi.connatix.com/tr/ Frame C89E 0
300 B 111ms
111ms XHR
multipart/form-data 3.139.208.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/sr?v=115064
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.139.208.140 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-139-208-140.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Tue, 27 Apr 2021 00:16:18 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://bangordailynews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 200 3_media.bin Show response
vid.connatix.com/fda58192-ade4-4b70-87e4-8bec8591c31e/ Frame C89E 390 B
513 B 66ms
21ms XHR
application/octet-stream 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.connatix.com/fda58192-ade4-4b70-87e4-8bec8591c31e/3_media.bin
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6dc5c9f36a861e185f9cf18b37141d6994018dc1049951ee5f0ec657bf4cb789

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:18 GMT
content-encoding: gzip
last-modified: Thu, 01 Apr 2021 17:51:48 GMT
age: 1012833
etag: "970778f64e38b9fc544908eb03688bc9"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: max-age=31557600
accept-ranges: bytes
content-length: 324

GET
H/1.1 200
OK pwt.js Show response
ads.pubmatic.com/AdServer/js/pwt/158127/2642/ Frame D7A8 275 KB
84 KB 124ms
52ms Script
text/javascript 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/pwt/158127/2642/pwt.js
Requested by: Host: serv-vdo.pixfuture.com
URL: https://serv-vdo.pixfuture.com/vpaid/ads-iframe.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e98e8d723dd2eaca28bade949628d27e81e6cf8c9b3e0fd8091fe4b3843f78ce

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 00:16:18 GMT
Content-Encoding: gzip
Last-Modified: Thu, 29 Oct 2020 22:47:13 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "10c1257-44c71-5b2d70fa58647"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: public, max-age=120445
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/javascript
Content-Length: 85626
Expires: Wed, 28 Apr 2021 09:43:43 GMT

GET
H/1.1 200
OK vast_prebid_init.php Show response
serv-vdo.pixfuture.com/vpaid/ Frame D7A8 16 KB
16 KB 207ms
206ms Script
application/javascript 204.48.28.205
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://serv-vdo.pixfuture.com/vpaid/vast_prebid_init.php?zoneid=11&siteid=231&keywords=holden,brothers,sue,northern,light,over,data,breach,they,claim,left,them,vulnerable,identity,theft&url=https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/&ads_counter=not_started
Requested by: Host: serv-vdo.pixfuture.com
URL: https://serv-vdo.pixfuture.com/vpaid/ads-iframe.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.48.28.205 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: 1fe27f2814d4fc1b60e5695c89b75b92ccf810e84d789aff21b7947257330ab0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Apr 2021 00:16:18 GMT
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800, public, no-transform
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Thu, 29 Apr 2021 00:16:18 GMT

POST
H2 200 publisher:getClientId Show response
ampcid.google.de/v1/ 3 B
468 B 76ms
49ms XHR
application/json 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ampcid.google.de/v1/publisher:getClientId?key=AIzaSyA65lEHUEizIsNtlbNo-l2K18dT680nsaM

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 27 Apr 2021 00:16:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://bangordailynews.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 23
x-xss-protection: 0

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
245 B 424ms
99ms Image
image/gif 35.168.95.93
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=pv&page=Holden%20brothers%20sue%20Northern%20Light%20over%20data%20breach%20they%20claim%20left%20them%20vulnerable%20to%20identity%20theft&pubname=Bangor%20Daily%20News&artupt=1619174198&artpubt=1619154000&tv=js-3.0.109&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=-120&lang=en-US&cs=UTF-8&navt=link&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&tvltm=12&tid=d5541d44-16d3-472f-b4bf-0e0c933295d1&pid=61c565f7-f641-430a-9d89-f4e0610df106&dtm=1619482578518&qnm=_matherq&visible=1&tabid=a7876d20-5d2c-48ba-a884-277b3a532571&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&vp=1600x1200&ds=1600x5204&tofa=1619482579&vid=1&lvidt=1619482579&duid=ae57ef4b16853b28&fp=1072425006&cid=ma63069&mrk=92760912&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTYxOTQ4MjU3MTQ3NSIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIzMy4xbWIiLCJoZWFwVCI6IjQyLjFtYiIsImZzdFBhaW50IjoiMTgxMiIsImZldGNoUyI6IjAiLCJkb21haW5TIjoiMSIsImRvbWFpbkUiOiI4IiwiY29ublMiOiI4IiwiY29ubkUiOiI2NSIsInNzbFMiOiIyNiIsInJlcXVTIjoiNjUiLCJyZXNwUyI6Ijk1OSIsInJlc3BFIjoiOTkzIiwiZG9tTG9hZCI6Ijk2NiIsImRvbUludGVyIjoiMjU0OCIsImRvbUxvYWRTIjoiMjU4OSIsImRvbUxvYWRFIjoiMjY0MCJ9fQ
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.168.95.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-168-95-93.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 00:16:18 GMT
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length: 43
Content-Type: image/gif

POST
H/1.1 200
OK ao Show response
capi.connatix.com/tr/ Frame C89E 0
300 B 110ms
110ms XHR
multipart/form-data 3.139.208.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/ao?v=115064
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.139.208.140 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-139-208-140.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Tue, 27 Apr 2021 00:16:18 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://bangordailynews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H/1.1 200
OK g Show response
capi.connatix.com/rtb/ Frame C89E 232 B
483 B 491ms
163ms XHR
multipart/form-data 3.139.208.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/rtb/g?v=115064
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.139.208.140 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-139-208-140.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: 0e2901061fa970fa7735d6a8d116a60d0318546cf2f8e5bcc66fe764f4a273f9

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Tue, 27 Apr 2021 00:16:19 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://bangordailynews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 202

POST
H/1.1 200
OK ps Show response
capi.connatix.com/tr/ Frame C89E 0
300 B 162ms
109ms XHR
multipart/form-data 3.139.208.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/ps?v=115064
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.139.208.140 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-139-208-140.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Tue, 27 Apr 2021 00:16:18 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://bangordailynews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 200 1_th.jpg
img.connatix.com/fda58192-ade4-4b70-87e4-8bec8591c31e/ 11 KB
12 KB 25ms
20ms Image
image/jpeg 151.101.194.137
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.connatix.com/fda58192-ade4-4b70-87e4-8bec8591c31e/1_th.jpg?crop=546:307,smart&width=546&height=307&format=jpeg&quality=60&fit=crop
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 6967e76dda8a91ef00d9999741ea147446fa952edb4c0ed5522f2453693a25fc

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:18 GMT
age: 2146012
etag: "Xod04Z/uExQG5zbJq0sDzGdgxFwSlQM/kDUqyHdPfcI"
access-control-max-age: 86400
fastly-io-info: ifsz=15731 idim=375x212 ifmt=jpeg ofsz=11766 odim=375x211 ofmt=jpeg
access-control-allow-origin: *
cache-control: max-age=31557600
fastly-stats: io=1
accept-ranges: bytes
content-type: image/jpeg
content-length: 11766

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 88 KB
35 KB 18ms
17ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-5329647-52&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

8824b52038dfcdaf8faa89070fd18df0e7329bda63a0d7af0a649c75659abc27

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:18 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35816
x-xss-protection: 0
expires: Tue, 27 Apr 2021 00:16:18 GMT

GET
H3-29 200 232 Show response
api-esp.piano.io/publisher/fusion/lucid/data/ 4 KB
2 KB 167ms
149ms XHR
application/json 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/publisher/fusion/lucid/data/232?email=&visitor=&stored_visitor=&pnespid=

Requested by

Host: c0.wp.com
URL: https://c0.wp.com/c/5.7.1/wp-includes/js/jquery/jquery.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f8cd59c3e1a762a5579aae7a171bc3f53296295486dbc295796f3e6c3c8f69ff

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 27 Apr 2021 00:16:19 GMT
content-encoding: gzip
x-tq-node: x
cf-cache-status: DYNAMIC
x-cache-status: BYPASS
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=60; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09b24828b90000d6f938bae000000001
server: cloudflare
etag: W/"117d-x4NN82goBycLGuQC/6CKVzv8Vso"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bangordailynews.com
vary: Accept-Encoding
access-control-allow-credentials: true
cf-ray: 6463dc878c7cd6f9-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token

OPTIONS
H2 200 232
api-esp.piano.io/publisher/fusion/lucid/data/ Frame 0
0 147ms
132ms Preflight 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/publisher/fusion/lucid/data/232?email=&visitor=&stored_visitor=&pnespid=

Protocol

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://bangordailynews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 27 Apr 2021 00:16:19 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://bangordailynews.com
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-max-age: 36000
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-tq-node: x
strict-transport-security: max-age=60; includeSubDomains
cf-cache-status: DYNAMIC
cf-request-id: 09b248281f0000c26d31b68000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6463dc8699a0c26d-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 101ms
101ms Image
image/gif 52.70.144.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=5445&val=ima&wnx=0&abc=&ty=ami&v=0&ext=0&ta=1&lnx=0&sid=VjWJdR29ro6xwBDA91XCoUkc17c7ZRsk&pid=bangordailynewscom&wid=0011r00002SRK6m_6242&pt=a
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.144.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-144-100.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:19 GMT
last-modified: Wed, 30 Dec 2020 14:34:46 GMT
server: nginx
accept-ranges: bytes
etag: "5fec9006-23"
content-length: 35
content-type: image/gif

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
91 B 16ms
16ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-5329647-52&cid=1847752240.1619482579&jid=439760599&gjid=1305160604&_gid=889478168.1619482579&_u=aGBAgUALAAQCAE~&z=118597282

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 27 Apr 2021 00:16:19 GMT
content-type: text/plain
access-control-allow-origin: https://bangordailynews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
96 B 18ms
7ms Image
image/gif 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=313006227&t=pageview&_s=1&dl=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&ul=en-us&de=UTF-8&dt=Holden%20brothers%20sue%20Northern%20Light%20over%20data%20breach%20they%20claim%20left%20them%20vulnerable%20to%20identity%20theft&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAgUALAAQC~&jid=439760599&gjid=1305160604&cid=1847752240.1619482579&tid=UA-5329647-52&_gid=889478168.1619482579&gtm=2wg4e1W3QLSF&cd24=https&cd25=false&cd28=no&cm5=0&z=1966267112

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 06:13:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 64955
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
91 B 7ms
7ms Image
image/gif 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j90&a=313006227&t=pageview&_s=1&dl=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&ul=en-us&de=UTF-8&dt=Holden%20brothers%20sue%20Northern%20Light%20over%20data%20breach%20they%20claim%20left%20them%20vulnerable%20to%20identity%20theft&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAiUALBAQCAE~&jid=&gjid=&cid=1847752240.1619482579&tid=UA-5329647-52&_gid=889478168.1619482579&gtm=2wg4e1W3QLSF&cd24=https&cd25=false&cd28=no&cm5=0&z=1039584416

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 26 Apr 2021 06:13:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 64955
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
408 B 38ms
8ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=733394673714818&ev=PageView&dl=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&rl=&if=false&ts=1619482579111&sw=1600&sh=1200&v=2.9.39&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1619482579108.843250628&it=1619482577876&coo=false&rqm=GET

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:19 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 27 Apr 2021 00:16:19 GMT

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame D7A8 62 KB
21 KB 46ms
14ms Script
text/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: serv-vdo.pixfuture.com
URL: https://serv-vdo.pixfuture.com/vpaid/ads-iframe.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

956ee96d48b61cb2ff2b7d66d090999ab54281e2b995c5867f1f60ef1e31d429

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "854 / 80 of 1000 / last-modified: 1619475282"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21014
x-xss-protection: 0
expires: Tue, 27 Apr 2021 00:16:19 GMT

GET
H2 200 prebid_4_23.js Show response
cdn.pixfuture.com/ Frame D7A8 318 KB
319 KB 23ms
18ms Script
application/javascript 2606:4700:20::681a:a9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/prebid_4_23.js
Requested by: Host: serv-vdo.pixfuture.com
URL: https://serv-vdo.pixfuture.com/vpaid/ads-iframe.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb20b25bccd61ce9602de4ea1a9ceb31f6f65a945ba5da6ed9e91c88486288bd

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:19 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 14709
cf-polished: origSize=326091
cf-bgj: minify
cf-request-id: 09b24828bd00001f11ac15e000000001
last-modified: Tue, 02 Feb 2021 20:10:57 GMT
server: cloudflare
etag: W/"6019b1d1-4f9cb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=POa2xrd6hwD01ldRXFlRpZdhaQhAviJg6rsmXIoLYCd%2F7UChISGpw1NFpFX5RcxT6ouRrhoiiFCpHpA8fqsHMAyISx2124thfg4nkfxSnqrVS%2F29E36CWAo52%2BZg2w%3D%3D"}]}
content-type: application/javascript
cache-control: public, max-age=2678400, no-transform
cf-ray: 6463dc879fcf1f11-FRA
expires: Wed, 28 Apr 2021 20:11:07 GMT

GET
H2 200 bangordailynews.min.js Show response
global.proper.io/ 15 KB
5 KB 50ms
23ms Script
application/javascript 2606:4700::6811:4e22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://global.proper.io/bangordailynews.min.js
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4e22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f6ab38c80589bb5c0c5a3019da49047c6d1aadcb9feac43450f2d7769d662ace

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:19 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 23 Apr 2021 17:02:26 GMT
server: cloudflare
age: 285099
etag: W/"6082fda2-3de8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=300
cf-ray: 6463dc87c8232fa5-FRA
cf-request-id: 09b24828d900002fa5d820a000000001
expires: Tue, 27 Apr 2021 00:21:19 GMT

POST
H2 204 impression
trends.revcontent.com/event/ 0
0 53ms
46ms Fetch 34.248.121.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trends.revcontent.com/event/impression
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.121.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-121-96.eu-west-1.compute.amazonaws.com
Software: Grizzly/2.4.4 /
Resource Hash

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://bangordailynews.com
date: Tue, 27 Apr 2021 00:16:19 GMT
access-control-allow-credentials: true
server: Grizzly/2.4.4
access-control-allow-headers: Content-Type

GET
H2 200 /
img.revcontent.com/ 20 KB
20 KB 72ms
24ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.revcontent.com/?url=https://cdn.revcontent.com/assets/img/full_color.png&static=true
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: c842ab9a59af3f3d62511fdb5488ad527d2193c3371b5561ade4a2a19a8e7062

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:19 GMT
last-modified: Wed, 01 Jul 2020 17:13:25 GMT
etag: "1593623605"
x-hw: 1619482579.cds029.pa1.hn,1619482579.cds046.pa1.c
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
content-length: 20438

GET
H2 200 rc-logo.png
cdn.revcontent.com/assets/img/ 4 KB
4 KB 74ms
25ms Image
image/png 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.revcontent.com/assets/img/rc-logo.png
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),
Reverse DNS
Software: /
Resource Hash: 66e0312cb1c8f068831abec6de6c5c6e8e7b6134881cc245c3fd99744619aec1

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:19 GMT
last-modified: Mon, 26 Apr 2021 16:17:17 GMT
etag: "1619453837"
x-hw: 1619482579.cds008.pa1.hn,1619482579.cds203.pa1.c
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=28
accept-ranges: bytes
content-length: 4298

GET
H/1.1 200
OK play-big.svg
assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/ 650 B
1 KB 85ms
28ms Image
image/svg+xml 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/play-big.svg?hash=55977d5a99
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash: 3cc9389c9cfdbc0fb7c282c3026c3cd9c11894913f4cf60cf9d1140a1415ad0a

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 00:16:19 GMT
Content-Encoding: gzip
Age: 7700
Connection: keep-alive
Content-Length: 400
x-amz-id-2: 2ZRGmD+kh257W9+vyOdL6QpvAOGlYqi9dgt1aL0FP89CyWLDvZNesGZlGXxYDzF/4PQZCl44NDY=
Last-Modified: Tue, 06 Aug 2019 13:18:15 GMT
Server: AmazonS3
Vary: Accept-Encoding
x-amz-request-id: 842E25E42F23E437
Access-Control-Allow-Origin: *
Expires: Tue, 27 Apr 2021 02:07:59 GMT
Cache-Control: public,max-age=14400
x-amz-version-id: P54LBC7dA7.CKZKZL0usNEXn5r08cUmk
Accept-Ranges: bytes
Content-Type: image/svg+xml
X-LLID: 86f3604a4a09e99fc5fdf18ed53d1dda
x-amz-meta-s3b-last-modified: 20190806T131201Z

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 100ms
99ms Image
image/gif 52.70.144.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=5733&val=1---&wnx=0&abc=&ty=crs&v=0&ext=0&ta=1&lnx=0&sid=VjWJdR29ro6xwBDA91XCoUkc17c7ZRsk&pid=bangordailynewscom&wid=0011r00002SRK6m_6242&pt=a
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.144.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-144-100.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:19 GMT
last-modified: Wed, 30 Dec 2020 14:34:46 GMT
server: nginx
accept-ranges: bytes
etag: "5fec9006-23"
content-length: 35
content-type: image/gif

POST
H2 200 execute Show response
experience.tinypass.com/xbuilder/experience/ 8 KB
4 KB 165ms
156ms XHR
application/json 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://experience.tinypass.com/xbuilder/experience/execute?aid=U1S2txQ29t

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7378cb5ae264de66d381ce91422eb58ffd3e7e41176be793ac088315b85c4a06

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Accept: */*
Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 27 Apr 2021 00:16:19 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 09b2482a37000097ba028b4000000001
x-request-id: C7r47sq5rxi
pragma: no-cache
wn: prod-exp-10-0-83-141
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=utf-8
access-control-allow-origin: https://bangordailynews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6463dc89ef5f97ba-FRA
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 18ms
17ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-5329647-52&cid=1847752240.1619482579&jid=439760599&_u=aGBAgUALAAQCAE~&z=194472579

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 00:16:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 17ms
16ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-5329647-52&cid=1847752240.1619482579&jid=439760599&_u=aGBAgUALAAQCAE~&z=194472579

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 00:16:19 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame D7A8
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fbangordailynews.com%2F&cw=1
https://mug.criteo.com/sid?cpp=yiq_vXxCb2Rtd1pvSUVpYkF0S2JQMEdtTDNjdHFYb0tjeVMzWW1XZmVFZDAwanAraXhlZCtVQUREaUkwRGhyTjNyWi8wbGUxMFJkSzNQVS9sR2pjVVBDdGM0U0JZY2h6bm9nbzRZVUJFdFZ4ejBNZzFqbGRBRTBYRUtPZF...

361 B
638 B

66ms
22ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=yiq_vXxCb2Rtd1pvSUVpYkF0S2JQMEdtTDNjdHFYb0tjeVMzWW1XZmVFZDAwanAraXhlZCtVQUREaUkwRGhyTjNyWi8wbGUxMFJkSzNQVS9sR2pjVVBDdGM0U0JZY2h6bm9nbzRZVUJFdFZ4ejBNZzFqbGRBRTBYRUtPZFo1bUoxUnYwc2lBcVVSdVRjSU1HSGtJZXFkRVdrdTg1RlJLdk5rUmhVUEpzTTZoeGpHT1YxVUNqTnErYXlQMlhjOEsxTGpuRUxMT3U0LzYvL0dKNExaZGNHZERKdm43L2NmZzNIY01ucXJzR3puL0JSOTdZPXw&cppv=2

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

2df2ad630d8c23675ed549e41a74b379d3b5f9817938aa27906d575ccce61631

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Tue, 27 Apr 2021 00:16:19 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2460
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Tue, 27 Apr 2021 00:16:18 GMT
location: https://mug.criteo.com/sid?cpp=yiq_vXxCb2Rtd1pvSUVpYkF0S2JQMEdtTDNjdHFYb0tjeVMzWW1XZmVFZDAwanAraXhlZCtVQUREaUkwRGhyTjNyWi8wbGUxMFJkSzNQVS9sR2pjVVBDdGM0U0JZY2h6bm9nbzRZVUJFdFZ4ejBNZzFqbGRBRTBYRUtPZFo1bUoxUnYwc2lBcVVSdVRjSU1HSGtJZXFkRVdrdTg1RlJLdk5rUmhVUEpzTTZoeGpHT1YxVUNqTnErYXlQMlhjOEsxTGpuRUxMT3U0LzYvL0dKNExaZGNHZERKdm43L2NmZzNIY01ucXJzR3puL0JSOTdZPXw&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://bangordailynews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2214
content-length: 482
expires: 0

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame C89E 334 KB
114 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d25942b7da85bc7cdb258cdb436227b1de7e3a2b50c61f7d7050eff911f88f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117044
x-xss-protection: 0
expires: Tue, 27 Apr 2021 00:16:19 GMT

GET
H3-29 200 bridge3.453.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 5CE8 570 KB
186 KB 24ms
7ms Document
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03fa924099182c607c33fb7877f50e7de0ae3522e1bcff8f7247ae5e88a2b25b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.453.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bangordailynews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://bangordailynews.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 190793
date: Thu, 22 Apr 2021 15:44:13 GMT
expires: Fri, 22 Apr 2022 15:44:13 GMT
last-modified: Wed, 21 Apr 2021 20:50:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 376326
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 48ms
14ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Tue, 27 Apr 2021 00:16:19 GMT

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 101ms
100ms Image
image/gif 52.70.144.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=6212&val=0&wnx=0&abc=&ty=wre&v=0&ext=0&ta=1&lnx=0&sid=VjWJdR29ro6xwBDA91XCoUkc17c7ZRsk&pid=bangordailynewscom&wid=0011r00002SRK6m_6242&pt=a
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.144.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-144-100.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:19 GMT
last-modified: Wed, 30 Dec 2020 14:34:46 GMT
server: nginx
accept-ranges: bytes
etag: "5fec9006-23"
content-length: 35
content-type: image/gif

GET
H/1.1 200
OK anyclip-logo.png
assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/ 1 KB
2 KB 29ms
28ms Image
image/png 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/anyclip-logo.png
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash: a9face165b5af8cc8cd1aef61858dc946c4296ee34ef63790747394d4f25c38b

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 00:16:19 GMT
Age: 2771
Connection: keep-alive
Content-Length: 1316
x-amz-id-2: N/VDY41NRXTx/nPQAv9dDCcMACdcAIt2Fm18wi1xCY9RUyh4EgW+SPCtCrkLkstP59oOzMRV7GM=
Last-Modified: Thu, 20 Dec 2018 13:30:18 GMT
Server: AmazonS3
x-amz-request-id: BB40BB343D4078AE
Access-Control-Allow-Origin: *
Expires: Tue, 27 Apr 2021 03:30:08 GMT
Cache-Control: public,max-age=14400
x-amz-version-id: OklAUkiF01qvm0z5Jbxqbgl4N5mndRTg
Accept-Ranges: bytes
Content-Type: image/png
X-LLID: 24b341e965796bcd67004b677a6b5522
x-amz-meta-s3b-last-modified: 20180812T120014Z

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 99ms
98ms Image
image/gif 52.70.144.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=6276&val=780&wnx=0&abc=&ty=psw&v=0&ext=0&ta=1&lnx=0&sid=VjWJdR29ro6xwBDA91XCoUkc17c7ZRsk&pid=bangordailynewscom&wid=0011r00002SRK6m_6242&pt=a
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.144.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-144-100.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:19 GMT
last-modified: Wed, 30 Dec 2020 14:34:46 GMT
server: nginx
accept-ranges: bytes
etag: "5fec9006-23"
content-length: 35
content-type: image/gif

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 101ms
100ms Image
image/gif 52.70.144.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=6277&val=439&wnx=0&abc=&ty=psh&v=0&ext=0&ta=1&lnx=0&sid=VjWJdR29ro6xwBDA91XCoUkc17c7ZRsk&pid=bangordailynewscom&wid=0011r00002SRK6m_6242&pt=a
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.144.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-144-100.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:19 GMT
last-modified: Wed, 30 Dec 2020 14:34:46 GMT
server: nginx
accept-ranges: bytes
etag: "5fec9006-23"
content-length: 35
content-type: image/gif

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-5329647-52&l=dataLayer&cx=c

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 3216
date: Mon, 26 Apr 2021 23:22:43 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Tue, 27 Apr 2021 01:22:43 GMT

POST
H3-29 200 /
www.facebook.com/tr/ 0
15 B 15ms
6ms Ping
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryjOZBi7bVtgM2kLdl

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Tue, 27 Apr 2021 00:16:19 GMT
content-type: text/plain
access-control-allow-origin: https://bangordailynews.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

OPTIONS
H3-29 200 114
api-esp.piano.io/tracker/lucid/visit/ Frame 0
0 146ms
135ms Preflight 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/tracker/lucid/visit/114?story_url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&visitor=2g3zz3zkigl65sq0

Protocol

H3-29

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://bangordailynews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 27 Apr 2021 00:16:20 GMT
access-control-allow-credentials: true
access-control-allow-origin: https://bangordailynews.com
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
access-control-max-age: 36000
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
x-tq-node: x
strict-transport-security: max-age=60; includeSubDomains
cf-cache-status: DYNAMIC
cf-request-id: 09b2482bfd00000eb37d9bb000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6463dc8ccb2b0eb3-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

POST
H3-29 200 114 Show response
api-esp.piano.io/tracker/lucid/visit/ 65 B
711 B 135ms
135ms XHR
application/json 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: c0.wp.com
URL: https://c0.wp.com/c/5.7.1/wp-includes/js/jquery/jquery.min.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

24506f5ea59e5d29163f04812d573d4a2485be8bc8166c4d9f5af53c8b702e23

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 27 Apr 2021 00:16:20 GMT
content-encoding: gzip
x-tq-node: x
cf-cache-status: DYNAMIC
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=60; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09b2482c850000d6f908071000000001
server: cloudflare
etag: W/"41-sR7Yu6rD9iRTawvUxZAGFGh7Nrw"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bangordailynews.com
vary: Accept-Encoding, X-HTTP-Method-Override
access-control-allow-credentials: true
cf-ray: 6463dc8da801d6f9-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token

GET
H3-29 200 iframeResizer.min.js Show response
api-esp.piano.io/public/sdk/vx/lib/iframeResizer/ 11 KB
5 KB 33ms
22ms Script
application/javascript 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/public/sdk/vx/lib/iframeResizer/iframeResizer.min.js?v=vd.1.63.3.13-2b559ec&p=114

Requested by

Host: api-esp.piano.io
URL: https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5b874cb5c9f3a822335797b9ce5ef7a08fc29ec8e14d84c5662d41745e24b12

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:19 GMT
content-encoding: gzip
x-tq-node: x
cf-cache-status: HIT
age: 44216
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=60; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09b2482bfd0000d6f9ed356000000001
last-modified: Wed, 21 Apr 2021 11:16:56 GMT
server: cloudflare
etag: W/"2e2f-178f425b840"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: api-esp.piano.io
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 6463dc8ccf88d6f9-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Wed, 27 Apr 2022 00:16:19 GMT

GET
H3-29 200 state-machine.min.js Show response
api-esp.piano.io/public/sdk/vx/lib/state-machine/ 4 KB
2 KB 35ms
28ms Script
application/javascript 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/public/sdk/vx/lib/state-machine/state-machine.min.js?v=vd.1.63.3.13-2b559ec&p=114

Requested by

Host: api-esp.piano.io
URL: https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

22397b41dbe5333180c07d20dbc2d3dac3742e1e1cd2cbeb9fc3126d9a249b51

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:19 GMT
content-encoding: gzip
x-tq-node: x
cf-cache-status: HIT
age: 44216
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=60; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09b2482bfd0000d6f913265000000001
last-modified: Wed, 21 Apr 2021 11:16:56 GMT
server: cloudflare
etag: W/"f2a-178f425b840"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: api-esp.piano.io
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 6463dc8ccf89d6f9-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Wed, 27 Apr 2022 00:16:19 GMT

GET
H3-29 200 displayer.js Show response
api-esp.piano.io/public/sdk/vx/widgets/base/ 16 KB
5 KB 28ms
25ms Script
application/javascript 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/public/sdk/vx/widgets/base/displayer.js?v=vd.1.63.3.13-2b559ec&p=114

Requested by

Host: api-esp.piano.io
URL: https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b3f47c88cda76867aaf6d622b230307763d73eb759601b447b2c4deb912904f

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:19 GMT
content-encoding: gzip
x-tq-node: x
cf-cache-status: HIT
age: 44216
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=60; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09b2482bfe0000d6f9253f1000000001
last-modified: Wed, 21 Apr 2021 11:16:56 GMT
server: cloudflare
etag: W/"8abb-178f425b840"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: api-esp.piano.io
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 6463dc8ccf8bd6f9-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Wed, 27 Apr 2022 00:16:19 GMT

GET
H3-29 200 displayer.js Show response
api-esp.piano.io/public/sdk/vx/widgets/embedded/ 2 KB
2 KB 38ms
36ms Script
application/javascript 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api-esp.piano.io/public/sdk/vx/widgets/embedded/displayer.js?v=vd.1.63.3.13-2b559ec&p=114

Requested by

Host: api-esp.piano.io
URL: https://api-esp.piano.io/public/sdk/v04/sdk.js?v=xxx

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

61c08be466a49ad1612b95a5d57048744ba6490a0a0a4ff0bafe302ef51dd3a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:19 GMT
content-encoding: gzip
x-tq-node: x
cf-cache-status: HIT
age: 44216
x-cache-status: HIT
p3p: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
strict-transport-security: max-age=60; includeSubDomains
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09b2482bfe0000d6f94d18e000000001
last-modified: Wed, 21 Apr 2021 11:16:56 GMT
server: cloudflare
etag: W/"19c7-178f425b840"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 36000
access-control-allow-methods: GET,PUT,POST,PATCH,DELETE,OPTIONS
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: api-esp.piano.io
vary: Accept-Encoding
cache-control: public, max-age=31536000
access-control-allow-credentials: true
cf-ray: 6463dc8ccf8cd6f9-FRA
access-control-allow-headers: Accept-Encoding,Accept-Language,Accept,Content-Type,Cookie,Origin,Piano-ESP-Static-Content,User-Agent,X-CSRF-Token,X-CSRFToken,x-vixen-token
expires: Wed, 27 Apr 2022 00:16:19 GMT

POST
H2 204 generic
trends.revcontent.com/event/ 0
0 40ms
40ms Fetch 34.248.121.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trends.revcontent.com/event/generic
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.121.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-121-96.eu-west-1.compute.amazonaws.com
Software: Grizzly/2.4.4 /
Resource Hash

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://bangordailynews.com
date: Tue, 27 Apr 2021 00:16:19 GMT
access-control-allow-credentials: true
server: Grizzly/2.4.4
access-control-allow-headers: Content-Type

POST
H2 204 generic
trends.revcontent.com/event/ 0
0 45ms
44ms Fetch 34.248.121.96
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://trends.revcontent.com/event/generic
Requested by: Host: assets.revcontent.com
URL: https://assets.revcontent.com/master/delivery.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.248.121.96 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-248-121-96.eu-west-1.compute.amazonaws.com
Software: Grizzly/2.4.4 /
Resource Hash

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin: https://bangordailynews.com
date: Tue, 27 Apr 2021 00:16:20 GMT
access-control-allow-credentials: true
server: Grizzly/2.4.4
access-control-allow-headers: Content-Type

GET
H2 200 show Show response
buy.tinypass.com/checkout/offer/ Frame 7B99 3 MB
2 MB 153ms
152ms Document
text/html 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=%23piano-bottom&templateId=OT4SMJA264JI&offerId=OFTT8RQJHOEV&formNameByTermId=%7B%7D&hideCompletedFields=true&showCloseButton=false&experienceId=EXTQ1E06385B&activeMeters=%5B%7B%22meterName%22%3A%22MeteredExperience%22%2C%22views%22%3A1%2C%22viewsLeft%22%3A2%2C%22maxViews%22%3A3%2C%22totalViews%22%3A1%7D%5D&widget=offer&iframeId=offer-0-bJ5nZ&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=U1S2txQ29t&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=bd13320126

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97be7f598da2699a254719aa3ac15ca9cace2862e723a15d20d0c8ba264011b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Xss-Protection	0

Request headers

:method: GET
:authority: buy.tinypass.com
:scheme: https
:path: /checkout/offer/show?displayMode=inline&containerSelector=%23piano-bottom&templateId=OT4SMJA264JI&offerId=OFTT8RQJHOEV&formNameByTermId=%7B%7D&hideCompletedFields=true&showCloseButton=false&experienceId=EXTQ1E06385B&activeMeters=%5B%7B%22meterName%22%3A%22MeteredExperience%22%2C%22views%22%3A1%2C%22viewsLeft%22%3A2%2C%22maxViews%22%3A3%2C%22totalViews%22%3A1%7D%5D&widget=offer&iframeId=offer-0-bJ5nZ&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=U1S2txQ29t&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=bd13320126
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bangordailynews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://bangordailynews.com/

Response headers

date: Tue, 27 Apr 2021 00:16:20 GMT
content-type: text/html;charset=UTF-8
access-control-allow-methods: *
access-control-allow-origin: https://dashboard.piano.io
cache-control: no-cache, no-store, must-revalidate
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NON DSP COR OUR IND"
pragma: no-cache
server-time: 0.007
set-cookie: ch_sid=bOnKaiTgI0hmpEG;Version=1;Domain=.tinypass.com;Path=/;Max-Age=3600;Secure;SameSite=None LANG=en_US;Version=1;Domain=.tinypass.com;Path=/;Max-Age=2592000;Secure;SameSite=None __cflb=02DiuHCYe3gAA7tKYXZHc1Kjp8tYqQh4cWyNAAXgeErBe; SameSite=Lax; path=/; expires=Tue, 27-Apr-21 23:16:20 GMT; HttpOnly
strict-transport-security: max-age=60; includeSubDomains
vary: accept-encoding
wn: prod-dash-10-0-115-122
x-forwarded-https: on
x-request-id: C8r47sqyhO0
x-xss-protection: 0
cf-cache-status: DYNAMIC
cf-request-id: 09b2482c87000097baeda61000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6463dc8dafdf97ba-FRA
content-encoding: br

POST
H2 200 playlist Show response
trafficmanager.anyclip.com/trafficmanager/api/v2/player/ 12 KB
3 KB 129ms
121ms Fetch
application/json 52.203.28.84
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trafficmanager.anyclip.com/trafficmanager/api/v2/player/playlist?
Requested by: Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.203.28.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: 0b635924baba97a410beee10a37412536b4c9fd9000a955f9d69b36a2542274f

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

date: Tue, 27 Apr 2021 00:16:20 GMT
content-encoding: gzip
vary: accept-encoding
access-control-allow-methods: GET,POST
content-type: application/json
access-control-allow-origin: https://bangordailynews.com
access-control-allow-credentials: true
access-control-allow-headers: Content-Type

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 101ms
100ms Image
image/gif 52.70.144.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=6582&val=0&wnx=0&abc=&ty=prq&v=0&ext=0&ta=1&lnx=0&sid=VjWJdR29ro6xwBDA91XCoUkc17c7ZRsk&pid=bangordailynewscom&wid=0011r00002SRK6m_6242&pt=a
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.144.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-144-100.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:20 GMT
last-modified: Wed, 30 Dec 2020 14:34:46 GMT
server: nginx
accept-ranges: bytes
etag: "5fec9006-23"
content-length: 35
content-type: image/gif

OPTIONS
H2 200 playlist
trafficmanager.anyclip.com/trafficmanager/api/v2/player/ Frame 0
0 313ms
104ms Preflight
text/plain 52.203.28.84
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trafficmanager.anyclip.com/trafficmanager/api/v2/player/playlist?
Protocol: H2
Server: 52.203.28.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://bangordailynews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 27 Apr 2021 00:16:20 GMT
content-type: text/plain
content-length: 24
access-control-allow-origin: https://bangordailynews.com
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-headers: Content-Type
allow: HEAD,POST,GET,OPTIONS

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 101ms
100ms Image
image/gif 52.70.144.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=6587&val=&wnx=0&abc=&ty=cuc&v=0&ext=0&ta=1&lnx=0&sid=VjWJdR29ro6xwBDA91XCoUkc17c7ZRsk&pid=bangordailynewscom&wid=0011r00002SRK6m_6242&pt=a
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.144.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-144-100.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:20 GMT
last-modified: Wed, 30 Dec 2020 14:34:46 GMT
server: nginx
accept-ranges: bytes
etag: "5fec9006-23"
content-length: 35
content-type: image/gif

GET
H/1.1 200
OK req_demand.php Show response
serv-vdo.pixfuture.com/www/delivery/ Frame D7A8 0
579 B 106ms
105ms Script
text/html 204.48.28.205
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://serv-vdo.pixfuture.com/www/delivery/req_demand.php?script=videoAds:&bidders=pubmatic,synacormedia,openx,gumgum,spotx,sonobi,smartadserver,33across,oneVideo,conversant,appnexus,districtm&zoneid=11
Requested by: Host: serv-vdo.pixfuture.com
URL: https://serv-vdo.pixfuture.com/vpaid/ads-iframe.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.48.28.205 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Apr 2021 00:16:20 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Thu, 29 Apr 2021 00:16:20 GMT

GET
H2 200 latest.js Show response
global.proper.io/payloads/ 319 KB
81 KB 35ms
35ms Script
application/javascript 2606:4700::6811:4e22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://global.proper.io/payloads/latest.js
Requested by: Host: global.proper.io
URL: https://global.proper.io/bangordailynews.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4e22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 35093baf103e71966e4a720b9f6785024df6ac9be544e6411c696b438957b74b

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 13 Jan 2021 15:33:24 GMT
server: cloudflare
age: 3035639
etag: W/"5fff12c4-4fbd6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=300
cf-ray: 6463dc8dfd632fa5-FRA
cf-request-id: 09b2482cbe00002fa5fa846000000001
expires: Tue, 27 Apr 2021 00:21:20 GMT

GET
H2 200 pubads_impl_2021042201.js Show response
securepubads.g.doubleclick.net/gpt/ Frame D7A8 301 KB
106 KB 37ms
36ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042201.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

f9f40e5aa6d80e385e5c15593748db7bfb50fd07cc45c8239a6fad053f63affe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 22 Apr 2021 08:39:18 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108299
x-xss-protection: 0
expires: Tue, 27 Apr 2021 00:16:20 GMT

GET
H/1.1 200
OK scroll-right.svg
assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/ 645 B
1 KB 31ms
30ms Image
image/svg+xml 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/scroll-right.svg?hash=55977d5a99
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash: 6c73cf3d94d29e498f66facb6891a9be80ef4f5caee6c9b09e6128b167b3c966

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 00:16:20 GMT
Content-Encoding: gzip
Age: 1687
Connection: keep-alive
Content-Length: 403
x-amz-id-2: nLnfk/r/mIXzGPk6s/OAXbdiUorGp0Dst2sOdUesks19NoBk9ZzcrAStbBxZFu6HfLuA3cKNJuI=
Last-Modified: Thu, 09 Aug 2018 13:37:36 GMT
Server: AmazonS3
Vary: Accept-Encoding
x-amz-request-id: 234AAB5878CD704F
Access-Control-Allow-Origin: *
Expires: Tue, 27 Apr 2021 03:48:13 GMT
Cache-Control: public,max-age=14400
x-amz-version-id: LWFiUmbBDbZYtKTcsVUC4L21DxkdHU5h
Accept-Ranges: bytes
Content-Type: image/svg+xml
X-LLID: 4948e378e649efdc357c522e41bfba18
x-amz-meta-s3b-last-modified: 20180710T071342Z

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 99ms
99ms Image
image/gif 52.70.144.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=undefined&inx=undefined&rt=6714&val=ad%3Dhttps%253A%252F%252Fvid.springserve.com%252Fvast%252F630417%253Fima%253D4%2526w%253D780%2526h%253D439%2526url%253Dhttps%25253A%25252F%25252Fbangordailynews.com%25252F2021%25252F04%25252F23%25252Fnews%25252Fbangor%25252Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%25252F%2526cb%253D383601507%2526widgetid%253D0011r00002SRK6m_6242%2526lob%253D%2526clipid%253Dundefined%2526key_custom1%253D%255Ew%253D0011r00002SRK6m_6242%255Ec%253Dundefined%255Ei%253D0%255Eab%253D%255Ev%253D0%255Ep%253Dbangordailynewscom%2526key_custom2%253D%255Ed%253Dbangordailynews.com%255Eu%253D%255Edv%253D1%255Eco%253D%255Epl%253Da%2526gdpr%253D%2526consent%253D%2526viewability%253D0%2526schain%253D1.0%252C1%2521anyclip.com%252C0011r00002SRK6mAAH%252C1%252C%252C%252C%252C%2526us_privacy%253D1---%2526domain%253Dbangordailynews.com%26mavs%3D0%26rqcm%3D1%26ast%3D-1%26smb%3D1%26sid%3DVjWJdR29ro6xwBDA91XCoUkc17c7ZRsk%26imaw%3D0%26amd%3D1%26sf%3D0&wnx=0&abc=&ty=arq&v=0&ext=0&ta=1&lnx=0&sid=VjWJdR29ro6xwBDA91XCoUkc17c7ZRsk&pid=bangordailynewscom&wid=0011r00002SRK6m_6242&pt=a&anx=1&arx=1&crt=0&s=0&aty=vid&tty=ac&rol=mid
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.144.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-144-100.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:20 GMT
last-modified: Wed, 30 Dec 2020 14:34:46 GMT
server: nginx
accept-ranges: bytes
etag: "5fec9006-23"
content-length: 35
content-type: image/gif

GET
H2 200 e4596a5f2ba98ef1f0e097bf016cb191.png
images.revcontent.com/revcontent/image/fetch/f_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ 5 KB
5 KB 76ms
22ms Image
image/webp 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/e4596a5f2ba98ef1f0e097bf016cb191.png

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

a81ac9c01d11b5ff2ba40cf04af8ed6a38c341044b9bfc659d93211454ba9380

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:20 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="e4596a5f2ba98ef1f0e097bf016cb191.webp"
server-timing: fastly;dur=105;cpu=0;start=2021-03-03T19:35:08.731Z;desc=miss,rtt;dur=0,cloudinary;dur=25;start=2021-03-03T19:35:08.771Z
content-length: 5040
last-modified: Wed, 03 Mar 2021 19:20:24 GMT
server: Cloudinary
etag: "810e855ad9d96ac5c62ba507e0033a2e"
vary: Accept
x-hw: 1619482580.cds006.pa1.hn,1619482580.cds022.pa1.c
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 15607864980674604554.jpg
images.revcontent.com/revcontent/image/fetch/f_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ 7 KB
7 KB 24ms
23ms Image
image/webp 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/15607864980674604554.jpg

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

d225211fdc556dd164992c9b3fc91e398f326ff6fe42159a04291bb45f475b42

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:20 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="15607864980674604554.webp"
server-timing: fastly;dur=103;cpu=2;start=2021-03-10T14:12:18.303Z;desc=miss,rtt;dur=0,cloudinary;dur=20;start=2021-03-10T14:12:18.346Z
content-length: 6656
last-modified: Mon, 12 Oct 2020 18:14:31 GMT
server: Cloudinary
etag: "0991843435281f170e89e48db4aa2ca1"
vary: Accept
x-hw: 1619482580.cds006.pa1.hn,1619482580.cds207.pa1.c
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 5f31b6ec7e0f37-27023307.jpg
images.revcontent.com/revcontent/image/fetch/f_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ 8 KB
8 KB 46ms
44ms Image
image/webp 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/5f31b6ec7e0f37-27023307.jpg

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

38f4cafad6d235a057eb945e6f6e0cc55bb1a34eb0a3c77acc216df43db1221d

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:20 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="5f31b6ec7e0f37-27023307.webp"
server-timing: fastly;dur=1;cpu=0;start=2021-03-04T08:14:18.300Z;desc=hit,rtt;dur=0
content-length: 8054
last-modified: Mon, 01 Mar 2021 19:22:54 GMT
server: Cloudinary
etag: "28b8567a2130173955993ca4a1c26751"
vary: Accept
x-hw: 1619482580.cds006.pa1.hn,1619482580.cds043.pa1.c
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 15736069171991530246.jpg
images.revcontent.com/revcontent/image/fetch/f_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/ 6 KB
7 KB 34ms
33ms Image
image/webp 151.139.128.11
HIGHWINDS3

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.revcontent.com/revcontent/image/fetch/f_auto,h_225,w_300,c_fill,g_face/pg_1/https://media.revcontent.com/content/images/15736069171991530246.jpg

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.139.128.11 , United States, ASN20446 (HIGHWINDS3, US),

Reverse DNS

Software

Cloudinary /

Resource Hash

aae052537cca186d41aba50426e6215456365c53c57b6c019c1a355bb2f1c328

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800
X-Content-Type-Options	nosniff

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:20 GMT
strict-transport-security: max-age=604800
x-content-type-options: nosniff
content-disposition: inline; filename="15736069171991530246.webp"
server-timing: fastly;dur=1;cpu=0;start=2021-04-22T22:40:24.443Z;desc=hit,rtt;dur=0
content-length: 6562
last-modified: Mon, 12 Oct 2020 18:14:29 GMT
server: Cloudinary
etag: "67b1caa9b82537c0bb5af2a16637d3ba"
vary: Accept
x-hw: 1619482580.cds006.pa1.hn,1619482580.cds039.pa1.c
content-type: image/webp
access-control-allow-origin: *
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
cache-control: private, no-transform, immutable, max-age=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 2042 36 KB
13 KB 48ms
7ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:14:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 119
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Tue, 27 Apr 2021 01:14:21 GMT

GET
H3-29 200 bridge3.453.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 5B59 570 KB
186 KB 10ms
6ms Document
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03fa924099182c607c33fb7877f50e7de0ae3522e1bcff8f7247ae5e88a2b25b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.453.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bangordailynews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://bangordailynews.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 190793
date: Thu, 22 Apr 2021 15:44:13 GMT
expires: Fri, 22 Apr 2022 15:44:13 GMT
last-modified: Wed, 21 Apr 2021 20:50:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 376327
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame C89E 44 KB
16 KB 43ms
27ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Tue, 27 Apr 2021 00:16:20 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 35ms
8ms Script
application/javascript 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8000d797097e74bfff377d2f3fca7e046ee4490ea4edb70c2c0b189575847629

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:20 GMT
content-encoding: gzip
etag: "9iaPKZLFg6XYoMRMhilE8g=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Tue, 04 May 2021 00:16:20 GMT

GET
H2 200 checkout.bundle.1.1.css
buy.tinypass.com/widget/dist/checkout/css/ Frame 7B99 308 KB
47 KB 45ms
44ms Stylesheet
text/css 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/widget/dist/checkout/css/checkout.bundle.1.1.css

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=%23piano-bottom&templateId=OT4SMJA264JI&offerId=OFTT8RQJHOEV&formNameByTermId=%7B%7D&hideCompletedFields=true&showCloseButton=false&experienceId=EXTQ1E06385B&activeMeters=%5B%7B%22meterName%22%3A%22MeteredExperience%22%2C%22views%22%3A1%2C%22viewsLeft%22%3A2%2C%22maxViews%22%3A3%2C%22totalViews%22%3A1%7D%5D&widget=offer&iframeId=offer-0-bJ5nZ&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=U1S2txQ29t&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=bd13320126

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d16d5e3a0aff3f3b11fb37c313e172797ff9e25f4298537beb8bb58038f81424

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=%23piano-bottom&templateId=OT4SMJA264JI&offerId=OFTT8RQJHOEV&formNameByTermId=%7B%7D&hideCompletedFields=true&showCloseButton=false&experienceId=EXTQ1E06385B&activeMeters=%5B%7B%22meterName%22%3A%22MeteredExperience%22%2C%22views%22%3A1%2C%22viewsLeft%22%3A2%2C%22maxViews%22%3A3%2C%22totalViews%22%3A1%7D%5D&widget=offer&iframeId=offer-0-bJ5nZ&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=U1S2txQ29t&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=bd13320126
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:20 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 3391
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 09b2482f03000097ba0bae8000000001
wn: prod-dash-10-0-86-80
last-modified: Fri, 23 Apr 2021 17:49:06 GMT
server: cloudflare
etag: W/"315098-1619200146000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
content-type: text/css
server-time: 0.000
cache-control: public, max-age=7200
cf-ray: 6463dc91988297ba-FRA
expires: Tue, 27 Apr 2021 02:16:20 GMT

GET
H2 200 platform-translation-map_en_US.js Show response
buy.tinypass.com/ng/common/i18n/ Frame 7B99 47 KB
9 KB 77ms
76ms Script
application/javascript 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/ng/common/i18n/platform-translation-map_en_US.js?version=12.167.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8f958dca7921982c0e587c0606cf48887865fea588a623bdab97a33211c74726

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=%23piano-bottom&templateId=OT4SMJA264JI&offerId=OFTT8RQJHOEV&formNameByTermId=%7B%7D&hideCompletedFields=true&showCloseButton=false&experienceId=EXTQ1E06385B&activeMeters=%5B%7B%22meterName%22%3A%22MeteredExperience%22%2C%22views%22%3A1%2C%22viewsLeft%22%3A2%2C%22maxViews%22%3A3%2C%22totalViews%22%3A1%7D%5D&widget=offer&iframeId=offer-0-bJ5nZ&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=U1S2txQ29t&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=bd13320126
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:20 GMT
content-encoding: br
vary: accept-encoding
cf-cache-status: HIT
age: 46598
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 09b2482f05000097baff2d0000000001
wn: prod-dash-10-0-133-192
last-modified: Fri, 23 Apr 2021 16:25:20 GMT
server: cloudflare
etag: W/"48411-1619195120000"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
content-type: application/javascript;charset=UTF-8
server-time: 0.001
cache-control: public, max-age=86400
cf-ray: 6463dc91a88497ba-FRA
expires: Wed, 28 Apr 2021 00:16:20 GMT

GET
H2 200 H4sIAAAAAAAAAD3ISQrAIAwAwA_VBD31N8Ul2NgQoYn0-715GwY_bp0cG5tjvak-czkO24aytAmBcL_9QOFimLUvyW-IkCAl5HjqPpk1C12kYRkM-wFw5y1kYAAAAA Show response
buy.tinypass.com/_sam/ Frame 7B99 553 KB
160 KB 72ms
71ms Script
text/javascript 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3ISQrAIAwAwA_VBD31N8Ul2NgQoYn0-715GwY_bp0cG5tjvak-czkO24aytAmBcL_9QOFimLUvyW-IkCAl5HjqPpk1C12kYRkM-wFw5y1kYAAAAA?compressed=true&v=12.167.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a10e468908f0836c577b2231649534f718e802fb941221bf488a6f8fcef5d186

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=%23piano-bottom&templateId=OT4SMJA264JI&offerId=OFTT8RQJHOEV&formNameByTermId=%7B%7D&hideCompletedFields=true&showCloseButton=false&experienceId=EXTQ1E06385B&activeMeters=%5B%7B%22meterName%22%3A%22MeteredExperience%22%2C%22views%22%3A1%2C%22viewsLeft%22%3A2%2C%22maxViews%22%3A3%2C%22totalViews%22%3A1%7D%5D&widget=offer&iframeId=offer-0-bJ5nZ&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=U1S2txQ29t&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=bd13320126
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:20 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 3298
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
cf-request-id: 09b2482f05000097bae8b68000000001
wn: prod-dash-10-0-124-91
last-modified: Fri, 23 Apr 2021 17:55:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
content-type: text/javascript
server-time: 0.004
cache-control: public, max-age=601502
x-optimized-by: _sam
cf-ray: 6463dc91a88597ba-FRA
expires: Mon, 03 May 2021 23:21:22 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 7E0A 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:14:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 119
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Tue, 27 Apr 2021 01:14:21 GMT

GET
H/1.1 200
OK 1619104036829_852x480_thumbnail.jpg
cdn5.anyclip.com/GWgZ-ngBS4c3fdCU5nse/ 154 KB
154 KB 104ms
29ms Image
image/jpeg 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn5.anyclip.com/GWgZ-ngBS4c3fdCU5nse/1619104036829_852x480_thumbnail.jpg?wid=0011r00002SRK6m_6242
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash: 6d8673cdf4ca9648f88a93ef5e7286ba32b6f777ccb7a82eae62b6a95af3d51b

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 00:16:20 GMT
Last-Modified: Thu, 22 Apr 2021 15:07:17 GMT
Server: AmazonS3
Age: 11099
x-amz-id-2: UdJr/E0AHniEpgyYd1wnE1sJheFmOLox1vnU5bEu7JTD9VnEMKkkGEhtlHaydBpesF6S4m3x5gE=
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=86400
Content-Length: 157301
Connection: keep-alive
Accept-Ranges: bytes
x-amz-request-id: 96M6NWX662TSMSYY
X-LLID: 7fddee8b1bcd6fd5d10dbf3292e5ec8d

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 106ms
103ms Image
image/gif 52.70.144.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=7266&val=%7B%22userAgent%22%3A%7B%22allow%22%3Atrue%2C%22software%22%3A%7B%22nameCode%22%3A%22chrome%22%2C%22ver%22%3A%2289%22%7D%2C%22os%22%3A%7B%22nameCode%22%3A%22windows%22%2C%22ver%22%3A%2210%22%7D%2C%22hw%22%3A%7B%22type%22%3A%22computer%22%2C%22subType%22%3Anull%7D%7D%7D&wnx=0&abc=&ty=prs&v=0&ext=0&ta=1&lnx=0&sid=VjWJdR29ro6xwBDA91XCoUkc17c7ZRsk&pid=bangordailynewscom&wid=0011r00002SRK6m_6242&pt=a
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.144.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-144-100.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:20 GMT
last-modified: Wed, 30 Dec 2020 14:34:46 GMT
server: nginx
accept-ranges: bytes
etag: "5fec9006-23"
content-length: 35
content-type: image/gif

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 105ms
102ms Image
image/gif 52.70.144.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=7267&val=0&wnx=0&abc=&ty=pll&v=0&ext=0&ta=1&lnx=0&sid=VjWJdR29ro6xwBDA91XCoUkc17c7ZRsk&pid=bangordailynewscom&wid=0011r00002SRK6m_6242&pt=a
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.144.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-144-100.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:20 GMT
last-modified: Wed, 30 Dec 2020 14:34:46 GMT
server: nginx
accept-ranges: bytes
etag: "5fec9006-23"
content-length: 35
content-type: image/gif

GET
H/1.1 200
OK 1619104036758_248x140_thumbnail.jpg
cdn5.anyclip.com/GWgZ-ngBS4c3fdCU5nse/ 21 KB
22 KB 92ms
32ms Image
image/jpeg 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn5.anyclip.com/GWgZ-ngBS4c3fdCU5nse/1619104036758_248x140_thumbnail.jpg?wid=0011r00002SRK6m_6242
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash: c1c45358e23710e17cc8f7efdc30edfa2ab217cbb843f445b39921eaa1ae530e

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 00:16:20 GMT
Last-Modified: Thu, 22 Apr 2021 15:07:17 GMT
Server: AmazonS3
Age: 16364
x-amz-id-2: ZV3md2h0A+nHtq3mZw1yqGDA3KEO3vPiaVH+DyeN1BRxwQAOm6NleesGrfWs0lpPjYegVgqKoNo=
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=86400
Content-Length: 21852
Connection: keep-alive
Accept-Ranges: bytes
x-amz-request-id: WP7BKX5XZX6119JK
X-LLID: 534db75ffbd7c2a558353de36e867afd

GET
H/1.1 200
OK 1618905797651_248x140_thumbnail.jpg
cdn5.anyclip.com/8T9M7ngBxQuMbRQg72pX/ 20 KB
20 KB 283ms
223ms Image
image/jpeg 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn5.anyclip.com/8T9M7ngBxQuMbRQg72pX/1618905797651_248x140_thumbnail.jpg?wid=0011r00002SRK6m_6242
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash: 01a8d3f4c7e0263845c2480b92812b0c50b72123c8e2bdeb5ac594ffb9a6679c

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 00:16:21 GMT
Last-Modified: Tue, 20 Apr 2021 08:03:18 GMT
Server: AmazonS3
x-amz-request-id: 5QKS0QYSD5Y2QES1
x-amz-id-2: Xy/VYNGytN8VE5XqA8LVnv2LZW/2LTieZU+9zLP6DYP0vrvUGsDdcMisI/cJ0u4+HueDyz6fA7o=
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 20531
X-LLID: 98506ebb0dfcd255a5cca196744c36f3

GET
H/1.1 200
OK 1619026651087_248x140_thumbnail.jpg
cdn5.anyclip.com/EFNv9XgBS4c3fdCUKLu7/ 8 KB
8 KB 93ms
32ms Image
image/jpeg 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn5.anyclip.com/EFNv9XgBS4c3fdCUKLu7/1619026651087_248x140_thumbnail.jpg?wid=0011r00002SRK6m_6242
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash: b2662757e77781a39210c37b7a5abc104e460d682416f70584b6eb19dfbdea67

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 00:16:20 GMT
Last-Modified: Wed, 21 Apr 2021 17:37:32 GMT
Server: AmazonS3
Age: 62893
x-amz-id-2: WfVVvr+lcVwcs/NKlbXSa5fhx6wzw01TEgr2lHWtCPoi5k6LRHfPu4iwBuxP8aJdbXPpCj27xtg=
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=86400
Content-Length: 7902
Connection: keep-alive
Accept-Ranges: bytes
x-amz-request-id: 8M2T9YESYP0KFNAM
X-LLID: 85d34b971c4dc93b315e37dee85e8f12

GET
H/1.1 200
OK 1619449640509_248x140_thumbnail.jpg
cdn5.anyclip.com/BaC0DnkBc_W7xeGl6DPY/ 17 KB
18 KB 93ms
33ms Image
image/jpeg 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn5.anyclip.com/BaC0DnkBc_W7xeGl6DPY/1619449640509_248x140_thumbnail.jpg?wid=0011r00002SRK6m_6242
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash: d5b949958171ec2adc2c5b926aa13d7a8db03067efe7a65844aabdac707074f0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 00:16:20 GMT
Last-Modified: Mon, 26 Apr 2021 15:07:21 GMT
Server: AmazonS3
Age: 3542
x-amz-id-2: rMV3WhCWUSxn6CMMFEGgOhHX0EApk5QQaXCMb5CMWc9Tnyz2FBnPSxTiQf2sKR2I5vvYjzUsnaE=
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=86400
Content-Length: 17827
Connection: keep-alive
Accept-Ranges: bytes
x-amz-request-id: F2MQW5C9BH4BHFJM
X-LLID: 4c75f142627dfecf72be798f609cdd79

GET
H/1.1 200
OK 1617729410172_210x140_thumbnail.jpg
cdn5.anyclip.com/1rovqHgBi_HOy6yVe6J9/ 13 KB
14 KB 92ms
32ms Image
image/jpeg 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn5.anyclip.com/1rovqHgBi_HOy6yVe6J9/1617729410172_210x140_thumbnail.jpg?wid=0011r00002SRK6m_6242
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash: 90a6c1119e64439672d3060b7a67c8387a236515704fdae29ed9ea534e2eeedf

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 00:16:20 GMT
Last-Modified: Tue, 06 Apr 2021 17:16:51 GMT
Server: AmazonS3
Age: 91103
x-amz-id-2: n8sukG1M8TTD+EsKB2TR2KQilOozbhWRB/YCV6uzv1T2C4Pu0p1vrlecAwgNwgGv83Zyo6/oktM=
Content-Type: image/jpeg
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=86400
Content-Length: 13624
Connection: keep-alive
Accept-Ranges: bytes
x-amz-request-id: 0SW7JK7F28004YCC
X-LLID: a1a2e2a25644aae611c1200e4ffa7371

GET
H2 200 rules-p-mEzuYq24VEJ-3.js Show response
rules.quantcount.com/ 3 B
427 B 122ms
39ms Script
application/javascript 2600:9000:20c8:b600:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-mEzuYq24VEJ-3.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c8:b600:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 26 Apr 2021 23:17:32 GMT
via: 1.1 9d2dddf4e5a6eb0fbe872acf3cba5889.cloudfront.net (CloudFront)
age: 3531
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 02:39:21 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-pop: MAD50-C1
accept-ranges: bytes
x-amz-cf-id: YZ6_WuiZO1Zw7uo5YnW-UCjQjNYvo3Lrt5wb3JVe_6P7jViF4Wo4nA==

GET
H/1.1 200
OK 1619103769277_subtitles.vtt Show response
cdn5.anyclip.com/GWgZ-ngBS4c3fdCU5nse/cc/EN/ 3 KB
4 KB 103ms
30ms XHR
application/octet-stream 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn5.anyclip.com/GWgZ-ngBS4c3fdCU5nse/cc/EN/1619103769277_subtitles.vtt
Requested by: Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash: 0595e7d433e3e142736ce98a4df9b8193ee226f392dcb7d8ed6291def1bd970a

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 00:16:21 GMT
Last-Modified: Thu, 22 Apr 2021 15:02:50 GMT
Server: AmazonS3
Age: 56494
x-amz-id-2: pwjebJ1+cFsUTNmwVGgnpyAIq699T5YZQYnTf5eN1+l9fhu3oH3Lr0PJzNH30uOpX7knCfdFwLo=
Content-Type: application/octet-stream
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=86400
Content-Length: 3576
Connection: keep-alive
Accept-Ranges: bytes
x-amz-request-id: 6FYH6C4GWD3GR9GK
X-LLID: 9f91d17f0eae368096639f290d0cb0d2

GET
H/1.1 200
OK watch.svg
assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/ 364 B
981 B 40ms
29ms Image
image/svg+xml 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/watch.svg?hash=55977d5a99
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash: 67386f7f6c11079518c59fdca44b5a6c5b17f4b8cda8ead4e993f3b2dfda0e5d

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 00:16:21 GMT
Content-Encoding: gzip
Age: 7112
x-amz-meta-sha256: 67386f7f6c11079518c59fdca44b5a6c5b17f4b8cda8ead4e993f3b2dfda0e5d
Connection: keep-alive
Content-Length: 245
x-amz-id-2: 2nGMXII0jg7YAkO3jU84XMesq35GbzJUyaLc24gp3i1+Or8LOhiV8RiCVaoYVCN0E/cyPX8iy3Y=
Last-Modified: Tue, 04 Aug 2020 10:39:53 GMT
Server: AmazonS3
Vary: Accept-Encoding
x-amz-request-id: F5D829359B29FCE1
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=14400
x-amz-meta-s3b-last-modified: 20200804T103752Z
x-amz-version-id: jJ7plitpaP9q57Aey2ETnqu6JQKZQWu3
Accept-Ranges: bytes
Content-Type: image/svg+xml
X-LLID: c71a9b4312235071a5ea327b5eaf24b4
Expires: Tue, 27 Apr 2021 02:17:49 GMT

GET
H/1.1 200
OK like.svg
assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/ 401 B
1023 B 78ms
28ms Image
image/svg+xml 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/like.svg?hash=55977d5a99
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash: 453e9cc6fc295196d8914da9858a388ce58a1dcb9b033aab9037aa2badbbc0d9

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 00:16:21 GMT
Content-Encoding: gzip
Age: 7114
x-amz-meta-sha256: 453e9cc6fc295196d8914da9858a388ce58a1dcb9b033aab9037aa2badbbc0d9
Connection: keep-alive
Content-Length: 287
x-amz-id-2: YJwcVjjXEYHrgbfUQ0ZprM+hynZGigUcRCrQAb35V3o7TeudfG+54d8Yf0o2jYAbR1wWkA0is7Y=
Last-Modified: Tue, 04 Aug 2020 10:39:58 GMT
Server: AmazonS3
Vary: Accept-Encoding
x-amz-request-id: 9ZAG8KANCKER4H5Y
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=14400
x-amz-meta-s3b-last-modified: 20200804T103803Z
x-amz-version-id: AgMuGLHw2p4hvvpUt5__8K6ZhGhprdTJ
Accept-Ranges: bytes
Content-Type: image/svg+xml
X-LLID: af86859443cd175b851cf26b4177015b
Expires: Tue, 27 Apr 2021 02:17:47 GMT

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 101ms
99ms Image
image/gif 52.70.144.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=i5lwowrnnztueuzummzwmzcdku2w443f&inx=0&rt=7426&val=&wnx=1&abc=&ty=pli&v=0&ext=0&ta=1&lnx=0&sid=VjWJdR29ro6xwBDA91XCoUkc17c7ZRsk&pid=bangordailynewscom&wid=0011r00002SRK6m_6242&pt=a
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.144.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-144-100.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:21 GMT
last-modified: Wed, 30 Dec 2020 14:34:46 GMT
server: nginx
accept-ranges: bytes
etag: "5fec9006-23"
content-length: 35
content-type: image/gif

GET
H2 200 BDN_square_logo.svg
i.piano.io/managedservices/bangor-daily-news/ Frame 7B99 2 KB
1 KB 67ms
35ms Image
image/svg+xml 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.piano.io/managedservices/bangor-daily-news/BDN_square_logo.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6bd40ddeee3347941e62e54a12e1534a71c45517a8c5f61be6790feb1be4fee9

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:21 GMT
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
age: 3697
x-cache: Hit from cloudfront
content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09b248306b000017623232f000000001
last-modified: Wed, 15 Jan 2020 17:32:45 GMT
server: cloudflare
etag: W/"7edd00f9f23e9f6572a677bb121f2d39"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
content-type: image/svg+xml
cache-control: public, max-age=14400
x-amz-cf-pop: FRA6-C1
cf-ray: 6463dc93da061762-FRA
x-amz-cf-id: kpJl3LOwq89cMO4DLXf_G1UPPO8Z-0Dn-PmCtmTS6nzrlCrLBkUvOg==
expires: Tue, 27 Apr 2021 04:16:21 GMT

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
245 B 126ms
107ms Image
image/gif 35.168.95.93
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=pv&page=Holden%20brothers%20sue%20Northern%20Light%20over%20data%20breach%20they%20claim%20left%20them%20vulnerable%20to%20identity%20theft&tv=js-3.0.109&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=-120&lang=en-US&cs=UTF-8&navt=link&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&tvltm=12&tid=20013ef0-c1c7-419e-86d3-3e26a5647137&pid=61c565f7-f641-430a-9d89-f4e0610df106&dtm=1619482581273&qnm=_matherq&visible=1&tabid=a7876d20-5d2c-48ba-a884-277b3a532571&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&vp=1600x1200&ds=1600x5938&tofa=1619482581&vid=1&lvidt=1619482581&duid=e5fcbf202e6b4534&fp=1072425006&cid=ma63069&mrk=92760912&cx=eyJhY3Rpb24iOnsiY2F0ZWdvcnkiOiJwYXltZW50IiwiYWN0aW9uIjoic3Vic2NyaXB0aW9uc19vZmZlcmVkIiwiZGF0YSI6eyJkaXJlY3RDaGVja291dCI6IjAiLCJoaWRlQ29tcGxldGVkRmllbGRzIjoiMSIsInNob3dDbG9zZUJ1dHRvbiI6IjAiLCJjb250YWluZXJTZWxlY3RvciI6IiNwaWFuby1ib3R0b20iLCJkaXNwbGF5TW9kZSI6ImlubGluZSIsInRlbXBsYXRlSWQiOiJPVDRTTUpBMjY0SkkiLCJ0ZW1wbGF0ZVZhcmlhbnRJZCI6bnVsbCwib2ZmZXJJZCI6Ik9GVFQ4UlFKSE9FViIsImV4Y2VwdGlvbnMiOnsiaGFzQWNjZXNzVG9BbnlSZXNvdXJjZXMiOiIxIn0sImZvcm1OYW1lQnlUZXJtSWQiOiJ7fSIsImNoZWNrb3V0Rmxvd0lkIjoiIiwiZXhwZXJpZW5jZUlkIjoiRVhUUTFFMDYzODVCIiwiZXhwZXJpZW5jZUV4ZWN1dGlvbklkIjoiMTgwNTczYWRlcy0wMDAwMnU4Z2xzOTluYXFpa29sanJsNWQ5NCIsImV4cGVyaWVuY2VBY3Rpb25JZCI6InNob3dPZmZlckpPU0kxSENJV0E5QzY4IiwiZXhwZXJpZW5jZUNvbmRpdGlvbnMiOltdLCJicm93c2VySWQiOiIzMTlFWlBDUWl1ZWdOdElUUjNGWEpkNm1BNzM0VlA2Q3hzdkpOSFQ4eVJ5ME5weXh4UXpaMHhNeDhHeUgiLCJhZGRpdGlvbmFsUGFyYW1OYW1lcyI6W10sImFjdGl2ZU1ldGVycyI6W3sibWV0ZXJOYW1lIjoiTWV0ZXJlZEV4cGVyaWVuY2UiLCJ2aWV3cyI6IjEiLCJ2aWV3c0xlZnQiOiIyIiwibWF4Vmlld3MiOiIzIiwidG90YWxWaWV3cyI6IjEifV19LCJvZmZlcnMiOlt7Im9mZmVySWQiOiJPRlRUOFJRSkhPRVYiLCJkaXNwbGF5TW9kZSI6ImlubGluZSIsInRlbXBsYXRlSWQiOiJPVDRTTUpBMjY0SkkifV0sInZlbmRvciI6IlBpYW5vIiwidHlwZSI6InVua25vd24ifX0
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.168.95.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-168-95-93.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 00:16:21 GMT
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length: 43
Content-Type: image/gif

GET
H2 200 / Show response
lreprx-server.anyclip.com/ Frame 5CE8 1 KB
2 KB 371ms
99ms XHR
text/xml 34.225.120.49
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://lreprx-server.anyclip.com/?ad=https%3A%2F%2Fvid.springserve.com%2Fvast%2F630417%3Fima%3D4%26w%3D780%26h%3D439%26url%3Dhttps%253A%252F%252Fbangordailynews.com%252F2021%252F04%252F23%252Fnews%252Fbangor%252Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%252F%26cb%3D383601507%26widgetid%3D0011r00002SRK6m_6242%26lob%3D%26clipid%3Dundefined%26key_custom1%3D%5Ew%3D0011r00002SRK6m_6242%5Ec%3Dundefined%5Ei%3D0%5Eab%3D%5Ev%3D0%5Ep%3Dbangordailynewscom%26key_custom2%3D%5Ed%3Dbangordailynews.com%5Eu%3D%5Edv%3D1%5Eco%3D%5Epl%3Da%26gdpr%3D%26consent%3D%26viewability%3D0%26schain%3D1.0%2C1%21anyclip.com%2C0011r00002SRK6mAAH%2C1%2C%2C%2C%2C%26us_privacy%3D1---%26domain%3Dbangordailynews.com&mavs=0&rqcm=1&ast=-1&smb=1&sid=VjWJdR29ro6xwBDA91XCoUkc17c7ZRsk&imaw=0&amd=1&sf=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.225.120.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: / Express
Resource Hash: f368a5ee4388a813dc1aa59b3046081ae1f791899ec19cf8a851fd51c36d0fc4

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://imasdk.googleapis.com
date: Tue, 27 Apr 2021 00:16:21 GMT
access-control-allow-credentials: true
x-powered-by: Express
content-length: 1358
etag: W/"54e-9z60wPDXyflNZsFpotk7TSr/Vb8"
content-type: text/xml; charset=utf-8

GET
H2 451 envelope Show response
api.rlcdn.com/api/identity/ Frame D7A8 44 B
331 B 135ms
67ms XHR
text/plain 34.120.133.55
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://api.rlcdn.com/api/identity/envelope?pid=1258

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158127/2642/pwt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.133.55 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 27 Apr 2021 00:16:21 GMT
via: 1.1 google
x-content-type-options: nosniff
access-control-allow-headers: Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
access-control-allow-methods: GET, OPTIONS
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://bangordailynews.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 44

GET
H2 200 rid Show response
match.adsrvr.org/track/ Frame D7A8 109 B
547 B 201ms
37ms XHR
application/json 52.30.50.112
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/rid?ttd_pid=pubmatic&fmt=json
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/pwt/158127/2642/pwt.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.30.50.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 457767f597c19fbdbfc8cd42099ab7a1f9c7a46121c64af78c7dc5173ccc29fd

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 27 Apr 2021 00:16:21 GMT
x-aspnet-version: 4.0.30319
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bangordailynews.com
cache-control: private
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length: 109
expires: Thu, 27 May 2021 00:16:21 GMT

GET
H3-29 200 ads Show response
pagead2.googlesyndication.com/gampad/live/ Frame 5B59 0
24 B 123ms
106ms XHR
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/live/ads?iu=%2F8749%2FBDN_Ora&description_url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=605194900968807&sdkv=h.3.453.0&osd=2&frm=1&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&us_privacy=1---&gdpr=1&gdpr_consent=tcunavailable&sdki=44d&adk=3360247788&sdk_apis=2%2C7%2C8&sid=E35C8B56-53E1-4EA5-AB9F-A8F14AC2498C&eid=44736271%2C44739826&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&dt=1619482581715&scor=3446349227498409&ged=ve4_td9_tt1_pd9_la9000_er1843.317.1996.617_vi0.0.1200.1600_vp0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ltt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:21 GMT
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: ltt
google-creative-id: -2
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 7B99 129 KB
129 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3160d60bd35ec46668de0789dd5566aff8a9182ef7896e68ef98550d24211426

Request headers

Origin: https://buy.tinypass.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/font-woff2;charset=utf-8

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame D7A8 334 KB
115 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: serv-vdo.pixfuture.com
URL: https://serv-vdo.pixfuture.com/vpaid/ads-iframe.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d25942b7da85bc7cdb258cdb436227b1de7e3a2b50c61f7d7050eff911f88f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117044
x-xss-protection: 0
expires: Tue, 27 Apr 2021 00:16:22 GMT

POST
H2 204 csi
csi.gstatic.com/ Frame 5CE8 0
331 B 453ms
169ms Ping
image/gif 2607:f8b0:4001:c13::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~knza45da&c=8048559770373&slotId=4024279885186.5&fb=ima-html5&sdkv=h.3.453.0&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&vmfc=1&vhc=0&ghmsh_eids=44739826
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4001:c13::5e Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 00:16:22 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 admin-ajax.php Show response
bangordailynews.com/wp-admin/ 63 B
318 B 828ms
823ms XHR
application/json 192.0.78.146
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL

https://bangordailynews.com/wp-admin/admin-ajax.php

Requested by

Host: c0.wp.com
URL: https://c0.wp.com/c/5.7.1/wp-includes/js/jquery/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

192.0.78.146 , United States, ASN2635 (AUTOMATTIC, US),

Reverse DNS

Software

nginx /

Resource Hash

08d19de9a8d2d436a8f65e2cfe40c15937761b17d76e77b8edc29529f15b6b2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-fetch-mode: cors
origin: https://bangordailynews.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
x-requested-with: XMLHttpRequest
cookie: _ml_id=e5fcbf202e6b4534.1619482581.1.1619482581.1619482581; _ml_ses=*; pbjs-unifiedid=%7B%22TDID%22%3A%225b6cd4e9-90e9-439b-a958-c27947a9b40e%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222021-04-27T00%3A16%3A21%22%7D; __pil=en_US
content-length: 26
:path: /wp-admin/admin-ajax.php
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: application/x-www-form-urlencoded; charset=UTF-8
accept: application/json, text/javascript, */*; q=0.01
cache-control: no-cache
:authority: bangordailynews.com
referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
:scheme: https
sec-fetch-site: same-origin
:method: POST
Accept: application/json, text/javascript, */*; q=0.01
Referer: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
host-header: Newspack
referrer-policy: strict-origin-when-cross-origin
server: nginx
x-frame-options: SAMEORIGIN
date: Tue, 27 Apr 2021 00:16:23 GMT
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://bangordailynews.com
cache-control: no-cache, must-revalidate, max-age=0
access-control-allow-credentials: true
x-ac: 2.hhn _atomic_ams
x-robots-tag: noindex
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H3-29 200 loader.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 67F0 50 KB
18 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/loader.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

733f87f07bd9fe3cb01564f66523fbbcc3bb54614363eda52236e5cd32ca3d5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:10:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 21 Apr 2021 20:57:11 GMT
server: sffe
age: 362
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18070
x-xss-protection: 0
expires: Tue, 27 Apr 2021 00:25:20 GMT

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 99ms
98ms Image
image/gif 52.70.144.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=i5lwowrnnztueuzummzwmzcdku2w443f&inx=0&rt=8979&val=&wnx=1&abc=&ty=alo&v=0&ext=0&ta=1&lnx=0&sid=VjWJdR29ro6xwBDA91XCoUkc17c7ZRsk&pid=bangordailynewscom&wid=0011r00002SRK6m_6242&pt=a&anx=1&arx=1&crt=0&s=0&aty=vid&tty=ac&rol=mid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.144.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-144-100.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:22 GMT
last-modified: Wed, 30 Dec 2020 14:34:46 GMT
server: nginx
accept-ranges: bytes
etag: "5fec9006-23"
content-length: 35
content-type: image/gif

GET
H3-29 200 BDN_square_logo.svg
i.piano.io/managedservices/bangor-daily-news/ Frame 7B99 2 KB
2 KB 47ms
18ms Image
image/svg+xml 2606:4700::6810:2a41
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.piano.io/managedservices/bangor-daily-news/BDN_square_logo.svg

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3ISQrAIAwAwA_VBD31N8Ul2NgQoYn0-715GwY_bp0cG5tjvak-czkO24aytAmBcL_9QOFimLUvyW-IkCAl5HjqPpk1C12kYRkM-wFw5y1kYAAAAA?compressed=true&v=12.167.0

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:2a41 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6bd40ddeee3347941e62e54a12e1534a71c45517a8c5f61be6790feb1be4fee9

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:22 GMT
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c5.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
age: 3698
x-cache: Hit from cloudfront
content-encoding: gzip
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09b24836bd0000d6f9fe2b1000000001
last-modified: Wed, 15 Jan 2020 17:32:45 GMT
server: cloudflare
etag: W/"7edd00f9f23e9f6572a677bb121f2d39"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
content-type: image/svg+xml
cache-control: public, max-age=14400
x-amz-cf-pop: FRA6-C1
cf-ray: 6463dc9df9acd6f9-FRA
x-amz-cf-id: kpJl3LOwq89cMO4DLXf_G1UPPO8Z-0Dn-PmCtmTS6nzrlCrLBkUvOg==
expires: Tue, 27 Apr 2021 04:16:22 GMT

GET
H3-29 200 bridge3.453.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame AE99 570 KB
186 KB 7ms
6ms Document
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03fa924099182c607c33fb7877f50e7de0ae3522e1bcff8f7247ae5e88a2b25b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.453.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 190793
date: Thu, 22 Apr 2021 15:44:13 GMT
expires: Fri, 22 Apr 2022 15:44:13 GMT
last-modified: Wed, 21 Apr 2021 20:50:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 376329
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame D7A8 44 KB
16 KB 28ms
17ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Tue, 27 Apr 2021 00:16:22 GMT

GET
H2 200 ef.png
cdn.pixfuture.com/prebidvideo/ Frame D7A8 1 KB
2 KB 41ms
34ms Image
image/png 2606:4700:20::681a:a9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.pixfuture.com/prebidvideo/ef.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5a4e707bf57a8ff7474bf343837e5b2123ccf8d63245e9e29cc0a21788440d1d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:22 GMT
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 14711
content-length: 1080
cf-request-id: 09b248376e00001f1198349000000001
last-modified: Fri, 07 Aug 2020 14:21:25 GMT
server: cloudflare
etag: "5f2d6365-438"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=PX4CKCpKMRx5HNMXB97FRr0MKbMiJRnYq%2BOF7Wji5G2Yrn7jelVwOChWrR7ewQLrZfIOwnQcOZWEuwcyptY%2FR9cImx%2Fe8E0KoUREn216yWPIRwiPgl2pIdztTbvarw%3D%3D"}]}
content-type: image/png
cache-control: public, max-age=2678400, no-transform
accept-ranges: bytes
cf-ray: 6463dc9f19fb1f11-FRA
expires: Wed, 28 Apr 2021 20:11:07 GMT

GET
H/1.1 200
OK internel_req_demand.php
serv-vdo.pixfuture.com/www/delivery/ Frame D7A8 0
579 B 156ms
109ms Image
text/html 204.48.28.205
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serv-vdo.pixfuture.com/www/delivery/internel_req_demand.php?script=videoAds:&bidderCode=open_int&zoneid=11
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.48.28.205 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Apr 2021 00:16:23 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Thu, 29 Apr 2021 00:16:23 GMT

GET
H2 200 p-7ccbedljiLMl2.gif
pixel.quantserve.com/pixel/ Frame D7A8 35 B
371 B 44ms
7ms Image
image/gif 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-7ccbedljiLMl2.gif

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 00:16:22 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
DATA 200
OK truncated
/ Frame 7B99 91 KB
91 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eeab69fe0fb6bd777609e74ee6e777f6f2aadef3cd2a3e11f5177e04a09eca5a

Request headers

Origin: https://buy.tinypass.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/font-woff2;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 7B99 58 KB
58 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1711edcf9f24fffab7f631a0f721dd91bccc3d72217d13b67e01de9245481ecb

Request headers

Origin: https://buy.tinypass.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/font-woff2;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 7B99 129 KB
129 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d3154353d46d52fb4f4b3ca5832d8f0d30ca387dc03d1d754b8dc3404facde06

Request headers

Origin: https://buy.tinypass.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/font-woff2;charset=utf-8

GET
DATA 200
OK truncated
/ Frame 7B99 68 KB
68 KB Font
application/font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 15545d12a24bc9e8a8f459860336b85734f18632692e5bbc1b79982a4a28bdb3

Request headers

Origin: https://buy.tinypass.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/font-woff2;charset=utf-8

POST
H2 200 trackShow Show response
buy.tinypass.com/checkout/offer/ Frame 7B99 1 KB
1 KB 192ms
179ms XHR
application/json 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/checkout/offer/trackShow

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7d89279f57efb3ee81804264c3786f3b246a794145e4781f6bde11407d0cbadf

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains
X-Xss-Protection	0

Request headers

Accept: application/json, text/plain, */*
Ng-Request: 1
Referer: https://buy.tinypass.com/checkout/offer/show?displayMode=inline&containerSelector=%23piano-bottom&templateId=OT4SMJA264JI&offerId=OFTT8RQJHOEV&formNameByTermId=%7B%7D&hideCompletedFields=true&showCloseButton=false&experienceId=EXTQ1E06385B&activeMeters=%5B%7B%22meterName%22%3A%22MeteredExperience%22%2C%22views%22%3A1%2C%22viewsLeft%22%3A2%2C%22maxViews%22%3A3%2C%22totalViews%22%3A1%7D%5D&widget=offer&iframeId=offer-0-bJ5nZ&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&parentDualScreenLeft=0&parentDualScreenTop=0&parentWidth=1600&parentHeight=1200&parentOuterHeight=1200&aid=U1S2txQ29t&pianoIdUrl=https%3A%2F%2Fid.tinypass.com%2Fid%2F&userProvider=piano_id&userToken=&customCookies=%7B%7D&hasLoginRequiredCallback=true&initMode=context&width=1600&_qh=bd13320126
X-Requested-With: XMLHttpRequest
Piano-request-without-spinner: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json;charset=UTF-8

Response headers

date: Tue, 27 Apr 2021 00:16:23 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
p3p: CP="NON DSP COR OUR IND"
x-forwarded-https: on
x-xss-protection: 0
x-request-id: Cbr47sqxtWB
pragma: no-cache
wn: prod-dash-10-0-121-63
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
access-control-allow-methods: *
content-type: application/json;charset=utf-8
access-control-allow-origin: https://dashboard.piano.io
cache-control: no-cache, no-store, must-revalidate
server-time: 0.001
cf-request-id: 09b2483859000097ba163d2000000001
cf-ray: 6463dca08b3397ba-FRA
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 206 blank.mp4
cdn.pixfuture.com/prebidvideo/ Frame D7A8 11 KB
12 KB 112ms
111ms Media
video/mp4 2606:4700:20::681a:a9c
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.pixfuture.com/prebidvideo/blank.mp4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:a9c , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ece8d21fc724b18df3d459e6932c68f067eedeea76f65e6e3c575173eb4e332e

Request headers

Referer
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

date: Tue, 27 Apr 2021 00:16:23 GMT
access-control-allow-methods: GET, POST, OPTIONS
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
Content-Range: bytes 0-11115/11116
Content-Length: 11116
cf-request-id: 09b248386400001f11633a9000000001
last-modified: Fri, 07 Aug 2020 14:20:50 GMT
server: cloudflare
etag: "5f2d6342-2b6c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qIXkDZZp82mhL59KzttltpCeU1wT5hSyiqAHyEls1Yv%2BzvjZvQlHXs%2Fiagoi51FZbNEBwmvep3cIgqQ6dinMIPqO0MjgAwiGM6DwlDNJ7GbQYxnCy%2FOjthoFWd1C%2BQ%3D%3D"}]}
content-type: video/mp4
access-control-allow-origin: *
access-control-allow-credentials: true
cf-ray: 6463dca0aaed1f11-FRA
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type

GET
H2 200 performanceMetrics Show response
buy.tinypass.com/api/v3/anon/assets/ 198 B
329 B 131ms
131ms Script
application/javascript 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/v3/anon/assets/performanceMetrics?aid=U1S2txQ29t&user_provider=piano_id&user_token=&callApiJsonp=true&callback=jQuery112406633006023556334_1619482576856&_=1619482576858

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c1e0ac00157abb61d3ed51c31f02c61bde760f57070f01943504e8df2167d767

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray: 6463dca21b8197ba-FRA
date: Tue, 27 Apr 2021 00:16:23 GMT
content-encoding: br
cf-cache-status: DYNAMIC
wn: prod-dash-10-0-90-233
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
p3p: CP="NON DSP COR OUR IND"
server-time: 0.001
cache-control: public, max-age=86400, s-maxage=86400
x-forwarded-https: on
content-type: application/javascript
cf-request-id: 09b248394c000097ba0625c000000001
x-request-id: Cbr47sqvyjH

GET
H/1.1 200
OK lreprx.js Show response
player.anyclip.com/lreprx/js/v1/src/ Frame 67F0 33 KB
10 KB 39ms
37ms Script
application/javascript 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://player.anyclip.com/lreprx/js/v1/src/lreprx.js?ad_tag=https%3A%2F%2Fvid.springserve.com%2Fvast%2F630417%3Fima%3D4%26w%3D780%26h%3D439%26url%3Dhttps%253A%252F%252Fbangordailynews.com%252F2021%252F04%252F23%252Fnews%252Fbangor%252Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%252F%26cb%3D383601507%26widgetid%3D0011r00002SRK6m_6242%26lob%3D%26clipid%3Dundefined%26key_custom1%3D%5Ew%3D0011r00002SRK6m_6242%5Ec%3Dundefined%5Ei%3D0%5Eab%3D%5Ev%3D0%5Ep%3Dbangordailynewscom%26key_custom2%3D%5Ed%3Dbangordailynews.com%5Eu%3D%5Edv%3D1%5Eco%3D%5Epl%3Da%26gdpr%3D%26consent%3D%26viewability%3D0%26schain%3D1.0%2C1!anyclip.com%2C0011r00002SRK6mAAH%2C1%2C%2C%2C%2C%26us_privacy%3D1---%26domain%3Dbangordailynews.com&sid=VjWJdR29ro6xwBDA91XCoUkc17c7ZRsk&imaw=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/loader.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash: b71963704e136edf961e62f8293a52e71ec294d069270d5108d41001a1aeea79

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 00:16:23 GMT
Content-Encoding: gzip
Age: 58166
Connection: keep-alive
Content-Length: 9324
x-amz-id-2: MvnKdu9HLNmuAOS6H9bV+ty3WcpDMJXgtwreNyioAibEuA1OxzR/5cnaw1nbFohcyQKUnARpFsw=
Last-Modified: Sun, 07 Mar 2021 09:26:06 GMT
Server: AmazonS3
Vary: Accept-Encoding
x-amz-request-id: 29JF1Q0DH5B7ECSG
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=60
x-amz-version-id: FaPWwIbbXX6vU3u1YrO_6kI7ChoCX9Rb
Accept-Ranges: bytes
Content-Type: application/javascript
X-LLID: 5f6e301b2980bdf70ffa7e68dc405541
Expires: Mon, 26 Apr 2021 08:07:57 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 83D6 36 KB
12 KB 38ms
23ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:14:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 122
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Tue, 27 Apr 2021 01:14:21 GMT

POST
H/1.1 200
OK abt Show response
capi.connatix.com/tr/ Frame C89E 0
300 B 136ms
136ms XHR
multipart/form-data 3.139.208.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/abt?v=115064
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.139.208.140 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-139-208-140.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Tue, 27 Apr 2021 00:16:23 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://bangordailynews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

GET
H2 200 630417 Show response
vid.springserve.com/vast/ Frame 67F0 5 KB
2 KB 179ms
42ms Fetch
application/xml 52.215.252.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/630417?ima=4&w=780&h=439&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&cb=383601507&widgetid=0011r00002SRK6m_6242&lob=&clipid=undefined&key_custom1=^w=0011r00002SRK6m_6242^c=undefined^i=0^ab=^v=0^p=bangordailynewscom&key_custom2=^d=bangordailynews.com^u=^dv=1^co=^pl=a&gdpr=&consent=&viewability=0&schain=1.0,1!anyclip.com,0011r00002SRK6mAAH,1,,,,&us_privacy=1---&domain=bangordailynews.com
Requested by: Host: player.anyclip.com
URL: https://player.anyclip.com/lreprx/js/v1/src/lreprx.js?ad_tag=https%3A%2F%2Fvid.springserve.com%2Fvast%2F630417%3Fima%3D4%26w%3D780%26h%3D439%26url%3Dhttps%253A%252F%252Fbangordailynews.com%252F2021%252F04%252F23%252Fnews%252Fbangor%252Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%252F%26cb%3D383601507%26widgetid%3D0011r00002SRK6m_6242%26lob%3D%26clipid%3Dundefined%26key_custom1%3D%5Ew%3D0011r00002SRK6m_6242%5Ec%3Dundefined%5Ei%3D0%5Eab%3D%5Ev%3D0%5Ep%3Dbangordailynewscom%26key_custom2%3D%5Ed%3Dbangordailynews.com%5Eu%3D%5Edv%3D1%5Eco%3D%5Epl%3Da%26gdpr%3D%26consent%3D%26viewability%3D0%26schain%3D1.0%2C1!anyclip.com%2C0011r00002SRK6mAAH%2C1%2C%2C%2C%2C%26us_privacy%3D1---%26domain%3Dbangordailynews.com&sid=VjWJdR29ro6xwBDA91XCoUkc17c7ZRsk&imaw=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.252.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-252-139.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: c683aa7da9c1a5c8f7001fae6c9ce22d20a05f9b70332a2dbd117a3b4b7700fe

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://bangordailynews.com
date: Tue, 27 Apr 2021 00:16:23 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-encoding: gzip
content-type: application/xml;charset=UTF-8

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 139ms
98ms Image
image/gif 52.70.144.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=i5lwowrnnztueuzummzwmzcdku2w443f&inx=0&rt=10044&val=1.1.11_183_prod&wnx=1&abc=&ty=xlo&v=0&ext=0&ta=1&lnx=0&sid=VjWJdR29ro6xwBDA91XCoUkc17c7ZRsk&pid=bangordailynewscom&wid=0011r00002SRK6m_6242&pt=a
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.144.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-144-100.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:23 GMT
last-modified: Wed, 30 Dec 2020 14:34:46 GMT
server: nginx
accept-ranges: bytes
etag: "5fec9006-23"
content-length: 35
content-type: image/gif

GET
H2

200

av Show response
pixfuture2-d.openx.net/v/1.0/ Frame AE99
Redirect Chain

https://pixfuture2-d.openx.net/v/1.0/av?auid=540462321&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-t...
https://pixfuture2-d.openx.net/v/1.0/av?cc=1&auid=540462321&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-l...

48 B
332 B

31ms
30ms

XHR
text/xml

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pixfuture2-d.openx.net/v/1.0/av?cc=1&auid=540462321&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&vht=360&vwd=640&cb=dc48515f86&us_privacy=1---&schain=1.0,1!pixfuture.com,231,1,MTEyMDIxLTA0LTI3IDEyMTI6MTYxNjoxODE4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.205.4 /
Resource Hash: a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 00:16:23 GMT
content-encoding: gzip
server: OXGW/16.205.4
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: text/xml
alt-svc: clear
content-length: 56
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Tue, 27 Apr 2021 00:16:23 GMT
via: 1.1 google
server: OXGW/16.205.4
location: https://pixfuture2-d.openx.net/v/1.0/av?cc=1&auid=540462321&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&vht=360&vwd=640&cb=dc48515f86&us_privacy=1---&schain=1.0,1!pixfuture.com,231,1,MTEyMDIxLTA0LTI3IDEyMTI6MTYxNjoxODE4
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://imasdk.googleapis.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

GET
H2 200 vpaid_982cce59.js Show response
vpaid.springserve.com/production/ Frame 67F0 483 KB
86 KB 175ms
53ms Script
application/javascript 2600:9000:20c8:6e00:15:6f6c:b180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_982cce59.js
Requested by: Host: player.anyclip.com
URL: https://player.anyclip.com/lreprx/js/v1/src/lreprx.js?ad_tag=https%3A%2F%2Fvid.springserve.com%2Fvast%2F630417%3Fima%3D4%26w%3D780%26h%3D439%26url%3Dhttps%253A%252F%252Fbangordailynews.com%252F2021%252F04%252F23%252Fnews%252Fbangor%252Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%252F%26cb%3D383601507%26widgetid%3D0011r00002SRK6m_6242%26lob%3D%26clipid%3Dundefined%26key_custom1%3D%5Ew%3D0011r00002SRK6m_6242%5Ec%3Dundefined%5Ei%3D0%5Eab%3D%5Ev%3D0%5Ep%3Dbangordailynewscom%26key_custom2%3D%5Ed%3Dbangordailynews.com%5Eu%3D%5Edv%3D1%5Eco%3D%5Epl%3Da%26gdpr%3D%26consent%3D%26viewability%3D0%26schain%3D1.0%2C1!anyclip.com%2C0011r00002SRK6mAAH%2C1%2C%2C%2C%2C%26us_privacy%3D1---%26domain%3Dbangordailynews.com&sid=VjWJdR29ro6xwBDA91XCoUkc17c7ZRsk&imaw=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c8:6e00:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 917a243df62d59505a727f26b2d8c554c02ba074e678fb4f0386a3e58f6df1a2

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 18:42:00 GMT
content-encoding: br
last-modified: Tue, 20 Apr 2021 18:40:58 GMT
server: AmazonS3
age: 538464
etag: W/"f71e7ede41bd33d400f47552243c4827"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 546db6834bf5885f55b5457c969e7ad6.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD50-C1
x-amz-cf-id: HSr8_yUA8qC9f4LmF0z6gkD3_3kM6VvlHyO7U04j7Q-643l0oAaOkQ==

GET
DATA 200
OK truncated
/ 777 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb705299f61aeec4baf4a54ed4621c97f86270f9fccc894e23e260285c4613aa

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3-29 200 bridge3.453.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 10EC 570 KB
186 KB 17ms
9ms Document
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03fa924099182c607c33fb7877f50e7de0ae3522e1bcff8f7247ae5e88a2b25b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.453.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 190793
date: Thu, 22 Apr 2021 15:44:13 GMT
expires: Fri, 22 Apr 2022 15:44:13 GMT
last-modified: Wed, 21 Apr 2021 20:50:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 376331
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 p-7ccbedljiLMl2.gif
pixel.quantserve.com/pixel/ Frame D7A8 35 B
210 B 11ms
8ms Image
image/gif 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-7ccbedljiLMl2.gif

Requested by

Host: serv-vdo.pixfuture.com
URL: https://serv-vdo.pixfuture.com/vpaid/ads-iframe.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 00:16:24 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK internel_req_demand.php
serv-vdo.pixfuture.com/www/delivery/ Frame D7A8 0
579 B 106ms
104ms Image
text/html 204.48.28.205
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serv-vdo.pixfuture.com/www/delivery/internel_req_demand.php?script=videoAds:&bidderCode=Appnexus_cs_int&zoneid=11
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.48.28.205 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Apr 2021 00:16:24 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Thu, 29 Apr 2021 00:16:24 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 67F0 0
119 B 298ms
94ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_982cce59.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://bangordailynews.com
date: Tue, 27 Apr 2021 00:16:24 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 bc2 Show response
bc-ssb-dub.springserve.com/ Frame 67F0 20 B
211 B 270ms
45ms XHR
application/json 52.208.222.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-ssb-dub.springserve.com/bc2?r=215e6dc6-0b6d-437c-9980-70932b337846-s.630417-d.388962-dc.83478&aid=316&det_d=bangordailynews.com&det_w=780
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_982cce59.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.222.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://bangordailynews.com
date: Tue, 27 Apr 2021 00:16:24 GMT
access-control-allow-credentials: true
server: nginx
content-length: 20
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 6EDC 36 KB
12 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:14:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 123
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Tue, 27 Apr 2021 01:14:21 GMT

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 67F0 334 KB
114 KB 18ms
17ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_982cce59.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d25942b7da85bc7cdb258cdb436227b1de7e3a2b50c61f7d7050eff911f88f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117044
x-xss-protection: 0
expires: Tue, 27 Apr 2021 00:16:24 GMT

GET
H3-29 200 bridge3.453.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame C4E2 570 KB
186 KB 12ms
6ms Document
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03fa924099182c607c33fb7877f50e7de0ae3522e1bcff8f7247ae5e88a2b25b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.453.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bangordailynews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://bangordailynews.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 190793
date: Thu, 22 Apr 2021 15:44:13 GMT
expires: Fri, 22 Apr 2022 15:44:13 GMT
last-modified: Wed, 21 Apr 2021 20:50:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 376331
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 67F0 44 KB
16 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Tue, 27 Apr 2021 00:16:24 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 07E9 36 KB
12 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:14:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 123
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Tue, 27 Apr 2021 01:14:21 GMT

GET
H/1.1 200
OK ptv Show response
secure.adnxs.com/ Frame 10EC 27 B
1 KB 140ms
77ms XHR
application/xml 185.33.220.242
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/ptv?id=14483186&vmaxduration=120&vskippable=1&vplaybackmethod=4&vwidth=640&vheight=360&vcontext=4&vframeworks=1,2&referrer=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&cb=b5bfd3071a&us_privacy=1---&schain=1.0,1!pixfuture.com,231,1,MTEyMDIxLTA0LTI3IDEyMTI6MTYxNjoxODE4

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Apr 2021 00:16:24 GMT
X-Proxy-Origin: 217.138.207.140; 217.138.207.140; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.140:80
AN-X-Request-Uuid: abe865a6-7b02-4ba7-acbd-734cab8cee83
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://imasdk.googleapis.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 27
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29 200 bridge3.453.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame A317 570 KB
186 KB 13ms
8ms Document
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03fa924099182c607c33fb7877f50e7de0ae3522e1bcff8f7247ae5e88a2b25b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.453.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 190793
date: Thu, 22 Apr 2021 15:44:13 GMT
expires: Fri, 22 Apr 2022 15:44:13 GMT
last-modified: Wed, 21 Apr 2021 20:50:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 376332
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 p-7ccbedljiLMl2.gif
pixel.quantserve.com/pixel/ Frame D7A8 35 B
210 B 9ms
7ms Image
image/gif 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-7ccbedljiLMl2.gif

Requested by

Host: serv-vdo.pixfuture.com
URL: https://serv-vdo.pixfuture.com/vpaid/ads-iframe.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 00:16:25 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK internel_req_demand.php
serv-vdo.pixfuture.com/www/delivery/ Frame D7A8 0
579 B 139ms
138ms Image
text/html 204.48.28.205
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serv-vdo.pixfuture.com/www/delivery/internel_req_demand.php?script=videoAds:&bidderCode=open_int&zoneid=11
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.48.28.205 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Apr 2021 00:16:25 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Thu, 29 Apr 2021 00:16:25 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame D8CF 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:14:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 124
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Tue, 27 Apr 2021 01:14:21 GMT

POST
H/1.1 200
OK st Show response
capi.connatix.com/tr/ Frame C89E 0
300 B 109ms
109ms XHR
multipart/form-data 3.139.208.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/st?v=115064
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.139.208.140 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-139-208-140.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Tue, 27 Apr 2021 00:16:25 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://bangordailynews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

GET
H3-29 200 bridge3.453.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame D24F 570 KB
186 KB 7ms
6ms Document
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03fa924099182c607c33fb7877f50e7de0ae3522e1bcff8f7247ae5e88a2b25b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.453.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bangordailynews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://bangordailynews.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 190793
date: Thu, 22 Apr 2021 15:44:13 GMT
expires: Fri, 22 Apr 2022 15:44:13 GMT
last-modified: Wed, 21 Apr 2021 20:50:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 376332
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 84FB 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:14:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 124
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Tue, 27 Apr 2021 01:14:21 GMT

GET
H3-29 200 ads Show response
pagead2.googlesyndication.com/gampad/ Frame C4E2 0
23 B 18ms
18ms XHR
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?iu=%2F127641337%2Fbangordailynews.com875242&description_url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&env=vp&correlator=2787510712318205&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=640x480&unviewed_position_start=1&vpmute=0&vpa=auto&cust_params=domainname%3Dbangordailynews.comA%26viewability%3D0&gdpr_consent=_755&gdpr=1&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&sdkv=h.3.453.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70%2C728x90&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&us_privacy=1---&sdki=44d&adk=2408233548&sdk_apis=2%2C8&sid=F2B38C62-BD9D-4DCA-A7A1-9873E42FB64F&eid=44739826&dlt=1619482582460&idt=2528&dt=1619482585414&scor=494834840555477&ged=ve4_td3_tt0_pd3_la3000_er3475.200.3634.500_vi0.0.1200.1600_vp0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:25 GMT
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-creative-id: -2
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 204
No Content 309154 Show response
search.spotxchange.com/openrtb/2.3/dados/ Frame 67F0 0
1 KB 275ms
109ms XHR
application/json 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/309154
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_982cce59.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Tue, 27 Apr 2021 00:16:25 GMT
X-SpotX-Timing-Transform: 0.000306
X-SpotX-Timing-SpotMarket: 0.057371
X-SpotX-Timing-Page-Mux: 0.000893
X-SpotX-Timing-Page-Require: 0.000289
X-fe: 034
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000029
X-SpotX-Timing-Page: 0.061285
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000299
Last-Modified: Tue, 27 Apr 2021 00:16:25 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.023856
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://bangordailynews.com
X-SpotX-Timing-Page-Misc: 0.002080
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.033515
X-SpotX-Timing-Page-URI: 0.000017
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

av Show response
pixfuture2-d.openx.net/v/1.0/ Frame A317
Redirect Chain

https://pixfuture2-d.openx.net/v/1.0/av?auid=540453138&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-t...
https://pixfuture2-d.openx.net/v/1.0/av?cc=1&auid=540453138&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-l...

48 B
248 B

28ms
27ms

XHR
text/xml

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pixfuture2-d.openx.net/v/1.0/av?cc=1&auid=540453138&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&vht=360&vwd=640&cb=cd0892603b&us_privacy=1---&schain=1.0,1!pixfuture.com,231,1,MTEyMDIxLTA0LTI3IDEyMTI6MTYxNjoxODE4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.205.4 /
Resource Hash: a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 00:16:25 GMT
content-encoding: gzip
server: OXGW/16.205.4
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: text/xml
alt-svc: clear
content-length: 56
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Tue, 27 Apr 2021 00:16:25 GMT
via: 1.1 google
server: OXGW/16.205.4
location: https://pixfuture2-d.openx.net/v/1.0/av?cc=1&auid=540453138&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&vht=360&vwd=640&cb=cd0892603b&us_privacy=1---&schain=1.0,1!pixfuture.com,231,1,MTEyMDIxLTA0LTI3IDEyMTI6MTYxNjoxODE4
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://imasdk.googleapis.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

GET
H3-29 200 bridge3.453.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame BD3B 570 KB
186 KB 7ms
7ms Document
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03fa924099182c607c33fb7877f50e7de0ae3522e1bcff8f7247ae5e88a2b25b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.453.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 190793
date: Thu, 22 Apr 2021 15:44:13 GMT
expires: Fri, 22 Apr 2022 15:44:13 GMT
last-modified: Wed, 21 Apr 2021 20:50:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 376332
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 p-7ccbedljiLMl2.gif
pixel.quantserve.com/pixel/ Frame D7A8 35 B
210 B 8ms
7ms Image
image/gif 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-7ccbedljiLMl2.gif

Requested by

Host: serv-vdo.pixfuture.com
URL: https://serv-vdo.pixfuture.com/vpaid/ads-iframe.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 00:16:25 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK internel_req_demand.php
serv-vdo.pixfuture.com/www/delivery/ Frame D7A8 0
579 B 109ms
105ms Image
text/html 204.48.28.205
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serv-vdo.pixfuture.com/www/delivery/internel_req_demand.php?script=videoAds:&bidderCode=Appnexus_cs_int&zoneid=11
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.48.28.205 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Apr 2021 00:16:25 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Thu, 29 Apr 2021 00:16:25 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 7FFE 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:14:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 124
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Tue, 27 Apr 2021 01:14:21 GMT

GET
H/1.1 200
OK 300752 Show response
search.spotxchange.com/vast/2.0/ Frame 67F0 67 B
1 KB 107ms
105ms XHR
text/xml 185.94.180.124
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/vast/2.0/300752?VPAID=js&content_page_url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&player_width=780&player_height=439&cb=1619482583729&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_982cce59.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.124 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: 78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 00:16:25 GMT
Content-Encoding: gzip
X-SpotX-Timing-Transform: 0.000273
X-SpotX-Timing-SpotMarket: 0.053310
X-SpotX-Timing-Page-Mux: 0.000674
X-SpotX-Timing-Page-Require: 0.000297
X-fe: 103
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000023
Content-Length: 77
X-SpotX-Timing-Page: 0.056955
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000382
Last-Modified: Tue, 27 Apr 2021 00:16:25 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Vary: Accept-Encoding
X-SpotX-Timing-SpotMarket-Primary: 0.018921
Content-Type: text/xml;charset=UTF-8
Access-Control-Allow-Origin: https://bangordailynews.com
X-SpotX-Timing-Page-Misc: 0.001986
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.034389
X-SpotX-Timing-Page-URI: 0.000009
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3-29 200 ads Show response
pagead2.googlesyndication.com/gampad/live/ Frame D24F 0
24 B 182ms
181ms XHR
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/live/ads?iu=%2F8749%2FBDN_Ora&description_url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4196596235178688&sdkv=h.3.453.0&osd=2&frm=1&vis=1&sdr=1&hl=en&afvsz=200x200%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&us_privacy=1---&gdpr=1&gdpr_consent=tcunavailable&sdki=44d&adk=3360247788&sdk_apis=2%2C7%2C8&sid=E35C8B56-53E1-4EA5-AB9F-A8F14AC2498C&eid=44736271%2C44739826&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&dlt=1619482573310&idt=12033&dt=1619482585782&scor=4120391196744690&ged=ve4_td13_tt5_pd13_la13000_er1843.317.1996.617_vi0.0.1200.1600_vp0_ts4_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ltt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:25 GMT
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: ltt
google-creative-id: -2
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 99ms
99ms Image
image/gif 52.70.144.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=&inx=&rt=12298&val=0&wnx=0&abc=&ty=grf&v=0&ext=0&ta=1&lnx=0&sid=VjWJdR29ro6xwBDA91XCoUkc17c7ZRsk&pid=bangordailynewscom&wid=0011r00002SRK6m_6242&pt=a
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.144.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-144-100.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:25 GMT
last-modified: Wed, 30 Dec 2020 14:34:46 GMT
server: nginx
accept-ranges: bytes
etag: "5fec9006-23"
content-length: 35
content-type: image/gif

GET
H2 200 bc2 Show response
bc-ssb-dub.springserve.com/ Frame 67F0 20 B
210 B 128ms
127ms XHR
application/json 52.208.222.238
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bc-ssb-dub.springserve.com/bc2?r=215e6dc6-0b6d-437c-9980-70932b337846-s.630417-d.880466-dc.67255_s.624019-d.388976-dc.130942&aid=316&det_d=bangordailynews.com&det_w=780
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_982cce59.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.208.222.238 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://bangordailynews.com
date: Tue, 27 Apr 2021 00:16:25 GMT
access-control-allow-credentials: true
server: nginx
content-length: 20
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json

GET
H/1.1 200
OK cygnus Show response
as-sec.casalemedia.com/ Frame 67F0 46 B
375 B 179ms
105ms Script
text/javascript 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/cygnus?fn=indexResponse215e6dc677&v=8.8&s=631839&r=%7B%22id%22%3A%22215e6dc677%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F%22%2C%22ref%22%3A%22https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F%22%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%220%22%2C%22video%22%3A%7B%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%2C%22video%2Fwebm%22%2C%22video%2Fogg%22%5D%2C%22minduration%22%3A0%2C%22maxduration%22%3A200%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%5D%2C%22w%22%3A780%2C%22h%22%3A439%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22playbackmethod%22%3A%5B3%5D%2C%22startdelay%22%3A0%2C%22placement%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22pr_1_1_s%22%2C%22custom%22%3A%22videoPlayback%22%7D%2C%22bidfloor%22%3A1.25%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22anyclip.com%22%2C%22hp%22%3A1%2C%22sid%22%3A%220011r00002SRK6mAAH%22%7D%5D%2C%22complete%22%3A1%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%7D
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_982cce59.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: cf0cd855663bd1226da911826f964b0779fb9364ff004ef573c4595171bbc78f

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Apr 2021 00:16:26 GMT
Content-Encoding: gzip
Server: Apache
Vary: Is-Traffic-Invalid,Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 58
Expires: Tue, 27 Apr 2021 00:16:26 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ Frame 67F0 165 B
1 KB 131ms
72ms XHR
application/json 185.33.220.242
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_982cce59.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

26922cd46ce28b19b7590e0ac1c4257b7d527fdb93de823a41198cb7b87a983d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Tue, 27 Apr 2021 00:16:26 GMT
X-Proxy-Origin: 217.138.207.140; 217.138.207.140; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.222.247:80
AN-X-Request-Uuid: 0cde88de-3394-43f0-bdda-f4a42ea3bd5a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://bangordailynews.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 165
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 hb Show response
ice.360yield.com/ Frame 67F0 85 B
505 B 139ms
79ms XHR
application/json 18.194.102.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ice.360yield.com/hb?jsonp=%7B%22bid_request%22%3A%7B%22id%22%3A%22215e6dc6%22%2C%22version%22%3A%227.0.0-JS-6.3.0%22%2C%22domain%22%3A%22bangordailynews.com%22%2C%22page%22%3A%22https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F%22%2C%22referrer%22%3A%22https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F%22%2C%22secure%22%3A1%2C%22imp%22%3A%5B%7B%22currency%22%3A%22USD%22%2C%22pid%22%3A22478177%2C%22bidfloor%22%3A1.25%2C%22ad_types%22%3A%5B%22video%22%5D%2C%22id%22%3A%22215e6dc6%22%2C%22banner%22%3A%7B%7D%7D%5D%2C%22us_privacy%22%3A%221---%22%2C%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22anyclip.com%22%2C%22hp%22%3A1%2C%22sid%22%3A%220011r00002SRK6mAAH%22%7D%5D%2C%22complete%22%3A1%7D%7D%7D
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_982cce59.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.102.50 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 9b82c70aa711f693e63060c17ffdd85c1ed95c7b6a39b08f8eb91430a97228ae

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://bangordailynews.com
date: Tue, 27 Apr 2021 00:16:26 GMT
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
content-length: 85
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

POST
H2 204 / Show response
hb.emxdgt.com/ Frame 67F0 0
162 B 122ms
50ms XHR
text/plain 18.194.69.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=&ts=1619482585985&src=pbjs
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_982cce59.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.69.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://bangordailynews.com
date: Tue, 27 Apr 2021 00:16:26 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

GET
H2 200 gaAccount Show response
buy.tinypass.com/api/v3/anon/assets/ 109 B
433 B 153ms
151ms Script
application/javascript 2606:4700::6811:bab1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://buy.tinypass.com/api/v3/anon/assets/gaAccount?aid=U1S2txQ29t&user_provider=piano_id&user_token=&callApiJsonp=true&callback=jQuery112406633006023556334_1619482576856&_=1619482576859

Requested by

Host: buy.tinypass.com
URL: https://buy.tinypass.com/api/tinypass.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:bab1 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

87f32eeb22c2685e1b08e93665bc2590f905d61cd9ddf645c5bc3e1ec58b818b

Security Headers

Name	Value
Strict-Transport-Security	max-age=60; includeSubDomains

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

cf-ray: 6463dcb2febf97ba-FRA
date: Tue, 27 Apr 2021 00:16:26 GMT
content-encoding: br
cf-cache-status: DYNAMIC
wn: prod-dash-10-0-89-107
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=60; includeSubDomains
p3p: CP="NON DSP COR OUR IND"
server-time: 0.001
cache-control: public, max-age=86400, s-maxage=86400
x-forwarded-https: on
content-type: application/javascript
cf-request-id: 09b24843d8000097ba07032000000001
x-request-id: Cer47sqS0lr

POST
H2 200 i Show response
vid-io-dub.springserve.com/vd/ Frame 67F0 0
120 B 140ms
54ms XHR
text/plain 54.195.68.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io-dub.springserve.com/vd/i?suuid=215e6dc6&ps_id=630417&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_982cce59.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.195.68.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://bangordailynews.com
date: Tue, 27 Apr 2021 00:16:26 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0

GET
H/1.1 200
OK ptv Show response
secure.adnxs.com/ Frame BD3B 27 B
1 KB 89ms
88ms XHR
application/xml 185.33.220.242
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/ptv?id=14483184&vmaxduration=120&vskippable=1&vplaybackmethod=4&vwidth=640&vheight=360&vcontext=4&vframeworks=1,2&referrer=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&cb=ff23f45715&us_privacy=1---&schain=1.0,1!pixfuture.com,231,1,MTEyMDIxLTA0LTI3IDEyMTI6MTYxNjoxODE4

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Apr 2021 00:16:26 GMT
X-Proxy-Origin: 217.138.207.140; 217.138.207.140; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.49:80
AN-X-Request-Uuid: e58fc7c3-59cb-47c4-9140-f0dbde848cc3
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://imasdk.googleapis.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 27
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 3223
date: Mon, 26 Apr 2021 23:22:43 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Tue, 27 Apr 2021 01:22:43 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 14ms
13ms XHR
text/plain 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=313006227&t=event&ni=1&_s=1&dl=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&ul=en-us&de=UTF-8&dt=Holden%20brothers%20sue%20Northern%20Light%20over%20data%20breach%20they%20claim%20left%20them%20vulnerable%20to%20identity%20theft&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=showOffer&ea=%20offerId_OFTT8RQJHOEV____templateId_OT4SMJA264JI____aid_U1S2txQ29t&el=Show%20offer%20offerId%3AOFTT8RQJHOEV%20templateId%3AOT4SMJA264JI%20aid%3AU1S2txQ29t&_u=6GjACUALBAQCAG~&jid=1839354020&gjid=1943415373&cid=1847752240.1619482579&tid=UA-5329647-52&_gid=941743403.1619482586&_r=1&_slc=1&z=1651589236

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 00:16:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bangordailynews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 analytics.js Show response
www.google-analytics.com/ Frame 7B99 48 KB
19 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://buy.tinypass.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 3223
date: Mon, 26 Apr 2021 23:22:43 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Tue, 27 Apr 2021 01:22:43 GMT

POST
H3-29 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 26ms
13ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-5329647-52&cid=1847752240.1619482579&jid=1839354020&gjid=1943415373&_gid=941743403.1619482586&_u=6GjACUALBAQCAG~&z=1908107999

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 27 Apr 2021 00:16:26 GMT
content-type: text/plain
access-control-allow-origin: https://bangordailynews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 bridge3.453.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame C8A8 570 KB
186 KB 7ms
6ms Document
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03fa924099182c607c33fb7877f50e7de0ae3522e1bcff8f7247ae5e88a2b25b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.453.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 190793
date: Thu, 22 Apr 2021 15:44:13 GMT
expires: Fri, 22 Apr 2022 15:44:13 GMT
last-modified: Wed, 21 Apr 2021 20:50:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 376333
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 p-7ccbedljiLMl2.gif
pixel.quantserve.com/pixel/ Frame D7A8 35 B
210 B 8ms
8ms Image
image/gif 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-7ccbedljiLMl2.gif

Requested by

Host: serv-vdo.pixfuture.com
URL: https://serv-vdo.pixfuture.com/vpaid/ads-iframe.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 00:16:26 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK internel_req_demand.php
serv-vdo.pixfuture.com/www/delivery/ Frame D7A8 0
579 B 109ms
104ms Image
text/html 204.48.28.205
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serv-vdo.pixfuture.com/www/delivery/internel_req_demand.php?script=videoAds:&bidderCode=open_int&zoneid=11
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.48.28.205 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Apr 2021 00:16:26 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Thu, 29 Apr 2021 00:16:26 GMT

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 24ms
20ms Image
image/gif 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-5329647-52&cid=1847752240.1619482579&jid=1839354020&_u=6GjACUALBAQCAG~&z=225428510

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 00:16:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ga-audiences
www.google.de/ads/ 42 B
63 B 19ms
17ms Image
image/gif 2a00:1450:4001:80e::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-5329647-52&cid=1847752240.1619482579&jid=1839354020&_u=6GjACUALBAQCAG~&z=225428510

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 00:16:26 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 2C8B 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:14:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 125
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Tue, 27 Apr 2021 01:14:21 GMT

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 100ms
99ms Image
image/gif 52.70.144.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=i5lwowrnnztueuzummzwmzcdku2w443f&inx=0&rt=12804&val=An+unexpected+error+occurred+within+the+VPAID+creative.+Refer+to+the+inner+error+for+more+info.+%7C%7C+Error%3A+NO_FILL&wnx=1&abc=&ty=aer&v=0&ext=0&ta=1&lnx=0&sid=VjWJdR29ro6xwBDA91XCoUkc17c7ZRsk&pid=bangordailynewscom&wid=0011r00002SRK6m_6242&pt=a&anx=1&arx=1&crt=0&s=0&aty=vid&tty=ac&rol=mid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.144.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-144-100.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:26 GMT
last-modified: Wed, 30 Dec 2020 14:34:46 GMT
server: nginx
accept-ranges: bytes
etag: "5fec9006-23"
content-length: 35
content-type: image/gif

GET
H/1.1 206
Partial Content 1619104278576_852x480_video.mp4
cdn5.anyclip.com/GWgZ-ngBS4c3fdCU5nse/ 960 KB
0 29ms
28ms Media
video/mp4 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn5.anyclip.com/GWgZ-ngBS4c3fdCU5nse/1619104278576_852x480_video.mp4?wid=0011r00002SRK6m_6242
Requested by: Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash

Request headers

Referer: https://bangordailynews.com/
Accept-Encoding: identity;q=1, *;q=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Range: bytes=0-

Response headers

Date: Tue, 27 Apr 2021 00:16:26 GMT
Last-Modified: Thu, 22 Apr 2021 15:11:19 GMT
Server: AmazonS3
Age: 8929
x-amz-id-2: GCMQFgSxZJaC5bZ0TdJ2bN9vN4FklNstsZ2UJ9IeFSwp/nmK4ERCu44aSVyOeQCTta4rzk4KZZc=
Content-Type: video/mp4
Content-Range: bytes 0-11604142/11604143
Cache-Control: public,max-age=86400
x-amz-request-id: A79WAZXX9Q9G0WFX
Connection: keep-alive
Accept-Ranges: bytes
Access-Control-Allow-Origin: *
Content-Length: 11604143
X-LLID: 7427e0a747b238950a10b3922cce3f53

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 345ms
345ms Image
image/gif 52.70.144.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=i5lwowrnnztueuzummzwmzcdku2w443f&inx=0&rt=13021&val=1&wnx=1&abc=&ty=cla&v=0&ext=0&ta=1&lnx=0&sid=VjWJdR29ro6xwBDA91XCoUkc17c7ZRsk&pid=bangordailynewscom&wid=0011r00002SRK6m_6242&pt=a
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.144.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-144-100.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:26 GMT
last-modified: Wed, 30 Dec 2020 14:34:46 GMT
server: nginx
accept-ranges: bytes
etag: "5fec9006-23"
content-length: 35
content-type: image/gif

GET
H/1.1 200
OK pause.svg
assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/ 758 B
1 KB 43ms
42ms Image
image/svg+xml 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/pause.svg?hash=55977d5a99
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash: d544eae637d61ee786c0a45bb0a7f250f9280bcd2ea1576655a761f1d397b8df

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 00:16:26 GMT
Content-Encoding: gzip
Age: 2958
Connection: keep-alive
Content-Length: 426
x-amz-id-2: pwQ4BccTl3xu4hcG4EEqMuGkgBdLgswri452ajCrVFunhV7elfgdUd4Tx9luZcp+/EZHGwBJCMU=
Last-Modified: Thu, 09 Aug 2018 13:37:34 GMT
Server: AmazonS3
Vary: Accept-Encoding
x-amz-request-id: C6D5400B3114C6E3
Access-Control-Allow-Origin: *
Expires: Tue, 27 Apr 2021 03:27:08 GMT
Cache-Control: public,max-age=14400
x-amz-version-id: COllNS2vUDfTYhxXvQJ57jWZVnnMficH
Accept-Ranges: bytes
Content-Type: image/svg+xml
X-LLID: a2a3d171c5ad95047a0053fcacfd99ec
x-amz-meta-s3b-last-modified: 20180704T113405Z

GET
H/1.1 200
OK volume-off.svg
assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/ 901 B
1 KB 43ms
42ms Image
image/svg+xml 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/volume-off.svg?hash=55977d5a99
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash: 2bf4b5202559dbe01d8188a3adb26d68755a69064f233ef63f284b08efaed6ad

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 00:16:26 GMT
Content-Encoding: gzip
Age: 1982
Connection: keep-alive
Content-Length: 521
x-amz-id-2: Cqh+mlrONOH/wc7a/m3Q9U7Kz08wV1Yr0heatOAdYVK7gs5aXKj8UCFPjSbDcXUEfkPA9e/wI6M=
Last-Modified: Sun, 12 Aug 2018 11:52:27 GMT
Server: AmazonS3
Vary: Accept-Encoding
x-amz-request-id: C0D1F04334E80FDB
Access-Control-Allow-Origin: *
Expires: Tue, 27 Apr 2021 03:43:24 GMT
Cache-Control: public,max-age=14400
x-amz-version-id: LD1v9d__0LhgJzdvbwPuMTNvxNdup1gK
Accept-Ranges: bytes
Content-Type: image/svg+xml
X-LLID: a1270441ce795fa527be3dd9b70fcfa9
x-amz-meta-s3b-last-modified: 20180812T115113Z

GET
H/1.1 200
OK cc-hidden.svg
assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/ 909 B
1 KB 82ms
34ms Image
image/svg+xml 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/cc-hidden.svg?hash=55977d5a99
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash: 2391cc30306861b59fcdb16b83a8f427ee342e5f5d6e8299a91d586687e8bef2

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 00:16:26 GMT
Content-Encoding: gzip
Age: 9156
Connection: keep-alive
Content-Length: 458
x-amz-id-2: uxa9DFI/0a6EJQhaDHRQ/OBzyTQx2REonEpKJDsLeMKts+Px+jfRA7JRRtH9kkt9rBcF/csUnNQ=
Last-Modified: Wed, 13 Nov 2019 11:51:46 GMT
Server: AmazonS3
Vary: Accept-Encoding
x-amz-request-id: 767E599404B79C11
Access-Control-Allow-Origin: *
Expires: Tue, 27 Apr 2021 01:43:50 GMT
Cache-Control: public,max-age=14400
x-amz-version-id: y.QX4vCTrlpSO9kX_WB6RqB1CKq9apE_
Accept-Ranges: bytes
Content-Type: image/svg+xml
X-LLID: 9ec4953e09bd6fadfacbf63f7b78960f
x-amz-meta-s3b-last-modified: 20191113T095137Z

GET
H/1.1 200
OK fullscreen.svg
assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/ 1 KB
1 KB 81ms
34ms Image
image/svg+xml 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/fullscreen.svg?hash=55977d5a99
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash: 0b7b74a139779fba8e1d17d597aa7cbffa27bd33d2b5c43d8039264c2a627412

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 00:16:26 GMT
Content-Encoding: gzip
Age: 2853
Connection: keep-alive
Content-Length: 524
x-amz-id-2: BRh90W2EfVzECaSH5h6jfUSFDTvgYjWMypRYQrJp7lo8LXFtr2iKyo+wwxm5PYvFOhZO6qVjHDA=
Last-Modified: Thu, 09 Aug 2018 13:37:33 GMT
Server: AmazonS3
Vary: Accept-Encoding
x-amz-request-id: D79B0CDA8EB8F2DB
Access-Control-Allow-Origin: *
Expires: Tue, 27 Apr 2021 03:28:53 GMT
Cache-Control: public,max-age=14400
x-amz-version-id: U03j5muVk7AbvhQemSaiRqevJSRY_Dma
Accept-Ranges: bytes
Content-Type: image/svg+xml
X-LLID: 47f42983ec478eee83b9a5e8d06df37e
x-amz-meta-s3b-last-modified: 20180704T113429Z

GET
H/1.1 200
OK next.svg
assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/ 729 B
1 KB 87ms
37ms Image
image/svg+xml 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://assets.anyclip.com/anyclip-widget/lre-widget/assets/lre_theme/next.svg?hash=55977d5a99
Requested by: Host: bangordailynews.com
URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash: 55775baf70d2f1d40bac3a60de82e8e42b7e34687802f73671f25f2f60fdc6d4

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 00:16:26 GMT
Content-Encoding: gzip
Age: 2959
Connection: keep-alive
Content-Length: 461
x-amz-id-2: aZiDwTlw4rciTlz48Jhfji0MF1tA2KOd+P1qYYUg8NE7marJLgmCvgIWPlvmWLDv8DtP+5AGNHI=
Last-Modified: Thu, 09 Aug 2018 13:37:34 GMT
Server: AmazonS3
Vary: Accept-Encoding
x-amz-request-id: CC3D2AF47BC35EBB
Access-Control-Allow-Origin: *
Expires: Tue, 27 Apr 2021 03:27:07 GMT
Cache-Control: public,max-age=14400
x-amz-version-id: 9oEyfyolAdum9dgyt9Cw6qZIm50OH1cD
Accept-Ranges: bytes
Content-Type: image/svg+xml
X-LLID: 3b257e49eabe079ad8e93672256fc38e
x-amz-meta-s3b-last-modified: 20180704T113415Z

GET
DATA 200
OK truncated
/ 4 KB
4 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Origin: https://bangordailynews.com
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/font-woff;charset=utf-8

GET
H2

200

av Show response
pixfuture2-d.openx.net/v/1.0/ Frame C8A8
Redirect Chain

https://pixfuture2-d.openx.net/v/1.0/av?auid=540453133&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-t...
https://pixfuture2-d.openx.net/v/1.0/av?cc=1&auid=540453133&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-l...

48 B
248 B

30ms
29ms

XHR
text/xml

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pixfuture2-d.openx.net/v/1.0/av?cc=1&auid=540453133&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&vht=360&vwd=640&cb=d9d0505b5f&us_privacy=1---&schain=1.0,1!pixfuture.com,231,1,MTEyMDIxLTA0LTI3IDEyMTI6MTYxNjoxODE4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.205.4 /
Resource Hash: a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 00:16:26 GMT
content-encoding: gzip
server: OXGW/16.205.4
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: text/xml
alt-svc: clear
content-length: 56
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Tue, 27 Apr 2021 00:16:26 GMT
via: 1.1 google
server: OXGW/16.205.4
location: https://pixfuture2-d.openx.net/v/1.0/av?cc=1&auid=540453133&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&vht=360&vwd=640&cb=d9d0505b5f&us_privacy=1---&schain=1.0,1!pixfuture.com,231,1,MTEyMDIxLTA0LTI3IDEyMTI6MTYxNjoxODE4
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://imasdk.googleapis.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

GET
H3-29 200 bridge3.453.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame AB3E 570 KB
186 KB 7ms
6ms Document
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03fa924099182c607c33fb7877f50e7de0ae3522e1bcff8f7247ae5e88a2b25b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.453.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 190793
date: Thu, 22 Apr 2021 15:44:13 GMT
expires: Fri, 22 Apr 2022 15:44:13 GMT
last-modified: Wed, 21 Apr 2021 20:50:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 376333
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK internel_req_demand.php
serv-vdo.pixfuture.com/www/delivery/ Frame D7A8 0
579 B 107ms
105ms Image
text/html 204.48.28.205
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serv-vdo.pixfuture.com/www/delivery/internel_req_demand.php?script=videoAds:&bidderCode=aol_cs_int&zoneid=11
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.48.28.205 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Apr 2021 00:16:27 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Thu, 29 Apr 2021 00:16:27 GMT

GET
H2 200 p-7ccbedljiLMl2.gif
pixel.quantserve.com/pixel/ Frame D7A8 35 B
210 B 10ms
8ms Image
image/gif 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-7ccbedljiLMl2.gif

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 00:16:27 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 5533 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:14:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 126
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Tue, 27 Apr 2021 01:14:21 GMT

GET
DATA 200
OK truncated
/ Frame AB3E 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AB3E 0
20 B 16ms
16ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?mode=2&lid=41&sdkv=h.3.453.0&id=ima_html5&c=4003214741126467&domain

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 00:16:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AB3E 0
20 B 17ms
17ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?delay=0&vpaidadapter=f&request_type=thirdparty&ctv=0&lid=6&sdkv=h.3.453.0&e=44739826&id=ima_html5&c=4003214741126467&domain

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 00:16:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AB3E 0
20 B 16ms
16ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?step=sendingMessage&logid=0.49445344849561845&time=1619482587519&lid=43&sdkv=h.3.453.0&e=44739826&id=ima_html5&c=4003214741126467&domain

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 00:16:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK 1cOB4sKZGVtuf69VhZVrMN3zAw0BCUWiKk2GoZrIK3yg63SWosWzAw== Show response
ads.adaptv.advertising.com/a/h/ Frame AB3E 249 B
551 B 147ms
38ms XHR
text/xml 18.159.16.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/1cOB4sKZGVtuf69VhZVrMN3zAw0BCUWiKk2GoZrIK3yg63SWosWzAw==?cb=e3e01a1510&gdpr=0&gdpr_consent=undefined&pet=preroll&pageUrl=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&duration=120&pi.width=640&pi.height=360&pi.viewable=1&a.ip=217.138.207.140&a.ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F89.0.4389.72+Safari%2F537.36&eov=eov&us_privacy=1---&schain=1.0,1!pixfuture.com,231,1,MTEyMDIxLTA0LTI3IDEyMTI6MTYxNjoxODE4

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.159.16.69 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

adaptv/1.0 /

Resource Hash

6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AB3E 0
20 B 15ms
14ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?step=receivedResponse&time=1619482587522&timeout=f&logid=0.49445344849561845&timediff=3&lid=43&sdkv=h.3.453.0&e=44739826&id=ima_html5&c=4003214741126467&domain

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 00:16:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AB3E 0
20 B 15ms
14ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?rt=thirdparty&lid=17&sdkv=h.3.453.0&e=44739826&id=ima_html5&c=4003214741126467&domain

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 00:16:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AB3E 0
20 B 15ms
15ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?catu=f&cookiesen=t&doesgdpr=t&gdprapp=1&gdprcmpapp=1&gdprload=t&idlsena=t&rt=thirdparty&storallow=f&tcstr=undefined&hpadid=f&hpaid=f&hpatt=f&hpcke=f&hpckvalue=f&hpgapp1=f&hpidtype=f&hpilat=f&hprdid=f&lid=137&sdkv=h.3.453.0&e=44739826&id=ima_html5&c=4003214741126467&domain

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 00:16:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 action
trafficmanager.anyclip.com/trafficmanager/api/videos/video/ 0
0 102ms
99ms Fetch 52.203.28.84
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trafficmanager.anyclip.com/trafficmanager/api/videos/video/action
Requested by: Host: player.anyclip.com
URL: https://player.anyclip.com/anyclip-widget/lre-widget/prod/v1/src/lre.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.203.28.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/json

Response headers

access-control-allow-origin: https://bangordailynews.com
date: Tue, 27 Apr 2021 00:16:27 GMT
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
content-length: 0
access-control-allow-methods: GET,POST

OPTIONS
H2 200 action
trafficmanager.anyclip.com/trafficmanager/api/videos/video/ Frame 0
0 100ms
99ms Preflight
text/plain 52.203.28.84
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://trafficmanager.anyclip.com/trafficmanager/api/videos/video/action
Protocol: H2
Server: 52.203.28.84 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://bangordailynews.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Tue, 27 Apr 2021 00:16:27 GMT
content-type: text/plain
content-length: 13
access-control-allow-origin: https://bangordailynews.com
access-control-allow-credentials: true
access-control-allow-methods: GET,POST
access-control-allow-headers: Content-Type
allow: POST,OPTIONS

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 100ms
99ms Image
image/gif 52.70.144.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=i5lwowrnnztueuzummzwmzcdku2w443f&inx=0&rt=14064&val=&wnx=1&abc=&ty=cmp&v=0&ext=0&ta=1&lnx=0&sid=VjWJdR29ro6xwBDA91XCoUkc17c7ZRsk&pid=bangordailynewscom&wid=0011r00002SRK6m_6242&pt=a
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.144.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-144-100.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:27 GMT
last-modified: Wed, 30 Dec 2020 14:34:46 GMT
server: nginx
accept-ranges: bytes
etag: "5fec9006-23"
content-length: 35
content-type: image/gif

GET
H3-29 200 bridge3.453.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame D74A 570 KB
186 KB 6ms
6ms Document
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03fa924099182c607c33fb7877f50e7de0ae3522e1bcff8f7247ae5e88a2b25b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.453.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 190793
date: Thu, 22 Apr 2021 15:44:13 GMT
expires: Fri, 22 Apr 2022 15:44:13 GMT
last-modified: Wed, 21 Apr 2021 20:50:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 376334
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 p-7ccbedljiLMl2.gif
pixel.quantserve.com/pixel/ Frame D7A8 35 B
210 B 11ms
9ms Image
image/gif 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-7ccbedljiLMl2.gif

Requested by

Host: serv-vdo.pixfuture.com
URL: https://serv-vdo.pixfuture.com/vpaid/ads-iframe.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 00:16:27 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK internel_req_demand.php
serv-vdo.pixfuture.com/www/delivery/ Frame D7A8 0
579 B 119ms
118ms Image
text/html 204.48.28.205
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serv-vdo.pixfuture.com/www/delivery/internel_req_demand.php?script=videoAds:&bidderCode=aol_cs_int&zoneid=11
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.48.28.205 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Apr 2021 00:16:27 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Thu, 29 Apr 2021 00:16:27 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 8D70 36 KB
12 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:14:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 126
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Tue, 27 Apr 2021 01:14:21 GMT

GET
H/1.1 200
OK 1cOB4sKZGVtuf69VhZVrMCSPYDez0LhhKrCINBW6Tb+g63SWosWzAw== Show response
ads.adaptv.advertising.com/a/h/ Frame D74A 3 KB
1 KB 36ms
35ms XHR
text/xml 18.159.16.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.159.16.69 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

adaptv/1.0 /

Resource Hash

b7ba3f00cd58fd87d58bafb0a35aa3074415f1be61a1176b2571b67633ea2860

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 1122
expires: 0

POST
H2 204 csi
csi.gstatic.com/ Frame D74A 0
54 B 160ms
160ms Ping
image/gif 2607:f8b0:4001:c13::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~knza4a5o&c=8048559770373&slotId=4024279885186.5&fb=ima-html5&sdkv=h.3.453.0&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&vmfc=1&vhc=0&ccc=5&ccrh=5&ccri=0&ccrs=0&ccru=0&ccrhc=true&ghmsh_eids=44739826
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4001:c13::5e Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 00:16:28 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 loader.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame E950 50 KB
18 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/loader.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

733f87f07bd9fe3cb01564f66523fbbcc3bb54614363eda52236e5cd32ca3d5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:10:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 21 Apr 2021 20:57:11 GMT
server: sffe
age: 368
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18070
x-xss-protection: 0
expires: Tue, 27 Apr 2021 00:25:20 GMT

GET
H2 200 o2shim Show response
acds.prod.vidible.tv/ Frame E950 15 KB
7 KB 139ms
38ms Script
application/javascript 54.195.94.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://acds.prod.vidible.tv/o2shim?companionId=&cpmPassback=&placementId=1003583&orgId=24140&injectCompanionDummy=&pauseOnClick=&d.vw=&d.app=&r=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&vrid=c453a250-7e53-43b3-a06a-65e54eeeb5e5&pblob=
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.195.94.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: ced3396659da3b27d6ecf1b301ce2647754b6e6c6059bddebca39378c1e058fc

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:28 GMT
content-encoding: gzip
access-control-max-age: 3600
access-control-allow-methods: POST, GET, HEAD, PUT, PATCH, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-headers
content-length: 6726

POST
H/1.1 200
OK abt Show response
capi.connatix.com/tr/ Frame C89E 0
300 B 116ms
116ms XHR
multipart/form-data 3.139.208.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/abt?v=115064
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.139.208.140 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-139-208-140.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Tue, 27 Apr 2021 00:16:28 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://bangordailynews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

GET
H/1.1 200
OK i
www.i.matheranalytics.com/ 43 B
245 B 101ms
100ms Image
image/gif 35.168.95.93
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.i.matheranalytics.com/i?e=pe&tv=js-3.0.109&tna=Mather&aid=v1&p=web&tz=Europe%2FBerlin&tzoff=-120&lang=en-US&cs=UTF-8&navt=link&res=1600x1200&cd=24&cookie=1&f_jquery=1&f_nolocalstorage=1&tvltm=12&f_privb=0&tid=8c9900e4-ce43-43d5-8b2c-9b271487c2df&pid=61c565f7-f641-430a-9d89-f4e0610df106&dtm=1619482588508&qnm=_matherq&visible=1&tabid=a7876d20-5d2c-48ba-a884-277b3a532571&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&vp=1600x1200&ds=1600x5938&tofa=1619482589&vid=1&lvidt=1619482589&duid=619644f9735b78b7&fp=1072425006&cid=ma63069&mrk=92760912&cx=eyJwZXJmIjp7InN0YXJ0IjoiMTYxOTQ4MjU3MTQ3NSIsInJlZGlyQ250IjoiMCIsIm5hdlR5cGUiOiJsaW5rIiwiaGVhcFUiOiIzMy4xbWIiLCJoZWFwVCI6IjQyLjFtYiIsImZzdFBhaW50IjoiMTgxMiIsImZldGNoUyI6IjAiLCJkb21haW5TIjoiMSIsImRvbWFpbkUiOiI4IiwiY29ublMiOiI4IiwiY29ubkUiOiI2NSIsInNzbFMiOiIyNiIsInJlcXVTIjoiNjUiLCJyZXNwUyI6Ijk1OSIsInJlc3BFIjoiOTkzIiwiZG9tTG9hZCI6Ijk2NiIsImRvbUludGVyIjoiMjU0OCIsImRvbUxvYWRTIjoiMjU4OSIsImRvbUxvYWRFIjoiMjY0MCIsImRvbUNtcGx0IjoiMTA5ODYiLCJsb2FkUyI6IjEwOTg2IiwibG9hZEUiOiIxMDk5NCJ9fQ
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.168.95.93 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-35-168-95-93.compute-1.amazonaws.com
Software: /
Resource Hash: d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 00:16:28 GMT
Connection: keep-alive
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID PSA OUR IND COM NAV STA"
Content-Length: 43
Content-Type: image/gif

GET
H2 200 0.js Show response
cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/ Frame E950 317 KB
102 KB 181ms
7ms Script
application/javascript 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/0.js

Requested by

Host: acds.prod.vidible.tv
URL: https://acds.prod.vidible.tv/o2shim?companionId=&cpmPassback=&placementId=1003583&orgId=24140&injectCompanionDummy=&pauseOnClick=&d.vw=&d.app=&r=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&vrid=c453a250-7e53-43b3-a06a-65e54eeeb5e5&pblob=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

9451b6a3cdd0cdb92edab30292bd02e5a841fc9f27133ba127ee9717db70cff4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Thu, 22 Apr 2021 23:26:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 348588
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-length: 104243
x-amz-id-2: guoGkW9qVCHX9obsSVUmiAIsTinXHaIaRq+/gzBGzJCCXQ30XjV2JxmvHPfdq9NbLCpNf680m+s=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 31 Mar 2021 05:09:03 GMT
server: ATS
etag: "ce274b08c0547a727a3ff76c208f4a16-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
x-amz-request-id: EYDWTHTAF36NGZVX
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: null
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 impression.gif
trk.vidible.tv/trk/ Frame E950 43 B
246 B 200ms
28ms Image
image/gif 35.156.201.148
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/impression.gif?pid=59947c0544a64b1a49e52a48&bcid=59b6c8917cdce075232fe0e3&s=true&pv=10.2.63&ifr=true&cb=0.16605886842003592&pt=o2unit&sid=d6c24fcb-26c0-4462-a15d-9d78125b14a8&r=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.201.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.4 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:28 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.4
content-type: image/gif
content-length: 43
expires: Tue, 27 Apr 2021 00:16:28 GMT

GET
H2 200 moatapi.js Show response
z.moatads.com/aolvidibleapi29384728347/ Frame D7A8 133 KB
44 KB 104ms
36ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/aolvidibleapi29384728347/moatapi.js
Requested by: Host: cdn-ssl.vidible.tv
URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 90542f9de6cab010087ab4bcab0e3b0a2ec1e449e445434dc1bb5c852033f046

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:28 GMT
content-encoding: gzip
last-modified: Tue, 25 Feb 2020 18:37:38 GMT
server: AmazonS3
x-amz-request-id: 844FF664DE0AB17A
etag: "d678022569896f7b7293494e3a69c8c7"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=41284
accept-ranges: bytes
content-length: 44266
x-amz-id-2: KrpVRZD3M0T4g9xUncS5g3siU6Z/qnTuCp2KYOKEtN/tCl8UaA8yn/9PP1OCFx0nXyimfljs5VQ=

GET
H2 200 local-storage.html Show response
cdn-ssl.vidible.tv/prod/player/ad-time/ Frame 11D7 2 KB
779 B 7ms
6ms Document
text/html 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/player/ad-time/local-storage.html

Requested by

Host: cdn-ssl.vidible.tv
URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

25234bf0138f056ab8b0706a3f5d76bcee06a5bfa500f3bb04e715c252476c6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: cdn-ssl.vidible.tv
:scheme: https
:path: /prod/player/ad-time/local-storage.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-id-2: mrqkheQX0VxYaGdu90J5THlSocYLovIvtJ1UJm97XcDDRZZisZjXbgJjJ9B/0tlkXoaqe5DFG8Y=
x-amz-request-id: AB11JQD7P0FKC980
date: Thu, 15 Apr 2021 03:49:48 GMT
last-modified: Wed, 19 Feb 2020 12:29:18 GMT
etag: "3ba0167f9f40b17c70af8074ec7b3c55-df"
x-amz-server-side-encryption: AES256
x-amz-version-id: null
accept-ranges: bytes
content-type: text/html
server: ATS
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=1209600
age: 1024002
ats-carp-promotion: 1
access-control-allow-methods: GET
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
content-length: 557
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff

GET
H/1.1 200
OK 1cOB4sKZGVtuf69VhZVrMCSPYDez0LhhKrCINBW6Tb+g63SWosWzAw== Show response
ads.adaptv.advertising.com/a/h/ Frame E950 249 B
549 B 124ms
37ms XHR
text/xml 18.159.16.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/1cOB4sKZGVtuf69VhZVrMCSPYDez0LhhKrCINBW6Tb+g63SWosWzAw==?cb=65752ce5dd&gdpr=0&gdpr_consent=undefined&pet=preroll&pageUrl=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&eov=eov&us_privacy=1---&schain=1.0,1!pixfuture.com,231,1,MTEyMDIxLTA0LTI3IDEyMTI6MTYxNjoxODE4&a.cluster=0&a.pvt=0&a.d.pageUrl=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&a.hasAppInfo=2&a.sdk=o2unit&a.sdkType=js&depth=0&height=360&moatViewableOpportunity=0&p.vw.active=1&p.vw.psize=3&p.vw.viewable=0&p.vw.viewableOpportunity=0&referrerUrl=&width=640

Requested by

Host: cdn-ssl.vidible.tv
URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.159.16.69 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

adaptv/1.0 /

Resource Hash

6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: text/javascript, application/json, text/html, application/xml, text/xml, */*
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://bangordailynews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

GET
H2 200 display.gif
trk.vidible.tv/trk/ Frame E950 43 B
245 B 30ms
29ms Image
image/gif 35.156.201.148
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/display.gif?bcid=59b6c8917cdce075232fe0e3&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.63&r=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&s=true&sid=d6c24fcb-26c0-4462-a15d-9d78125b14a8&vvuid=17bfd0e0-f298-485a-a248-46c6d9e4e269&orgId=24140&plcid=1003583&vrid=c453a250-7e53-43b3-a06a-65e54eeeb5e5&ab=0&dt=270&h=0&spaceid=793604934&w=0&cb=0.8908394659612435
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.201.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.8 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:28 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.8
content-type: image/gif
content-length: 43
expires: Tue, 27 Apr 2021 00:16:28 GMT

GET
H2 200 ad-request.gif
trk.vidible.tv/trk/ Frame E950 43 B
245 B 29ms
28ms Image
image/gif 35.156.201.148
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/ad-request.gif?bcid=59b6c8917cdce075232fe0e3&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.63&r=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&s=true&sid=d6c24fcb-26c0-4462-a15d-9d78125b14a8&vvuid=17bfd0e0-f298-485a-a248-46c6d9e4e269&orgId=24140&plcid=1003583&vrid=c453a250-7e53-43b3-a06a-65e54eeeb5e5&at=preroll&ps=html5-vpaid&spaceid=793604934&p.vw.active=1&p.vw.sound=0&vwa=0&vwm=-1&cb=0.5083703695612922
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.201.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.4 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:28 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.4
content-type: image/gif
content-length: 43
expires: Tue, 27 Apr 2021 00:16:28 GMT

GET
H2 200 ad-engine-request.gif
trk.vidible.tv/trk/ Frame E950 43 B
245 B 29ms
29ms Image
image/gif 35.156.201.148
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/ad-engine-request.gif?bcid=59b6c8917cdce075232fe0e3&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.63&r=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&s=true&sid=d6c24fcb-26c0-4462-a15d-9d78125b14a8&vvuid=17bfd0e0-f298-485a-a248-46c6d9e4e269&orgId=24140&plcid=1003583&vrid=c453a250-7e53-43b3-a06a-65e54eeeb5e5&at=preroll&adIdx=-1&pbl=true&ps=html5-vpaid&seq=-1&spaceid=793604934&v=593fb311c214e33ec50202f0&w=0&p.vw.active=1&p.vw.sound=0&vwa=0&vwm=-1&h=0&cb=0.8769777448236438
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.201.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.4 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:28 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.4
content-type: image/gif
content-length: 43
expires: Tue, 27 Apr 2021 00:16:28 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 35ms
31ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&ac=1&bq=7&i=AOL_VIDIBLE_API1&t=1619482588985&de=447326982751&d=147%3A-%3A-%3A-&bo=bangordailynews.com&bd=bangordailynews.com&f=0&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 00:16:29 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 27 Apr 2021 00:16:29 GMT

GET ad-engine-response.gif
trk.vidible.tv/trk/ Frame E950 0
0

POST csi
csi.gstatic.com/ Frame D74A 0
0

GET
H3-29 200 bridge3.453.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 6A05 570 KB
186 KB 6ms
6ms Document
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03fa924099182c607c33fb7877f50e7de0ae3522e1bcff8f7247ae5e88a2b25b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.453.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 190793
date: Thu, 22 Apr 2021 15:44:13 GMT
expires: Fri, 22 Apr 2022 15:44:13 GMT
last-modified: Wed, 21 Apr 2021 20:50:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 376336
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 p-7ccbedljiLMl2.gif
pixel.quantserve.com/pixel/ Frame D7A8 35 B
371 B 8ms
8ms Image
image/gif 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-7ccbedljiLMl2.gif

Requested by

Host: serv-vdo.pixfuture.com
URL: https://serv-vdo.pixfuture.com/vpaid/ads-iframe.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 00:16:29 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK internel_req_demand.php
serv-vdo.pixfuture.com/www/delivery/ Frame D7A8 0
579 B 111ms
107ms Image
text/html 204.48.28.205
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serv-vdo.pixfuture.com/www/delivery/internel_req_demand.php?script=videoAds:&bidderCode=aol_cs_int&zoneid=11
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.48.28.205 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Apr 2021 00:16:29 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Thu, 29 Apr 2021 00:16:29 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 2B08 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:14:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 128
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Tue, 27 Apr 2021 01:14:21 GMT

GET
H/1.1 200
OK 1cOB4sKZGVtuf69VhZVrMDSdWzhQWF8Se9Jkh26K1oKg63SWosWzAw== Show response
ads.adaptv.advertising.com/a/h/ Frame 6A05 3 KB
1 KB 35ms
35ms XHR
text/xml 18.159.16.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.159.16.69 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

adaptv/1.0 /

Resource Hash

0aed6af0e8a41879b0025ca730b0a1259121d5023bd5676f6360a7a36dae2cd2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 1124
expires: 0

POST
H3-29 204 csi
csi.gstatic.com/ Frame 6A05 0
17 B 169ms
169ms Ping
image/gif 2607:f8b0:4001:c13::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~knza4b6y&c=8048559770373&slotId=4024279885186.5&fb=ima-html5&sdkv=h.3.453.0&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&vmfc=1&vhc=0&ccc=5&ccrh=5&ccri=0&ccrs=0&ccru=0&ccrhc=true&ghmsh_eids=44739826
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4001:c13::5e Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 00:16:29 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 loader.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame CD37 50 KB
18 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/loader.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

733f87f07bd9fe3cb01564f66523fbbcc3bb54614363eda52236e5cd32ca3d5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:10:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 21 Apr 2021 20:57:11 GMT
server: sffe
age: 369
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18070
x-xss-protection: 0
expires: Tue, 27 Apr 2021 00:25:20 GMT

GET
H2 200 o2shim Show response
acds.prod.vidible.tv/ Frame CD37 15 KB
7 KB 39ms
39ms Script
application/javascript 54.195.94.143
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://acds.prod.vidible.tv/o2shim?companionId=&cpmPassback=&placementId=1003578&orgId=24140&injectCompanionDummy=&pauseOnClick=&d.vw=&d.app=&r=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&vrid=d3474011-7b99-4597-a105-2fb975527db5&pblob=
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/loader.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.195.94.143 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: cd56089b2b538d9d6a707d09a1ef13f8e3b5dd1c80006498fdef8fb34390d2ff

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:29 GMT
content-encoding: gzip
access-control-max-age: 3600
access-control-allow-methods: POST, GET, HEAD, PUT, PATCH, DELETE
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-headers
content-length: 6728

GET
H2 200 0.js Show response
cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/ Frame CD37 317 KB
102 KB 8ms
7ms Script
application/javascript 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/0.js

Requested by

Host: acds.prod.vidible.tv
URL: https://acds.prod.vidible.tv/o2shim?companionId=&cpmPassback=&placementId=1003578&orgId=24140&injectCompanionDummy=&pauseOnClick=&d.vw=&d.app=&r=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&vrid=d3474011-7b99-4597-a105-2fb975527db5&pblob=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

9451b6a3cdd0cdb92edab30292bd02e5a841fc9f27133ba127ee9717db70cff4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

ats-carp-promotion: 1
date: Thu, 22 Apr 2021 23:26:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 348589
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-length: 104243
x-amz-id-2: guoGkW9qVCHX9obsSVUmiAIsTinXHaIaRq+/gzBGzJCCXQ30XjV2JxmvHPfdq9NbLCpNf680m+s=
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 31 Mar 2021 05:09:03 GMT
server: ATS
etag: "ce274b08c0547a727a3ff76c208f4a16-df"
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
access-control-allow-methods: GET
x-amz-request-id: EYDWTHTAF36NGZVX
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=1209600
x-amz-version-id: null
accept-ranges: bytes
content-type: application/javascript

GET
H2 200 impression.gif
trk.vidible.tv/trk/ Frame CD37 43 B
245 B 31ms
31ms Image
image/gif 35.156.201.148
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/impression.gif?pid=59947c0544a64b1a49e52a48&bcid=59b6c8917cdce075232fe0e3&s=true&pv=10.2.63&ifr=true&cb=0.7742908586210067&pt=o2unit&sid=5b9503fa-e11c-4637-8ff9-19e65abb0282&r=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.201.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.4 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:29 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.4
content-type: image/gif
content-length: 43
expires: Tue, 27 Apr 2021 00:16:29 GMT

POST
H/1.1 200
OK g Show response
capi.connatix.com/rtb/ Frame C89E 232 B
506 B 153ms
149ms XHR
multipart/form-data 3.139.208.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/rtb/g?v=115064
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.139.208.140 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-139-208-140.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: 0e2901061fa970fa7735d6a8d116a60d0318546cf2f8e5bcc66fe764f4a273f9

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Tue, 27 Apr 2021 00:16:29 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://bangordailynews.com
transfer-encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true

GET
H2 200 moatapi.js Show response
z.moatads.com/aolvidibleapi29384728347/ Frame D7A8 133 KB
44 KB 35ms
35ms Script
application/x-javascript 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://z.moatads.com/aolvidibleapi29384728347/moatapi.js
Requested by: Host: cdn-ssl.vidible.tv
URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/0.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 90542f9de6cab010087ab4bcab0e3b0a2ec1e449e445434dc1bb5c852033f046

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:29 GMT
content-encoding: gzip
last-modified: Tue, 25 Feb 2020 18:37:38 GMT
server: AmazonS3
x-amz-request-id: 844FF664DE0AB17A
etag: "d678022569896f7b7293494e3a69c8c7"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=41283
accept-ranges: bytes
content-length: 44266
x-amz-id-2: KrpVRZD3M0T4g9xUncS5g3siU6Z/qnTuCp2KYOKEtN/tCl8UaA8yn/9PP1OCFx0nXyimfljs5VQ=

GET
H2 200 local-storage.html Show response
cdn-ssl.vidible.tv/prod/player/ad-time/ Frame 90C9 2 KB
614 B 7ms
6ms Document
text/html 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn-ssl.vidible.tv/prod/player/ad-time/local-storage.html

Requested by

Host: cdn-ssl.vidible.tv
URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

25234bf0138f056ab8b0706a3f5d76bcee06a5bfa500f3bb04e715c252476c6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: cdn-ssl.vidible.tv
:scheme: https
:path: /prod/player/ad-time/local-storage.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-id-2: mrqkheQX0VxYaGdu90J5THlSocYLovIvtJ1UJm97XcDDRZZisZjXbgJjJ9B/0tlkXoaqe5DFG8Y=
x-amz-request-id: AB11JQD7P0FKC980
date: Thu, 15 Apr 2021 03:49:48 GMT
last-modified: Wed, 19 Feb 2020 12:29:18 GMT
etag: "3ba0167f9f40b17c70af8074ec7b3c55-df"
x-amz-server-side-encryption: AES256
x-amz-version-id: null
accept-ranges: bytes
content-type: text/html
server: ATS
referrer-policy: no-referrer-when-downgrade
cache-control: max-age=1209600
age: 1024003
ats-carp-promotion: 1
access-control-allow-methods: GET
access-control-allow-origin: *
content-encoding: gzip
vary: Accept-Encoding
content-length: 557
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block
x-content-type-options: nosniff

GET
H/1.1 200
OK 1cOB4sKZGVtuf69VhZVrMDSdWzhQWF8Se9Jkh26K1oKg63SWosWzAw== Show response
ads.adaptv.advertising.com/a/h/ Frame CD37 249 B
549 B 34ms
33ms XHR
text/xml 18.159.16.69
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://ads.adaptv.advertising.com/a/h/1cOB4sKZGVtuf69VhZVrMDSdWzhQWF8Se9Jkh26K1oKg63SWosWzAw==?cb=86020814cb&gdpr=0&gdpr_consent=undefined&pet=preroll&pageUrl=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&eov=eov&us_privacy=1---&schain=1.0,1!pixfuture.com,231,1,MTEyMDIxLTA0LTI3IDEyMTI6MTYxNjoxODE4&a.cluster=0&a.pvt=0&a.d.pageUrl=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&a.hasAppInfo=2&a.sdk=o2unit&a.sdkType=js&depth=0&height=360&moatViewableOpportunity=0&p.vw.active=1&p.vw.psize=3&p.vw.viewable=0&p.vw.viewableOpportunity=0&referrerUrl=&width=640

Requested by

Host: cdn-ssl.vidible.tv
URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.159.16.69 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

adaptv/1.0 /

Resource Hash

6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: text/javascript, application/json, text/html, application/xml, text/xml, */*
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
server: adaptv/1.0
content-type: text/xml
access-control-allow-origin: https://bangordailynews.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
Connection: keep-alive
Content-Length: 192
expires: 0

GET
H2 200 display.gif
trk.vidible.tv/trk/ Frame CD37 43 B
245 B 31ms
30ms Image
image/gif 35.156.201.148
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/display.gif?bcid=59b6c8917cdce075232fe0e3&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.63&r=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&s=true&sid=5b9503fa-e11c-4637-8ff9-19e65abb0282&vvuid=99eb5bb9-6aa1-40f8-8d6b-1ed165c56aab&orgId=24140&plcid=1003578&vrid=d3474011-7b99-4597-a105-2fb975527db5&ab=0&dt=64&h=0&spaceid=793604934&w=0&cb=0.9506569632212012
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.201.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.4 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:29 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.4
content-type: image/gif
content-length: 43
expires: Tue, 27 Apr 2021 00:16:29 GMT

GET
H2 200 ad-request.gif
trk.vidible.tv/trk/ Frame CD37 43 B
245 B 31ms
30ms Image
image/gif 35.156.201.148
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/ad-request.gif?bcid=59b6c8917cdce075232fe0e3&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.63&r=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&s=true&sid=5b9503fa-e11c-4637-8ff9-19e65abb0282&vvuid=99eb5bb9-6aa1-40f8-8d6b-1ed165c56aab&orgId=24140&plcid=1003578&vrid=d3474011-7b99-4597-a105-2fb975527db5&at=preroll&ps=html5-vpaid&spaceid=793604934&p.vw.active=1&p.vw.sound=0&vwa=0&vwm=-1&cb=0.5553906680199716
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.201.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.8 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:29 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.8
content-type: image/gif
content-length: 43
expires: Tue, 27 Apr 2021 00:16:29 GMT

GET
H2 200 ad-engine-request.gif
trk.vidible.tv/trk/ Frame CD37 43 B
245 B 30ms
29ms Image
image/gif 35.156.201.148
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/ad-engine-request.gif?bcid=59b6c8917cdce075232fe0e3&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.63&r=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&s=true&sid=5b9503fa-e11c-4637-8ff9-19e65abb0282&vvuid=99eb5bb9-6aa1-40f8-8d6b-1ed165c56aab&orgId=24140&plcid=1003578&vrid=d3474011-7b99-4597-a105-2fb975527db5&at=preroll&adIdx=-1&pbl=true&ps=html5-vpaid&seq=-1&spaceid=793604934&v=593fb311c214e33ec50202f0&w=0&p.vw.active=1&p.vw.sound=0&vwa=0&vwm=-1&h=0&cb=0.3669380101488062
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.201.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.4 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:29 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.4
content-type: image/gif
content-length: 43
expires: Tue, 27 Apr 2021 00:16:29 GMT

GET
H2 200 ad-engine-response.gif
trk.vidible.tv/trk/ Frame CD37 43 B
245 B 43ms
43ms Image
image/gif 35.156.201.148
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trk.vidible.tv/trk/ad-engine-response.gif?bcid=59b6c8917cdce075232fe0e3&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.63&r=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&s=true&sid=5b9503fa-e11c-4637-8ff9-19e65abb0282&vvuid=99eb5bb9-6aa1-40f8-8d6b-1ed165c56aab&orgId=24140&plcid=1003578&vrid=d3474011-7b99-4597-a105-2fb975527db5&at=preroll&adIdx=-1&pbl=true&ps=html5-vpaid&seq=-1&spaceid=793604934&v=593fb311c214e33ec50202f0&w=0&aert=40&ar=no&fo=0&ft=0&h=0&cb=0.46453269066529246
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.156.201.148 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.19.4 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:29 GMT
cache-control: max-age=0, no-cache, no-store, must-revalidate
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx/1.19.4
content-type: image/gif
content-length: 43
expires: Tue, 27 Apr 2021 00:16:29 GMT

GET
H2 200 pixel.gif
px.moatads.com/ 43 B
260 B 40ms
40ms Image
image/gif 2.18.235.40
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.moatads.com/pixel.gif?e=0&ac=1&bq=7&i=AOL_VIDIBLE_API1&t=1619482589772&de=697032934429&d=197%3A-%3A-%3A-&bo=bangordailynews.com&bd=bangordailynews.com&f=0&cs=0
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.40 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-40.deploy.static.akamaitechnologies.com
Software: AkamaiNetStorage /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 00:16:29 GMT
last-modified: Fri, 20 May 2016 15:16:00 GMT
server: AkamaiNetStorage
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3:1463757360"
content-type: image/gif
cache-control: max-age=0, no-cache, no-store
accept-ranges: bytes
content-length: 43
expires: Tue, 27 Apr 2021 00:16:29 GMT

POST csi
csi.gstatic.com/ Frame 6A05 0
0

GET
H3-29 200 bridge3.453.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 1AAB 570 KB
186 KB 14ms
8ms Document
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03fa924099182c607c33fb7877f50e7de0ae3522e1bcff8f7247ae5e88a2b25b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.453.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 190793
date: Thu, 22 Apr 2021 15:44:13 GMT
expires: Fri, 22 Apr 2022 15:44:13 GMT
last-modified: Wed, 21 Apr 2021 20:50:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 376336
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 p-7ccbedljiLMl2.gif
pixel.quantserve.com/pixel/ Frame D7A8 35 B
210 B 11ms
9ms Image
image/gif 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-7ccbedljiLMl2.gif

Requested by

Host: serv-vdo.pixfuture.com
URL: https://serv-vdo.pixfuture.com/vpaid/ads-iframe.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 00:16:29 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK internel_req_demand.php
serv-vdo.pixfuture.com/www/delivery/ Frame D7A8 0
579 B 114ms
104ms Image
text/html 204.48.28.205
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serv-vdo.pixfuture.com/www/delivery/internel_req_demand.php?script=videoAds:&bidderCode=Appnexus_cs_int&zoneid=11
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.48.28.205 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Apr 2021 00:16:29 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Thu, 29 Apr 2021 00:16:29 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame C3B4 36 KB
12 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:14:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 129
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Tue, 27 Apr 2021 01:14:21 GMT

GET
H/1.1 200
OK ptv Show response
secure.adnxs.com/ Frame 1AAB 27 B
1 KB 91ms
91ms XHR
application/xml 185.33.220.242
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/ptv?id=14406689&vmaxduration=120&vskippable=0&vplaybackmethod=4&vwidth=640&vheight=360&vcontext=4&vframeworks=1,2&referrer=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&cb=8988ab081e&gdpr=0&gdpr_consent=undefined&us_privacy=1---&schain=1.0,1!pixfuture.com,231,1,MTEyMDIxLTA0LTI3IDEyMTI6MTYxNjoxODE4

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Apr 2021 00:16:30 GMT
X-Proxy-Origin: 217.138.207.140; 217.138.207.140; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.220.78:80
AN-X-Request-Uuid: 3bd382ab-f641-4e45-b2f9-7592f1e2c818
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://imasdk.googleapis.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/xml; charset=utf-8
Content-Length: 27
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 bridge3.453.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame F114 570 KB
187 KB 9ms
5ms Document
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03fa924099182c607c33fb7877f50e7de0ae3522e1bcff8f7247ae5e88a2b25b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.453.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 190793
date: Thu, 22 Apr 2021 15:44:13 GMT
expires: Fri, 22 Apr 2022 15:44:13 GMT
last-modified: Wed, 21 Apr 2021 20:50:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 376337
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 p-7ccbedljiLMl2.gif
pixel.quantserve.com/pixel/ Frame D7A8 35 B
371 B 10ms
8ms Image
image/gif 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-7ccbedljiLMl2.gif

Requested by

Host: serv-vdo.pixfuture.com
URL: https://serv-vdo.pixfuture.com/vpaid/ads-iframe.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 00:16:30 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK internel_req_demand.php
serv-vdo.pixfuture.com/www/delivery/ Frame D7A8 0
579 B 105ms
104ms Image
text/html 204.48.28.205
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serv-vdo.pixfuture.com/www/delivery/internel_req_demand.php?script=videoAds:&bidderCode=open_int&zoneid=11
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.48.28.205 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Apr 2021 00:16:30 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Thu, 29 Apr 2021 00:16:30 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame A34F 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:14:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 129
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Tue, 27 Apr 2021 01:14:21 GMT

GET
H2

200

usersync Show response
usync.proper.io/v1/
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D849afab8-54dd-4a63-989e-7edec032fbd7%26uid%3D%24%7BBSW_UUID%7D?gdpr=true&us_priv...
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3D849afab8-54dd-4a63-989e-7edec032fbd7%26uid%3D%24%7BBSW_UUID%7D?gdpr=true&u...
https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=849afab8-54dd-4a63-989e-7edec032fbd7&uid=a19eb708-2fa9-42d4-9d27-a4cf5c32a34b

183 B
386 B

553ms
174ms

Script
text/javascript

35.164.25.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=849afab8-54dd-4a63-989e-7edec032fbd7&uid=a19eb708-2fa9-42d4-9d27-a4cf5c32a34b
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.164.25.130 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: 53ddd64887096f91d8c1f254e736277194ec8a82818045d4ab7bcbaccd8b7946

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 27 Apr 2021 00:16:31 GMT
server: nginx/1.18.0
content-length: 183
content-type: text/javascript

Redirect headers

location: https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=849afab8-54dd-4a63-989e-7edec032fbd7&uid=a19eb708-2fa9-42d4-9d27-a4cf5c32a34b
date: Tue, 27 Apr 2021 00:16:30 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

usersync Show response
usync.proper.io/v1/
Redirect Chain

https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_9b812553_eff5c936_2
https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_9b812553_eff5c936_2&verify=true
https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-x3WtSAdE2uFu02jar63Nyfq29MvuPyvK~A

155 B
367 B

526ms
175ms

Script
text/javascript

35.164.25.130
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-x3WtSAdE2uFu02jar63Nyfq29MvuPyvK~A
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.164.25.130 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.18.0 /
Resource Hash: a29257ec8236555f2a2a0531cb473a9c7c7fa2a39c13956a65f6d80ff0036669

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 27 Apr 2021 00:16:31 GMT
server: nginx/1.18.0
content-length: 155
content-type: text/javascript

Redirect headers

Date: Tue, 27 Apr 2021 00:16:30 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-x3WtSAdE2uFu02jar63Nyfq29MvuPyvK~A
Connection: keep-alive
Content-Length: 0

POST
H/1.1 200
OK bidding Show response
bids.proper.io/api/ 0
171 B 753ms
184ms XHR
application/octet-stream 44.239.227.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bids.proper.io/api/bidding
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.239.227.210 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 27 Apr 2021 00:16:31 GMT
Connection: keep-alive
Content-Length: 0
Content-Type: application/octet-stream

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ Frame 7AC3 62 KB
21 KB 37ms
36ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

5ef273fcdb99e6a662a058474e47c17e10e395778cb6f113695f992254e67e62

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "854 / 313 of 1000 / last-modified: 1619475381"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21149
x-xss-protection: 0
expires: Tue, 27 Apr 2021 00:16:30 GMT

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 87 B
659 B 306ms
99ms XHR
application/json 52.45.248.59
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.45.248.59 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: / 33Across
Resource Hash: ce089ef4be161f125c305045dbf3127e84dce6876fc274509b8d7e62cef137fc

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 27 Apr 2021 00:16:30 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bangordailynews.com
access-control-allow-credentials: true

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ 205 B
557 B 97ms
49ms XHR
application/json 185.255.84.150
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?CanonicalUrl=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F

Requested by

Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.150 Paris, France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

b79b8b42b45cd5813dad2062e3a8db36ddad31e0b60b1a43053e90957d43d7c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 00:16:30 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bangordailynews.com
access-control-max-age: 3600
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 28
access-control-allow-headers: Accept-Encoding, Content-Type
content-length: 205
expires: 0

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 115 B
778 B 189ms
101ms XHR
application/json 72.251.249.13
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_3.26.0
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 72.251.249.13 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx /
Resource Hash: 9dad6081f3e62366a4f924675e46eb0c8b429d46cab85215ec4beeb0ebebbaf7

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 27 Apr 2021 00:16:30 GMT
Content-Encoding: gzip
Server: nginx
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://bangordailynews.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap2ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 111

GET
H2 200 arj Show response
propermedia-d.openx.net/w/1.0/ 189 B
575 B 79ms
30ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://propermedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=-120&tws=1600x1200&aus=300x250&auid=543987690&aumfs=100&dddid=0a64206e-4cb3-44a8-b84d-2573168d062a&divIds=openx-a791fd93-6bd0-49e4-81ec-f66a9c0cdb8d&be=1&bc=hb_pb_3.0.1&nocache=1619482590633&schain=1.0%2C1!proper.io%2Ce5961d07-eb92-11e9-a488-69e3386c7506%2C1&gdpr=1&x_gdpr_f=1&us_privacy=1---
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.205.4 /
Resource Hash: 492b443e4a346ae17c37ccb89140c9bed02cc98bb5e6cb3d513b89bb3b33b3a1

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 00:16:30 GMT
content-encoding: gzip
server: OXGW/16.205.4
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://bangordailynews.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 176
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 136 B
841 B 30ms
30ms XHR
application/json 185.33.220.242
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.242 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

724.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

f9ca6bcd039633b61221be63b2cca62724c49647fb574e13b2dd28f5774dbe6c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 27 Apr 2021 00:16:30 GMT
X-Proxy-Origin: 217.138.207.140; 217.138.207.140; 724.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com; 185.33.223.49:80
AN-X-Request-Uuid: a7c29cea-9b7a-479d-a5df-96374d759838
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://bangordailynews.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 136
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 100 B
743 B 173ms
69ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2299d6280bbd529ba354ec%22%3A%2299d6280bbd529ba354ec%7C300x250%7C0.1%22%7D&ref=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&s=5ed18c99-899e-43aa-a5da-cfc28b166acb&pv=6d057c30-3834-425c-a985-b68efcb2b2e7&vp=desktop&lib_name=prebid&lib_v=3.26.0&us=1&ius=1&userid=849afab8-54dd-4a63-989e-7edec032fbd7&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5961d07-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D&gdpr=true&us_privacy=1---

Requested by

Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 , Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

391f956253ed6787e7e671630742a6b1f2268cbef6c389919f42c33453859e1b

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Apr 2021 00:16:30 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-129
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://bangordailynews.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 125
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 v1 Show response
dmx.districtm.io/b/ 0
429 B 76ms
29ms XHR
text/plain 104.16.68.69
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://dmx.districtm.io/b/v1
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.16.68.69 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 27 Apr 2021 00:16:30 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD, POST, OPTIONS
access-control-allow-origin: https://bangordailynews.com
access-control-allow-credentials: true
cf-ray: 6463dccfda4432aa-CDG
access-control-allow-headers: Content-Type, Origin
cf-request-id: 09b24855e3000032aa86977000000001

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
117 B 129ms
65ms XHR
text/plain 3.123.167.229
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=VRocGdvPjMoAvAZb5Hd7q3fB&bidId=VRocGdvPjMoAvAZb5Hd7q3fB&bidfloor=0.1&consent_required=true&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&us_privacy=1---&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5961d07-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.167.229 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://bangordailynews.com
date: Tue, 27 Apr 2021 00:16:30 GMT
access-control-allow-credentials: true
vary: Origin

POST
H2 204 / Show response
hb.emxdgt.com/ 0
161 B 46ms
46ms XHR
text/plain 18.194.69.169
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=1000&ts=1619482590637
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.194.69.169 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://bangordailynews.com
date: Tue, 27 Apr 2021 00:16:30 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
63 B 40ms
40ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://bangordailynews.com
date: Tue, 27 Apr 2021 00:16:29 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ 184 B
372 B 42ms
12ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: 8857ef06e331d9fb78e8c593676d162ac54ef8d130fe44f47261bb2aff857772

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 00:16:30 GMT
server: nginx
content-type: application/json
access-control-allow-origin: https://bangordailynews.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 184
expires: 0

POST
H2 204 mvo Show response
tag.1rx.io/rmp/227583/0/ 0
175 B 110ms
32ms XHR
text/plain 213.19.147.42
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/227583/0/mvo?z=1r&hbv=3.26,2.1
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://bangordailynews.com
pragma: no-cache
date: Tue, 27 Apr 2021 00:16:30 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

GET
H/1.1 200
OK headertag Show response
as-sec.casalemedia.com/ 4 KB
2 KB 150ms
150ms Script
text/javascript 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://as-sec.casalemedia.com/headertag?v=9&s=161112&r=%7B%22id%22%3A%22253604221%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F%22%2C%22ref%22%3A%22%22%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22300x250-1-9qvTb%22%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%2C%22ext%22%3A%7B%22sid%22%3A%22300x250-1-9qvTb%22%2C%22siteID%22%3A641802%7D%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5961d07-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%2C%22us_privacy%22%3A%221---%22%7D%7D%7D&t=300&fn=window.proper_2843d88d_46f32498_3
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6ea6458d2b5ad1b521eeb9796c9ffa8724fb6c77e703fcdf21e994b73afa0b11

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Apr 2021 00:16:30 GMT
Content-Encoding: gzip
Server: Apache
Vary: Is-Traffic-Invalid,Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 1463
Expires: Tue, 27 Apr 2021 00:16:30 GMT

GET
H3-29 200 pubads_impl_2021042601.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 7AC3 301 KB
106 KB 40ms
38ms Script
text/javascript 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042601.js?31060921

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

sffe /

Resource Hash

98190df3dbe81118cde191895dfbe06c5f0793670108bdeadd4df4d02d532542

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 26 Apr 2021 08:39:37 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108658
x-xss-protection: 0
expires: Tue, 27 Apr 2021 00:16:30 GMT

GET
H2

200

av Show response
pixfuture2-d.openx.net/v/1.0/ Frame F114
Redirect Chain

https://pixfuture2-d.openx.net/v/1.0/av?auid=540453114&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-t...
https://pixfuture2-d.openx.net/v/1.0/av?cc=1&auid=540453114&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-l...

48 B
247 B

28ms
28ms

XHR
text/xml

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://pixfuture2-d.openx.net/v/1.0/av?cc=1&auid=540453114&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&vht=360&vwd=640&cb=066758399f&us_privacy=1---&schain=1.0,1!pixfuture.com,231,1,MTEyMDIxLTA0LTI3IDEyMTI6MTYxNjoxODE4
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: OXGW/16.205.4 /
Resource Hash: a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 00:16:30 GMT
content-encoding: gzip
server: OXGW/16.205.4
vary: Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: text/xml
alt-svc: clear
content-length: 56
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

date: Tue, 27 Apr 2021 00:16:30 GMT
via: 1.1 google
server: OXGW/16.205.4
location: https://pixfuture2-d.openx.net/v/1.0/av?cc=1&auid=540453114&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&vht=360&vwd=640&cb=066758399f&us_privacy=1---&schain=1.0,1!pixfuture.com,231,1,MTEyMDIxLTA0LTI3IDEyMTI6MTYxNjoxODE4
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://imasdk.googleapis.com
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

GET
H3-29 200 bridge3.453.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 41A0 570 KB
186 KB 6ms
6ms Document
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03fa924099182c607c33fb7877f50e7de0ae3522e1bcff8f7247ae5e88a2b25b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.453.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 190793
date: Thu, 22 Apr 2021 15:44:13 GMT
expires: Fri, 22 Apr 2022 15:44:13 GMT
last-modified: Wed, 21 Apr 2021 20:50:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 376338
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 p-7ccbedljiLMl2.gif
pixel.quantserve.com/pixel/ Frame D7A8 35 B
210 B 8ms
8ms Image
image/gif 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel/p-7ccbedljiLMl2.gif

Requested by

Host: serv-vdo.pixfuture.com
URL: https://serv-vdo.pixfuture.com/vpaid/ads-iframe.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 00:16:31 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H/1.1 200
OK internel_req_demand.php
serv-vdo.pixfuture.com/www/delivery/ Frame D7A8 0
579 B 108ms
108ms Image
text/html 204.48.28.205
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://serv-vdo.pixfuture.com/www/delivery/internel_req_demand.php?script=videoAds:&bidderCode=synacor_cs_int&zoneid=11
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 204.48.28.205 North Bergen, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 (Ubuntu) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 27 Apr 2021 00:16:31 GMT
Content-Encoding: gzip
Server: nginx/1.14.0 (Ubuntu)
Transfer-Encoding: chunked
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=172800
Access-Control-Allow-Credentials: true
Connection: keep-alive
Access-Control-Allow-Headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
Expires: Thu, 29 Apr 2021 00:16:31 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame FA73 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:14:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 130
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Tue, 27 Apr 2021 01:14:21 GMT

POST
H2 200 s2s Show response
eb.proper.io/ 199 B
695 B 355ms
354ms XHR
application/json 2606:4700::6811:4e22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eb.proper.io/s2s?proper_uid=849afab8-54dd-4a63-989e-7edec032fbd7
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/latest.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4e22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 326c4631ff03fc9fad80df18f0c5fbb0f5f09244cf0d5bfb672e7d386d27ea20

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 00:16:31 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://bangordailynews.com
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cf-ray: 6463dcd3ae402fa5-FRA
cf-request-id: 09b248584600002fa5d683e000000001
expires: -1

GET
H2 200 vast.xml Show response
reflex.media.syn-cdn.com/vpaid/ Frame 41A0 795 B
854 B 105ms
23ms XHR
application/xml 152.199.22.185
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://reflex.media.syn-cdn.com/vpaid/vast.xml?publisher=82378&placement=89209&us_privacy=1---&schain=1.0,1!pixfuture.com,231,1,MTEyMDIxLTA0LTI3IDEyMTI6MTYxNjoxODE4
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.185 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (pab/6EA4) /
Resource Hash: 69332b70de3f3d962adf38a337292f2e5666d16e9c6b8775c3c8d86eae4375ca

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:31 GMT
content-encoding: gzip
age: 534
x-cache: HIT
p3p: CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
content-length: 510
access-control-allow-origin: https://imasdk.googleapis.com
last-modified: Thu, 08 Apr 2021 17:30:51 GMT
server: ECAcc (pab/6EA4)
etag: "a31-5bf7968a2c8c0"
vary: Accept-Encoding
x-varnish: 1045698803
via: 1.1 varnish
cache-control: public, max-age=3600, immutable
access-control-allow-credentials: true
accept-ranges: bytes
content-type: application/xml
expires: Tue, 27 Apr 2021 01:16:31 GMT

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 99ms
99ms Image
image/gif 52.70.144.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=i5lwowrnnztueuzummzwmzcdku2w443f&inx=0&rt=18092&val=ad%3Dhttps%253A%252F%252Fvid.springserve.com%252Fvast%252F630417%253Fima%253D4%2526w%253D780%2526h%253D439%2526url%253Dhttps%25253A%25252F%25252Fbangordailynews.com%25252F2021%25252F04%25252F23%25252Fnews%25252Fbangor%25252Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%25252F%2526cb%253D362702186%2526widgetid%253D0011r00002SRK6m_6242%2526lob%253D%2526clipid%253Di5lwowrnnztueuzummzwmzcdku2w443f%2526key_custom1%253D%255Ew%253D0011r00002SRK6m_6242%255Ec%253Di5lwowrnnztueuzummzwmzcdku2w443f%255Ei%253D1%255Eab%253D%255Ev%253D0%255Ep%253Dbangordailynewscom%2526key_custom2%253D%255Ed%253Dbangordailynews.com%255Eu%253D%255Edv%253D1%255Eco%253DFR%255Epl%253Da%2526gdpr%253D%2526consent%253D%2526viewability%253D0%2526schain%253D1.0%252C1%2521anyclip.com%252C0011r00002SRK6mAAH%252C1%252C%252C%252C%252C%2526us_privacy%253D1---%2526domain%253Dbangordailynews.com%26mavs%3D0%26rqcm%3D1%26m%3D1%26ast%3D-1%26smb%3D1%26sid%3DVjWJdR29ro6xwBDA91XCoUkc17c7ZRsk%26imaw%3D0%26amd%3D1%26sf%3D0&wnx=1&abc=&ty=arq&v=0&ext=0&ta=1&lnx=0&sid=VjWJdR29ro6xwBDA91XCoUkc17c7ZRsk&pid=bangordailynewscom&wid=0011r00002SRK6m_6242&pt=a&anx=2&arx=2&crt=4639&s=0&aty=vid&tty=ac&rol=mid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.144.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-144-100.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:31 GMT
last-modified: Wed, 30 Dec 2020 14:34:46 GMT
server: nginx
accept-ranges: bytes
etag: "5fec9006-23"
content-length: 35
content-type: image/gif

POST
H2 204 csi
csi.gstatic.com/ Frame 41A0 0
54 B 162ms
162ms Ping
image/gif 2607:f8b0:4001:c13::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~knza4cqi&c=8048559770373&slotId=4024279885186.5&fb=ima-html5&sdkv=h.3.453.0&mrd=4&aab=1&itv=1&eee=missing-element&bi=missing-id&vmfc=1&vhc=0&ghmsh_eids=44739826
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2607:f8b0:4001:c13::5e Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 00:16:31 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 loader.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 9E15 50 KB
18 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/loader.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

733f87f07bd9fe3cb01564f66523fbbcc3bb54614363eda52236e5cd32ca3d5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:10:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 21 Apr 2021 20:57:11 GMT
server: sffe
age: 371
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18070
x-xss-protection: 0
expires: Tue, 27 Apr 2021 00:25:20 GMT

GET
H/1.1 200
OK vpaid.1.0.6.js Show response
synacor.autoplay-plugins.static-origin.syn-cdn.com/vpaid/ Frame 9E15 306 KB
92 KB 631ms
228ms Script
text/javascript 69.168.106.81
SYNACOR-CLUSTER

General

Check archive.org

Show headers Download Go to

Full URL: https://synacor.autoplay-plugins.static-origin.syn-cdn.com/vpaid/vpaid.1.0.6.js
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/loader.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 69.168.106.81 , United States, ASN36271 (SYNACOR-CLUSTER, US),
Reverse DNS
Software: nginx /
Resource Hash: c9caf66159cb30ccddae214c368c7c0333ac63a039c7b847d9a02a61681c8ce9

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 00:16:32 GMT
Content-Encoding: gzip
Age: 4326522
P3P: CP="ALL DSP COR TAIa PSAa PSDa IVAa IVDa CONi OUR IND UNI"
Connection: keep-alive
Content-Length: 93702
Access-Control-Allow-Origin: *
Last-Modified: Mon, 01 Mar 2021 15:58:41 GMT
Server: nginx
ETag: "4c659-5bc7bb10d6e40"
Vary: Accept-Encoding
X-Varnish: 1045857224 720993
Via: 1.1 varnish
Cache-Control: public, max-age=31536000, immutable
Accept-Ranges: bytes
Content-Type: text/javascript
Expires: Mon, 07 Mar 2022 22:27:49 GMT

GET
H2 200 / Show response
lreprx-server.anyclip.com/ Frame 5CE8 1 KB
2 KB 100ms
100ms XHR
text/xml 34.225.120.49
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://lreprx-server.anyclip.com/?ad=https%3A%2F%2Fvid.springserve.com%2Fvast%2F630417%3Fima%3D4%26w%3D780%26h%3D439%26url%3Dhttps%253A%252F%252Fbangordailynews.com%252F2021%252F04%252F23%252Fnews%252Fbangor%252Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%252F%26cb%3D362702186%26widgetid%3D0011r00002SRK6m_6242%26lob%3D%26clipid%3Di5lwowrnnztueuzummzwmzcdku2w443f%26key_custom1%3D%5Ew%3D0011r00002SRK6m_6242%5Ec%3Di5lwowrnnztueuzummzwmzcdku2w443f%5Ei%3D1%5Eab%3D%5Ev%3D0%5Ep%3Dbangordailynewscom%26key_custom2%3D%5Ed%3Dbangordailynews.com%5Eu%3D%5Edv%3D1%5Eco%3DFR%5Epl%3Da%26gdpr%3D%26consent%3D%26viewability%3D0%26schain%3D1.0%2C1%21anyclip.com%2C0011r00002SRK6mAAH%2C1%2C%2C%2C%2C%26us_privacy%3D1---%26domain%3Dbangordailynews.com&mavs=0&rqcm=1&m=1&ast=-1&smb=1&sid=VjWJdR29ro6xwBDA91XCoUkc17c7ZRsk&imaw=0&amd=1&sf=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.225.120.49 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: / Express
Resource Hash: 38b22d0b8aeef12d8a76bb102a3f2be9bc21bad28a33071a437edd1ecae955e6

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://imasdk.googleapis.com
date: Tue, 27 Apr 2021 00:16:32 GMT
access-control-allow-credentials: true
x-powered-by: Express
content-length: 1414
etag: W/"586-j1r+mRN9sdp1RjdSOHHOK/wJ0W0"
content-type: text/xml; charset=utf-8

POST
H3-29 204 csi
csi.gstatic.com/ Frame 5CE8 0
17 B 162ms
162ms Ping
image/gif 2607:f8b0:4001:c13::5e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~knza45zq&c=8048559770373&slotId=4024279885186.5&fb=ima-html5&sdkv=h.3.453.0&mrd=4&aab=1&itv=1&met.4=err.knza4928&aec=901
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2607:f8b0:4001:c13::5e Council Bluffs, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 00:16:32 GMT
last-modified: Wed, 21 Jan 2004 19:51:30 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 loader.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 4605 50 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/loader.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

733f87f07bd9fe3cb01564f66523fbbcc3bb54614363eda52236e5cd32ca3d5e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:10:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 21 Apr 2021 20:57:11 GMT
server: sffe
age: 372
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18070
x-xss-protection: 0
expires: Tue, 27 Apr 2021 00:25:20 GMT

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 99ms
99ms Image
image/gif 52.70.144.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=i5lwowrnnztueuzummzwmzcdku2w443f&inx=0&rt=18715&val=&wnx=1&abc=&ty=alo&v=0&ext=0&ta=1&lnx=0&sid=VjWJdR29ro6xwBDA91XCoUkc17c7ZRsk&pid=bangordailynewscom&wid=0011r00002SRK6m_6242&pt=a&anx=2&arx=2&crt=5262&s=0&aty=vid&tty=ac&rol=mid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.144.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-144-100.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:32 GMT
last-modified: Wed, 30 Dec 2020 14:34:46 GMT
server: nginx
accept-ranges: bytes
etag: "5fec9006-23"
content-length: 35
content-type: image/gif

GET
H/1.1 200
OK lreprx.js Show response
player.anyclip.com/lreprx/js/v1/src/ Frame 4605 33 KB
10 KB 31ms
31ms Script
application/javascript 178.79.242.139
LLNW

General

Check archive.org

Show headers Download Go to

Full URL: https://player.anyclip.com/lreprx/js/v1/src/lreprx.js?ad_tag=https%3A%2F%2Fvid.springserve.com%2Fvast%2F630417%3Fima%3D4%26w%3D780%26h%3D439%26url%3Dhttps%253A%252F%252Fbangordailynews.com%252F2021%252F04%252F23%252Fnews%252Fbangor%252Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%252F%26cb%3D362702186%26widgetid%3D0011r00002SRK6m_6242%26lob%3D%26clipid%3Di5lwowrnnztueuzummzwmzcdku2w443f%26key_custom1%3D%5Ew%3D0011r00002SRK6m_6242%5Ec%3Di5lwowrnnztueuzummzwmzcdku2w443f%5Ei%3D1%5Eab%3D%5Ev%3D0%5Ep%3Dbangordailynewscom%26key_custom2%3D%5Ed%3Dbangordailynews.com%5Eu%3D%5Edv%3D1%5Eco%3DFR%5Epl%3Da%26gdpr%3D%26consent%3D%26viewability%3D0%26schain%3D1.0%2C1!anyclip.com%2C0011r00002SRK6mAAH%2C1%2C%2C%2C%2C%26us_privacy%3D1---%26domain%3Dbangordailynews.com&sid=VjWJdR29ro6xwBDA91XCoUkc17c7ZRsk&imaw=0
Requested by: Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/loader.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 178.79.242.139 , United States, ASN22822 (LLNW, US),
Reverse DNS: https-178-79-242-139.fra.llnw.net
Software: AmazonS3 /
Resource Hash: b71963704e136edf961e62f8293a52e71ec294d069270d5108d41001a1aeea79

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 27 Apr 2021 00:16:32 GMT
Content-Encoding: gzip
Age: 58175
Connection: keep-alive
Content-Length: 9324
x-amz-id-2: MvnKdu9HLNmuAOS6H9bV+ty3WcpDMJXgtwreNyioAibEuA1OxzR/5cnaw1nbFohcyQKUnARpFsw=
Last-Modified: Sun, 07 Mar 2021 09:26:06 GMT
Server: AmazonS3
Vary: Accept-Encoding
x-amz-request-id: 29JF1Q0DH5B7ECSG
Access-Control-Allow-Origin: *
Cache-Control: public,max-age=60
x-amz-version-id: FaPWwIbbXX6vU3u1YrO_6kI7ChoCX9Rb
Accept-Ranges: bytes
Content-Type: application/javascript
X-LLID: dc711c8deb1e7753ab67201574e10cd6
Expires: Mon, 26 Apr 2021 08:07:57 GMT

GET
H2 200 630417 Show response
vid.springserve.com/vast/ Frame 4605 3 KB
2 KB 37ms
37ms Fetch
application/xml 52.215.252.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/vast/630417?ima=4&w=780&h=439&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&cb=362702186&widgetid=0011r00002SRK6m_6242&lob=&clipid=i5lwowrnnztueuzummzwmzcdku2w443f&key_custom1=^w=0011r00002SRK6m_6242^c=i5lwowrnnztueuzummzwmzcdku2w443f^i=1^ab=^v=0^p=bangordailynewscom&key_custom2=^d=bangordailynews.com^u=^dv=1^co=FR^pl=a&gdpr=&consent=&viewability=0&schain=1.0,1!anyclip.com,0011r00002SRK6mAAH,1,,,,&us_privacy=1---&domain=bangordailynews.com
Requested by: Host: player.anyclip.com
URL: https://player.anyclip.com/lreprx/js/v1/src/lreprx.js?ad_tag=https%3A%2F%2Fvid.springserve.com%2Fvast%2F630417%3Fima%3D4%26w%3D780%26h%3D439%26url%3Dhttps%253A%252F%252Fbangordailynews.com%252F2021%252F04%252F23%252Fnews%252Fbangor%252Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%252F%26cb%3D362702186%26widgetid%3D0011r00002SRK6m_6242%26lob%3D%26clipid%3Di5lwowrnnztueuzummzwmzcdku2w443f%26key_custom1%3D%5Ew%3D0011r00002SRK6m_6242%5Ec%3Di5lwowrnnztueuzummzwmzcdku2w443f%5Ei%3D1%5Eab%3D%5Ev%3D0%5Ep%3Dbangordailynewscom%26key_custom2%3D%5Ed%3Dbangordailynews.com%5Eu%3D%5Edv%3D1%5Eco%3DFR%5Epl%3Da%26gdpr%3D%26consent%3D%26viewability%3D0%26schain%3D1.0%2C1!anyclip.com%2C0011r00002SRK6mAAH%2C1%2C%2C%2C%2C%26us_privacy%3D1---%26domain%3Dbangordailynews.com&sid=VjWJdR29ro6xwBDA91XCoUkc17c7ZRsk&imaw=0
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.252.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-252-139.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: c36b038487d47632d5245d1989b972bd7fcf2b5ed988c288a5ff6ccb104e40da

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://bangordailynews.com
date: Tue, 27 Apr 2021 00:16:32 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-encoding: gzip
content-type: application/xml;charset=UTF-8

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 99ms
99ms Image
image/gif 52.70.144.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=i5lwowrnnztueuzummzwmzcdku2w443f&inx=0&rt=18768&val=1.1.11_183_prod&wnx=1&abc=&ty=xlo&v=0&ext=0&ta=1&lnx=0&sid=VjWJdR29ro6xwBDA91XCoUkc17c7ZRsk&pid=bangordailynewscom&wid=0011r00002SRK6m_6242&pt=a
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.144.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-144-100.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:32 GMT
last-modified: Wed, 30 Dec 2020 14:34:46 GMT
server: nginx
accept-ranges: bytes
etag: "5fec9006-23"
content-length: 35
content-type: image/gif

GET
H2 200 vpaid_982cce59.js Show response
vpaid.springserve.com/production/ Frame 4605 483 KB
86 KB 41ms
41ms Script
application/javascript 2600:9000:20c8:6e00:15:6f6c:b180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_982cce59.js
Requested by: Host: player.anyclip.com
URL: https://player.anyclip.com/lreprx/js/v1/src/lreprx.js?ad_tag=https%3A%2F%2Fvid.springserve.com%2Fvast%2F630417%3Fima%3D4%26w%3D780%26h%3D439%26url%3Dhttps%253A%252F%252Fbangordailynews.com%252F2021%252F04%252F23%252Fnews%252Fbangor%252Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%252F%26cb%3D362702186%26widgetid%3D0011r00002SRK6m_6242%26lob%3D%26clipid%3Di5lwowrnnztueuzummzwmzcdku2w443f%26key_custom1%3D%5Ew%3D0011r00002SRK6m_6242%5Ec%3Di5lwowrnnztueuzummzwmzcdku2w443f%5Ei%3D1%5Eab%3D%5Ev%3D0%5Ep%3Dbangordailynewscom%26key_custom2%3D%5Ed%3Dbangordailynews.com%5Eu%3D%5Edv%3D1%5Eco%3DFR%5Epl%3Da%26gdpr%3D%26consent%3D%26viewability%3D0%26schain%3D1.0%2C1!anyclip.com%2C0011r00002SRK6mAAH%2C1%2C%2C%2C%2C%26us_privacy%3D1---%26domain%3Dbangordailynews.com&sid=VjWJdR29ro6xwBDA91XCoUkc17c7ZRsk&imaw=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c8:6e00:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 917a243df62d59505a727f26b2d8c554c02ba074e678fb4f0386a3e58f6df1a2

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 18:42:00 GMT
content-encoding: br
last-modified: Tue, 20 Apr 2021 18:40:58 GMT
server: AmazonS3
age: 538473
etag: W/"f71e7ede41bd33d400f47552243c4827"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 546db6834bf5885f55b5457c969e7ad6.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD50-C1
x-amz-cf-id: 37Gqg27KiZWNBtMVZ5uik6jqxx6Cb18hGBPLQEQRB8FYKoSleTtzJA==

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ Frame 4605 0
63 B 99ms
99ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_982cce59.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://bangordailynews.com
date: Tue, 27 Apr 2021 00:16:31 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 sellers.json Show response
contango-cdn.technoratimedia.com/ Frame 9E15 16 KB
3 KB 102ms
22ms Fetch
application/json 152.199.22.191
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://contango-cdn.technoratimedia.com/sellers.json
Requested by: Host: synacor.autoplay-plugins.static-origin.syn-cdn.com
URL: https://synacor.autoplay-plugins.static-origin.syn-cdn.com/vpaid/vpaid.1.0.6.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 152.199.22.191 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECAcc (pab/6F0D) / Express
Resource Hash: 149427d1e2fd50d4b32620d1a4e8b0e583fc8fb521c39c763c053c055cf0b83c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:32 GMT
content-encoding: gzip
etag: W/"3fb7-cwp67UcanPz01TchkJaDZBXNtVY"
last-modified: Mon, 26 Apr 2021 23:28:17 GMT
server: ECAcc (pab/6F0D)
age: 90
x-powered-by: Express
vary: Accept-Encoding
x-cache: HIT
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=86400
content-length: 3299

GET
H3-29 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ Frame 4605 334 KB
114 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_982cce59.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d25942b7da85bc7cdb258cdb436227b1de7e3a2b50c61f7d7050eff911f88f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117044
x-xss-protection: 0
expires: Tue, 27 Apr 2021 00:16:32 GMT

GET
H3-29 200 bridge3.453.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 9C8E 570 KB
186 KB 7ms
6ms Document
text/html 2a00:1450:4001:82b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

03fa924099182c607c33fb7877f50e7de0ae3522e1bcff8f7247ae5e88a2b25b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: imasdk.googleapis.com
:scheme: https
:path: /js/core/bridge3.453.0_en.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bangordailynews.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://bangordailynews.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 190793
date: Thu, 22 Apr 2021 15:44:13 GMT
expires: Fri, 22 Apr 2022 15:44:13 GMT
last-modified: Wed, 21 Apr 2021 20:50:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 376339
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ Frame 4605 44 KB
16 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:803::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
expires: Tue, 27 Apr 2021 00:16:32 GMT

GET
H3-29 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame C753 36 KB
12 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:14:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 14 Dec 2020 16:45:56 GMT
server: sffe
age: 131
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12603
x-xss-protection: 0
expires: Tue, 27 Apr 2021 01:14:21 GMT

GET
H2 200 1553 Show response
vid.springserve.com/rt/ Frame 9E15 2 KB
1 KB 44ms
44ms Fetch
application/xml 52.215.252.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid.springserve.com/rt/1553?w=640&h=360&cb=10737214780283955&ap=1&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&crossdomain=0&testbucket=12&ud=0&bt=0&sec=1&nc=0&domain=bangordailynews.com&sid=82378%2F89209&adunit=82378%2F89209&client=82378&payid=e108f11b2cdf7d5b&is_inview=1&inview=1&avs=1&vp=100&vw=1&sizebucket=large&mute=1&schain=1.0%2C0!synacor.com%2C82378%2C1&usp=1---&us_privacy=1---
Requested by: Host: synacor.autoplay-plugins.static-origin.syn-cdn.com
URL: https://synacor.autoplay-plugins.static-origin.syn-cdn.com/vpaid/vpaid.1.0.6.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.215.252.139 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-215-252-139.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 149f2307bf7053d4c62adb6cec39920141b029d1275191188b14b23cdc2a1d5b

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: https://bangordailynews.com
date: Tue, 27 Apr 2021 00:16:32 GMT
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: nginx
content-encoding: gzip
content-type: application/xml;charset=UTF-8

GET
H2 200 vpaid_982cce59.js Show response
vpaid.springserve.com/production/ Frame FB67 483 KB
86 KB 40ms
40ms Script
application/javascript 2600:9000:20c8:6e00:15:6f6c:b180:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vpaid.springserve.com/production/vpaid_982cce59.js
Requested by: Host: synacor.autoplay-plugins.static-origin.syn-cdn.com
URL: https://synacor.autoplay-plugins.static-origin.syn-cdn.com/vpaid/vpaid.1.0.6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20c8:6e00:15:6f6c:b180:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 917a243df62d59505a727f26b2d8c554c02ba074e678fb4f0386a3e58f6df1a2

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 20 Apr 2021 18:42:00 GMT
content-encoding: br
last-modified: Tue, 20 Apr 2021 18:40:58 GMT
server: AmazonS3
age: 538473
etag: W/"f71e7ede41bd33d400f47552243c4827"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 546db6834bf5885f55b5457c969e7ad6.cloudfront.net (CloudFront)
x-amz-cf-pop: MAD50-C1
x-amz-cf-id: IPYiumHc40QEZDsu34dBiSO73j-QvReMKaNTBH5hfVuHZKJ2WOQMpg==

GET
H2 200 ping
ping.chartbeat.net/ 43 B
168 B 103ms
102ms Image
image/gif 34.237.68.53
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=bangordailynews.com&p=%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&u=CLkJvdDa5os0D_CFKE&d=bangordailynews.com&g=14550&g0=No%20Section&g1=No%20Author&n=1&f=00001&c=0.25&x=0&m=0&y=5938&o=1600&w=1200&j=30&R=1&W=0&I=0&E=5&e=5&r=&b=6504&t=B97SzaBKxEnVBkPYKlBqTaAXCo3qHm&V=126&tz=-120&sn=2&sv=C4lCbNCjguX2BW3rAUDM1XJBCS1t27&sd=1&im=067b2fff&_
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.237.68.53 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-237-68-53.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 27 Apr 2021 00:16:33 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

POST
H2 204 springserve Show response
uat-net.technoratimedia.com/openrtb/bids/ Frame FB67 0
297 B 330ms
99ms XHR
text/plain 193.122.128.135
ORACLE-BMC-31898

General

Check archive.org

Show headers Download Go to

Full URL: https://uat-net.technoratimedia.com/openrtb/bids/springserve
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_982cce59.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 193.122.128.135 Ashburn, United States, ASN31898 (ORACLE-BMC-31898, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 27 Apr 2021 00:16:33 GMT
via: 1.1 varnish
server: nginx
age: 0
access-control-allow-methods: POST,GET,HEAD,OPTIONS
x-varnish: 484802497
access-control-allow-origin: https://bangordailynews.com
access-control-allow-credentials: true

GET
H2 200 ads Show response
pagead2.googlesyndication.com/gampad/ Frame 9C8E 0
544 B 40ms
18ms XHR
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?iu=%2F127641337%2Fbangordailynews.com875242&description_url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&env=vp&correlator=3719560932116793&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=640x480&unviewed_position_start=1&vpmute=0&vpa=auto&cust_params=domainname%3Dbangordailynews.comA%26viewability%3D0&gdpr_consent=_755&gdpr=1&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&sdkv=h.3.453.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70%2C728x90&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&us_privacy=1---&sdki=44d&adk=2408233548&sdk_apis=2%2C8&sid=AF04E728-8225-4268-8849-81988AE916F8&eid=44712633%2C44739826&dlt=1619482592245&idt=498&dt=1619482593211&scor=3001700925635209&ged=ve4_td1_tt0_pd1_la1000_er3475.200.3634.500_vi0.0.1200.1600_vp0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:33 GMT
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-creative-id: -2
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK st Show response
capi.connatix.com/tr/ Frame C89E 0
300 B 109ms
108ms XHR
multipart/form-data 3.139.208.140
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://capi.connatix.com/tr/st?v=115064
Requested by: Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.139.208.140 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-139-208-140.us-east-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data

Response headers

Date: Tue, 27 Apr 2021 00:16:33 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: multipart/form-data
Access-Control-Allow-Origin: https://bangordailynews.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 20

POST
H2 200 i
vid-io-dub.springserve.com/vd/ Frame FB67 0
0 38ms
38ms XHR
text/plain 54.195.68.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io-dub.springserve.com/vd/i?suuid=e5382960&ps_id=623440&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_982cce59.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.195.68.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://bangordailynews.com
date: Tue, 27 Apr 2021 00:16:33 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0

POST csi
csi.gstatic.com/ Frame 41A0 0
0

GET
H3-29 200 ads Show response
pagead2.googlesyndication.com/gampad/ Frame 9C8E 0
23 B 19ms
17ms XHR
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?iu=%2F51666783%2Fbangordailynews.com871501&description_url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&tfcd=0&npa=0&sz=640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&vpmute=0&vpa=auto&url=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&env=vp&correlator=207059377867509&nofb=1&ord=1619482592321&gdpr_consent=_755&gdpr=1&sdkv=h.3.453.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50%2C468x60%2C480x70%2C728x90&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&u_so=l&ctv=0&us_privacy=1---&sdki=44d&adk=2408233548&sdk_apis=2%2C8&sid=AF04E728-8225-4268-8849-81988AE916F8&eid=44712633%2C44739826&dlt=1619482592245&idt=498&dt=1619482593774&scor=2372001276248378&ged=ve4_td2_tt1_pd2_la2000_er3475.200.3634.500_vi0.0.1200.1600_vp0_ts1_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.453.0_en.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:33 GMT
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-creative-id: -2
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 i Show response
vid-io-dub.springserve.com/vd/ Frame 4605 0
119 B 39ms
39ms XHR
text/plain 54.195.68.175
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vid-io-dub.springserve.com/vd/i?suuid=33714c6b&ps_id=630417&batch=1
Requested by: Host: vpaid.springserve.com
URL: https://vpaid.springserve.com/production/vpaid_982cce59.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.195.68.175 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://bangordailynews.com
date: Tue, 27 Apr 2021 00:16:34 GMT
access-control-allow-credentials: true
server: nginx
content-length: 0

GET
H2 200 vmp.gif
pixel.anyclip.com/ 35 B
179 B 100ms
99ms Image
image/gif 52.70.144.100
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.anyclip.com/vmp.gif?cid=i5lwowrnnztueuzummzwmzcdku2w443f&inx=0&rt=20864&val=An+unexpected+error+occurred+within+the+VPAID+creative.+Refer+to+the+inner+error+for+more+info.+%7C%7C+Error%3A+NO_FILL&wnx=1&abc=&ty=aer&v=0&ext=0&ta=1&lnx=0&sid=VjWJdR29ro6xwBDA91XCoUkc17c7ZRsk&pid=bangordailynewscom&wid=0011r00002SRK6m_6242&pt=a&anx=2&arx=2&crt=7412&s=0&aty=vid&tty=ac&rol=mid
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.70.144.100 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-70-144-100.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://bangordailynews.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 27 Apr 2021 00:16:34 GMT
last-modified: Wed, 30 Dec 2020 14:34:46 GMT
server: nginx
accept-ranges: bytes
etag: "5fec9006-23"
content-length: 35
content-type: image/gif

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: trk.vidible.tv
URL: https://trk.vidible.tv/trk/ad-engine-response.gif?bcid=59b6c8917cdce075232fe0e3&bid=56bcd17de4b0a5976ac0da12&pid=59947c0544a64b1a49e52a48&pt=o2unit&pv=10.2.63&r=https%3A%2F%2Fbangordailynews.com%2F2021%2F04%2F23%2Fnews%2Fbangor%2Fholden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft%2F&s=true&sid=d6c24fcb-26c0-4462-a15d-9d78125b14a8&vvuid=17bfd0e0-f298-485a-a248-46c6d9e4e269&orgId=24140&plcid=1003583&vrid=c453a250-7e53-43b3-a06a-65e54eeeb5e5&at=preroll&adIdx=-1&pbl=true&ps=html5-vpaid&seq=-1&spaceid=793604934&v=593fb311c214e33ec50202f0&w=0&aert=149&ar=no&fo=0&ft=0&h=0&cb=0.5937356899270081

Domain: csi.gstatic.com
URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~knza4alb&c=8048559770373&slotId=4024279885186.5&fb=ima-html5&sdkv=h.3.453.0&mrd=4&aab=1&itv=1&uet=2&met.4=err.knza4b49&aec=901&rec=loaded-1%7Cshow_ad-1%7Cerror-1

Domain: csi.gstatic.com
URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~knza4bkc&c=8048559770373&slotId=4024279885186.5&fb=ima-html5&sdkv=h.3.453.0&mrd=4&aab=1&itv=1&uet=2&met.4=err.knza4bqo&aec=901&rec=loaded-1%7Cshow_ad-1%7Cerror-1

Domain: csi.gstatic.com
URL: https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~knza4d5n&c=8048559770373&slotId=4024279885186.5&fb=ima-html5&sdkv=h.3.453.0&mrd=4&aab=1&itv=1&uet=2&met.4=err.knza4ehy&aec=901&rec=loaded-1%7Cshow_ad-1%7Cerror-1

Verdicts & Comments Add Verdict or Comment

343 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.tinypass.com/	1970-01-19 17:52:48	Name: LANG_CHANGED Value: en_US
.tinypass.com/	1970-01-21 05:51:22	Name: LANG Value: en_US
bangordailynews.com/	1970-01-19 19:17:46	Name: pbjs-unifiedid Value: %7B%22TDID%22%3A%225b6cd4e9-90e9-439b-a958-c27947a9b40e%22%2C%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222021-04-27T00%3A16%3A21%22%7D
.bangordailynews.com/	1970-01-19 17:51:24	Name: _ml_ses Value: *
.bangordailynews.com/	1970-01-19 18:34:34	Name: __pil Value: en_US
.bangordailynews.com/	1970-01-20 11:22:34	Name: _ml_id Value: e5fcbf202e6b4534.1619482581.1.1619482581.1619482581

20 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://c0.wp.com/c/5.7.1/wp-includes/js/jquery/jquery-migrate.min.js(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2
console-api	log	(Line 1) Message: undefined
console-api	log	URL: https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/(Line 2075) Message: Remove cookie
console-api	warning	URL: https://ads.pubmatic.com/AdServer/js/pwt/158127/2642/pwt.js(Line 1) Message: fun-hooks: referenced 'registerAdserver' but it was never created
console-api	warning	URL: https://serv-vdo.pixfuture.com/vpaid/vast_prebid_init.php?zoneid=11&siteid=231&keywords=holden,brothers,sue,northern,light,over,data,breach,they,claim,left,them,vulnerable,identity,theft&url=https://bangordailynews.com/2021/04/23/news/bangor/holden-brothers-sue-northern-light-over-data-breach-they-claim-left-them-vulnerable-to-identity-theft/&ads_counter=not_started(Line 241) Message: CMP had been found
console-api	log	URL: https://global.proper.io/payloads/latest.js(Line 1) Message: Received a response from CMP [object Object]
console-api	log	URL: https://global.proper.io/payloads/latest.js(Line 1) Message: USP CMP found.
console-api	log	URL: https://global.proper.io/payloads/latest.js(Line 1) Message: Detected CMP API is directly accessible, calling it now...
console-api	log	URL: https://global.proper.io/payloads/latest.js(Line 1) Message: Received a response from CMP [object Object] true
console-api	log	URL: https://global.proper.io/payloads/latest.js(Line 1) Message: USPAPI workflow exceeded timeout threshold.
console-api	warning	URL: https://buy.tinypass.com/_sam/H4sIAAAAAAAAAD3ISQrAIAwAwA_VBD31N8Ul2NgQoYn0-715GwY_bp0cG5tjvak-czkO24aytAmBcL_9QOFimLUvyW-IkCAl5HjqPpk1C12kYRkM-wFw5y1kYAAAAA?compressed=true&v=12.167.0(Line 1) Message: Can't configure errorHandler: TypeError: Cannot read property 'getItem' of null
console-api	log	URL: https://serv-vdo.pixfuture.com/vpaid/push_player.js(Line 4) Message: Pushing Player
console-api	log	URL: https://serv-vdo.pixfuture.com/vpaid/ads-iframe.js(Line 857) Message: Plays ads
console-api	error	URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/0.js(Line 52) Message: 02:16:28.991 [ERROR] EventBus: TypeError: Cannot read property 'length' of undefined event [object Object]
console-api	error	URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/0.js(Line 52) Message: 02:16:28.992 [ERROR] EventBus: TypeError: Cannot read property 'length' of undefined event [object Object]
console-api	log	URL: https://serv-vdo.pixfuture.com/vpaid/ads-iframe.js(Line 857) Message: Plays ads
console-api	error	URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/0.js(Line 52) Message: 02:16:29.761 [ERROR] EventBus: TypeError: Cannot read property 'length' of undefined event [object Object]
console-api	error	URL: https://cdn-ssl.vidible.tv/prod/ad-client/js/10.2.63/0.js(Line 52) Message: 02:16:29.762 [ERROR] EventBus: TypeError: Cannot read property 'length' of undefined event [object Object]
console-api	log	URL: https://global.proper.io/payloads/latest.js(Line 1) Message: CMP workflow exceeded timeout threshold.
console-api	log	URL: https://serv-vdo.pixfuture.com/vpaid/ads-iframe.js(Line 857) Message: Plays ads

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

acds.prod.vidible.tv
ads.adaptv.advertising.com
ads.pubmatic.com
ampcid.google.com
ampcid.google.de
ap.lijit.com
apex.go.sonobi.com
api-esp.piano.io
api.rlcdn.com
as-sec.casalemedia.com
assets.anyclip.com
assets.revcontent.com
bangordailynews.com
bangordailynews.coral.coralproject.net
bc-ssb-dub.springserve.com
bdn-data.s3.amazonaws.com
bids.proper.io
btlr.sharethrough.com
buy.tinypass.com
c.amazon-adsystem.com
c0.wp.com
capi.connatix.com
cd.connatix.com
cdn-ssl.vidible.tv
cdn.parsely.com
cdn.pixfuture.com
cdn.revcontent.com
cdn5.anyclip.com
cds.connatix.com
config.anyclip.com
connect.facebook.net
contango-cdn.technoratimedia.com
csi.gstatic.com
d25dfknw9ghxs6.cloudfront.net
d2s8wlbatk24s7.cloudfront.net
dmx.districtm.io
eb.proper.io
experience.tinypass.com
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
global.proper.io
graph.facebook.com
gum.criteo.com
hb-api.omnitagjs.com
hb.emxdgt.com
hbopenbid.pubmatic.com
i.piano.io
i0.wp.com
i1.wp.com
i2.wp.com
ib.adnxs.com
ice.360yield.com
id.tinypass.com
images.revcontent.com
imasdk.googleapis.com
img.connatix.com
img.revcontent.com
jadserve.postrelease.com
js.matheranalytics.com
lreprx-server.anyclip.com
match.adsrvr.org
mug.criteo.com
p1.parsely.com
pagead2.googlesyndication.com
ping.chartbeat.net
pixel.anyclip.com
pixel.quantserve.com
pixel.wp.com
pixfuture2-d.openx.net
player.anyclip.com
propermedia-d.openx.net
px.moatads.com
reflex.media.syn-cdn.com
rules.quantcount.com
s.ntv.io
s0.2mdn.net
search.spotxchange.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
serv-vdo.pixfuture.com
ssc.33across.com
static.chartbeat.com
stats.g.doubleclick.net
stats.wp.com
synacor.autoplay-plugins.static-origin.syn-cdn.com
tag.1rx.io
trafficmanager.anyclip.com
trends.revcontent.com
trk.vidible.tv
uat-net.technoratimedia.com
ups.analytics.yahoo.com
usync.proper.io
vid-io-dub.springserve.com
vid.connatix.com
vid.springserve.com
vpaid.springserve.com
web.hb.ad.cpe.dotomi.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.i.matheranalytics.com
www.npttech.com
x.bidswitch.net
z.moatads.com
csi.gstatic.com
trk.vidible.tv
104.16.68.69
107.178.250.234
13.224.105.229
13.224.112.38
142.250.185.98
151.101.194.137
151.139.128.11
152.199.22.185
152.199.22.191
178.162.133.150
178.250.0.157
178.79.242.139
18.159.16.69
18.194.102.50
18.194.69.169
185.255.84.150
185.33.220.242
185.64.189.112
185.94.180.124
192.0.76.3
192.0.77.2
192.0.77.37
192.0.78.146
193.122.128.135
2.18.233.180
2.18.234.163
2.18.234.21
2.18.235.40
204.48.28.205
213.19.147.42
2600:9000:20c8:3600:9:4c16:5180:21
2600:9000:20c8:4c00:18:1fcd:34e:d2a1
2600:9000:20c8:6e00:15:6f6c:b180:93a1
2600:9000:20c8:b600:6:44e3:f8c0:93a1
2600:9000:20c8:e400:d:77c3:2dc0:21
2606:4700:20::681a:a9c
2606:4700:3031::ac43:9eaa
2606:4700::6810:2a41
2606:4700::6811:4e22
2606:4700::6811:bab1
2607:f8b0:4001:c13::5e
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1288:80:800::7001
2a00:1450:4001:803::2006
2a00:1450:4001:808::2004
2a00:1450:4001:80e::2002
2a00:1450:4001:80e::2003
2a00:1450:4001:80f::2003
2a00:1450:4001:813::2008
2a00:1450:4001:827::200a
2a00:1450:4001:827::200e
2a00:1450:4001:828::2002
2a00:1450:4001:829::200e
2a00:1450:4001:82b::200a
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::200e
2a00:1450:400c:c0c::9c
2a02:2638:1::13
2a02:fa8:8806:16::1460
2a03:2880:f01c:800e:face:b00c:0:2
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.123.167.229
3.126.56.137
3.139.208.140
34.120.133.55
34.225.120.49
34.237.68.53
34.248.121.96
34.96.85.105
34.98.64.218
35.156.201.148
35.157.168.25
35.164.25.130
35.168.95.93
44.239.227.210
52.203.28.84
52.205.167.202
52.208.222.238
52.21.23.66
52.215.252.139
52.217.138.97
52.30.50.112
52.45.248.59
52.70.144.100
54.195.68.175
54.195.94.143
69.168.106.81
72.251.249.13
01a8d3f4c7e0263845c2480b92812b0c50b72123c8e2bdeb5ac594ffb9a6679c
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
03fa924099182c607c33fb7877f50e7de0ae3522e1bcff8f7247ae5e88a2b25b
04b25bf1bce048c6c1ee2b85818b0c335193bef7bfcc62a2bb9a58c021de28b8
058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c
0595e7d433e3e142736ce98a4df9b8193ee226f392dcb7d8ed6291def1bd970a
05b4aeada635e360f83307e47f81ed9f16d40c629fc2f8f8680d29594cfe022f
064f4bac94e9ff6a1a83ad14389745dfdb762132ffd6fb21cea533c72abb6f24
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
074e983a3f30d6842f672e0bfb8f30b3fdb2847c856b39bfec3fe0fe06e5b6ab
08d19de9a8d2d436a8f65e2cfe40c15937761b17d76e77b8edc29529f15b6b2c
0ae5ed57dc48abbee125d5f915e37110c9f2bb6a95d1aa5ccf3c141f8fe10db3
0aed6af0e8a41879b0025ca730b0a1259121d5023bd5676f6360a7a36dae2cd2
0b635924baba97a410beee10a37412536b4c9fd9000a955f9d69b36a2542274f
0b7b74a139779fba8e1d17d597aa7cbffa27bd33d2b5c43d8039264c2a627412
0bf427adbc53efd4ba26d658968693e970de8bd26a1290fa2ab366426bc09cb9
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0e15782517f2a5d7cbf2d88e2e861b518ee4794e3bf7a09cfc72ff420c8e5d06
0e2901061fa970fa7735d6a8d116a60d0318546cf2f8e5bcc66fe764f4a273f9
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
0f2aa0b48a55e5bada7d08c3a536a9c3d33cf0b4a6cd600a9b3a9aa743dd9ff1
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
115c7b67d5ef5d6fac8f12989a63efc39f2ccc39855b33e031a2a65519040e0b
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
1441bff79eb18764087ec481fa0018adb219abe2bf3178ece73aa8e0d35f12f3
144bc702fd7d0201a22691d071e63a96f65412ed61b2bc30eb6c1a5d481e2ad0
1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc
149427d1e2fd50d4b32620d1a4e8b0e583fc8fb521c39c763c053c055cf0b83c
149f2307bf7053d4c62adb6cec39920141b029d1275191188b14b23cdc2a1d5b
1550346cc4acb90924ac38fd0a7157a20e8750c2df0fa0cfab411980c9bc1cfe
15545d12a24bc9e8a8f459860336b85734f18632692e5bbc1b79982a4a28bdb3
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
1711edcf9f24fffab7f631a0f721dd91bccc3d72217d13b67e01de9245481ecb
18bd9979ced86ec37946bfd5d2d1ba858d261aca517a54948a33b0fbda732e92
19cff09123b7c8f052b5fcf83f97eda885abeceac7abac7d9f6e1a286a2f40dc
1a2f415894088c48d895ce6549090ee756a6f1b3e05699bbf0547b005b3b68d3
1b3f47c88cda76867aaf6d622b230307763d73eb759601b447b2c4deb912904f
1eab91f81bf81819c8832c3a70044b09fc8a6c73fd75df3eda4b0decda03da4f
1fe27f2814d4fc1b60e5695c89b75b92ccf810e84d789aff21b7947257330ab0
2197820c8ec59d71befa274a43dd7b5d573d59bd720313e83610c997316d3d6c
22397b41dbe5333180c07d20dbc2d3dac3742e1e1cd2cbeb9fc3126d9a249b51
22f33d9c97ff6f997646879b8859e8f7613938db6d57268412c75e9830ba8900
2391cc30306861b59fcdb16b83a8f427ee342e5f5d6e8299a91d586687e8bef2
24506f5ea59e5d29163f04812d573d4a2485be8bc8166c4d9f5af53c8b702e23
24c0e9f44162bbae5a0426d68c0c36368f3c945a96043cc6cb1ccfe8ec12f8cd
25234bf0138f056ab8b0706a3f5d76bcee06a5bfa500f3bb04e715c252476c6c
265a9021a7dab4a38e6f910cebc316b99f48a3f526ce54a1d3b880fd6461a72c
26922cd46ce28b19b7590e0ac1c4257b7d527fdb93de823a41198cb7b87a983d
26a8833b3f616d42ce16ba186e2283f43aaca6b97ce2231d38e8789bfc6f0798
2ad0fe009b4e278bb28a800aab0b3c420a783b400fc57c869d15452012bc583a
2bf4b5202559dbe01d8188a3adb26d68755a69064f233ef63f284b08efaed6ad
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
2df2ad630d8c23675ed549e41a74b379d3b5f9817938aa27906d575ccce61631
3160d60bd35ec46668de0789dd5566aff8a9182ef7896e68ef98550d24211426
326c4631ff03fc9fad80df18f0c5fbb0f5f09244cf0d5bfb672e7d386d27ea20
326d0bda74e1b897845728260dafccd9ec8847ce2180eb0cae0255097308f688
3284132fdb7ccdd0ccc87aa0b7651fea00583f9900d25915b834567b6afae59b
34a076e639ab3a82f7aabf481baea42f28f323dd18176be527f7a64e8f528ade
35093baf103e71966e4a720b9f6785024df6ac9be544e6411c696b438957b74b
3755d95c7e731819ba231813d9f769b66e091cb4896c01e776043b41460caf1e
37b3fcaac2fff52fcc1a8fd979c1fe36f23477f9800b4a6474f37b8bbcaa74da
38b22d0b8aeef12d8a76bb102a3f2be9bc21bad28a33071a437edd1ecae955e6
38f4cafad6d235a057eb945e6f6e0cc55bb1a34eb0a3c77acc216df43db1221d
391f956253ed6787e7e671630742a6b1f2268cbef6c389919f42c33453859e1b
3aaf702c0f3b57c8d8ae99a8c98336e838c9fe4a6fa33cb4bbe5b268f4200963
3cc9389c9cfdbc0fb7c282c3026c3cd9c11894913f4cf60cf9d1140a1415ad0a
3ebd30a29a8df5a32c81526db897a1a34fd567a6f6743fef70a02171e911c2c9
3ee638689e343730a82027d03714f274b6c665cf7e3bf60b5208a3a0cdb3581d
3fa54e29f88aee644eaaac38e11681ea07858eb1ea76b1baae12597aae83fe82
453e9cc6fc295196d8914da9858a388ce58a1dcb9b033aab9037aa2badbbc0d9
457767f597c19fbdbfc8cd42099ab7a1f9c7a46121c64af78c7dc5173ccc29fd
457ce06d0d3a6171a5153268b64a1122de93b8e2aa530d20210168f0709f21be
4818ee6ad6d1167b02d5d560cbcebabbe23414debce3ee661c661f5fc7f0d87c
492b443e4a346ae17c37ccb89140c9bed02cc98bb5e6cb3d513b89bb3b33b3a1
4d8c0efbdf5e45fa5383d08d690203d0d499e7a8279600f5aec0e264d7134ea3
51e78e904c795ed5b0154a9995d1ab0b7e3667f5aede719bda86ba38236c5989
53ddd64887096f91d8c1f254e736277194ec8a82818045d4ab7bcbaccd8b7946
55255cb11b3ec899f616cf39ebdb309a4af82996918d9324a539f97b22f6693e
55775baf70d2f1d40bac3a60de82e8e42b7e34687802f73671f25f2f60fdc6d4
56e08d9805d2273ad1d88eccd2a9ab07d98a2df54936d049bb73483ceb2ad398
573a89ca120aefa174231f8ac23a259f089f0ef0304a7f23b7cd05d3c1187e2e
5a4e707bf57a8ff7474bf343837e5b2123ccf8d63245e9e29cc0a21788440d1d
5bb1dbff0830b6ff798a95ceb6d01d9c04ead26188e18da619699bc3135a1e47
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5d25942b7da85bc7cdb258cdb436227b1de7e3a2b50c61f7d7050eff911f88f1
5ef273fcdb99e6a662a058474e47c17e10e395778cb6f113695f992254e67e62
5fe68142c54c445608347635bf9501e0dc95e3b774659bf900a3acd2c1cff5d6
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
60c0c27d0598b405ab145e08a5ee568387bbf3a186f118cbca63ff02549055bb
61c08be466a49ad1612b95a5d57048744ba6490a0a0a4ff0bafe302ef51dd3a8
63212c3f7b2974ad304272eae4a980c5913ac2c220d0bb47f396f46544b0e128
64db446ae444d407b8d6f13c73a1e01379b2f29ec102a3a51acdfcc3cd9b6c61
66e0312cb1c8f068831abec6de6c5c6e8e7b6134881cc245c3fd99744619aec1
67386f7f6c11079518c59fdca44b5a6c5b17f4b8cda8ead4e993f3b2dfda0e5d
69332b70de3f3d962adf38a337292f2e5666d16e9c6b8775c3c8d86eae4375ca
6967e76dda8a91ef00d9999741ea147446fa952edb4c0ed5522f2453693a25fc
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b59ddfb5e523c6ba40ed6fb7b912da7aef494812b9ae95767df2aef6a42a26b
6bb02f4b3e234d03c30f0a6c214ea2a851709f607db2edbb7cf4ad66a35561a3
6bd40ddeee3347941e62e54a12e1534a71c45517a8c5f61be6790feb1be4fee9
6c138576e7381d3ab0aa7b511adc3a7cbb7fe3a3d33768bad05577f5dfc60cad
6c73cf3d94d29e498f66facb6891a9be80ef4f5caee6c9b09e6128b167b3c966
6d8673cdf4ca9648f88a93ef5e7286ba32b6f777ccb7a82eae62b6a95af3d51b
6dc5c9f36a861e185f9cf18b37141d6994018dc1049951ee5f0ec657bf4cb789
6ea6458d2b5ad1b521eeb9796c9ffa8724fb6c77e703fcdf21e994b73afa0b11
719d8b1d77fd1f103d9d3a46e4b96e5122d0edeb80b85565b5a6882f0b50d573
733f87f07bd9fe3cb01564f66523fbbcc3bb54614363eda52236e5cd32ca3d5e
737786f290221d12ae8613dadd87f7189d417e282c05c0c3d389f889ed1f978c
7378cb5ae264de66d381ce91422eb58ffd3e7e41176be793ac088315b85c4a06
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7538e8f23fac8278c6027d8865bd1240514a3ff64b2c0af3b8ed3583e8ecce6b
78e958d620d6e40a19e424eee3a9b23932cd9bfa4d7f736442048777d203052d
7c1d63e26285cc21e133de0ecdb2364c797317e45fd3405ddd49930a1e949a11
7cd95461f1915f7955a9fa168745fdff91b4c30058495667bc2429a60d2ccbab
7d89279f57efb3ee81804264c3786f3b246a794145e4781f6bde11407d0cbadf
8000d797097e74bfff377d2f3fca7e046ee4490ea4edb70c2c0b189575847629
80ee2d8ce5d2a3f78fc3b8eaa67bc266645c58b96d8a804556f1e6cb8737d0cf
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84a81507549904bca8c739183162c261a1e499b8d7ae0645ae63eddb4903fd36
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
872454cbfd47b444a3fa6cfa9a74b0f57e5f6b3a47b9870108d2b0e5ce4aace5
87f32eeb22c2685e1b08e93665bc2590f905d61cd9ddf645c5bc3e1ec58b818b
8824b52038dfcdaf8faa89070fd18df0e7329bda63a0d7af0a649c75659abc27
88264adf3d3193fb56c229f0b92e2a6096770eb76996d1fedc95f5bcb208ccda
8857ef06e331d9fb78e8c593676d162ac54ef8d130fe44f47261bb2aff857772
8b4b43fd2629a9ae29c5220a852bbc8ff169c571cdf77798633efec65c934df7
8e73a30d35c83ea6a597c3343324d2b7df097ad26e67b62efb5266ee12d317b5
8f958dca7921982c0e587c0606cf48887865fea588a623bdab97a33211c74726
90542f9de6cab010087ab4bcab0e3b0a2ec1e449e445434dc1bb5c852033f046
90a6c1119e64439672d3060b7a67c8387a236515704fdae29ed9ea534e2eeedf
9120fc5e7b83f3083c39b6ee71d2cd0322451890f95440289b32dca28294e68f
917a243df62d59505a727f26b2d8c554c02ba074e678fb4f0386a3e58f6df1a2
9451b6a3cdd0cdb92edab30292bd02e5a841fc9f27133ba127ee9717db70cff4
956ee96d48b61cb2ff2b7d66d090999ab54281e2b995c5867f1f60ef1e31d429
97be7f598da2699a254719aa3ac15ca9cace2862e723a15d20d0c8ba264011b9
98190df3dbe81118cde191895dfbe06c5f0793670108bdeadd4df4d02d532542
989f8d4c8cb3c69644f338fd1c860ad92300a155472c096619befde19f6adc96
991bfe84fec788f2b7d432b99a60c1e2aa2e799bc0137da8cf478299d0fc9a10
992224de1fc2af7964f26e6f191525d0a844fcb391707631d058c86105dfe329
9b1232dfeae992b6a1f34877634259c41864721497d1374626dca4f3662f6209
9b82c70aa711f693e63060c17ffdd85c1ed95c7b6a39b08f8eb91430a97228ae
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
9dad6081f3e62366a4f924675e46eb0c8b429d46cab85215ec4beeb0ebebbaf7
9e5a3984c873d9f7009795b85f0d9bfa38e8f9dddc2309d83556aea4d7ee41a0
9ee528fae3270a18f9ef02e08baa054b2a428d449190346a68afefeb047fa6a6
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a10e468908f0836c577b2231649534f718e802fb941221bf488a6f8fcef5d186
a11f37584d425c821f06a42bb6a20546c9ceaf34bbf5d4d776afbaef40148e6e
a24cc1d44b3023d00ab2d32622623c7dbf0b87727974904107b30bcbd3933d79
a29257ec8236555f2a2a0531cb473a9c7c7fa2a39c13956a65f6d80ff0036669
a355f2718a8d0b7444670aca6fd1dfdc126f9b8e9931a34a52cac9c343a68e3f
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
a76c8b8ecd594c086cc4849151090ad114d1688e039d33f0a6df1cb67b6ee277
a81ac9c01d11b5ff2ba40cf04af8ed6a38c341044b9bfc659d93211454ba9380
a9face165b5af8cc8cd1aef61858dc946c4296ee34ef63790747394d4f25c38b
aae052537cca186d41aba50426e6215456365c53c57b6c019c1a355bb2f1c328
ae2e6561ced3a7de5d3d9e66dddbffd15b8d0e6fc676f1b018916992755c8332
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b17a1dde76cbfa8f7e19a7121ecde1ad3d2cc9fca6bbd795042d3f484b53d2a3
b2662757e77781a39210c37b7a5abc104e460d682416f70584b6eb19dfbdea67
b47ea457146a75df3b104a01ca95875cefeac7088fc7d262ea19e045ff7c9399
b6bdeec47f3b08de017d399bca661bc9c08745f752079597a7e9f3abcf749dad
b71963704e136edf961e62f8293a52e71ec294d069270d5108d41001a1aeea79
b79b8b42b45cd5813dad2062e3a8db36ddad31e0b60b1a43053e90957d43d7c7
b7ba3f00cd58fd87d58bafb0a35aa3074415f1be61a1176b2571b67633ea2860
b958e0f47861dde13a175cc69494bdb54f08e2b5e78cecf6abd16470d2085257
ba10b6474aab8a10deb05a5437fb8ad720f6afc510bfbd5dbc82b44dc55a77ea
baac72a1bfa929ed13fe7e4ad64195bc0f9015c467c190eab6b06d67110e00df
bb705299f61aeec4baf4a54ed4621c97f86270f9fccc894e23e260285c4613aa
bf8a3d71354828a837da5f234fdeab608b2e535b11b4851e89d75b1686686635
c1c45358e23710e17cc8f7efdc30edfa2ab217cbb843f445b39921eaa1ae530e
c1e0ac00157abb61d3ed51c31f02c61bde760f57070f01943504e8df2167d767
c280a532f1bfe942302340b698487d9fc32c8f5f0916fb27b3dc528d43226802
c340f2fc9103b3a383daf2262c4c58829e4acd29f2e18e02675a823f89eef33b
c36b038487d47632d5245d1989b972bd7fcf2b5ed988c288a5ff6ccb104e40da
c683aa7da9c1a5c8f7001fae6c9ce22d20a05f9b70332a2dbd117a3b4b7700fe
c842ab9a59af3f3d62511fdb5488ad527d2193c3371b5561ade4a2a19a8e7062
c8e4a27e6f793df7f0d93f11973224c9bdc0a6b182276ee211c2c140e87ff0db
c9caf66159cb30ccddae214c368c7c0333ac63a039c7b847d9a02a61681c8ce9
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caceb5c6afee7548a5281cfe5be7af62aee13db7652c5425af34a7d2661dd9fd
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cd1c57063478b82f0dbf91525785d7dd35115da8a1cee2aba6472bab7e069c7a
cd56089b2b538d9d6a707d09a1ef13f8e3b5dd1c80006498fdef8fb34390d2ff
cdf3f88beb166e98d2656e957b247c886d1702027559a290e74a02d58d950c8c
ce089ef4be161f125c305045dbf3127e84dce6876fc274509b8d7e62cef137fc
ced3396659da3b27d6ecf1b301ce2647754b6e6c6059bddebca39378c1e058fc
cf0cd855663bd1226da911826f964b0779fb9364ff004ef573c4595171bbc78f
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1013479fc14b59eed58c8a1ca5c302e2423c86682c4b6fb25920528d2ca62e4
d16d5e3a0aff3f3b11fb37c313e172797ff9e25f4298537beb8bb58038f81424
d225211fdc556dd164992c9b3fc91e398f326ff6fe42159a04291bb45f475b42
d2ab45aba734c6f2bd5cf4b106d5890152b22011f063358e0fa2dac3aa4145d6
d3154353d46d52fb4f4b3ca5832d8f0d30ca387dc03d1d754b8dc3404facde06
d46cdf5cd6827461ac61fcff2768bfff82203c047c7c93e1c82091f1232610fb
d544eae637d61ee786c0a45bb0a7f250f9280bcd2ea1576655a761f1d397b8df
d56b73cb0ed35dce0ae274ae1b5650d6a6779efe988de00bb27777b0628777ba
d5b949958171ec2adc2c5b926aa13d7a8db03067efe7a65844aabdac707074f0
d6fbd6d46b0a1be6a3cdc49f712f83d661805a42fc37993340e2cc4493819adc
d8503c041e7f21942aa95fcd5992a29989cb49116d3cb3bf096455658498417a
d9d56ba371a99b5c76a73f85319718e8ac8c0bbac5fcc5eccd52656061f02e6d
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
db4b253272b2002cec9f281c1444d5c0efea44dfaceb3dde7df26259f1ab96c1
dbdf77316101cc3b934e7f5499baa34d0ffb4aeefc00003327cc339e8ecdd23a
dd1be805fb7b6b55ba270703ce9e23cf5ba35bc271a2bcb7a65b321facf4ab9c
dd209c8b96b55de842b9a2ea39c082ed2fd84b2999cf71d90d9e3afbb2cb1746
e1b0066bc1972444c0a15e1778be06ed7bf36c55d597c065b5e79041bcda291e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4c6fdab9a48f0a27f4bd33993a1b824c68d26ef992eace91e0650833c059e33
e5b874cb5c9f3a822335797b9ce5ef7a08fc29ec8e14d84c5662d41745e24b12
e6f388e9eae391c1de0edd3510f4df5cef223a0d4cae535a460ca4738e076cae
e8f1356fc872c07c400d3c261fc3a667e08f019eb2448626caa01a14d1417308
e963ddca0b1e8f814a1710e897c00948d9479280c6c0b1bda1ef51e370ae3dc1
e98e8d723dd2eaca28bade949628d27e81e6cf8c9b3e0fd8091fe4b3843f78ce
eb20b25bccd61ce9602de4ea1a9ceb31f6f65a945ba5da6ed9e91c88486288bd
ebb072f8da4eb66f646b547ac6951e7de18e63c9165871d100a96f69327b38d2
ec93813683cccb74a7896a34a2ed1b2163288620f6959ae06de3ded30cf518b9
ece8d21fc724b18df3d459e6932c68f067eedeea76f65e6e3c575173eb4e332e
ee5cf9111ad49f7f2de82277cfb3f825a54444269d7bc7724292582efbff6265
eeab69fe0fb6bd777609e74ee6e777f6f2aadef3cd2a3e11f5177e04a09eca5a
ef0b6e589e662ef1b9c44e23acea2320db067ebaf821d262febe0e4d576013f1
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f14fdd346b1ec64d40a6a03c7cfb4561f784e8249c1fde667bf018ccff66c238
f1c022aff023cba27a95c593e440595dfb6f16413a18483866e74a56e2563db5
f368a5ee4388a813dc1aa59b3046081ae1f791899ec19cf8a851fd51c36d0fc4
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f6ab38c80589bb5c0c5a3019da49047c6d1aadcb9feac43450f2d7769d662ace
f83993e9f4eebf9e0e6041fec8768042b9ae0761e683b39e5c6bf3c3406c2e6a
f8cd59c3e1a762a5579aae7a171bc3f53296295486dbc295796f3e6c3c8f69ff
f9ca6bcd039633b61221be63b2cca62724c49647fb574e13b2dd28f5774dbe6c
f9f40e5aa6d80e385e5c15593748db7bfb50fd07cc45c8239a6fad053f63affe
fa180e0c5c49d672e65b866e3f0809042cc76209788f323267ab5e51ca386b3b
fa99f0b52fa189640250e340f299a125d78f245a4857a63863f65aa6e6cb59f0
fc2e4fd761c3a7833d11973c14ace3a38828e52a56f1be8c5ba3ab7fe0376bcc
fdd12761bc6e5a46c20a2e0053e3b53c7df5efae0e2aebd0eeb70b41bdfa75f8

bangordailynews.com Open in urlscan Pro 192.0.78.146 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

423 Requests

99 %HTTPS

36 %IPv6

60 Domains

109 Subdomains

87 IPs

7 Countries

11376 kBTransfer

31851 kBSize

6 Cookies

28 Outgoing links

Redirected requests

423 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 10 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

bangordailynews.com Open in urlscan Pro
192.0.78.146 Public Scan

Screenshot
Live screenshot

Full Image

423
Requests

99 %
HTTPS

36 %
IPv6

60
Domains

109
Subdomains

87
IPs

7
Countries

11376 kB
Transfer

31851 kB
Size

6
Cookies

423 HTTP transactions
10 data transactions